O/T Computer Virus...

My computer at work got nailed with a virus yesterday afternoon.

It started out, right while I was working, with a popup popping up and starting to scan the computer for viruses. When it finished scanning, it showed a half dozen viruses that needed to be removed, and another page popped up trying to sell a program to get rid of the viruses for $49.95. That itself is part of the virus. If you fall for it, and try to buy it, they have your credit card number and you still have the virus on your computer. And the popups don't respond to efforts to delete them from the screen.

I didn't fall for it, I simply called our resident computer wizard. He had a program on a flash drive that was supposed to get rid of it. Only the virus had my computer locked so the program wouldn't install.

At that point, it was my quitting time, and the wizard said he'd have to do some research on the Internet to find out how to proceed, and that he'd have it fixed before he left for the evening. The wizard hasn't been in yet today, but my computer was working OK when I came in this morning. Out of my own curiosity, I'll have to discuss it a bit further with the wizard next time I see him.

Yup. It hit one of our computers at home. Nasty deal.

try Spyware Doctor with AntiVirus from pcTools ... worked well for me as I had both DNS Blockers and Hijackers ... It will scan for free but to repair is $29.95 ... found things that both Norton and McAfee didn"t ... hth

it hit my lap top and its still locked up trying to figure out how to fix it

Happened two days in row here.Looks legitimate till you see how they spell trojan. Dont fall for it!!!!!Close all programs if able than restore to day your computer worked. Also been told never have two anti virus programs installed.

It's a bad scam. The initial "free" version "detects" nonexistent virus infections and won't let loose of your computer. The "Pro" version for $49.95 is worse.

You can always unplug your computer to shut it off. Otherwise, with Windowws XP Pro or 2000 you can press the "Control-Alt-Delete" and get Task Manager on your screen. You can kill the fake antivirus program there.

If you have loadedd the virus program, you can do the system recovery routine. That's assuming you had already established a clean reset point.

Then there's the hard way. It's too long to go into here.

Control alt delete won't work on the latest variant. There is a dos program from Malwarebytes that will kill all the processes it is running. Then without rebooting the malwarebytes cleaner needs to be run.
A mess but it does get it

Ouch! It worked on the version my wife got on two office computers six weeks ago. Her help knows better now.....I hope.

my best advice is if you see the virus attempt to infect your PC is to shut it off on the spot by holding the power button in for 30 seconds. shutting down via the menu allows the program to add itself to System Restore plus several other locations. many times that will keep the full infection from happening which makes removal easier.

Also shut off system restore as it puts itself in there also making removal almost impossible.


I like malwarebytes for removal of this infection. You may have to rename the MBAM.EXE to bob.exe to get malwarebytes to run after infection. Popular malware programs may be blocked from running. Safe mode is another option but I have seen recent variants that keep safe mode from running. Disconnecting from the network will also prevent further infections from installing while you try to remove the original one.

Combofix.exe is another good one to use but it may cause other issues with programs you already have installed. I have had that happen with one particular software package we use at work. I did find a cure for that issue though. Use combofix.exe at your own risk. It is not for the faint of heart.

Best of luck to those who are already infected. giving custom removal instructions via this forum is most difficult.

The wizard just came in and said MS came up with an update on IE8 that blocks this virus. He installed it on mine and others in the office.

Tonight, I'll have to install it on both of our computers at home.

I have a program threw Iowa Telecom. It is called SECUR-IT and the phone Number is 1-877-373=3320
I am telling you it is the best you will ever have
I all so have a program call'd SPAM CONTROL,
that as well is the best you could ever have and that is threw IOWA TELECOM. But give that number a call and talk to them. I did and I now I have had people try and spam me and bug me and it did not work. The reason I know people have tryd to SPAM or BUG is because when my bug notice come at the end of the month SECUR-IT shows they tryed and faild: So I say to you: GIVE THEM A CALL
it is worth it.You will learn a lot:
JR Frye GOOD LUCK

This is actually one that is a nasty java based script that mimics an ad. If you go to an infected site (one day even NY Times had a problem) it runs the ad script and that is how it downloads. The best way I found to prevent it is to use Mozilla Firefox as you browser with the add-on called ABP (Adblock Plus). You can subscribe to a block list, or at websites you can open up a list of all the blockable item. Find any that say script and block those addresses (unless it is part of the website, you may need to leave those unblocked, the bad ones usually have 'ad' as part of the address). An added benefit is that websites load faster b/c there aren't any of the interactive ads anymore (they just show up as blank spaces). I have not had a problem since I installed it and built a library of blocked scripts and I don't miss the ads one bit. If anyone needs help setting it up I have my email open.

I had that ,My computer Doctor said he was busy for the next few days but for me to run Spybot 2 times,that took care of it.He said the $49 wasnt the bad part,they wanted my credit card number more then anything.

Will MS security essentials block it?

Latest version calls itself AntiVirus 2010 or something to that effect. Just cleaned it off a friends computer with Malwarebytes. Had to use the little DOS file first to stop it as even starting in safe mode wouldn't allow me to get into Task Manager.

Even after Malwarebytes cleaned it I had to do a little manual clean up to completely get rid of the darn thing. It's nasty and hard to get rid of.

This computer was running the free AVG antiVirus software but it didn't stop him from getting infected. I don't run any AV software on any of our computers as it just takes up processor time and doesn't stop the crap anyway. If you are careful and stay away from web sites you don't know and Never Never click on an email link you will for the most part be OK.

I got the same thing about 2 or 3 months ago. Only way I got going again was to do recover. Then got it again yesterday, did recover and all ok. Then got it today and recover again. What is happening??? When it happens it won't let me restore and control-alt-delete won't end it it just pops right back up and fills up the tray with tries.
Strange thing is when I do recover, it doesn't lose everything, ie. my programs and all are still there. There is a program on my desktop called security tool. I think that is the buger. I can't get rid of it any way I try. When I recover it is still there.

Does this virus eat Apples?

I got it on 2 of my computers. I was running Avast. I like AVG and Avast but it got by both on other people that i know. I use firefox also. Malwarebytes is good. Also used superantispyware and spybot. Started it in safemode and run all those. I restored it to an earlier date also.Next time i will try the "hold the button in" first. That is a good idea.

I know my desktop is running VERY slow, I need to take it to my computer man. Hate to be without it for 3 days, would leave it at his house one evening, he needs one full day plus an overnight run to make sure all is OK. My laptop is now MUCH faster than the desktop, and it should be (and used to be) only about half as fast.

I am fighting something called DummyWireless right now. I caught it at shutdown a few days ago. It made it past my AVG anti virus and my Spybot anti spyware. I don't know what it is, I downloaded Malwarebytes and it also found nothing. DOUG

Oh, by the way, I NEVER use IE. 90 percent of the time I use Google Chrome, use Firefox if any question as to a web site.

The problems with my desktop started when my oldest stepson, 32 years old and won't keep a job, stayed with us for a while when my wife felt sorry for him (again).

He doesn't know that I can find history even if he deleted it. All the porn sites, online Casino's and the like he went to probably downloaded something on here. He found one of my credit cards and ran it to the limit, thankfully it was an old one that only had a $350 limit.

He denies it, but that is a different issue. DOUG