Trojan.AgentMB.JIXQ513316 aka FUvirus.exe

reposted and expanded from a yahoo! answers post earlier:

apparently this a new virus and the infection is spreading. there are more of us out there and we are all frustrated by the lack of information and panicked by the havoc it's creating. since i got hit a couple of days ago, i'm still searching for a cure to put an end to this madness, while burning my uninfected files to dvd in case there is no hope left. thank god for security task manager that's enabled me to at least keep my computer from totally dying while i save my files. if i had the money, i'd buy the thing to keep me sane beyond the 30-day trial period.

anyway, some things that might be find useful for others out there while the computer doctors race for a cure to this disease. my band-aid solution while waiting for major surgery.

1. first up, the virus is called Trojan.AgentMB.JIXQ513316. it's also called the FUvirus.exe (Welcome to Fu Virus!)

2. it's lodges in the system32 folder and it is programmed to stay hidden. it pretends to be a legitimate process so other antiviruses cannot/have difficulty sensing it.

3.deleting it and putting it in the trash bin won't work as it will tell you it's a running process..i only found out where it was when i downloaded the trial version of security task manager. it helped stem the havoc it was creating as this program was able to detect hidden processes and gave me the option to quarantine it. i would suggest you download it here. security task manager will show you the FUvirus process running, and let you quarantine it when it pops up. should you delete the process from quarantine, be warned that it will stem the tide but not totally eradicate it as it will have infected other drives or folders as it happened to me. do not panic if you can't find files....go on to the next item.

4. it impersonates all the folders it can get its hands on, attaches a .exe to make them into application folders. don't be fooled!!! your files are still there, the virus just hides them as system files so you can't see them if your folder options hides these kinds of folders. just go to folder options and uncheck the hide system folders option. your files will then be visible as semi-transparent system folders.

5. then i suggest you install bitdefender as it was the one that identified it as Trojan.AgentMB.JIXQ513316. bitdefender recognizes this virus and blocks it no matter what signature/path or name it uses while letting you access all your files, even ones whose folders are still infected.

6. this jumps from port to port via USB so don't use any for the moment. burning files to dvd works. just don't burn the .exe infections...be sure you are NOT burning the files that have .exe's where there aren't supposed to be.

as of now, i posted this in the bitdefender forum and am just waiting for a reply. i will post as soon as i get the right cure :) hang in there, everyone.

***

another way is for a system restore to an earlier date, as AJ said. but i haven't tried it yet. still burning my files as of now, just in case something goes wrong and all my files get blipped out of existence.

***

don't use your infected usb or let anyone else use it. when you're able to find a cure, clean your pc first then attach your USB to be cleaned.

***

or reformat. but don't use your infected usb because it will reinfect your comptuer.

:) whew! hope this helps. goodluck to us!

the weekend odyssey

i had a doozie of a weekend to cap the peach of a week, to say the least. For starters, the project i was working on barely made it to its preview because just when i was exporting it, a particularly nastehhh virus chose that time of all times, to make an appearance. From the usb flash drive of my unsuspecting client, who can only speculate where it came from, it jumped to my poor pc. It embedded itself in the windows system32 folder, making it a part of my platform, i think that's what it's called, and autolaunching on start up. It converted all my folders into application folders with a .exe added to the folder names, replicating itself through all my directories and drives. (not to mention replacing my sleek windows xp folder icons with ugly, tacky folder graphics from computer stone age!)

The virus slowed down my processors by as much as 50% then i couldn't access my admin panel at all. At first i thought it was the newfolder.exe virus but apparently this one is called the fuvirus.exe...um, virus. I don't know what the 'fu' means either but i think it means 'f*ck up'. I so hate viruses and their programmers. You may be geniuses but you suck! Why don't you guys do something useful for a change, like an idiot cure you could use on yourselves?!

Since my free norton anti-virus had already expired, i figured that's how this got through. I was able to download avg 8 but installing it became another nightmare. It kept telling me i had other anti-virus programs running while i already uninstalled everything, even going so far as to tweak and clean the registry entries in regedit with a registry cleaning program. Then, it would show me an installation error. Various messageboards identified the error as a permissions issue so i 'permitted' and 'allowed' everything i possibly could. But still, no go. I wanted to forego reformatting until i've exhausted all possible solutions (or i scream bloody murder).

There doesn't seem to be specific entries about this sort on google. It seems to be impossible that i could be the first hit this bad. I tried norton, mcaffee, bitdefender...no fuvirus in their virus directories!

As of now, i have bitdefender on, but i also have secure task manager running to block the virus. It's helped a tiny bit, this band-aid solution while i look for a cure. At the very least, it's shown me where the pest nested originally (the system32 folder) and a few telling characteristics (autolaunching, poses as a legit program and is hidden/can therefore escape detection by most anti-viruses).
Courtesy of the trial task manager guard, the virus announced its presence with a cheeky 'welcome to fuvirus!' message! Oooh the b@strd! Me want to smash! GRRAAA!

So much for my pc. And the moral of the story is a bad safe sex analogy, as i'm sure you can guess. Always use protection and don't 'consort' with strangers.

But wait! There's more! That's just the first of my long weekend woes. Stay tuned for more as my thumbs are going numb from posting via my cel. It's not easy even with autospell on.

I so HATE viruses. *kick*

(Anybody who knows what to do short of reformatting the entire thing, please feel free to put me out of my misery!
)