Here we have a FAKE internet security tool called XP Internet Security 2012 (which also goes by different aliases), which infected a Windows XP machine causing it to become unable to run .exe file types. This creates a serious issue when most every application you want to run – or need to run to clean up the Virus/Malware – will be an .exe file type. Below I have listed what I did to clean the infected system.
The “shield” that looks similar to the Windows Update and some antivirus shields, was located in the task manager near the clock to the bottom right of the screen. This was even after the user had run Malwarebytes and thought the Virus/Malware had already been completely removed.
REMEMBER: If you believe that your computer is infected, not only do you need to run a full system scan with your antivirus software – and/or Malwarebytes – you also need to perform a search of your (a) hard drive and (b) registry for other Virus/Malware that may not have been detected.
Virus/Malware name: vml.exe
Hard Drive:
C:\Documents and Settings\%username%\Local Settings
C:\Windows\Prefetch (as VML.EXE-074511AD.pf)
Registry values .exe and exefile were corrupt:
HKEY_CLASSES_ROOT
This caused the computer to no longer be able to execute .exe file types, even after the Virus/Malware had been removed.
Click here or review Microsoft’s article to see what actions I performed to remedy the infection.
The “shield” that looks similar to the Windows Update and some antivirus shields, was located in the task manager near the clock to the bottom right of the screen. This was even after the user had run Malwarebytes and thought the Virus/Malware had already been completely removed.
REMEMBER: If you believe that your computer is infected, not only do you need to run a full system scan with your antivirus software – and/or Malwarebytes – you also need to perform a search of your (a) hard drive and (b) registry for other Virus/Malware that may not have been detected.
Virus/Malware name: vml.exe
Hard Drive:
C:\Documents and Settings\%username%\Local Settings
C:\Windows\Prefetch (as VML.EXE-074511AD.pf)
Registry values .exe and exefile were corrupt:
HKEY_CLASSES_ROOT
This caused the computer to no longer be able to execute .exe file types, even after the Virus/Malware had been removed.
Click here or review Microsoft’s article to see what actions I performed to remedy the infection.
No comments:
Post a Comment