cancel
Showing results for 
Search instead for 
Did you mean: 
SNorman
Level 7
Report Inappropriate Content
Message 1 of 12

New Malware program, and it's the worst I've seen

I just got rid of a malware infection almost EXACTLY a month ago and it was tough. However, this is a new one I've never even heard about. Instead of only disabling and blocking Anti-Virus programs, it blocks EVERYTHING. If it has an ".exe" attached to it, it prevents it from running and claims it's infected. Even basic processes like Task Manager, Add/Remove Programs, it even ATTEMPTED to block winlogon when I was restarting my computer. I even tried using the rkill program I did last time, and it blocks ALL 4 instances of it. However, I discovered one weakness: it can't function in Windows Safe Mode (Which is how I'm here right now). The reson I'm here is because neither Malwarebytes nor McAfee can find it. I've ran 3 scans on each and they come back negative, as if it's not installed on the computer. Any ideas?

Message was edited by: SNorman on 2/7/10 12:17:11 PM GMT-05:00
11 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 12

Re: New Malware program, and it's the worst I've seen

In "Safe Mode with Networking" (Safe Mode with internet) did you update MalwareBytes before running it?  Also do you have a name for it?

SNorman
Level 7
Report Inappropriate Content
Message 3 of 12

Re: New Malware program, and it's the worst I've seen

It called itself "Security Pro" and yes, I've updated Malwarebytes.

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 4 of 12

Re: New Malware program, and it's the worst I've seen

Not heard of that one and seemingly neither has the Internet.   If you have access to a clean machine that can burn media (CDRW or DVDRW) I suggest running our Security Moderator Secured2k's "BootCD".

Available HERE - any questions regarding it should go in that thread.

SNorman
Level 7
Report Inappropriate Content
Message 5 of 12

Re: New Malware program, and it's the worst I've seen

I will give it a try and IMMIDIATELY get back to you.

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 6 of 12

Re: New Malware program, and it's the worst I've seen

Good luck.  Even if it fails let Mark know about it in that thread.

Message was edited by: Ex_Brit on 07/02/10 12:48:20 EST PM

Re: New Malware program, and it's the worst I've seen

This sounds like the exact same one I've got on two of my machines.

See thread: Virus not being detected...

I'll be real interested if McAfee can find and destroy this thing.  It's shut down all the .exe's as well.  And on one of my machines, it will not allow me to boot in any Safe Mode...

Wish I had a CD drive to try Mark's fix...can it be done with a USB flash drive??

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 8 of 12

Re: New Malware program, and it's the worst I've seen

a1jasong wrote:

This sounds like the exact same one I've got on two of my machines.

See thread: Virus not being detected...

I'll be real interested if McAfee can find and destroy this thing.  It's shut down all the .exe's as well.  And on one of my machines, it will not allow me to boot in any Safe Mode...

Wish I had a CD drive to try Mark's fix...can it be done with a USB flash drive??

There are many types of malware that anti-virus applications aren't very good at dealing with, hence the ned of speicalist tools.   If there is exe that one can isolate, zip and forward to McAfee then perhaps they may be able to issue an update to cover it but it's not always possible.

You would have to ask Mark regarding using a USB drive for his BootCD application.

SNorman
Level 7
Report Inappropriate Content
Message 9 of 12

Re: New Malware program, and it's the worst I've seen

I had the name wrong, it's actually "Antivirus Soft" I found a guide to get rid of it, following the instructions right now:

http://deletemalware.blogspot.com/2010/01/how-to-remove-antivirus-soft-fake.html

I'll let you know if it works...

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 10 of 12

Re: New Malware program, and it's the worst I've seen

SNorman wrote:

I had the name wrong, it's actually "Antivirus Soft" I found a guide to get rid of it, following the instructions right now:

http://deletemalware.blogspot.com/2010/01/how-to-remove-antivirus-soft-fake.html

I'll let you know if it works...

Aha, then there are several threads on this already.  Many have had success with http://www.bleepingcomputer.com/virus-removal/remove-antivirus-soft