• The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 30 years!

    Join Tens of Thousands of other Owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 31 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 30th anniversary: Happy 31st Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    Free memberships for every 50 subscribers!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $23,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $23 Million dollars
  • Sign up to get the TUG Newsletter for free!

    Tens of thousands of subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

Sheesh, just caught "XP Security 2012"

Mosca

TUG Member
Joined
Jun 6, 2005
Messages
1,463
Reaction score
8
Be careful out there. I consider myself super-savvy on this stuff. I got it from a link on CNN's main page, a link to a local news station.

Microsoft Security Essentials shut down both browsers (I'm at work). I restarted in Safe Mode, used System Restore to go back to yesterday, and right now I'm running Malware Bytes (recommended for this infection by Bleeping Computer).

Tell you what, I can see how this can catch you easily. It sets itself to go off every time you click a .exe file, and it integrates itself into the MSE popup. If the graphics were just a little more professional looking I might have been snagged, but I know what's guarding my computer already and I knew I didn't have that one.
 

klpca

TUG Review Crew: Veteran
TUG Member
Joined
Sep 11, 2006
Messages
8,606
Reaction score
7,845
I did that to myself at work a couple of weeks ago. I wasn't practicing safe searching (just clicking link after link looking for a certain court case) and up it popped. At least it happened while I was doing legitimate work!
 

timeos2

Tug Review Crew: Rookie
TUG Lifetime Member
Joined
Apr 11, 2005
Messages
11,183
Reaction score
5
Location
Rochester, NY
You must also turn OFF system restore or it will keep returning as it hides in there. In safe mode run smitfraudfix.exe (you download that) & then malwarebytes. It's nasty - one of the worst
Good luck .
 
Last edited:

Mosca

TUG Member
Joined
Jun 6, 2005
Messages
1,463
Reaction score
8
I've done a restart and rescan, John, and it looks to be OK now. But yes, absolutely you are correct. It hides in System Restore.

This one is called Win32/Patchload.P

Piecing together the scanlogs, it looks like MSE caught it halfway through its install. After the restore, Malware Bytes removed files, but didn't find any registry entries for it. If it were still hiding in System Restore the registry entries would have shown up in the scan after the restart, so I think I'm clean now. Fingers crossed, though, as always with this stuff.
 

timeos2

Tug Review Crew: Rookie
TUG Lifetime Member
Joined
Apr 11, 2005
Messages
11,183
Reaction score
5
Location
Rochester, NY
Hope it got caught in time. It doesn't hurt to download & run the smitfraudfix anyway - it finds all the hiding spots.

Glad to hear you seem to be OK.
 
Top