Page 1 of 2 12 LastLast
Results 1 to 15 of 26
  1. #1
    New Lounger
    Join Date
    Mar 2010
    Location
    Morehead City, NC USA
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I have gotten the malware "Total XP Security" and cannot seem to get rid of it. I ran Adware which seemed to get rid of it, until I rebooted and there it was again.
    I checked the registery for the av.exe, but the only one there was ave.exe. Is ave.exe the one I need to get rid of along with a few other settings? Or can someone suggest an inexpensive fix other than reformating the computer. This malware is on my other computer and it will not let me open any programs or go on the internet.

  2. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Free antimalware Tools:
    MS
    Malwarebytes
    Malware net
    Spyware removal

    Use multiple tools and run then at least twice.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  3. #3
    Super Moderator BATcher's Avatar
    Join Date
    Feb 2008
    Location
    A cultural area in SW England
    Posts
    3,420
    Thanks
    33
    Thanked 195 Times in 175 Posts
    Personally I would run Malwarebytes' AntiMalware (as Clint suggests):
    • download,
    • install,
    • update - important to get latest definitions,
    • perform quick scan (to see how big the problem is, and get rid of the worst stuff)
    • then perform full scan.

    I would also run SuperAntiSpyware (lower right button on this linked page)
    and HitMan Pro (chose either 32-bit or 64-bit, depending on what variant of Windows you have).

    Again, as Clint suggests, you probably want to run each at least twice, one after the other. The whole process will take several hours!

    If you have any difficulty with downloading, installing or running (as you seem to have), you may have to start your PC up in "Safe Mode with Networking". Or get someone else to download these programs onto a USB Flash Drive for you to use.
    BATcher

    Time prevents everything happening all at once...

  4. #4
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    There are several methods to manually remove this malware as well:

    try this, or this, or this. A google search finds many similar posts.

    All suggest to remove already installed anti malware apps and redownload and reinstall them since part of the deviousness of these type nasties is that they search for these anti malware apps and render them ineffective.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  5. #5
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    RoseMary,

    I found several references in removing nefarious fake AV apps, etc in How to Geek. You will have to scroll down a ways through the tips and tweaks to find several items for removing these pesky apps. Hope this helps.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  6. #6
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Wink

    Hi Rosemary :

    I saw an experienced, CERTIFIED, Volunteer "Malware Removal Specialist"
    recommend starting by trying the following :

    "Click Start, Run. Type command and press Enter. Type notepad and press Enter.
    Notepad opens. Copy all the text below into Notepad.

    [Version]
    Signature="$Chicago$"
    Provider=Myantispyware.com

    [DefaultInstall]
    DelReg=regsec
    AddReg=regsec1

    [regsec]
    HKCU, Software\Classes\.exe
    HKCU, Software\Classes\secfile
    HKCR, secfile
    HKCR, .exe\shell\open\command

    [regsec1]
    HKCR, exefile\shell\open\command,,,"""%1"" %*"
    HKCR, .exe,,,"exefile"
    HKCR, .exe,"Content Type",,"application/x-msdownload"

    Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
    Right click to fix.inf and select Install. Reboot your computer. "

    If this is successful, then try and use the excellent Malwarebytes
    Anti-Malware program . This "procedure" is for the computer
    that you are unable to get on the internet .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  7. #7
    New Lounger
    Join Date
    Mar 2010
    Location
    Morehead City, NC USA
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thank you all for your quick responses. Total XP Security has taken over the computer. Whenever I try to get on the internet, it won't let me. "it isn't a safe site. It has gotten to the point that nothing will open. When ever I try to open a program, it asks open with what. It is almost like nothing is there. Would I be able to save a removal tool to a disc and then run it on the computer?

  8. #8
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts
    You might want to take a look at this site for detailed manual removal instructions. If you print them out and keep them next to you while you remove the problem step-by-step, it should go smoothly.

    HTH
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  9. #9
    New Lounger
    Join Date
    Mar 2010
    Location
    Morehead City, NC USA
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Robin Taylor View Post
    Hi Rosemary :

    I saw an experienced, CERTIFIED, Volunteer "Malware Removal Specialist"
    recommend starting by trying the following :

    "Click Start, Run. Type command and press Enter. Type notepad and press Enter.
    Notepad opens. Copy all the text below into Notepad.

    [Version]
    Signature="$Chicago$"
    Provider=Myantispyware.com

    [DefaultInstall]
    DelReg=regsec
    AddReg=regsec1

    [regsec]
    HKCU, Software\Classes\.exe
    HKCU, Software\Classes\secfile
    HKCR, secfile
    HKCR, .exe\shell\open\command

    [regsec1]
    HKCR, exefile\shell\open\command,,,"""%1"" %*"
    HKCR, .exe,,,"exefile"
    HKCR, .exe,"Content Type",,"application/x-msdownload"

    Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
    Right click to fix.inf and select Install. Reboot your computer. "

    If this is successful, then try and use the excellent Malwarebytes
    Anti-Malware program . This "procedure" is for the computer
    that you are unable to get on the internet .

  10. #10
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts
    Was this helpful ?? Did your reply get dropped from the post ??

    There are other options to try other than using software that is on the PC with the problem, but they require some hardware knowledge or a willingness to try. Not very difficult, really.
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  11. #11
    New Lounger
    Join Date
    Dec 2009
    Location
    Ontario, Canada
    Posts
    9
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Hi Rosemary,

    I would suggest to start your computer in Safe Mode with networking. Then download this program from the Microsoft website: http://technet.microsoft.com/en-us/s.../bb963902.aspx It is called Autoruns which will detect all the programs that are starting up when you turn on your PC. When you find the one which looks suspicious...I can't remember the one used by "Total XP Security"...just disable it by removing the checkmark. Then try restarting your PC in normal mode, if you disabled the right one your computer should be OK and you should be able to go online to download "Malwarebytes" . Then just follow the instructions posted by BATcher!

  12. #12
    New Lounger
    Join Date
    Mar 2010
    Location
    Morehead City, NC USA
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Doc Watson View Post
    Was this helpful ?? Did your reply get dropped from the post ??

    There are other options to try other than using software that is on the PC with the problem, but they require some hardware knowledge or a willingness to try. Not very difficult, really.

    Thank you for your help. I am not sure enough in my ablity to to tackle extreme measures on a computer. I am going to take the comp in and let a pro fix it.

  13. #13
    Star Lounger
    Join Date
    Dec 2009
    Location
    WashingtonState
    Posts
    70
    Thanks
    42
    Thanked 2 Times in 2 Posts
    My friend just got hit with this and asked for help.Thanks to doc watson for link to website with manual instructions.
    I printed it out and will go try to help her tomorrow.wish me luck,mosie

  14. #14
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    Don't forget that doing a clean instal is an effective alternative for those who are not 100% sure
    that their system has been effectively remedied.

    Sometimes the fixes will fudge the software environment to such an extent that the time it takes to figure it all
    out could have easily outdone that of a clean instal.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  15. #15
    3 Star Lounger
    Join Date
    Jan 2001
    Location
    Marietta, Georgia, USA
    Posts
    296
    Thanks
    9
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by CLiNT View Post
    Don't forget that doing a clean instal is an effective alternative for those who are not 100% sure
    that their system has been effectively remedied.

    Sometimes the fixes will fudge the software environment to such an extent that the time it takes to figure it all
    out could have easily outdone that of a clean instal.
    This is the best reason to do full image backups - EVERY week. That way, you can easily restore the entire PC and recover from any sort of malware.
    Rick Groszkiewicz
    Life is too short to drink bad wine (or bad coffee!)

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •