New virus brought in today

H

Heckler

Well-Known Member
Joined
24 Feb 2003
Messages
15,817
Visit site
Had a panicky punter in today. Her pooter was infected with a new to me bug. It booted to a shell with all the bull**** warnings going. Called "control centre" couldnt get past this shell to do any running or loading of AV software. Hmmm, tried safe mode, v unusual, same thing there. Hmm again.
The task manager worked and I could see cc.exe running. Did some quick searching on the net and sure enough this was part of it.
OK back to the drawing board. I have a boot disk with all sorts of software on it called the "Ultimate boot disk" (do a google) Fired it up with that, used explorer to find the cc.exe in the applications folder, deleted it and finally managed to get windows running in safe mode, although there was all sorts of popups going on. Managed to get malwarebytes loaded in safe mode, got it to update itself with the latest definitions and away she went, 170 odd nasties! gotcha!!
Point of the post? be careful this is a particularly nasty one, I got lucky, I could have spent hours chasing it
Stu
 
Found this about the "virus"

What this programs does:

Control Center is a rogue computer optimization suite from the same family as Privacy Center. This program is promoted through the use of misleading web sites and fake online anti-malware scanners that state your computer has a problem. These sites will then prompt you to download and install Control Center to fix the problem on your computer. When the program is installed it will be configured to start automatically when Windows starts. Once running it will scan your computer and state that there are numerous problems with various components of Windows. If you try and see what these problems are, though, it will state that you need to purchase the program to see the results. In reality, the program is not finding any problems at all, but is just saying that they exist in order to trick you into purchasing the program.

The removal instructions are here

Tudorsailor
 
I was investigating why my old PC was running slow and looked at something that was running - cc.exe, which I found was part of Norton Antivirus. So I left it. Still dog slow.
 
remove start up prog

any thing you down load that start up everytime you turn on your PC ..


go to your start up box and type in "" msconfig """ once open go to start up tab , tick the prog you don't want to start , click ok , re start PC


HOPE THIS HELPS
 
tudorsailor said:
What this programs does:

Control Center is a rogue computer optimization suite from the same family as Privacy Center. This program is promoted through the use of misleading web sites and fake online anti-malware scanners that state your computer has a problem. These sites will then prompt you to download and install Control Center to fix the problem on your computer. When the program is installed it will be configured to start automatically when Windows starts. Once running it will scan your computer and state that there are numerous problems with various components of Windows. If you try and see what these problems are, though, it will state that you need to purchase the program to see the results. In reality, the program is not finding any problems at all, but is just saying that they exist in order to trick you into purchasing the program.

The removal instructions are here

Tudorsailor
Click to expand...
Hmm, does any one read posts before they dash in and shout? What part of this is difficult to understand?

"couldnt get past this shell to do any running or loading of AV software. Hmmm, tried safe mode, v unusual, same thing there"

This variant doesnt allow you the luxury of getting to the desk top to do owt!

So the link you have posted is a waste of time until you "break" the thing to allow access to the OS!

Stu
 
tmh900 said:
I was investigating why my old PC was running slow and looked at something that was running - cc.exe, which I found was part of Norton Antivirus. So I left it. Still dog slow.
Click to expand...
Do a google of cc.exe, top line
cc.exe - What is cc.exe?
cc.exe is a process belonging to the sqwire advertising program by sqwire.com.\r This process monitors your browsing habits and distributes the data back to ...
www.processlibrary.com/directory/files/cc/ - Cached - Similar
Stu
 
skipper_stu said:
Correct, I uninstall every time one comes in and replace with AVG or Avast, they are invariably out of date anyway, the latest Norton is supposed to be oK, I am not convinced yet!
Stu
Click to expand...

It is very good, honest. I suspect a lot of people don't realise that they can upgrade to the latest version as long as they're paying the subscription.
 
skipper_stu said:
Hmm, does any one read posts before they dash in and shout? What part of this is difficult to understand?

"couldnt get past this shell to do any running or loading of AV software. Hmmm, tried safe mode, v unusual, same thing there"

This variant doesnt allow you the luxury of getting to the desk top to do owt!

So the link you have posted is a waste of time until you "break" the thing to allow access to the OS!

Stu
Click to expand...

Gosh! I posted this so that others on seeing the message saying they have lots of alleged problems would learn not to click the buitton to download the rest of the software.

Yes I did appreciate that if you cannot start up the PC you are beyond this point. If you have a 2nd PC at least you can download the removal tool.

Tudorsailor
 
Ok i'm not computer bright but a few days ago I read a post that complained about the slowness of their machine in all departments, Logging-in ,and response times to this and
other sites.
The recommendation was to use C Cleaner. I down-loaded, but in doing so noticed the name had changed from C Cleaner to CC Cleaner, OK so far;after apparently checking my registry and othe areas, it advised me that there were 307 errors and I needed to buy the full copy of "PC Cleaner' to get rid of the errors. It had not removed any of the found errors at all,so I suspected it might be a con.
I removed the downloaded exe files, and still ,apparently, have the errors resident in my computer.
Was I right? three different names for the same software raises my doubts as to the sataus of the software.
If I have these errors I want to get them out.
I run AVG,Spyware Doctor,Malwarebytes, and have a Panda AV disc if I need this. How did these 'errors' occur with this lot !?
Any help gratefully accepted.


ianat182
 
Thank you for your advice Fergie and Alalhol I used the Regseekerand it dealt with my problemand cleaned up the registry etc. Also going to try PcOptimiser as well. Sorry for the slight hijack Stu.


ianat182
 
skipper_stu said:
Had a panicky punter in today. Her pooter was infected with a new to me bug. It booted to a shell with all the bull**** warnings going. Called "control centre" couldnt get past this shell to do any running or loading of AV software. Hmmm, tried safe mode, v unusual, same thing there. Hmm again.
The task manager worked and I could see cc.exe running. Did some quick searching on the net and sure enough this was part of it.
OK back to the drawing board. I have a boot disk with all sorts of software on it called the "Ultimate boot disk" (do a google) Fired it up with that, used explorer to find the cc.exe in the applications folder, deleted it and finally managed to get windows running in safe mode, although there was all sorts of popups going on. Managed to get malwarebytes loaded in safe mode, got it to update itself with the latest definitions and away she went, 170 odd nasties! gotcha!!
Point of the post? be careful this is a particularly nasty one, I got lucky, I could have spent hours chasing it
Stu
Click to expand...
Had another variant in today, similar but with a different exe file called pc.exe. Again difficult to get at BUT this time used the task manager, ctrl-alt-del. Noticed that there was a file called pc.exe "flickering" in the process pane. I stopped that process and it then went to the blank desktop. This proved that it was that producing the "shell" I then went to "new task run" n the task manager, typed in cmd to get a dos prompt shell. I then ran dir /s pc.exe which showed the path to the file. I then drilled down to the directory which was called pc, I then typed del pc.exe. Poof! that broke the horrible thing so that when I restarted I had the desktop so that I could load malwarebytes, ccleaner and superantispyware. Ran all three of those and bingo 27 more lurgies got rid of and a clean machine!
Stu
 
You must log in or register to reply here.

Share this page

Top