unknown virus causing fake system messages
DESCRIPTION
Unknown Virus Causing Fake System MessagesTRANSCRIPT
-
McAfee Communities Security Awareness Malware Discussion Discussions
Up to Discussions in Malware Discussion
4240 Views 5 Replies Latest reply: May 3, 2008 1:58 PM by paullotion
Apr 30, 2008 12:18 PM
Unknown Virus causing fakesystem messagesWindows XP Pro service pak 1Using McAfee Personal firewall plus
A few days ago is when this all started. When I start up the system a WindowsSecurity Center menu pops up on the desktop. It does not say there is any problem.
It has a subtitle 'Security essentials' and under it are three third party listings fordownload and install. 1. UltimateFixer. 2. SystemDefender 3. SysCleaner.I of course had no reason to download any of them not knowing anything about whatthey are.
Then there are several messages that separately pop up at random, whether I amworking on the computer or it is just sitting idle. Here is what they are...
Download Manager - An error encoutered trying to open the file caused the downloadto fail.
SysFader: IE7EXPLORER.EXE - Application Fatal Error- The instruction at 0x01cf34739 referenced memory at 0x02dfe50. The memorycould not be read.
Your system is unstable- A problem has been detected and Windows has been shutdown buggy applicationto prevent damage to your computer. Kernel32x.SYS - Address 0xA73C20AE base,error code C03200, DateStamp 56b836A3, Kernel Debugger on port: COM3
System Shutdown-This system is shutting down. Please save all work in progress and log off. Anyunsaved chages will be lost. This shutdown by MyName/Administrator . Time beforeshutdown: 00:23Message -Critical system error. Process Isass.exec, module: kernel321.dll at address0x78221981.
-----------------------------------------------------My system seems to work fine except for these wierd messages and it does shutdown the system when it says it will and restarts. Something, somehow got past myMcAfee protection. A virus scan does not seem to find anything nor does a spywaresearch.
Can someone please tell me what invasion has caused this and how to safely removeit?
Like (0)
1. Apr 30, 2008 12:56 PM (in response to DTX)RE: Unknown Virus causing fake system messages
XP SP1 is inherently unstable and unsafe as Microsoft no longer support nor patch itfor security....see HERE.
I suggest that you apply SP3 as soon as Windows Update offers it to you - thatincludes all past updates.
Try scanning with the free versions of this anti-spyware tool:
http://www.superantispyware.com/superantispywarefreevspro.html
ActionsView print preview
More Like This
Need help with a virus!
mcafee causing bsod,helpplease?
Re: SecurityCenter not working
Blue screen shutdown
Re: After restart, system crashes(BSOD) whenever attempting toconnect to the Internet
View:
Bookmarked By (0)
No public bookmarks exist for thiscontent.
DTX3 posts sinceMay 30, 2005
Ex_Brit60,420 posts since
May 6, 2004
Welcome, Guest Log in Register
McAfee Communities McAfee Support Useful Links
Home & Home Office Business Security Awareness Help Log in
McAfee Communities: Unknown Virus causing fake system... https://community.mcafee.com/thread/5790
1 of 4 8/27/2013 10:22 PM
-
If that doesn't help then try Hijackthis and post its log on one of the following forumsfor expert help:
Do not post the log here, we can't help!
DOWNLOAD HIJACKTHIS
Post the logs at a specialist Forum:
AUMHA FORUM
BLEEPING COMPUTER FORUM
GEEKS TO GO FORUM
MAJOR GEEKS FORUM
MALWARE REMOVAL FORUM
SPYWARE INFO FORUM
TECH SUPPORT GUY FORUM
WHAT THE TECH FORUM (Formerly Tom Coyote)
Be sure to read all the sticky announcements/instructions at the top of eachmalware forum!
Toronto CanadaVolunteer ModeratorI can't help you privately - please post in the ForumsUse Advanced Forum Search To Find AnswersHow to Uninstall/Reinstall McAfee Home Products (Except Anti-Theft)How To Submit A False Detection To McAfeeBeta Test McAfee Products For PC & MACAnti-Spyware/Malware & Hijacker Tools
Report Abuse Like (0)
2. May 2, 2008 4:43 PM (in response to Ex_Brit)RE: Unknown Virus causing fake system messages
I already had run those scans before seeking asistance. Neither theSuperAntiSpyware scan log, nor the hijackthis scan log revealed the virus. I also didthe long downloads of McAfee VirusScan 12.0 and latest update 12.0.177. I have tosay I was quite disapointed that the McAfee scan was unable to detect the virus.
I came here to the McAfee forum because I felt that someone associated with McAfeewould be knowledgable enough to tell me what virus or viruses would be causing thepopups that I have posted. From what I could tell, it is a sasser type of virus, I triedlooking at the library of virus listings that McAfee has but was not familiar enough withthat system to find it.
Report Abuse Like (0)
3. May 2, 2008 5:52 PM (in response to DTX)RE: Unknown Virus causing fake system messages
This is a public forum manned by unpaid volunteers. I can flag this for one of myco-moderators who maybe has more knowledge on the subject if you wish.
Professional McAfee help for clearing infections is available for a fee, at least thisforum is free and had you posted the HJT log on one of those forums they wouldhave probably given you much more information as they specialise ininfections...again for free.
There isn't an application on Earth that will catch every kind of infection out there. It'sup to the user to be careful and operate a safe machine. Much of keeping a machinesafe is in making sure that your operating system is up to date. Using XP SP1 meansyou are missing hundreds of security updates dating from October 10, 2006 which iswhen support for that service pack ended.
As I said, I'll flag this if you wish, but he'll just tell you the same thing. I can't evenguess what the problem is myself, sorry.
DTX3 posts sinceMay 30, 2005
Ex_Brit60,420 posts since
May 6, 2004
McAfee Communities: Unknown Virus causing fake system... https://community.mcafee.com/thread/5790
2 of 4 8/27/2013 10:22 PM
-
Toronto CanadaVolunteer ModeratorI can't help you privately - please post in the ForumsUse Advanced Forum Search To Find AnswersHow to Uninstall/Reinstall McAfee Home Products (Except Anti-Theft)How To Submit A False Detection To McAfeeBeta Test McAfee Products For PC & MACAnti-Spyware/Malware & Hijacker Tools
Report Abuse Like (0)
4. May 2, 2008 11:10 PM (in response to Ex_Brit)hmmm
The shutdown sequence can be aborted by pressing start and using the Runcommand to enter shutdown -a. This aborts the system shutdown so the user maycontinue what he or she was doing.
If you feel its sasser try this
http://vil.nai.com/vil/content/v_125007.htm
Also try the STINGER
UltimateFixer is a corupt anti-spyware parasite that uses false advertising to infiltrateuser systems and trick unsuspecting users into buying its full version. Not only isUltimateFixer a scam tool, it may also install additional malware into your computer.DO NOT trust, download or buy UltimateFixer: it is just another scam roaming theinternet!
RUN HijackThis and then Post the Log to specialist forums for that!If the ultimate Fixer has got installed try these
Kill the processes:UltimateFixer.exe
Delete registry values:HKEY_ALL_USERS\Software\Ultimate FixerHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ultimate FixerHKEY_LOCAL_MACHINE\SOFTWARE\Ultimate FixerHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"Ultimate Fixer" = ""%ProgramFiles%\Ultimate Fixer\UltimateFixer.exe" hide"
Delete files:UltimateFixer.exe UltimateFixer.db ufixer.pkg program.info
Delete directories:%ProgramFiles%\Ultimate Fixer\
Report Abuse Like (0)
5. May 3, 2008 1:58 PM (in response to vinod_r2)RE: hmmm
This is caused by the fact you only have SP1 installed, i would not be surprised if youalso have bots and rootkit infections present, no vendor could protect you with avunerable operating system such as you have. SP1 has not been supported sinceOctober 2006, which means you have had no updates from Microsoft, leaving yoursystem wide open, nothing Mcafee or any other vendor can do to stop you frombecoming infected due to this, its that simple.
The Black Bear
*Important News for BT/TalkTalk customers*
BT/TalkTalk dump Phorm spyware, for more information see this article Here , alsovisit the NODPI website for much more information relating to DPI.
Report Abuse Like (0)
vinod_r23,130 posts since
Feb 15, 2008
paullotion8,078 posts since
Apr 13, 2006
McAfee Communities: Unknown Virus causing fake system... https://community.mcafee.com/thread/5790
3 of 4 8/27/2013 10:22 PM
-
Go to original post
Contact Us Careers Legal Notices 2003-2013 McAfee, Inc.
McAfee Communities: Unknown Virus causing fake system... https://community.mcafee.com/thread/5790
4 of 4 8/27/2013 10:22 PM