BleepingComputer.com: Vista Internet Security 2011 virus

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Vista Internet Security 2011 virus

#1 User is offline   lchapman 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 09-April 11

Posted 09 April 2011 - 02:17 PM

Hi,

After checking out unumerable antimalware sites I've been unable to get rid of this virus.

Malwarebyes and Hijack This run for 3 seconds then stop. I can't dl Rkill at all-from any of the alternate sites using any of the alternate names.

Can someone help me??

Thanks,
Linda

#2 User is offline   Filterius 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 11
  • Joined: 24-March 11

Posted 09 April 2011 - 02:46 PM

This rogue usually runs a process called something like xhf.exe
It's usually a three random letter executable.
Find this process and delete any registry entries that include this file.
For the web browser registry entries, modify them by deleting the part that loads
the rogue with the browser.

To answer your problem with MalwareBytes, just rename the executable, havn't tried this with HJT.
Don't be surprised seeing the rogue run in safe mode, to get rid of this, just delete
the registry entry.

- Filterius

#3 User is offline   lchapman 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 09-April 11

Posted 09 April 2011 - 02:50 PM

Where do I look for the xhf.exe...do run regedit?

Ok, i tried dl and running prevx.com....a program that will get rid of xhf.exe but the virus again stopped this program from running...its stopped malwarebytes, hijack this, Best Spyware scanner...everything I've tried it stopped these programs from running a scan.

I tried regedit and did a search on "xhf" and it came back with a long string but it was so long I couldn't see the end of the string so didn't see if it actually contained "xhf" at all.

Plus, I'm about the end of my knowledge of all this stuff anyway....

What else do I try?

Thanks

This post has been edited by lchapman: 09 April 2011 - 03:08 PM

#4 User is offline   coles1mom 

  • Forum Regular
  • PipPipPip
  • Find Topics
  • Group: Members
  • Posts: 212
  • Joined: 01-November 08
  • Gender:Female

Posted 09 April 2011 - 06:32 PM

Start with post 18 http://www.bleepingcomputer.com/forums/topic389345.html/page__st__15 The only issue is it seems this virus also shuts down your antivirus after removal.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users