Jump to content

Total Security 2009


Vader

Recommended Posts

Hi,

I cannot get anything to run on the infected machine, which is a Dell Dimension E520 running Windows XP Media Center.

That's what is used to run until yesterday.

We now have the blue Warning background on the desktop, saying we are infected and must install antivirus protection immediately. We have a generic icon on the desktop named Total Security 2009 and it's also running in the start bar at the bottom (sorry, can't think of the word for it right now system tray maybe?)

We physically disconnected the infected machine from the home (wired, not wireless) router. Two desktops, this one and the infected one, were hooked up. From what I understand of viruses, which admittedly isn't much, having the infected machine hooked up and possibly sending the contents of our hard drive to someone spooked me, so I insisted we disconnect it.

The virus won't let me run MalwareBytes, or Norton 360. It won't let the task manager come up, and last night before I disconnected it it wouldn't let me access the internet with IE or FF. It won't let me run anything at all-not task manager, not anything.

I read through some stickied posts above and put ProcessExplorer on a thumb drive which I then installed on the infected machine in Safe Mode. Regular Safe Mode, not Safe Mode with Networking. I could not find anything named Total Security or TSC or anything aside from stuff like lsass and other stuff that said windows and/or microsoft. I rebooted and tried to run ProcessExplorer and the virus would not let it run. It came up with a "WARNING Application cannot be executed. The file ccSvcHst.exe is infected. Please activate your antivirus software." which is almost exactly what it says when I try to run anything.

Please help if you can.

Link to post
Share on other sites

Total Security virus put a shortcut on my desktop. I was able to right click it; select properties; and see the path to the exe file. I was able to open Windows Explorer with the window key + E key combination. There were three files in the directory. The exe will not delete because it is being used but I was able to just drag it up one folder; restart my computer and then delete it. Other programs will then run.

My problem even after running Malwarebytes is that there is still some file somewhere that reconnects through the internet(?) in the background and reloads the virus back onto my computer and starting the cycle all over again. Anyone know how to solve that - besides staying disconnected from the internet?

Let me know if you have any success and how.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.