 Singularity super virus? help please! --Firstly i've tried posting this in the Malware & HJT logs part of the site but it keeps logging me out as soon as I try to write a new post. Besides the hijack this broke down mid process anyway.--
This virus reads my google search and kills potential threats...
This virus is odd to say the least
#Firstly It instantly kills any anti-virus application/process upon attempting to install and if it does by some miricle install, will kill upon opening. It's shot down 4 or so of the top antivirus programs including kaspersky, spyware doctor and others. Kaspersky causing the spitting out of bogus error messages and forcing a restart.
#I tried to boot up in safe mode to install the anti virus but it blue-screens every time during safe mode boot.
#Using regedit I removed absolutely everything from the boot processes and restarted. This revealed a few potential corrupt processes
lsass.exe smiss.exe conime.exe csrss.exe
#I tried reinstalling the anti-v at this point but it was still instakilling the process and refreshing the screen as if nothing had happened (sometimes it would glitch leaving the last installation frame pased on the background until a manual refresh) -Note It only attacks antivirus software. Other programs install fine including a few games and open office.
#I logged onto the internet and tried to "google" the suspect processes. Upon searching lsass.exe in the google search the iexplorer will crash. I can then reopen ie and try again. Searching "cat" or "dog" and anything else inocculous will pass normally but any searches or even entering webpaes that contain lsass.exe or smss.exe will crash the ie explorer.
It appears to be able to read webpages and searches
#I've backed up my important files so I tried hacking at the computer registry removing any and all mentions of lsass.exe but they just spring back imidiately as if they were never deleted.
It does spam the odd popup but that doesn't concern me. My usualy reliable gmail account has recieved it's first spam mail ever and I'm not so sure how secure my passwords are anymore.
Running "hijackthis" throws off a error #70 permision denied before freezing up at the item list screen. But to it's credit it did make it through the install which is better than most programs.
Has anyone heard of this happening before???
What are your thoughts???
kaspersky once valiantly found "xorer.ek, xorer.el, xorer.ee, xorer.dt" but couldn't remove them before it was permenantly silenced. Kaspersky was only able to finish the install because I constantly tried to install it again and again after each forced restart. I think it was able to finish the instalation in a split second because each time I tried, the installation progressed a little more probabbly due to previously installed or cashed files.
Anyway xorer.el is another key phrase that will instantly kill the ie upon entering into any search bar. I went to a net bar to do further investigation and it seems to be related to the popups but there isn't any further information on the process killing. | 
Welcome to Tech Support Guy! Read our Welcome Guide or take a minute to watch the video below!
General Security 
Search 
