crosspost: having again a bad day with this virus on log into xp pro

Discussion in 'Virus Information' started by shajnday, Mar 27, 2011.

  1. shajnday

    shajnday Guest

    hi all!


    this virus i have for at least 5 years....going on from my first
    notebook, it is with hdd which i have cloned onto another disk and
    repaired XP pro sp3. I have ben using malwarbytes, superantispyware,
    avast and trusword allalong and everytime i do find some new kind of
    spyware,trojan, virus or some other junk.


    i really don't make much of downloads but i did had some stupid
    applications and or some stupid programs which were security risks in
    respect that i was using this notebook as an important workstation.


    the last standing virus which i have now on my hdd is preventing me
    to
    long into adminstrator interface od win xp both regular and safe
    mode,
    i.e. i can't log into system. When i get the first log page there is
    no users icons to log into, i.e. there is no empty field to input
    username and password it is hidden, missing.


    i did solved that issue once before as i did had backup and i did
    have
    pointed that disk on another clean computer and cleaned the disk with
    some antivirus programs, i used combofix.exe also.


    this virus is a persistent one, and it bumps out of nowhere also
    after
    5 antivirus-spyware checkups and manually deleting and dsearching for
    "odd files" ...etc. maybe it is perlovga but i did everything i
    possibly could to get rid of it.


    One of old-school ways would be to put a fresh copy of system but i
    do
    have a load bunch of programs installed, and UI which i have adjusted
    through many years...if i do that, the only things i wouldn0t like to
    maintain are internet browsers favorites and their adjustmens, really
    it is not such a hard work but i would rather choose the search and
    destroy method manually or through the antivirus program...


    What to do to punch thi virus into nose and to bring back normal
    windows log-on console so as safemode.


    p.s. this happened to me yesterday for som 6th time as i was trying
    to
    log on into safemode into admin account ...
     
    shajnday, Mar 27, 2011
    #1
    1. Advertisements

  2. From: "shajnday" <>


    | hi all!


    | this virus i have for at least 5 years....going on from my first
    | notebook, it is with hdd which i have cloned onto another disk and
    | repaired XP pro sp3. I have ben using malwarbytes, superantispyware,
    | avast and trusword allalong and everytime i do find some new kind of
    | spyware,trojan, virus or some other junk.


    | i really don't make much of downloads but i did had some stupid
    | applications and or some stupid programs which were security risks in
    | respect that i was using this notebook as an important workstation.


    | the last standing virus which i have now on my hdd is preventing me
    | to
    | long into adminstrator interface od win xp both regular and safe
    | mode,
    | i.e. i can't log into system. When i get the first log page there is
    | no users icons to log into, i.e. there is no empty field to input
    | username and password it is hidden, missing.


    | i did solved that issue once before as i did had backup and i did
    | have
    | pointed that disk on another clean computer and cleaned the disk with
    | some antivirus programs, i used combofix.exe also.


    | this virus is a persistent one, and it bumps out of nowhere also
    | after
    | 5 antivirus-spyware checkups and manually deleting and dsearching for
    | "odd files" ...etc. maybe it is perlovga but i did everything i
    | possibly could to get rid of it.


    | One of old-school ways would be to put a fresh copy of system but i
    | do
    | have a load bunch of programs installed, and UI which i have adjusted
    | through many years...if i do that, the only things i wouldn0t like to
    | maintain are internet browsers favorites and their adjustmens, really
    | it is not such a hard work but i would rather choose the search and
    | destroy method manually or through the antivirus program...


    | What to do to punch thi virus into nose and to bring back normal
    | windows log-on console so as safemode.


    | p.s. this happened to me yesterday for som 6th time as i was trying
    | to
    | log on into safemode into admin account ...

    You write much but actually write nothing about the nature of the malware you suposedly
    had for 5 years.

    You call "it" a "virus". Assuming that you have malware it is doubtful it is a virus.
    There are so few of them Today (or five years ago) while there are magnitudes more
    trojans. That is why the term malware is used. All viruses are malware but not all
    malware are viruses.

    You say you have used; Malwarbytes, Superantispyware, Avast, "trusword" and have also
    used ComboFix (dangerous tool if used wrongly or under certain circumstances).

    What is "trusword" ?

    What makes you think you have had a partucular malware for 5 years ?
     
    David H. Lipman, Mar 27, 2011
    #2
    1. Advertisements

  3. shajnday

    shajnday Guest


    i have been using Truesword 4 and newer Truesword 5 from stronghold
    antivirus company---it is a good software for examinig computer but it
    is a security risk i guess.

    i have the same symptoms of this malware for 5 years ... this with
    locking up login console is the same symptom for all this years, i
    could only make an assumption that it started with the autorun.inf as
    a part of this malware as you call it. That all are viruses for me.
     
    shajnday, Mar 27, 2011
    #3
  4. | i have been using Truesword 4 and newer Truesword 5 from stronghold
    | antivirus company---it is a good software for examinig computer but it
    | is a security risk i guess.

    | i have the same symptoms of this malware for 5 years ... this with
    | locking up login console is the same symptom for all this years, i
    | could only make an assumption that it started with the autorun.inf as
    | a part of this malware as you call it. That all are viruses for me.

    You may call all malware "viruses" but that is not correct as viruses have a specific
    meaning and a different course of action to deal with them because true viruses have the
    ability to self replicate and spread on their own whiles trojans don't have that ability
    and they need assistance to spread.

    Is "locking up login console" the ONLY symptom you have and thus attribute that to malware
    ?
    This is what's been going on for 5 years ?

    BTW: I had never heard of "Security Stronghold Company" out of Russia. I know of some
    Russian software but NOT Truesword and I find it "interesting" that they chose to host the
    US branch in Washington, DC. I had to look them up.

    http://www.securitystronghold.com/contact/

    Since I know nothing about them, I will reserve judgement except, I'm not sure I like
    their "Remote Problem Solving" for $50/session.
     
    David H. Lipman, Mar 27, 2011
    #4
  5. shajnday

    shajnday Guest



    I do also don't respect stronghold company i'm asssured they do not
    provide the good service for that 50$.
    As i was having their software or of trouble maker software i chose to
    install Trend micro Internet security package software called
    TITANIUM, but it also ahven't found this malware, yes i call it a
    malware as it replicates and it did that onto my other computer and
    notebook. I have spred additional licenses over my other two stations
    i.e. a notebook and a computer. I think Trend micro is a respectable
    company and i don't need any other anti-virus softwares anymore. TM +
    manual handling is ok.

    i hope so...

    p.s. i copied the wsaupdater.exe to system32 folder but again i could
    not to approach the system...
     
    shajnday, Mar 27, 2011
    #5
  6. shajnday

    shajnday Guest



    i really couldn't to contrive about what other symptoms there were
    except that one, but with monthly cleaning the computer with that 4-5
    antivirus programs i did cleaned various infections such as newer
    remebered small virus K or something like that. I would like to
    know more on subject how to protect system when cleaned as a primary
    thing so not to let that infections, to stay uninfected in the future
    time..
     
    shajnday, Mar 27, 2011
    #6
  7. shajnday

    shajnday Guest


    what i suppose you suppose is that i lack the knowledge for manually
    clean registry files or to search and destroy malicious files ...
    i did it manualy once over the hijack but it was good for a month or
    so, so it it is a replicative sonofabit..cs
     
    shajnday, Mar 27, 2011
    #7
  8. From: "shajnday" <>



    | what i suppose you suppose is that i lack the knowledge for manually
    | clean registry files or to search and destroy malicious files ...
    | i did it manualy once over the hijack but it was good for a month or
    | so, so it it is a replicative sonofabit..cs

    Nothing you have stated yet, are symptoms of an infected computer. A computer with errors
    and/or corruption yes, but not necessarily malware related unless you can provided
    SPECIFIC information.
     
    David H. Lipman, Mar 27, 2011
    #8
  9. shajnday

    shajnday Guest


    now i'm doing the manual repair of system files, system32 folder files
    were missing after manually tried to replace them...

    i don't have REPAIR option through xp pro sp3 cd, so i'll try the
    manual repairing these files by replacing them...

    but that's just the consequence but not the source of this problem.
    the goal was to replace windows logon console as this virus is acting
    on that permanantely.


    Thanks for your help, but you viruses are viruses, both malwares and
    viruses, there is no difference, and that is as it is. !

    your Friend,
    myscosop.
     
    shajnday, Mar 27, 2011
    #9
  10. shajnday

    shajnday Guest

    p.s. guys writing about this virus on some forum "We need to know
    what the exact error message is. There maybe a way to get you booted
    by installing the correct drivers (DLLs) but you may need to perform a
    disc check to see if your harddrive is ok. Sometimes these viruses
    just screw with the files and sometimes they are able to destroy
    complete folders...

    "
     
    shajnday, Mar 27, 2011
    #10
  11. shajnday

    shajnday Guest

    I have had to copy files manualy on my backup disk, and now it is
    working, after hours and hours of trying to manualy to copy system
    files, something is corrupted in this files and i will have to again
    manualy to sort every and inspect every file self.

    thnks.
     
    shajnday, Mar 28, 2011
    #11
  12. shajnday

    shajnday Guest



    Problem mostly Solved.
     
    shajnday, Mar 31, 2011
    #12
  13. shajnday

    gufus Guest

    Hello, David!


    On Sun, 27 Mar 2011 06:52:27 -0400
    I was told... Malicious software (or malware)

    With best regards, gufus. E-mail:
     
    gufus, Apr 2, 2011
    #13
  14. shajnday

    shajnday Guest


    What did you wanted to say Guffy ?
     
    shajnday, Apr 4, 2011
    #14
  15. shajnday

    Shadow Guest

    A good software ? Their homepage www.securitystronghold.com
    resolves to a site in Russia, called vistaglance.vistaglance.com,
    which is down ATM.
    I believe that truesword might possibly be your malware.
    []'s
     
    Shadow, Apr 4, 2011
    #15
  16. shajnday

    Shadow Guest

    Investigating a little more deeply, www.securitystronghold.com
    is on MVPS malware hosts file, also a search for the name brought up a
    miss-spelt page at www.fileguru.com :
    Truesword appears here, along with a lot of other improbable
    "trojan-removers"
    http://www.fileguru.com/apps/freeanty_virus/p4
    But NOT here, the official page.
    http://www.fileguru.com/directory/Security---Privacy/Anti-Virus-Tools
    Mebbe fileguru's been hacked ?
    []'s
     
    Shadow, Apr 4, 2011
    #16
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.