It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Originally posted by Komodo
Originally posted by Komodo
reply to post by Wrabbit2000
can't install, admin rights hi-jacked .. It's only my pc and I don't have admin account since it's only me on the pc .. any suggestions
hold that thought.. windows safety scanner actually did load and is scanning now..
edit on 11-12-2011 by Komodo because: (no reason given)edit on 11-12-2011 by Komodo because: (no reason given)
Windows safety scanner found and removed 7 infections.. however, see my post above this one on my connection issues
Originally posted by Wrabbit2000
Originally posted by Komodo
Originally posted by Komodo
reply to post by Wrabbit2000
can't install, admin rights hi-jacked .. It's only my pc and I don't have admin account since it's only me on the pc .. any suggestions
hold that thought.. windows safety scanner actually did load and is scanning now..
edit on 11-12-2011 by Komodo because: (no reason given)edit on 11-12-2011 by Komodo because: (no reason given)
Windows safety scanner found and removed 7 infections.. however, see my post above this one on my connection issues
Well, I suppose I'm both happy and concerned. I'm glad to hear you got clear of the infection. I had a feeling that would do the trick. On the other hand, I HATE it with something less than obvious and logical goes sideways in Windows networking. If you're on tonight you might want to drop a U2U and maybe we can continue that way or even shift to chat if you're getting on by laptop or something and near the problem machine. I'm more than happy to help with the various approaches I can offer, but it's getting into more detailed questions about what your set-up and config is in figuring out where to go....assuming this hasn't already worked itself out (I can hope)
If I don't hear from you, I hope the secondary issue gets worked out without too much additional trouble!
Originally posted by Wrabbit2000
Originally posted by Komodo
Originally posted by Komodo
reply to post by Wrabbit2000
can't install, admin rights hi-jacked .. It's only my pc and I don't have admin account since it's only me on the pc .. any suggestions
hold that thought.. windows safety scanner actually did load and is scanning now..
edit on 11-12-2011 by Komodo because: (no reason given)edit on 11-12-2011 by Komodo because: (no reason given)
Windows safety scanner found and removed 7 infections.. however, see my post above this one on my connection issues
Well, I suppose I'm both happy and concerned. I'm glad to hear you got clear of the infection. I had a feeling that would do the trick. On the other hand, I HATE it with something less than obvious and logical goes sideways in Windows networking. If you're on tonight you might want to drop a U2U and maybe we can continue that way or even shift to chat if you're getting on by laptop or something and near the problem machine. I'm more than happy to help with the various approaches I can offer, but it's getting into more detailed questions about what your set-up and config is in figuring out where to go....assuming this hasn't already worked itself out (I can hope)
If I don't hear from you, I hope the secondary issue gets worked out without too much additional trouble!
Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 are all names for the same rogue anti-spyware program. This family of rogues is promoted in two ways. The first is through the use of fake online antivirus scanners that state that your computer is infected and then prompt you to download a file that will install the infection. The other method are hacked web sites that attempt to exploit vulnerabilities in programs that you are running on your computer to install the infection without your knowledge or permission. Regardless of how it is installed, once it is running on your computer it will install itself as a variety of different program names and graphical user interfaces depending on the version of Windows that is running. Regardless of the name, though, they are all ultimately the same program with just a different skin on it. This rogue goes by different program names, which I have listed below based upon the version of Windows that it is installed on:
Windows XP Rogue Name
XP Antispyware 2012
XP Antivirus 2012
XP Security 2012
XP Home Security 2012
XP Internet Security 2012
Multi-Rogue virus is the fake anti-spyware program which upon successful penetration inherits its name depending on the installed operating system. So, if users have Windows XP, the virus name would contain “XP” in the beginning. The same principle is applied when nominating the virus brought and installed to other operating systems like Windows Vista or Windows 7. Understanding the need to help you remove this virus effectively and without the necessity to install any programs we have developed the manual removal guide for its deletion. Hence, please be so kind to follow the removal steps described in the section below. You must carefully follow them without exceptions. The video tutorial is provided for you to understand how exactly to remove the virus manually (deleting its files and registry entries).
In order to delete Multi-Rogue virus manually you first must reboot your PC in safe mode or into safe mode with networking. You may find more information about how to do it by clicking this link.
Multi-Rogue virus files to be removed for Windows 7 and Windows Vista operating systems:
%AllUsersProfile%[random]
%LocalAppData%[random].exe
%Temp%[random]
%LocalAppData%[random]
%AppData%TEMPLATES[random]
Multi-Rogue virus files to be removed for Windows XP Files:
%AllUsersProfile%Application Data[random]
%LocalAppData%[random].exe
%LocalAppData%[random]
%Temp%[random]
%UserProfile%Templates[random]
The location of registry entries to be removed:
HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerBrowserEmulation "TLDUpdates" = '1'
HKEY_CURRENT_USERSoftwareClasses.exeshellopencommand "(Default)" = '"%LocalAppData%[random].exe" -a "%1" %*'
HKEY_CURRENT_USERSoftwareClassesexefileshellopencommand "(Default)" = '"%LocalAppData%[random].exe" -a "%1" %*'
HKEY_CLASSES_ROOT.exeshellopencommand "(Default)" = '"%LocalAppData%[random].exe" -a "%1" %*'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = '"%LocalAppData%[random].exe" -a "Crogram FilesMozilla Firefoxfirefox.exe"'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellsafemodecommand "(Default)" = '"%LocalAppData%[random].exe" -a "Crogram FilesMozilla Firefoxfirefox.exe" -safe-mode'
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = '"%LocalAppData%[random].exe" -a "Crogram FilesInternet Exploreriexplore.exe"'
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center "FirewallOverride" = '1'