computer virus problem
 

My laptop has a virus. Any ideas on how to get rid of it? It's coming from an anti-virus program that's popping up and wants me to purchase it. When I click on my existing Avira(?) program it wont run and I get a message saying the file is infected and wont execute, do I want to run an antivirus program. If I click 'yes', the popup for the AntiVirus comes up and wants me to buy it. If I click 'no' nothing happens. Same message when I try to do a Windows system restore.

Man, those things really suck. Try restoring from safe-mode (f-8 at startup splash screen, system restore to roll back). They keep getting harder and harder to get rid of. If you have multiple user accounts on your computer, try deleting the one in question. That recently worked for me, surprisingly.

Thanks. I'm trying it now. At least System Restore is now operating.

Looks like it worked. Thanks again.

Just cleaned AntiVir from a client

Copy taskmagr.cpl to iexplore.exe

This will allow you to bring up taskmgr by clicking on the renamed taskmgr --> iexplore.exe

kill the tasks related to AntiVir

grab Malwarebytes and it should finsih it

One trick also is to network it to another computer and share it's drive, then from the remote computer do the rename.

If you google search for AntiVir you can get further instructions.

Note I believe the infection at the client was related to the .lnk zero day bug that MSFT patched last Tuesday.

The virus is my favorite little buddy vundo.

Update your java runtime environment to the latest version. I am almost 95% positive you are running an older client.

http://www.java.com/en/download/manual.jsp


Consider also running firefox with adblock plus. The virus and many other types of malware come from infected third party advertising servers.

The above statement is my mantra for most computer malware. :o

Throwing in a pitch for MalwareBytes. Its a pretty good progam and has kept my PCs/laptops clean for years. If the virus blocks the application from running, usually starting windows in safe mode will allow you to run it. Also you can then go into msconfig and check out what applications and services are running at startup.

I had Malwarebytes on my machine and this little bugger got in there anyway. Seems to be all gone now.

This one has been around for years. There is a third party program that will kill it if you google the virus IIRC.

If its the free MalwareBytes version it isn't going to in real time prevent infections it can't be configured as a firewall/fiter/detector, you'd have to pay for that functionality I think they call it their "Realtime Protection Module". The free version regularly updated is a very effective malware finder/remover/quarantiner, if you end up with a real malware problem this is a very infirmative and helpful site which has forums specifically directed to dificult malware issues:

http://www.geekstogo.com/forum/forum/37-virus-spyware-malware-removal/

http://3.bp.blogspot.com/_57JzUQCUQ3...he%2520box.jpg

You're welcome!

I had the exact same virus not so long ago. Super Ant-Spyware was the free program that rid my computer of it. You should also go to microsoft.com and use their free tools.
Good luck.

That is a nasty one. To truly get rid of it takes some knowledge and time. I deal with it at least a few times a week. Amazingly, I still have yet to EVER get a malware or any form of virus on my PC.

Any of our resident experts familiar with the latest Firefox redirect virus??

I have run malwarebytes, spybot, and avast multiple time with no avail. Forced to remove Firefox, and use Chrome...

Think I might just dump my data and reinstall my OS (vista).

For the OP virus, I had this on a few boxes at my house. Pretty easy to get rid of actually.

Also for any other browser related mishaps check out HiJack This. It will list out a lots of items and typically something like a redirector or browser object will show.

1) Boot up in safe mode w networing
2) open internet explorer, goto tools, internet options, connections, Lan Settings at bottom. Ensure the "use proxy server" is unchecked. The virus will typically set it to 127.0.0.1 (which is your computer itself) This will re-enable your internet.
3) Run HiJack This, look in the O4 entries for a randomly named file (like C:\user\account\appdata\werasfsda.exe). It will tell you where its located, go find and delete. Then remove the O4 entry.
4) That should fix the problem, but as a good measure, run Malwarebytes in the user account folder (C:\user\<name> or C:\documents and settings\<user>)

HiJack This and Malwarebytes are both pretty helpful and good stuff. Also, I recommend running Microsoft's Security Essentials as your antivirus. I just had a machine in here that had McAfee on it and as soon as I installed Essentials, Essentials starting detecting Trojans, McAfee just sat there.