xp security 2012 virus - help needed

JuanR

my dell desktop just inhereted this virus. Can someone help me on how to remove it? i need step by step instructions with a link to the removal software. i downloaded Norton antivirus and it has only been able to fix TDSS. ANY HELP is much appreciated.

thanks

Juan

RuSsMaN

Fdisk.

Sherardp

Try this, download and install Microsoft Security Essentials & Malwarebytes. Run both apps via full scan and see if that resolves the issue. If you run into problem try booting Windows into Safe Mode with Networking during a restart, rerun apps again.

WilliamM2

That's a nasty one, usually it will stop you from installing or running any cleanup software. Best bet is to restore your drive from the weekly backup image you've been creating. Takes less than ten minutes, and guarantees the drive is clean again. Of course if you are like most people, you have no backup of any kind.

In that case, pull the drive out, put it in another machine that has Malwarebytes and Security essentials installed already, scan and clean it from there.

Jstas

This is pathetic.

Here, let me Google that for you.

First two links with detailed instructions. No need to restore anything.

http://removevirushelp.com/how-to-remove-xp-security-2012-virus.html

http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012

WilliamM2

Jstas wrote: »

This is pathetic.

Here, let me Google that for you.

First two links with detailed instructions. No need to restore anything.

http://removevirushelp.com/how-to-remove-xp-security-2012-virus.html

http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012

Yeah, you're right. That's so much easier and quicker than a simple image restore.:rolleyes:

DMara

Use another computer, go to majorgeeks.com to download TDSSKiller, combofix, and Malwarebytes Anti-Malware. Boot the infected computer in Safe Mode w/ Networking and run those three in respective order, that'll fix the problem.

JuanR

Thanks guys,I will download the programs and begin the disinfection as soon a soon as I get home (currently on sisters computer so I can get the files).

obieone

Good luck, that thing smoked my pc, wiped the mobo audio drvers.

Jstas

WilliamM2 wrote: »

Yeah, you're right. That's so much easier and quicker than a simple image restore.:rolleyes:

Image restores are for helldesk goons and amateurs performing half-assed fixes. I can edit a registry and pull out any start up tags faster than you can restore an image. Then it's just finding the offending software and removing the DLL files and executabes. A simple tool like HiJackThis makes short work of that. No hours of waiting for gigabytes worth of data to restore. No data loss either. User doesn't have to rebuild the machine from scratch. Shaking and baking a system like that is a last resort option, not the first thing you turn to. If you're an IT tech it must really suck to be your customer.

WilliamM2

Jstas wrote: »

Image restores are for helldesk goons and amateurs performing half-assed fixes. I can edit a registry and pull out any start up tags faster than you can restore an image. Then it's just finding the offending software and removing the DLL files and executabes. A simple tool like HiJackThis makes short work of that. No hours of waiting for gigabytes worth of data to restore. No data loss either. User doesn't have to rebuild the machine from scratch. Shaking and baking a system like that is a last resort option, not the first thing you turn to. If you're an IT tech it must really suck to be your customer.

There's no data loss if he has backups. Hours for a drive restore? Takes less than 10 minutes on most machines. Unlike Malwarebyte scans, that can take hours, if it even works.

I can also remove these things manually, but since he came here and asked how to do it, I assumed he wasn't an IT professional, and may want a simpler method.

Jstas

WilliamM2 wrote: »

There's no data loss if he has backups. Hours for a drive restore? Takes less than 10 minutes on most machines. Unlike Malwarebyte scans, that can take hours, if it even works.

I can also remove these things manually, but since he came here and asked how to do it, I assumed he wasn't an IT professional, and may want a simpler method.

You are so out of touch, it's not even funny.

What's "easy" to you is extremely daunting to a home user. On top of that, most home users do not have the facilities available to them to perform a system restore from a backup image. Most don't even have a backup image. Your arrogant assumptions about what they should be doing vs. what they are actually doing leaves little room for error and serves only to further confuse and frustrate your user and increase the sense of despair they have.

Editing registries and deleting nasty files may be more complicated to you but to a user with few options due to poor backup disciplines it's a game changer. Berating your user for not following backup regimens and then offering advice that it's pretty unlikely that they can follow does nothing to help the problem. The user already told you what the problem was. Even if you are able to restore from backup, your method still does nothing to ensure the problem doesn't occur again.

In short, it's the worst possible solution because it DOESN'T protect data, it DOESN'T fix the problem and it DOESN'T ensure the problem doesn't come back. You've done nothing to help your user. You've only made the problem go away for you.

As far as waiting for scans to run, set them up so the user CAN'T cancel them, automate every response and tell them, you just gotta wait until it's done cleaning up. If they don't want to wait then they can view it as a lesson on what they should be doing to not have this issue in the future. If they don't take the lesson, it's still on them.

I have no idea how old you are and I don't really care but you attitude and methodologies are pretty much what I have to deal with from arrogant college kids on co-op that I have to deal with when they are manning the helldesk queue for the security systems I manage. I usually have to educate them on how little they actually understand what they are doing as well.

WilliamM2

Maybe you need to re-read my post. I offered two ways to fix it. The second method being the same as yours pretty much.

But as with any other topic, you know it all.

mrbigbluelight

Well, looks like Mr. Sunshine's in fine form !!! :rolleyes:

...... must be the solar flares.

JuanR

Gentlemen, please no fighting. I appreciate ALL the help that is being offere!

Here is the latest:
1. When I left the house, I left Norton running a full scan on my computer.
2. When I returned, Norton said it found 9 files and fixed them.
3. I logged onto the internet with no issues, and no Pop Ups from that 2012 Virus.
4. I decided to run the Kapersky TDSSKiller I downloaded from Majorgeeks...and it scaned and returned - no infection found
5. I have NOT run combofix, and Malwarebytes Anti-Malware....SHOULD I???

My computer this second appears to be "normal"...what should I do next?? run combofix and Malwarebytes or leave everything as is?

Thanks

Juan

WilliamM2

Yes, run them, it won't hurt anything, and this thing is known for coming back if not removed completely. Make sure you update Malwarebytes after the install.

Sherardp

I would even download and run CCleaner also. Cleans up bad registry entries or problems left behind.