Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very Strange Virus! Help!


  • This topic is locked This topic is locked
5 replies to this topic

#1 Caroline68

Caroline68

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 05 March 2010 - 04:14 PM

:thumbsup: Yesterday when I opened my PC, I realized I've been infected with "Vista AntiSpyware 2010". I followed all the instructions here (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010).

I already had Malware Bytes so I simply ran it. Unfortunately though, Malware Bytes did not find any infected items. I did a full scan and a quick scan twice each and each time it could not find any malicious items. Frustrated, I downloaded Microsoft Security Essentials and scanned my computer using that. Microsoft Security Essentials found several infections and removed them. However, these infections were called Trojans, and not anything related to "Vista AntiSpware 2010".

Examples of Infected Items:
Trojan:Win32/FakeRean
Trojan:Java/Selace.K

What should I do? How can I completely remove this virus?! How can I be completely sure I'm free from this virus? Why isn't Malware Bytes detecting anything?!

BC AdBot (Login to Remove)

 


#2 Caroline68

Caroline68
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 06 March 2010 - 08:21 AM

Also, my system is a Dell Vista home premium. I also have the latest version of Malwarebytes, 1.44 downloaded. It does not detect anything no matter how many times I attempt the scan.

If anyone has any ideas I'd be very grateful. :thumbsup:

Edited by Caroline68, 06 March 2010 - 08:22 AM.


#3 MisterEvasion

MisterEvasion

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 06 March 2010 - 01:09 PM

Like you, I had just installed Microsoft Essentials a couple of days ago and did my first FULL scan with it today. It found 3 selace instances of K,N,O. Naturally I was shocked, because I must have just gotten these within the past few weeks and other services didn't notice them.

I did a search about these beasties and I couldn't pull up info on them at Symantec or TrendMicro which are the big names in AV security! And yet, Microsoft, which has had to this point been very disappointing as far as developing security scanning type software, finds these (allegedly) nasty java trojans. Quite out of character for Microsoft AV stuff to be this excellent - but there you are.

Microsoft Essentials removed them. Of course, whenever I stumble upon a site where a message box comes up telling me 'Your computer is at risk', my routine is simply to:

1. DO NOT CLICK ANYTHING
2. OPEN TASK MANAGER (VIA CTRL+ALT+DELETE)
3. END TASK

I could be wrong, but I think this is where they come from, from rogue AV scan type things. Right now, there seem to be a LOT of websites either intentionally or unintentionally delivering these scripts.

Now for the worst part. There is now the problem of knowing how bad are these trojans. The fact is, I can't find much information on them. Is removal of them really removal? A user on one thread somewhere said reformat is the only way to be safe from these even after removal. There was no other commentary anywhere that backs up what he said.

Some people can be real jerks - words to remember.

Let's just take a breath and relax. No need to get carried away with anxiety. Reformatting is the last thing you want to do - especially if you have caught the culprits and removed them before they became active. I will keep an eye out for any details on the selace family. They are fairly new and even Microsoft which wielded the axe, doesn't have much on them except that they are severe.

The following is only my speculation and should not be considered fact: I am under the impression that selace.K is desperate to get selace.L onto its infected host. If you killed selace.K before it called selace.L, then you should be okay. However, if selace.L was in your removal list, I would be more concerned because it is the trojan that delivers the payload. As for .N and .O - there isn't enough info that I could find to make any kind of speculation.

Whatever you do, be calm and do not panic. Remember - it is called scareware for a reason.

#4 Caroline68

Caroline68
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:21 PM

Posted 06 March 2010 - 01:59 PM

Thank-you for your time. I will keep that in mind. Those nasty advertisements. =(

However, there is still the problem of that "Anti Spyware 2010" virus in my computer and I still must have it removed. So far my computer has been running normally but it has gotten slower. I want to stop this thing as soon as possible before it wrecks havoc on my computer. I do not want to reformat my system. I know nothing about computers so reformatting it myself is out of the question. If things get worse I need to take it to the computer store.

I'm thinking of using system restore to restore my computer back to a weeks time. Perhaps that will rid the virus?

Edited by Caroline68, 06 March 2010 - 02:00 PM.


#5 MisterEvasion

MisterEvasion

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 06 March 2010 - 03:12 PM

There are lots of removal instructions to do it manually - not always the best choice unless you are really stuck. If you are not comfortable with playing in the windows registry, I would advise against manual removal unless you are desperate for a solution.

I would then suggest a removal tool which you have already tried one (malwarebytes), but there are others.

There is a long discussion about it with several methods and tools to go about killing it:

http://answers.yahoo.com/question/index?qi...05164440AAzjSap

I would not use system restore myself. It is likely to have no effect and you would be likely bringing it further into your past.

#6 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:21 PM

Posted 09 March 2010 - 12:32 AM

Topic closed to avoid confusion with this one: http://www.bleepingcomputer.com/forums/t/301002/avexe-and-vista-antivirus-pro-2010-really-gone/ ~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users