1. This forum section is a read-only archive which contains old newsgroup posts. If you wish to post a query, please do so in one of our main forum sections (here). This way you will get a faster, better response from the members on Motherboard Point.

Oh, God-- What To Do Now?

Discussion in 'Laptops' started by Ron, Apr 16, 2011.

  1. Ron

    Ron Guest

    Perhaps I've said it before: I really hate Windows XP. I only use
    because it came with my Dell D610 laptop which I bought cheap. What I
    really HATE about XP is it's antivirus feature which occasionally
    kicks in to make my life a living hell.

    A week ago, something set it off and I kept getting a message about XP
    Antivirus Program 2011; that I *needed* this program to get rid of
    what it said was 12 infections. Maybe yes, maybe no-- but this message
    became malware in itself because I could not get rid of it and it
    literally held my laptop hostage until I paid nearly $60 and bought
    the damn program! Once a number was keyed in, the program "cleaned" my
    system and finally went a way, to lurk in the background like some
    Mafia thug waiting to extort me again. I'm not kidding here.

    When I tried to use my laptop, not one single program would work
    except for the two M$oft programs, IE8 and Outlook express; everything
    else I could click on until the cows came home and nothing would
    happen-- except that damn AV program might pop up again. Oh yeah,
    *that* worked too. But 95% of my programs didn't.

    I had a vaguely similar problem before and went into safe mode, to see
    what I could do. I couldn't do anything. Everything I tried resulted
    in an almost total lockout to my programs. I even tried making new
    accounts-- eight of them. Most of them would have the same problem:
    the non-Microsoft programs wouldn't work, and the AV program would pop
    up although it claimed there were no more infections.

    I have been working at this for nearly a week, and now after the 9th
    account, I finally got one that worked right. I came to within a hair
    of doing a root canal and totally getting rid of WP and installing
    something reliable like Windows 2K. But I had already spen $60 for the
    Av program and I can't afford to bleed money for this stupid laptop. I
    have no doubt that sooner or later, this kind of problem is going to
    re-occur as long as it seems to be no way to truly get rid of the AV
    program and the part of XP that controls it. I can't keep going
    through accounts as this wates a lot of time and by accident, I
    already lost a lot of my precious files when I deleted a "corrupt"
    account. Does anyone know what to do about a problem like this. If so,

    Ron, Apr 16, 2011
    1. Advertisements

  2. Ron

    Pen Guest

    Pen, Apr 17, 2011
    1. Advertisements

  3. Ron

    Ron Guest

    I've been a fan of Windows NT and to a lesser extent, Windows 2K; that
    kind of crap couldn't happen on either of those two systems. They
    happen on XP because the OS doesn't really give you the freedom of
    choice to use whatever kind of firewall and Av programs you want to
    use: it only recognizes certain programs or even just the one AV
    program. Who designed such a totally deranged OS?

    If I could, I would go back to Win2k in a heartbeat. Unfortunately, my
    copy requires a disk drive to load in parts of Win2k and this laptop
    has only a DVD/CD to load programs. Win2k was never all that cheap to
    begin with, and it's more costly now than it ever was before, so I sem
    to be stuck with XP but I don't like it. I'm not sure I would have
    gotten the laptop from Amazon if I had known that XP was its operating

    But back to the matter at hand, that article doesn't say what to do
    when your computer has been hijacked an you can run *any* other
    program to even find the culprit at work or to get rid of it.We are
    talking about total lock-down.


    "People make mistakes. But it takes a computer to sriously **** up."

    -- Anonymous --
    Ron, Apr 17, 2011
  4. Ron

    Mike S. Guest

    This is a fake antivirus. Among other things, it intercepts the handler
    for .exe files and directs the requests to itself ... so any time you try
    to run any program it executes the malware instead.

    You need to terminate the process from Task Manager. You can then start
    CMD.EXE by choosing FILE --> NEW TASK and ctrl-clicking on RUN. From
    there, import the "exe file association fix" from the web site of your
    choice and run your REAL antivirus to remove the malware. It typically
    lives in the NETWORK SERVICE local settings folder.
    Mike S., Apr 17, 2011
  5. Ron

    BJ Guest

    You got scammed, and you're trying to blame the OS?
    That's pretty sad. Typically, it is something you did to
    allow it to happen:



    BJ, Apr 17, 2011
  6. Ron

    Bob Villa Guest

    To most, XP was/is the best OS made by MS (and it is based on NT).
    Bob Villa, Apr 17, 2011
  7. Ron

    Ryan P. Guest

    Sorry to say, you got scammed. You picked up a trojan virus which
    pretended it was an antivirus program, and you got tricked into paying
    an unknown party $60.

    No offense, but I find it curious that you are computer savvy enough
    to access USENET, but not savvy enough to recognize the fairly obvious
    signs that you were being presented with a virus, not a legitimate
    program. You should read up on basic security. Again, no offense.
    Trying to help you out so this doesn't happen to you again.

    There are NO legitimate antivirus programs out there that will charge
    you to scan and clean your system. Either they won't monitor your
    system at all, or they will not update the virus definitions. Again,
    any antivirus that scans your system but insists on a payment to clean
    is NOT legitimate.

    Since you created so many accounts, all of which you let be infected
    with this virus, you REALLY should wipe the entire hard drive and
    reinstall Windows.

    And, since it sounds like you weren't actually running any antivirus
    software in the first place, I suggest you download one of the free
    programs out there... Avast, AVG, etc. Also, download some anti
    malware software... Superantispyware for example.
    Ryan P., Apr 17, 2011
  8. Ron

    Ron Guest

    The OS *made* it possible, dude. Funny how this virus only runs on
    XP... Becasuse none of the past systems-- and especially a good one
    like NT-- would rely on a certain AV or firewall program only. The
    people who made this rogue program relied on and took advantage of a
    stupid design flaw in XP. Yeah, I blame the OS and all th morons who
    made it!

    Ron, Apr 18, 2011
  9. Ron

    Ron Guest

    Based on NT the same way a 747 was based on the first Wright brother's
    plane. There is nothing left of NT's security or structual integrity.
    Windows 2k is a whole lot closer to NT and a much better program when
    it comes to both stability and security. XP may have more cutesie
    bells and whistles, but you pay for that dearly. But if it makes you
    happy, go for it; I still think it's crap.

    Ron, Apr 18, 2011
  10. Ron

    Pen Guest

    If you had read the link I sent you, you would have found
    out the virus changes its name depending the system it is
    on. It is NOT only on XP and your whining won't make it so.
    Pen, Apr 18, 2011
  11. Ron

    Ron Guest

    Golly, gee; I kinda figured that out.

    However, I sat for over a week trying to find a way out of a bad
    situation, and for reasons unknown, I couldn't even post to Google
    Groups for a couple of days. My system was totally locked up and my
    number of options could be counted on one finger--

    So since you are obviously much more informed than poor stupid me,
    what would *you* do when absolutely NOTHING else worked? I'd like to

    You don't get it, do you? I have anti-virus programs. I USE anti-virus
    programs. But NOTHING will run when the system is totally locked up.

    Note that I said NOTHING in big large letters.... My only regret is
    that they weren't flamng letters just to be totally clear about this.

    If you ever find yourself in such a situation you might be a little
    less smug.

    Ron, Apr 18, 2011
  12. Ron

    ~misfit~ Guest

    Pull yer head in Ron! You can run any of about a dozen or more AV programmes
    on XP just fine. Your ignorance is what got you into this mess and it's
    stopping anyone from helping you...... Unless you're a troll?

    "He who fights with monsters might take care lest he thereby become a
    monster. And if you gaze for long into an abyss, the abyss gazes also
    into you." Friedrich Wilhelm Nietzsche
    ~misfit~, Apr 18, 2011

  13. Give it up guys...

    Ron is either a troll, or simply and ignorant Ass. Neither deserves
    any more help.
    Charlie Hoffpauir, Apr 18, 2011
  14. Ron

    Ryan P. Guest

    I've been in the situation. I've had to reinstall Windows due to a
    virus/malware that wouldn't go away (or that I didn't trust was truly gone).

    Here's a tip for you in the future... Obtain a bootable CD image from
    some place you trust with an antivirus program on it. If you ever get
    locked out from running software again on your hard drive, you can run
    the antivirus software from DVD.
    Ryan P., Apr 19, 2011
  15. Ron

    schotty456 Guest

    responding to
    schotty456 wrote:
    There is a relatively easy fix for this problem... I run a computer repair
    business, and problems like this are one of the most common things that I
    run into... Follow the steps below, and I assure you that you will be
    right back to enjoying your functional computer in no time at all. If you
    have any questions, feel free to email me at

    1-Google the name of the Fake antivirus program that is popping up on your
    system and figure out what the Process Name is.

    2-Open up the task manager (Ctrl+Alt+Del) and go to the processes tab,
    find the name of the process from step 1, right click it, click "kill
    process tree".

    3-Download and install the Free version of AVG, www.free.avg.com

    4-Update the virus database and run AVG, and get rid of all the infections
    that it finds.

    5-Clean up the mess of user accounts that you created... Don't
    accidentally delete any more of your files.

    6-Restart your computer, and Run AVG again, just to be sure.

    7-Set up AVG to run automatically once a week, at a time that you never
    use your computer.

    8-Set up your power settings so that your computer doesn't go to sleep or
    shut down when you leave it on.

    9-Leave your computer turned at the time you set for AVG to do it's weekly

    10-Enjoy your wonderful and error free WinXP machine!

    schotty456, Apr 19, 2011
  16. Ron

    Bob Villa Guest

    Good advice. If your business is "Schotty Repair"...I would change it!
    Bob Villa, Apr 19, 2011
  17. Ron

    BillW50 Guest

    Hi Ron! I don't know how you paid that 60 bucks by, but if it was by
    credit card, I would call the credit card company and tell them what
    happened if it isn't too late.

    And once a computer is badly compromised, it is best to pull the hard
    drive out and scan it with a clean computer. My nephew brought over his
    laptop for me to work on. And that is how I removed 18 rootkits that was
    on his computer.

    Some people say once a computer has been badly compromised, you would be
    much safer to wipe everything clean and reinstall all over again. And
    while it is more work, it would be the safest approach.

    And just to let you know where I am coming from, I've been using Windows
    since '93. And so far I haven't got one single virus yet (knock on
    BillW50, Apr 19, 2011
  18. Ron

    Lou Marco Guest

    I think you're pretty far off base here. First of all, XP doesn't
    require any particular firewall or AV program. Second of all, why do you
    think NT or 2000 were any more (or less) secure than XP? Is it that NT and
    2000 tended to be run in corporate situations where much of the environment
    could be controlled centrally? You can lock down XP, too: check out the
    NIST or DISA STIGs. Technically XP is MUCH more secure because it's patched
    against well-known exploits but 2K isn't supported any more.
    Other than forcing everyone to run as administrator what flaws are
    you thinking about?

    Well, that and making the GUI effectively part of the kernel...

    And that bogus cooperative multitasking crap... But anyway...
    Lou Marco, Apr 20, 2011
  19. Ron

    Lou Marco Guest

    Formatted the drive and restored from yesterday's backup.
    Lou Marco, Apr 20, 2011
  20. Ron

    Lou Marco Guest

    IMHO you can't trust a single file, especially executable programs,
    after such an incident. You can choose to trust certain data files if the
    cost of restoring known good copies is too high (it shouldn't be. This is
    why Ghu, the great, invented incremental backups) but you cannot "clean" the
    compromised OS installation. Remove it and start from known good copies, or
    you may find savings account withdrawls from ATM's in Kazhikistan on your
    Lou Marco, Apr 20, 2011
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.