Welcome To Signs101.com: Largest Forum for Signmaking Professionals

Signs101.com: Largest Forum for Signmaking Professionals is the LARGEST online community & discussion forum for professional sign-makers and graphic designers.

 


  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Virus Scare . . .

Discussion in 'General Chit-Chat' started by Replicator, Feb 7, 2010.

  1. Replicator

    Replicator Major Contributor

    10,230
    9
    38
    Nov 19, 2006
    Sun City, AZ
    AAG got the worst virus I have ever seen on one of our computers this morning.

    it was called SMSS32.EXE, only I didn't know that because it disguised itself as WORM.WIN32.SPYNET and it

    disabled the TaskMgr, the Regedit and all other spyware tools to try and remove it . . . I really thought it had me beat.

    I couldn't boot into SafeMode either and if I attemped to launch ComboFix the system froze . . . I was truly ready to give up.

    I tried re-enabling the TaskMgr through several command line options that were unsuccessful and then I found

    a great utility called : xp_emergencyutil.exe (http://www.dougknox.com/xp/utils/xp_emergencyutil.zip) which places copies of the TaskMgr, Regedit and MSConfig

    in a C: directory folder. The virus doesn't know to block those copies, so I finally gained access.

    I found the running app SMSS32.EXE and also found a second virus on it's coat tails called IS2010.EXE which is

    a fake internet security 2010 app that is also hard to abolish, but once I had access to those exe's I was able to

    shut them down and begin the removal process using MalwareBytes.

    It took a long time, but there has never been a virus that I could not defeat, so I'm glad my record stands at 100%.

    NOTE : Apparently AVG vanished off of the computer somehow:help
    I have since put Microsoft Security Essentials on this machine which I have found to be a very dependable program.

    :omg2:
     
    Tags:
  2. Bradster941

    Bradster941 Very Active Member

    2,190
    0
    0
    Sep 5, 2005
    Cool,

    going through the same thing right now though I think the virus on the laptop is called 2008.

    It did disable everything including AVG but was able to boot in safe mode, then drop to DOS.

    Still though, still haven't been able to defeat it.


    Good job and good record of 100%.


    Brad.
     
  3. Replicator

    Replicator Major Contributor

    10,230
    9
    38
    Nov 19, 2006
    Sun City, AZ
    Here are the tools I use for XP ONLY . . .
     

    Attached Files:

  4. Replicator

    Replicator Major Contributor

    10,230
    9
    38
    Nov 19, 2006
    Sun City, AZ
  5. scarface

    scarface Guest

    I got a virus the other day when i entered a sign website, AVG prompted that it was unsafe but i clicked the wrong button and it went into the site. I then got internet security 2010 virus and finally kicked it's *** with avg scan, hijack this and malware bytes.
     
  6. Air Art Girl

    Air Art Girl Very Active Member

    1,907
    4
    0
    Nov 26, 2006
    yeah, it sucked! Good thing Rep is a computer geek
     
  7. visualeyez

    visualeyez Member

    431
    23
    18
    Jan 23, 2007
    harbor
    I save everything important to removable media. I run a barebones system software wise, with two instances of Windows installed on the same drive. If one gets messed up, boot up the other and fix it with tools saved on removable media, or just snatch them from the other windows folder on the hard drive...
     
  8. Keith Rae

    Keith Rae Member

    84
    0
    0
    Oct 8, 2009
    hey Rep, thanks for the warning. Do you know where they came from? Email, attachment, web sight, a disguised app. kids downloading games? so the rest of use can avoid it.
     
  9. Replicator

    Replicator Major Contributor

    10,230
    9
    38
    Nov 19, 2006
    Sun City, AZ
    I have absolutely no idea where it came from . . .

    This particular computer is used for nothing but web and image maintenance for one of our business websites.

    Although it does do internet searches and forums . . .

    My guess is that something popped up while doing a web search and got clicked because it looked like an official alert.

    You know how that goes . . .

    I never click on pop ups, in fact, I try to teach everyone that if something pops up just hit Ctrl-Alt-Del and close the browser,

    That is the safest course of action to take, to avoid be exposed to such threats !
     
  10. threeputt

    threeputt Very Active Member

    3,389
    1
    38
    Mar 10, 2006
    washington state
    Yep, something got me Friday. Unable to boot up. Machine just kept running in an endless loop at startup.

    Now, machine is at the computer shop. Should get it back this morning, I'm told.

    Who are these people who send these things out?
     
  11. Graphics2u

    Graphics2u Very Active Member

    1,839
    2
    38
    Jan 31, 2007
    Iowa
    I had that Same type of virus 2 weeks ago. Appears to be a antivirus program. I spent three hours one morning trying to get my computer cleaned up. Then after a scan with Microsoft Security Essentials my computer needed to restart and it never booted up again! Couldn't use safe mode, nothing! The windows XP screen would pop up and then in 2 seconds go to Blue Screen error. Tried to fix it for a day or so before I finally had to do a Recovery from Original Discs.

    I use a Windows Home Server So I had all my files, but what a pain and loss of time! And the Virus looks very much like Microsft Security Essentials is running and telling you to uprade your virus protection, the popup warnings are almost identical to MSE.
     
  12. Gene@mpls

    Gene@mpls Very Active Member

    2,008
    87
    48
    Jun 17, 2003
    Blaine, Mn
    Thanks for the info. I just cloned the HDs on all my critical computers this weekend with True
    Image- have a couple of not so critical to go. Hoping that will save my bacon
    someday.
     
  13. John L

    John L Very Active Member

    1,468
    0
    36
    Apr 28, 2007
    Did the virus uninstall AVG on it's somehow? On that subject.. which would be better.. AVG or Avast?
     
  14. strypguy

    strypguy Active Member

    674
    37
    28
    Jan 18, 2009
    Carroll, Iowa
    I've had good luck removing the fake antivirus viruses. As long as you do not hit anything on the desktop related to the vurus after the virus pops up on your screen. Most people want to exit out of the pop up and that actually installs the virus on your computer.

    If you simply go to start menu and get to your system restore. Do a restore point a few days back and the virus is gone. It's worked for me the last three times this problem occurred on my computers.

    Depends on the virus but it works. A friend of mine told me about it and he owns a computer repair store.

    Again, doesn't work in every instance, but it's woth a try if the virus has not already taken over your computer.

    John
     
Loading...

Share This Page

 


Loading...