Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

formidable malware -- PC_AntiSpyware2010

microsoft.public.windows.vista.security






Speedup My PC
Reply
  #1 (permalink)  
Old 09-01-2009
NetLink_Blue
 

Posts: n/a
formidable malware -- PC_AntiSpyware2010
Yesterday I managed to infect my Vista Ultimate with a very virulent ( new?)
strain of PC_AntiSpyware2010. The battle for control of my computer lasted
5 hours last evening, and a few more hours this morning.

I finally threw in the towel today, and re-imaged my Vista partition with a
backup (a bit old - but oh well). Thank goodness Acronis 10 came thru for
me. The pucker factor was pretty high, considering my hard-drive had
changed considerably as to partition sizes and number.

I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
took away all my weapons that I could throw at it. Safe mode OR normal
boot. Task Manager worked (slowly, like regedit and everything else on poor
'ol Vista), but stopping rogue entries became a Mallet & Ground Chuck game.

Malware Bytes Anti-Malware
Hi-Jack This
Stubware Scanner
System Internals Auto-Runs (sheesh)
SmitFraudFix

.... the above programs would start and become active -- than would just
quietly shutdown. RegistryFix7 and another registry contestant held up
longer, but also just (poof) vanished after thinking about my problem.

If you happen to get this strain, kiss your buttocks good-bye. And hope you
have a recovery option of sorts. This was a serious bit of malicious
coding.

Net-Link Blue


Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 09-01-2009
Peter Foldes
 

Posts: n/a
Re: formidable malware -- PC_AntiSpyware2010
SuperAntiSpyware has the capability for this PC_AntiSpyware2010. Few people used it
for the same malware and all had success with it.



--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"NetLink_Blue" <PcjTv@cooltoad.com> wrote in message
news:erJCL40KKHA.1492@TK2MSFTNGP03.phx.gbl...
> Yesterday I managed to infect my Vista Ultimate with a very virulent ( new?)
> strain of PC_AntiSpyware2010. The battle for control of my computer lasted 5
> hours last evening, and a few more hours this morning.
>
> I finally threw in the towel today, and re-imaged my Vista partition with a backup
> (a bit old - but oh well). Thank goodness Acronis 10 came thru for me. The
> pucker factor was pretty high, considering my hard-drive had changed considerably
> as to partition sizes and number.
>
> I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010 took away
> all my weapons that I could throw at it. Safe mode OR normal boot. Task Manager
> worked (slowly, like regedit and everything else on poor 'ol Vista), but stopping
> rogue entries became a Mallet & Ground Chuck game.
>
> Malware Bytes Anti-Malware
> Hi-Jack This
> Stubware Scanner
> System Internals Auto-Runs (sheesh)
> SmitFraudFix
>
> ... the above programs would start and become active -- than would just quietly
> shutdown. RegistryFix7 and another registry contestant held up longer, but also
> just (poof) vanished after thinking about my problem.
>
> If you happen to get this strain, kiss your buttocks good-bye. And hope you have
> a recovery option of sorts. This was a serious bit of malicious coding.
>
> Net-Link Blue
>
>


Reply With Quote
  #3 (permalink)  
Old 09-02-2009
NetLink_Blue
 

Posts: n/a
Re: formidable malware -- PC_AntiSpyware2010

"Peter Foldes" <okf22@hotmail.com> wrote in message
news:uH5BzI1KKHA.5628@TK2MSFTNGP03.phx.gbl...
> SuperAntiSpyware has the capability for this PC_AntiSpyware2010. Few
> people used it for the same malware and all had success with it.
> --
> Peter


I had SuperAntiSpyware installed. I tried to use it. It fared no better
than the other programs mentioned below. SaS also has something called an
"alternate" start link. Using that, I could at least see a startup window.
Seconds after I hit the "scan" button. pffft ...

This new strain is some serious MoJo. What 2010 was doing on these key
program files was changing permissions to a single user named "EveryBody"
( right-click file / security tab / insane rubix-cube of technical poop).
%UserName% (me) was still the "owner" of the file. No help there. As soon
as I would rename the correct users for permissions, and run the file it
would reset back to "Everybody". And I would be locked out again.

In safe mode, the computer would only spin the blue circle after
right-clicking on a file. Nasty.

Net_L :~(


> Please Reply to Newsgroup for the benefit of others
> Requests for assistance by email can not and will not be acknowledged.
>
> "NetLink_Blue" <PcjTv@cooltoad.com> wrote in message
> news:erJCL40KKHA.1492@TK2MSFTNGP03.phx.gbl...
>> Yesterday I managed to infect my Vista Ultimate with a very virulent (
>> new?) strain of PC_AntiSpyware2010. The battle for control of my
>> computer lasted 5 hours last evening, and a few more hours this morning.
>>
>> I finally threw in the towel today, and re-imaged my Vista partition with
>> a backup (a bit old - but oh well). Thank goodness Acronis 10 came thru
>> for me. The pucker factor was pretty high, considering my hard-drive had
>> changed considerably as to partition sizes and number.
>>
>> I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
>> took away all my weapons that I could throw at it. Safe mode OR normal
>> boot. Task Manager worked (slowly, like regedit and everything else on
>> poor 'ol Vista), but stopping rogue entries became a Mallet & Ground
>> Chuck game.
>>
>> Malware Bytes Anti-Malware
>> Hi-Jack This
>> Stubware Scanner
>> System Internals Auto-Runs (sheesh)
>> SmitFraudFix
>>
>> ... the above programs would start and become active -- than would just
>> quietly shutdown. RegistryFix7 and another registry contestant held up
>> longer, but also just (poof) vanished after thinking about my problem.
>>
>> If you happen to get this strain, kiss your buttocks good-bye. And hope
>> you have a recovery option of sorts. This was a serious bit of malicious
>> coding.
>>
>> Net-Link Blue
>>
>>

>


Reply With Quote
  #4 (permalink)  
Old 09-02-2009
Mike Hall - MVP
 

Posts: n/a
Re: formidable malware -- PC_AntiSpyware2010

"NetLink_Blue" <PcjTv@cooltoad.com> wrote in message
news:e3#sOF2KKHA.4608@TK2MSFTNGP02.phx.gbl...
>
> "Peter Foldes" <okf22@hotmail.com> wrote in message
> news:uH5BzI1KKHA.5628@TK2MSFTNGP03.phx.gbl...
>> SuperAntiSpyware has the capability for this PC_AntiSpyware2010. Few
>> people used it for the same malware and all had success with it.
>> --
>> Peter

>
> I had SuperAntiSpyware installed. I tried to use it. It fared no better
> than the other programs mentioned below. SaS also has something called an
> "alternate" start link. Using that, I could at least see a startup
> window. Seconds after I hit the "scan" button. pffft ...
>
> This new strain is some serious MoJo. What 2010 was doing on these key
> program files was changing permissions to a single user named "EveryBody"
> ( right-click file / security tab / insane rubix-cube of technical poop).
> %UserName% (me) was still the "owner" of the file. No help there. As
> soon as I would rename the correct users for permissions, and run the file
> it would reset back to "Everybody". And I would be locked out again.
>
> In safe mode, the computer would only spin the blue circle after
> right-clicking on a file. Nasty.
>
> Net_L :~(
>
>
>> Please Reply to Newsgroup for the benefit of others
>> Requests for assistance by email can not and will not be acknowledged.
>>
>> "NetLink_Blue" <PcjTv@cooltoad.com> wrote in message
>> news:erJCL40KKHA.1492@TK2MSFTNGP03.phx.gbl...
>>> Yesterday I managed to infect my Vista Ultimate with a very virulent (
>>> new?) strain of PC_AntiSpyware2010. The battle for control of my
>>> computer lasted 5 hours last evening, and a few more hours this morning.
>>>
>>> I finally threw in the towel today, and re-imaged my Vista partition
>>> with a backup (a bit old - but oh well). Thank goodness Acronis 10 came
>>> thru for me. The pucker factor was pretty high, considering my
>>> hard-drive had changed considerably as to partition sizes and number.
>>>
>>> I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
>>> took away all my weapons that I could throw at it. Safe mode OR normal
>>> boot. Task Manager worked (slowly, like regedit and everything else on
>>> poor 'ol Vista), but stopping rogue entries became a Mallet & Ground
>>> Chuck game.
>>>
>>> Malware Bytes Anti-Malware
>>> Hi-Jack This
>>> Stubware Scanner
>>> System Internals Auto-Runs (sheesh)
>>> SmitFraudFix
>>>
>>> ... the above programs would start and become active -- than would just
>>> quietly shutdown. RegistryFix7 and another registry contestant held up
>>> longer, but also just (poof) vanished after thinking about my problem.
>>>
>>> If you happen to get this strain, kiss your buttocks good-bye. And hope
>>> you have a recovery option of sorts. This was a serious bit of
>>> malicious coding.
>>>
>>> Net-Link Blue
>>>
>>>

>>

>


It is unfortunate that malware is good enough to force a full system
recovery. It is even more unfortunate that the majority of home users still
fail to back up their important stuff..

--

Mike Hall - MVP Windows Experience
http://msmvps.com/blogs/mikehall/

Reply With Quote
  #5 (permalink)  
Old 09-04-2009
Kerry Brown
 

Posts: n/a
Re: formidable malware -- PC_AntiSpyware2010
It's the nature of a root kit that it can't be stopped or deleted while it's
running. If you boot from the hard drive there is a good chance it is
running. You have to identify the files as best as possible while it's
running then boot from a Linux CD and delete them. This often takes several
iterations and often causes a lot of collateral damage such that Windows
won't boot. The best thing to do with severe infections is to nuke the box
and rebuild.

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/


"NetLink_Blue" <PcjTv@cooltoad.com> wrote in message
news:erJCL40KKHA.1492@TK2MSFTNGP03.phx.gbl...
> Yesterday I managed to infect my Vista Ultimate with a very virulent (
> new?) strain of PC_AntiSpyware2010. The battle for control of my computer
> lasted 5 hours last evening, and a few more hours this morning.
>
> I finally threw in the towel today, and re-imaged my Vista partition with
> a backup (a bit old - but oh well). Thank goodness Acronis 10 came thru
> for me. The pucker factor was pretty high, considering my hard-drive had
> changed considerably as to partition sizes and number.
>
> I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
> took away all my weapons that I could throw at it. Safe mode OR normal
> boot. Task Manager worked (slowly, like regedit and everything else on
> poor 'ol Vista), but stopping rogue entries became a Mallet & Ground Chuck
> game.
>
> Malware Bytes Anti-Malware
> Hi-Jack This
> Stubware Scanner
> System Internals Auto-Runs (sheesh)
> SmitFraudFix
>
> ... the above programs would start and become active -- than would just
> quietly shutdown. RegistryFix7 and another registry contestant held up
> longer, but also just (poof) vanished after thinking about my problem.
>
> If you happen to get this strain, kiss your buttocks good-bye. And hope
> you have a recovery option of sorts. This was a serious bit of malicious
> coding.
>
> Net-Link Blue
>
>

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Malware is Getting Formidable, But So Are Your Defenses Steve Security News 0 03-22-2009 23:10
Malware Center: New malware emails spoof CNN news item and Adobe player Steve Security News 0 01-08-2009 17:20
Malware Center: Zero-day Web malware blocks surpass yearly average Steve Security News 0 12-23-2008 10:40
Malware Center: Malware week: Antivirus360 antivirus and Sinowal.VXR banker trojan Steve Security News 0 12-23-2008 09:50
Malware Center: Zero-day web malware blocks surpass yearly average Steve Security News 0 12-23-2008 09:50




All times are GMT +1. The time now is 07:04.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120