Windows Vista Forums

formidable malware -- PC_AntiSpyware2010

  1. #1


    NetLink_Blue Guest

    formidable malware -- PC_AntiSpyware2010

    Yesterday I managed to infect my Vista Ultimate with a very virulent ( new?)
    strain of PC_AntiSpyware2010. The battle for control of my computer lasted
    5 hours last evening, and a few more hours this morning.

    I finally threw in the towel today, and re-imaged my Vista partition with a
    backup (a bit old - but oh well). Thank goodness Acronis 10 came thru for
    me. The pucker factor was pretty high, considering my hard-drive had
    changed considerably as to partition sizes and number.

    I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
    took away all my weapons that I could throw at it. Safe mode OR normal
    boot. Task Manager worked (slowly, like regedit and everything else on poor
    'ol Vista), but stopping rogue entries became a Mallet & Ground Chuck game.

    Malware Bytes Anti-Malware
    Hi-Jack This
    Stubware Scanner
    System Internals Auto-Runs (sheesh)
    SmitFraudFix

    .... the above programs would start and become active -- than would just
    quietly shutdown. RegistryFix7 and another registry contestant held up
    longer, but also just (poof) vanished after thinking about my problem.

    If you happen to get this strain, kiss your buttocks good-bye. And hope you
    have a recovery option of sorts. This was a serious bit of malicious
    coding.

    Net-Link Blue



      My System SpecsSystem Spec

  2.   


  3. #2


    Peter Foldes Guest

    Re: formidable malware -- PC_AntiSpyware2010

    SuperAntiSpyware has the capability for this PC_AntiSpyware2010. Few people used it
    for the same malware and all had success with it.



    --
    Peter

    Please Reply to Newsgroup for the benefit of others
    Requests for assistance by email can not and will not be acknowledged.

    "NetLink_Blue" <PcjTv@xxxxxx> wrote in message
    news:erJCL40KKHA.1492@xxxxxx

    > Yesterday I managed to infect my Vista Ultimate with a very virulent ( new?)
    > strain of PC_AntiSpyware2010. The battle for control of my computer lasted 5
    > hours last evening, and a few more hours this morning.
    >
    > I finally threw in the towel today, and re-imaged my Vista partition with a backup
    > (a bit old - but oh well). Thank goodness Acronis 10 came thru for me. The
    > pucker factor was pretty high, considering my hard-drive had changed considerably
    > as to partition sizes and number.
    >
    > I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010 took away
    > all my weapons that I could throw at it. Safe mode OR normal boot. Task Manager
    > worked (slowly, like regedit and everything else on poor 'ol Vista), but stopping
    > rogue entries became a Mallet & Ground Chuck game.
    >
    > Malware Bytes Anti-Malware
    > Hi-Jack This
    > Stubware Scanner
    > System Internals Auto-Runs (sheesh)
    > SmitFraudFix
    >
    > ... the above programs would start and become active -- than would just quietly
    > shutdown. RegistryFix7 and another registry contestant held up longer, but also
    > just (poof) vanished after thinking about my problem.
    >
    > If you happen to get this strain, kiss your buttocks good-bye. And hope you have
    > a recovery option of sorts. This was a serious bit of malicious coding.
    >
    > Net-Link Blue
    >
    >

      My System SpecsSystem Spec

  4. #3


    NetLink_Blue Guest

    Re: formidable malware -- PC_AntiSpyware2010


    "Peter Foldes" <okf22@xxxxxx> wrote in message
    news:uH5BzI1KKHA.5628@xxxxxx

    > SuperAntiSpyware has the capability for this PC_AntiSpyware2010. Few
    > people used it for the same malware and all had success with it.
    > --
    > Peter
    I had SuperAntiSpyware installed. I tried to use it. It fared no better
    than the other programs mentioned below. SaS also has something called an
    "alternate" start link. Using that, I could at least see a startup window.
    Seconds after I hit the "scan" button. pffft ...

    This new strain is some serious MoJo. What 2010 was doing on these key
    program files was changing permissions to a single user named "EveryBody"
    ( right-click file / security tab / insane rubix-cube of technical poop).
    %UserName% (me) was still the "owner" of the file. No help there. As soon
    as I would rename the correct users for permissions, and run the file it
    would reset back to "Everybody". And I would be locked out again.

    In safe mode, the computer would only spin the blue circle after
    right-clicking on a file. Nasty.

    Net_L :~(


    > Please Reply to Newsgroup for the benefit of others
    > Requests for assistance by email can not and will not be acknowledged.
    >
    > "NetLink_Blue" <PcjTv@xxxxxx> wrote in message
    > news:erJCL40KKHA.1492@xxxxxx

    >> Yesterday I managed to infect my Vista Ultimate with a very virulent (
    >> new?) strain of PC_AntiSpyware2010. The battle for control of my
    >> computer lasted 5 hours last evening, and a few more hours this morning.
    >>
    >> I finally threw in the towel today, and re-imaged my Vista partition with
    >> a backup (a bit old - but oh well). Thank goodness Acronis 10 came thru
    >> for me. The pucker factor was pretty high, considering my hard-drive had
    >> changed considerably as to partition sizes and number.
    >>
    >> I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
    >> took away all my weapons that I could throw at it. Safe mode OR normal
    >> boot. Task Manager worked (slowly, like regedit and everything else on
    >> poor 'ol Vista), but stopping rogue entries became a Mallet & Ground
    >> Chuck game.
    >>
    >> Malware Bytes Anti-Malware
    >> Hi-Jack This
    >> Stubware Scanner
    >> System Internals Auto-Runs (sheesh)
    >> SmitFraudFix
    >>
    >> ... the above programs would start and become active -- than would just
    >> quietly shutdown. RegistryFix7 and another registry contestant held up
    >> longer, but also just (poof) vanished after thinking about my problem.
    >>
    >> If you happen to get this strain, kiss your buttocks good-bye. And hope
    >> you have a recovery option of sorts. This was a serious bit of malicious
    >> coding.
    >>
    >> Net-Link Blue
    >>
    >>
    >

      My System SpecsSystem Spec

  5. #4


    Mike Hall - MVP Guest

    Re: formidable malware -- PC_AntiSpyware2010


    "NetLink_Blue" <PcjTv@xxxxxx> wrote in message
    news:e3#sOF2KKHA.4608@xxxxxx

    >
    > "Peter Foldes" <okf22@xxxxxx> wrote in message
    > news:uH5BzI1KKHA.5628@xxxxxx

    >> SuperAntiSpyware has the capability for this PC_AntiSpyware2010. Few
    >> people used it for the same malware and all had success with it.
    >> --
    >> Peter
    >
    > I had SuperAntiSpyware installed. I tried to use it. It fared no better
    > than the other programs mentioned below. SaS also has something called an
    > "alternate" start link. Using that, I could at least see a startup
    > window. Seconds after I hit the "scan" button. pffft ...
    >
    > This new strain is some serious MoJo. What 2010 was doing on these key
    > program files was changing permissions to a single user named "EveryBody"
    > ( right-click file / security tab / insane rubix-cube of technical poop).
    > %UserName% (me) was still the "owner" of the file. No help there. As
    > soon as I would rename the correct users for permissions, and run the file
    > it would reset back to "Everybody". And I would be locked out again.
    >
    > In safe mode, the computer would only spin the blue circle after
    > right-clicking on a file. Nasty.
    >
    > Net_L :~(
    >
    >

    >> Please Reply to Newsgroup for the benefit of others
    >> Requests for assistance by email can not and will not be acknowledged.
    >>
    >> "NetLink_Blue" <PcjTv@xxxxxx> wrote in message
    >> news:erJCL40KKHA.1492@xxxxxx

    >>> Yesterday I managed to infect my Vista Ultimate with a very virulent (
    >>> new?) strain of PC_AntiSpyware2010. The battle for control of my
    >>> computer lasted 5 hours last evening, and a few more hours this morning.
    >>>
    >>> I finally threw in the towel today, and re-imaged my Vista partition
    >>> with a backup (a bit old - but oh well). Thank goodness Acronis 10 came
    >>> thru for me. The pucker factor was pretty high, considering my
    >>> hard-drive had changed considerably as to partition sizes and number.
    >>>
    >>> I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
    >>> took away all my weapons that I could throw at it. Safe mode OR normal
    >>> boot. Task Manager worked (slowly, like regedit and everything else on
    >>> poor 'ol Vista), but stopping rogue entries became a Mallet & Ground
    >>> Chuck game.
    >>>
    >>> Malware Bytes Anti-Malware
    >>> Hi-Jack This
    >>> Stubware Scanner
    >>> System Internals Auto-Runs (sheesh)
    >>> SmitFraudFix
    >>>
    >>> ... the above programs would start and become active -- than would just
    >>> quietly shutdown. RegistryFix7 and another registry contestant held up
    >>> longer, but also just (poof) vanished after thinking about my problem.
    >>>
    >>> If you happen to get this strain, kiss your buttocks good-bye. And hope
    >>> you have a recovery option of sorts. This was a serious bit of
    >>> malicious coding.
    >>>
    >>> Net-Link Blue
    >>>
    >>>
    >>
    >
    It is unfortunate that malware is good enough to force a full system
    recovery. It is even more unfortunate that the majority of home users still
    fail to back up their important stuff..

    --

    Mike Hall - MVP Windows Experience
    http://msmvps.com/blogs/mikehall/


      My System SpecsSystem Spec

  6. #5


    Kerry Brown Guest

    Re: formidable malware -- PC_AntiSpyware2010

    It's the nature of a root kit that it can't be stopped or deleted while it's
    running. If you boot from the hard drive there is a good chance it is
    running. You have to identify the files as best as possible while it's
    running then boot from a Linux CD and delete them. This often takes several
    iterations and often causes a lot of collateral damage such that Windows
    won't boot. The best thing to do with severe infections is to nuke the box
    and rebuild.

    --
    Kerry Brown
    MS-MVP - Windows Desktop Experience: Systems Administration
    http://www.vistahelp.ca/phpBB2/


    "NetLink_Blue" <PcjTv@xxxxxx> wrote in message
    news:erJCL40KKHA.1492@xxxxxx

    > Yesterday I managed to infect my Vista Ultimate with a very virulent (
    > new?) strain of PC_AntiSpyware2010. The battle for control of my computer
    > lasted 5 hours last evening, and a few more hours this morning.
    >
    > I finally threw in the towel today, and re-imaged my Vista partition with
    > a backup (a bit old - but oh well). Thank goodness Acronis 10 came thru
    > for me. The pucker factor was pretty high, considering my hard-drive had
    > changed considerably as to partition sizes and number.
    >
    > I'm no slouch as far as peeking under Vista's skirts ... but damn! 2010
    > took away all my weapons that I could throw at it. Safe mode OR normal
    > boot. Task Manager worked (slowly, like regedit and everything else on
    > poor 'ol Vista), but stopping rogue entries became a Mallet & Ground Chuck
    > game.
    >
    > Malware Bytes Anti-Malware
    > Hi-Jack This
    > Stubware Scanner
    > System Internals Auto-Runs (sheesh)
    > SmitFraudFix
    >
    > ... the above programs would start and become active -- than would just
    > quietly shutdown. RegistryFix7 and another registry contestant held up
    > longer, but also just (poof) vanished after thinking about my problem.
    >
    > If you happen to get this strain, kiss your buttocks good-bye. And hope
    > you have a recovery option of sorts. This was a serious bit of malicious
    > coding.
    >
    > Net-Link Blue
    >
    >

      My System SpecsSystem Spec


formidable malware -- PC_AntiSpyware2010
Similar Threads
Thread Forum
malware System Security
Malware Vista security
Malware Detections of Free Anti-Malware/Anti-Spyware System Security
malware off Vista security
Malware Vista security