Infected with XP Total Security 2011 virus. Help!

Discussion in 'ESET NOD32 Antivirus' started by dmcd3523, Apr 24, 2011.

Thread Status:
Not open for further replies.
  1. dmcd3523

    dmcd3523 Registered Member

    Joined:
    Apr 24, 2011
    Posts:
    3
    Hi, I clicked on a Google search results link (with a green WOT button!) and was hit with this XP Total Security 2011 virus which mimics the XP security alerts and offers to fix. No, I didn't fall for this. Knew immediately that it was a scam. I was in the midst of scanning my second drive and Eset Security did not stop the intrusion. My Malwarebytes is blocked from opening and everytime I try to end the process of this virus in Taskmanager it replicates twice over. My taskbar now has a dozen fake microsoft security shields from trying to close the damn thing down with taskmanager. One p[ops up there and stays everytime I try to end the process in taskmanager.

    I have fake XP Total Security 2011 warning messages popping up right left and centre. All I can do is close them with the top right X, but now have one offering to do a security scan that doesn't have the X just a Yes or No button. Not game to touch it.

    Need a fix fast and really want to lnow why my Eset security did not prevent this infectiono_O?

    Currently running another scan Eset on my C drive and it's telling me everything is just fine even though it's gone through scanning Firefox which must have the offending virus in its cache.

    I need help fast.

    TIA.

    Dale
     
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,731
    Location:
    New York City
  3. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    Go to your Malwarebytes program folder. Copy mbam.exe and paste into the same directory, then rename the copy to mab.com, it that doesn't run then try renaming to iexplore.exe

    If you get MBAM running, it should have no problem removing this rogue.
     
  4. dmcd3523

    dmcd3523 Registered Member

    Joined:
    Apr 24, 2011
    Posts:
    3
    Thanks for the quick replies. It's sorta fixed.

    I went to the suggested page at Bleeping Computer and was unable to print out the instructions or even cut and paste them to a Word doc and print from that. Bit the bullet and downloaded this: -http://download.bleepingcomputer.com/reg/FixNCR.reg

    Took a punt and ran it and then tried again to start Malwarebytes and it ran and cleaned out 3 infections. (I'd just run it last night and it had found 5 Trojans which Eset had also not blocked!) Had to reboot and am left with a Windows XP security alert shield in the taskbar which tells me the Firewall and Virus protection is on and the Auto update is off. On going to System settings, I find the reverse is true in all cases. Any idea how I get rid of this Alert?

    AAAGH! I just went to Taskmanager to shut it down and the rotten thing has replicated itself so it looks as if I've only partially got rid of this #%^&# virus. Not getting constant popups now telling me its found 28 infections, or balloons telling me I have security problems.

    I had not used Malwarebytes for years because my former security suite from Bitdefender did not play nicely with it, so I'd uninstalled. I dumped BD with months yet to run on a three year licence because it was a shocking resource hog and was crippling my computer. Bought Eset Smart Security 3 licences to replace it and now I wish I hadn't. I've lost all faith in it as my basic security.

    Constant activity on my network indicator had me suspicious so I downloaded Malwarebytes again yesterday and ran it last night. Couldn't believe all those Trojans had got through Eset. I scan software proggies I download, prior to installing - I'm careful and in the four or five years I used Bitdefender I never had any trojan or virus infections. Plenty of alerts and quarantines, quite a few false positives, but no infections. Periodically I would download Malwarebytes and a couple of other malware detectors, turn off BD and check my system. Always clean. I'd uninstall them and turn BD back on. BD is a pig on your system and I hated it. Don't want to have anything to do with it ever again, but I did trust it. I now do not trust Eset Smart Security at all.

    Why do we pay premium prices for this software that is offering virtually no protection either from the firewall or from the virus security? In the few months I've been using it I've only had two warnings from this security system and fourteen infections if you count malware. Can I get a refund and try another security suite? I'm thinking that even Microsoft's own free system security must be better!
     
    Last edited by a moderator: Apr 25, 2011
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Well, this is how it is. Also no product available is able to secure you to 100% ;)

    5 years ago I had BitDefender installed, and it let one Trojan through ;)
    Now I use ESS just as you, and I have never got infected.
    And Yes, it is the lightest suite on the market.

    But I understand your disappointment about ESET.
    Though, I bet if you would have keep using BD and got infected, you would feel the exact same way about BD, as you do now about ESET.

    My advice is that you keep ESET, and do weekly scans with Malwarebytes, and/or Hitman Pro. And maybe start using a DNS service such as OpenDNS.

    Again remember, No product will secure you to 100%.
    Even if you change vendor you can still get infected.
     
    Last edited: Apr 25, 2011
  6. dmcd3523

    dmcd3523 Registered Member

    Joined:
    Apr 24, 2011
    Posts:
    3
    Thanks for the calming words Swex. I am frothing. Spent a whole day trying to get rid of this damn thing and it's still there.

    Did another Malwarebytes scan and this virus showed up again lurking in the Sun Java Application data. Malwarebytes again got rid of it and I had to reboot and now it is back again. Obviously it is somewhere in my Startup folder but I can't find anything that shouldn't be there. The damn thing is concealed in another programme.

    Does anyone have any suggestions for getting rid of it once and for all?
     
  7. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  8. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Still there you say? Hmmmm.....

    Well, Download Dr.Web Cureit it's usually very good at getting rid of those "damn things" that keep popping up. ;)
     
  9. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    If Dr.Web Cureit does not get rid of it, try the Dr.Web LiveCD. Scanning/cleaning from a LiveCD may stop the Malware replication problem.
     
  10. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
Thread Status:
Not open for further replies.