Virus Alert

page: 1
2

log in

join

posted on Apr, 1 2011 @ 05:42 AM
link   
Please be cautious if you visit GLP.
After visiting i immediately got hit with a virus which has disabled all EXE. files on my laptop.
I can't open anything. The only thing i'm still able to do is get on line by going into "my computer" and selecting favourites.


Beware!!




posted on Apr, 1 2011 @ 05:46 AM
link   
whats GLP? sorry for asking but it is hard to avoid if you have no idea what GLP stands for or is.



posted on Apr, 1 2011 @ 05:47 AM
link   
GLP = Godlike Productions.

EDIT: Advice: Change the title to: 'Those with confidence in their anti-virus software, visit GLP"
edit on 1/4/2011 by stygmartyrZA because: (no reason given)



posted on Apr, 1 2011 @ 05:49 AM
link   
reply to post by lifeform11
 



Godlike Productions.

A site kinda like this one.


Anyway OP thanks I once got a virus like that from ATS and had to re install everything on my laptop.
edit on 1-4-2011 by pop_science because: I cant type.



posted on Apr, 1 2011 @ 05:51 AM
link   
reply to post by bargoose
 

thanks for the heads up
edit on 1-4-2011 by pcrobotwolf because: (no reason given)



posted on Apr, 1 2011 @ 05:54 AM
link   
thanks for clarifying what GLP is.

i'm sorry to hear the O.P. and others have had problems. thank you for making people aware. i'll make sure i avoid it
thanks for the warning



posted on Apr, 1 2011 @ 06:20 AM
link   
if you can get to 'my computer' and run 'favourites' (which have underlying .exe's),
you may have only lost the PATHEXT variable in the environment settings.

it should look like:
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

check if it is missing and re-add it.

Just something to try looking at to fix your pc



posted on Apr, 1 2011 @ 06:21 AM
link   
a very easy fix

if you can open internet explorer - you can open up windows explorer - it's the same thing (kinda)

depending on your os, you have to do the following.... in the file associations location locate click NEW type in .exe (it may complain that it already exists but plz continue) change the ADVANCED property to application...then apply, ok, whatever to save it.

problem solved



posted on Apr, 1 2011 @ 06:24 AM
link   

Originally posted by bargoose
Please be cautious if you visit GLP.
After visiting i immediately got hit with a virus which has disabled all EXE. files on my laptop.
I can't open anything. The only thing i'm still able to do is get on line by going into "my computer" and selecting favourites.


Beware!!


I am no expert but if you restart your computer and open in safe mode you can then opt to reconfigure settings to a date before you got the virus then as soon as you have done that down load super anti spy ware and run a scan to weed out any infected files.



posted on Apr, 1 2011 @ 06:29 AM
link   
Exe fix...
Broken EXE Association
Second line because of awesomeness....



posted on Apr, 1 2011 @ 07:29 AM
link   
Thanks for the fix ideas everybody! Much appreciated
I'll give them a try and let you know how i get on.
This virus seems to have disabled safemode though! But i'll try the other solutions later. cheers!



posted on Apr, 1 2011 @ 07:30 AM
link   
Does it affect Macs?
Or is this just for Microsoft?



posted on Apr, 1 2011 @ 10:35 AM
link   
While this doesn't appear to be the same issue it does show the ease in which sites can be compromised.


Massive SQL injection attack making the rounds—694K URLs so far
edit on 1-4-2011 by Nefarious because: (no reason given)



posted on Apr, 1 2011 @ 10:40 AM
link   
There is a thread on here aboutanti gravity to, that if you click on the links, it takes you to a page full of viruses.



posted on Apr, 1 2011 @ 10:43 AM
link   
Are you not running an anti-virus program that protects against trojans and the like from being downloaded? I use Avast! and have never had an issue.



posted on Apr, 1 2011 @ 10:51 AM
link   
See if you can download Malware Bytes , once downloaded change it from a .exe to a .bat and see if it will run. If so, get it to scan.

- Phoenix



posted on Apr, 1 2011 @ 11:08 AM
link   
I fell victim to this too.

The virus in question, for myself, was the XP Security Centre Anti-Virus 2011 which emulates your Security Centre in XP and is a pain to remove.

If altering file associations fails you may have to stop processes and edit registry - DO NOT edit any registry keys if you are not comfortable with this.

CTRL + ALT + DEL or CTRL + SHIFT + ESC to enter Task Manager, click Processes tab and stop the following process:

CB130_287.exe

Find and delete these files:

Navigate to the file folder using explorer (as explained in an earlier post, My Computer etc)

C:\Documents and Settings\All Users\Application Data\23077d\CB130_287.exe

Finally, remove Windows Antivirus 2011 Registry Values:

Only do this if you are comfortable making these changes. If not you may want to ask someone with a little more technical experience.

Go to Start and Run and type in regedit. You will need to find and delete the following registry keys. They may or may notexist. Do not delete anything not on this list or you risk deleting critical system files.

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1″
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1″
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “C:\Program Files\Mozilla Firefox\firefox.exe”

HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\pw.exe” /START “%1″ %*
HKEY_CLASSES_ROOT\pezfile

I hope this may help.



posted on Apr, 1 2011 @ 11:14 AM
link   
reply to post by Pr0t0
 


The scareware file names tend to be randomly generated though you can mostly found out what it is via msconfig by going Start Menu -> Run -> Msconfig -> Start Up Tab and have a look through.

I echo what you've said though and only start going through the registry if you really know what you're doing otherwise you can make a mess of things.

OP feel free to u2u me for advice on spyware/scareware removal, this goes to anyone really


- Phoenix






top topics



 
2

log in

join