|
Help Help!!!
Alan said "That XP Security 2011 is back". He ran a scan. I was out so could not supervise.
I came back, he was on his Mozilla and everything was fine. I just came into the room and he was not on the computer. I decided to go on Flock. Would not come up. I get a prompt asking me "what do you want to use to open up flock?" ???????????? I then went to control panel (to see if flock was still there). I clicked on add/remove programs and IT WOULD NOT LET ME DO THIS. I clicked on Security Center. IT WOULD NOT LET ME DO THAT EITHER. So I can't access add/remove programs, I can't access security center. I can't access Flock. But I can go on Mozilla. And obviously I have a virus or spyware or something and I'm going to run another scan. god I hate computers. Melody |
If you can't get Flock opened after more scans - just re down load it and re install - it probably will find your other settings & bookmarks.
The program itself might still be there but something scrambled the start up part of it. re installing should fix it. |
Quote:
I could not open ANYTHING on my computer except for IE. Any time I clicked on an icon (in the control panel, on the desktop, ANYTHING!!), I would get the message "Cannot find application". Nothing worked. They had me bumped up to Premium Tech support which gave me a free pass and they took their tools and did whatever they had to do. They found the infection, they rebooted it two times My goodness. Right now, everything works. I repeat, I hate computers. Melody |
Quote:
More nonsense happening today. So I made a video so you can see exactly what I'm seeing. Oh, just to correct the opening sentence of my video. the screen is my WINDOWS security center, not Verizon. so I should have began the video by saying "Window Security Center is showing this". Last night the guy from Mcafee did all the stuff to get rid of the XP virus. He told me 'your system is now clean, there are no traces of the virus, and as I checked EVERYTHING WORKED FINE. And it still does. But...... I keep getting pop ups from the XP Security 2011 alert telling me that my system is under attack, that I have trojans, that I should "download XP Security 2011", etc. etc. etc. Every few minutes I get this pop up (just now, something is popped up telling me Stealth Intrusion" blah blah blah. I get this every few minutes. So of course I ran the Internet Security Suite powered by McAfee and it said my system is clean, no viruses no nothing. So am I to understand that I have SOMETHING related to XP Securit 2011 and that it's trying to hijack my computer by telling me I have a virus, but that thing is the virus ITSELF, and I should just ignore it? I'm not going to ignore it. I'm calling up Verizon again, and we'll go through all the tool cleaning up stuff again. This is getting very annoying. The guy, (I saw him doing this), had his tools, he cleaned up EVERYTHING. What is this XP thing doing? hiding in some system files or something? Here's the video I just made. http://www.youtube.com/watch?v=56FASOrJWvQ Melody |
What you might have is a pop up intrusion. That or Alan is continuing to pick it up when he uses the computer.
Fixing that is separate from removing that devil should you download it. If you go to Microsoft and click on pop-up spam blocker, they have a download that will get rid of it. Go to explorer and see if that file exists. That would be the next step in this house. |
Quote:
Never heard of pop up intrusions. It's aptly named isn't it? Melody Went to Microsoft.com and typed in POP UP BLOCKER. Just saw stuff to download for Internet Explore. Alan uses Mozilla, I use flock. does this make any difference? thanks, Melody |
pop ups only come when you log into the internet.
When you are NOT on the net, is that icon there? right click on the icon and see what it is called...that is what you look up in explorer. |
Quote:
XP ANTIVIRUS 2011. Does this mean I have the virus, or if I click yes to anything regarding that message, then I will HAVE THE VIRUS AGAIN? And when you say "go to explorer", what does this mean? thanks Melody |
MS explorer is the MS part of windows that shows you all your files.
Try this.... do a "find" search for that title and see if a file comes up. |
Quote:
I guess I have to call the tech guy again. I'm getting SO tired of this virus I can' tell you. But at least Alan is very much on the mend and no more fever for 2 days and I'm dressing his wound. So far, so good. Melody P.S. Thanks much |
|
It sounds like the tech guys are missing something..
they are doing the clean up by remote access right? They should know how to do the "show hidden folders" to make sure they are getting all traces of it. Verizon is providing the security program for your computer right? Sometime viruses/Trojans/spy-ware will not use the same name when in the system - makes it harder to find all the parts of them. I don't know if you are familiar with the CTRL/ALT/DEL key combo- pressing that combination will bring up your task manager. The processes tab will show what is actually running in real time on your computer. but don't change anything- in this area!! only look at it to see what is running on your system some you can tell right away what they are- firefox , flock, task manager , explorer etc there will be quite a few service host entries ( mine had about 7 of those listed). what I do is check anything I don't recognize, by a Google search, or on this site - http://www.processlibrary.com/ to read about it and see what it is for. This might help to give you an idea if a suspicious program is still running or not If you do try that let us know what you see there. Or if something shows up as very suspicious call Verizon and have them try again right away. If you do get it cleaned up again - I suggest down loading & installing Threatfire - it is a real time tool that should stop those things before they can get on to your system. It is compatible with other anti virus programs - they can both run at the same time- full time. TF works in a different way. here's the link to it that explains better than I can. http://www.threatfire.com/ |
Hi.
I am hysterical. Just got off the phone with the guy in India. Nicest guy. He was especially nice after I told him I used to work for an Indian company in NYC for 10 years and I spoke to him in his native language. He got such a kick out of that. He did EXACTLY as you suggested. The Control Alt Delete thing. Task manager, etc. He showed me what he was doing and I followed him. He was looking for a 3 letter file with the .exe extention. I said "Oh, an executable file? He said "Exactly" he explained how the XP Antivirus 2011 renames itself and gets into the internet files and that's why I could not get onto Internet Explorer before. I kept getting "Warning, warning, danger danger, download XP Security Anti-virus 2011", which we all know IS BAD, IS A VIRUS AND I'M NOT DOWLOADING THIS. Initially we booted up in safe mode, and I still could not load up IE. That's when we did a few things together, he was able to remotely go on my system, and he took it from there, AND THAT'S WHEN HE SHOWED ME THE TASK MANAGER THING. I learned so much today, I can't tell you. Not that I'm like this guy or like you guys, but hey, I LEARNED SOMETHING TODAY. I have a case number with Mcafee and they told me I can always call them, that's what they are there for. He also told me that if I had Windows 7, the virus would call itself Windows & Security Antivirus 2011. So I know in the future to look for a 3 letter file with a .exe after it. I hope this never happens again, but hey, I learned something today. It's amazing that you know exactly what that guy was walking me through. Amazing. Melody |
Well, THAT LASTED ALL OF FIVE MINUTES.
Alan sat down at the computer, clicked on one of his stupid money making sites, and said "uh oh". I said "it's back" Five minutes to make it come back. I'm going to kill him. I do not know what to do anymore. I am so sick of this crap Melody |
I think the Threatfire program is what you need to protect the computer from Alan...;)
Many of the running processes in the task manager are .exe, and a virus might eventually change the first part of the name or letters, that's why you have to do a web search on the names that you don't recognize.. and just ending the"bad" process there won't stop it totally - you would have to go deeper into the system files to find it and remove all traces. I'm assuming that's what the guy did. I wonder if you clear the cache & all the cookies on all your browsers - especially all the cache & cookies Alan has on FF... maybe when he clicks the same link the cookies & cache are bringing the virus right back??? |
found more info about XP Security Anti-virus 2011
( fake= not a security software - it is a virus program (just adding that for other readers that might see the name and think it is a good AV program) Do not do a web search for any virus by name, about half of the search results are shown as not safe per my WOT browser add-on. Only do these searches on known top rated computer websites - the top ten listed here- http://internet-security-suite-revie...enreviews.com/ go to their websites to search for virus, Trojans, spy ware information. There are other reputable sites and forums with good information but you can't tell what is safe to click on or not - unless you have some program or add-on installed to mark or block the bad sites. [XP Anti-Virus 2011, Vista Total Security 2011, and Win 7 Home Security include some of the names that a new name-changing rogue will randomly use when installing itself on a victim's computer. When this particular rogue is installed, it will install itself as a variety of different program names, with each having their own graphical user interface depending on the version of Windows that the computer is running. Regardless of the name, though, they are all the exact same program with just a different name and skin on it. This rogue goes by many different program names, which I have listed below based upon the version of Windows that it is installed on:] http://www.bleepingcomputer.com/viru...-security-2011 |
Jo.
Alan is so upset he is threatening to throw out the computer and not have ANY internet. He says 'if I can't go on my sites and click on ads and make a few bucks, then WHY do we need the internet?" I explained that because we have a bundle with Verizon that includes the tv, internet and cable tv, that if we took off the internet part, that would stop it being a bundle and we really wouldn't be paying cheaper anyway. He is just very mad. I looked up the 3 sites that he frequents (we have this google red, green and orange thing), that when you type in a website in google, it will tell you if it's safe or not. I looked up all 3 sites. All red circles, so these sites are not safe. Don't know if the red circle means it's got a virus or it's a scam, but these sites show up as red. Alan says he has to go on these sites. So if I download threatfire and install it, will it stop ANY BAD STUFF FROM GOING ON OUR COMPUTER? I mean, the guy has neuropathy, he can't really walk anyplace, and all he has is the computer and his stupid websites. I mean, do you think having the threatfire thing would let Alan go on these sites? Melody |
Unsafe sites, have spammers (and viruses) that download by just VISITING... you don't even have to click on them...to activate them.
They will hijack your startup page too. So if you know they are there, you CANNOT even visit them! This used to be the case on porn sites, but it can be adapted for any place. That is why the rating add-ons that Jo suggests are important! Throwing out the internet is not reasonable, since YOU still can use it. But Alan needs to understand how things like this work. If he cannot understand these principles, then yes, HE should stay away until he does. |
I'm not sure how it would handle them , maybe block them, or allow a portion of them, or maybe just block the tracking cookies.
It depends on what the problem or risk factor is pertaining to those sites. You can always try TF and see what happens , how it works for you. If you don't care for it remove it. Is he making much money by clicking those sites/ads? If it is just for an activity to fill the time , maybe puzzles, safe game sites or even some kind of a hobby... Have you looked at the cookies section on FF to see what kind of stuff is there? [Firefox Cookie permissions are controlled in "Tools -> Options -> Privacy". (In Firefox 3.5, you must select "Use custom settings for history" in the "Firefox will:" drop-down menu, if another option is shown.) You may choose to accept all cookies that websites wish to set or, in Firefox 3.0 and above, you may choose to accept or block third-party cookies that are often set by other companies who advertise on those sites. ] http://kb.mozillazine.org/Cookies |
Quote:
It's enough to make us go out and by a MAC if we had the money to do so. But.....I now have THREATFIRE. It did an initial scan and all is well. I have no idea what will happen later. I hate computers, all I do is go on this website and my sprouting websites and that's it. And now I have to worry that new viruses are coming out each week? My god, I long for 15 years ago when I had AOL and it was for dummies and I would hear "Welcome, You've got Mail" Melody |
We have a friend who does "secret shopping" for businesses.
They often have internet sign ups...or you can look them up. She goes to the targeted stores on her day off, and evaluates the employee help and other factors. She says it is fun, and makes a few bucks for her without being a strain. NY must have many of these companies. You don't have to use your computer to shop... and it would get you out...and have some fun, Melody. Just an idea. |
Quote:
My cousin in law is a mystery shopper. I have no way to get around. They cut my access a ride and it's now a feeder service and they drop you off at train stations. I don't do trains. So now when we go on appointments we use Alan's access a ride. The last time he was in the transport chair and we used the lift. So me going anywhere (I don't drive and Alan can't drive) and we don't have a car, well that's not going to happen. I will continue to do ebay. I've sold on it before. But so far so good. I see the little thumbs up icon for threatfire on the bottom right of the monitor and Alan has gone on his sites for about an hour after I installed threatfire. And he deleted the one site that he thinks is the culprit. So one site DOWN, more to come. Hey, he's trying. lol And thanks to all of you for all the nice suggestions. I now have Verizon Internet Security Suite and threatfire. My goodness, that and my sprouts, What else does a girl need? lol Melody |
Hi. I'm getting quite good at this virus thingee.
Alan was at a GREEN site and the virus came back. He looked at me and said "It wasn't me this time". I remembered what the tech guy did. I did the Task Manager thing. I recognized a 3 letter thing and it was cym.exe. My computer would not let me get on the internet no matter what I tried. I remembered how the tech guy got on. He went to Start - Run, and he typed in www.ie.explorer.com and he got on. So I did it. I got on. I then googled cym.exe and it was a rogue spyware thing. I then remembered how to disable the thing by re-nameing it. I did the My compuer, tools - folder options, Select view, Under hidden files and folders, I selected Show hidden files and folders. etc. etc. etc. I did it all I then had to find the cym.exe. I found it and re-named it. I then rebooted my comptuter. No more virus BUT.... now I get the "open with" pop up whenever I try to left click on ANYTHING. I know this has something to do with registry and taking out the .exe I don't know what to do next. If you explain to me how I can get rid of the "open with", then I will have, for the first time in my life, I will have GOTTEN RID OF A VIRUS WITHOUT HAVING TO CALL MCAFEE. Now wouldn't THAT be something?? lol Melody Then once I do this, I will try and learn the linux thing. Thanks for your help. Honestly, I don't know when I'm coming back on this forum (to post replies). We are having a very sad time with our son and we have lots of stuff to deal with. Thanks much Melody |
| All times are GMT -5. The time now is 07:06 AM. |
Powered by vBulletin • Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
vBulletin Optimisation provided by
vB Optimise (Lite) -
vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.