My laptop has a virus. Any ideas on how to get rid of it? It's coming from an anti-virus program that's popping up and wants me to purchase it. When I click on my existing Avira(?) program it wont run and I get a message saying the file is infected and wont execute, do I want to run an antivirus program. If I click 'yes', the popup for the AntiVirus comes up and wants me to buy it. If I click 'no' nothing happens. Same message when I try to do a Windows system restore.

__________________
1977 300d 70k--sold 08
1985 300TD 185k+
1984 307d 126k--sold 8/03
1985 409d 65k--sold 06
1984 300SD 315k--daughter's car
1979 300SD 122k--sold 2/11
1999 Fuso FG Expedition Camper
1993 GMC Sierra 6.5 TD 4x4
1982 Bluebird Wanderlodge CAT 3208--Sold 2/13

Man, those things really suck. Try restoring from safe-mode (f-8 at startup splash screen, system restore to roll back). They keep getting harder and harder to get rid of. If you have multiple user accounts on your computer, try deleting the one in question. That recently worked for me, surprisingly.

__________________
1989 300E 144K

Thanks. I'm trying it now. At least System Restore is now operating.

Looks like it worked. Thanks again.

__________________
1977 300d 70k--sold 08
1985 300TD 185k+
1984 307d 126k--sold 8/03
1985 409d 65k--sold 06
1984 300SD 315k--daughter's car
1979 300SD 122k--sold 2/11
1999 Fuso FG Expedition Camper
1993 GMC Sierra 6.5 TD 4x4
1982 Bluebird Wanderlodge CAT 3208--Sold 2/13

Just cleaned AntiVir from a client

Copy taskmagr.cpl to iexplore.exe

This will allow you to bring up taskmgr by clicking on the renamed taskmgr --> iexplore.exe

kill the tasks related to AntiVir

grab Malwarebytes and it should finsih it

One trick also is to network it to another computer and share it's drive, then from the remote computer do the rename.

If you google search for AntiVir you can get further instructions.

Note I believe the infection at the client was related to the .lnk zero day bug that MSFT patched last Tuesday.

__________________
KLK, MCSE

1990 500SL

I was always taught to respect my elders.
I don't have to respect too many people anymore.

The virus is my favorite little buddy vundo.

Update your java runtime environment to the latest version. I am almost 95% positive you are running an older client.

http://www.java.com/en/download/manual.jsp


Consider also running firefox with adblock plus. The virus and many other types of malware come from infected third party advertising servers.

The above statement is my mantra for most computer malware.

__________________
-Typos courtesy of my mobile phone.

Throwing in a pitch for MalwareBytes. Its a pretty good progam and has kept my PCs/laptops clean for years. If the virus blocks the application from running, usually starting windows in safe mode will allow you to run it. Also you can then go into msconfig and check out what applications and services are running at startup.

__________________
TC
Current stable:
- 2004 Mazda RALLYWANKEL
- 2007 Saturn sky redline
- 2004 Explorer...under surgery.

Past: 135i, GTI, 300E, 300SD, 300SD, Stealth

I had Malwarebytes on my machine and this little bugger got in there anyway. Seems to be all gone now.

__________________
1977 300d 70k--sold 08
1985 300TD 185k+
1984 307d 126k--sold 8/03
1985 409d 65k--sold 06
1984 300SD 315k--daughter's car
1979 300SD 122k--sold 2/11
1999 Fuso FG Expedition Camper
1993 GMC Sierra 6.5 TD 4x4
1982 Bluebird Wanderlodge CAT 3208--Sold 2/13

This one has been around for years. There is a third party program that will kill it if you google the virus IIRC.

__________________
1985 CA 300D Turbo , 213K mi

If its the free MalwareBytes version it isn't going to in real time prevent infections it can't be configured as a firewall/fiter/detector, you'd have to pay for that functionality I think they call it their "Realtime Protection Module". The free version regularly updated is a very effective malware finder/remover/quarantiner, if you end up with a real malware problem this is a very infirmative and helpful site which has forums specifically directed to dificult malware issues:

http://www.geekstogo.com/forum/forum/37-virus-spyware-malware-removal/

You're welcome!

I had the exact same virus not so long ago. Super Ant-Spyware was the free program that rid my computer of it. You should also go to microsoft.com and use their free tools.
Good luck.

That is a nasty one. To truly get rid of it takes some knowledge and time. I deal with it at least a few times a week. Amazingly, I still have yet to EVER get a malware or any form of virus on my PC.

__________________
-diesel is not just a fuel, its a way of life-
'15 GLK250 Bluetec 118k - mine - (OC-123,800)
'17 Metris(VITO!) - 37k - wifes (OC-41k)
'09 Sprinter 3500 Winnebago View - 62k (OC - 67k)
'13 ML350 Bluetec - 95k - dad's (OC-98k)
'01 SL500 - 103k(km) - dad's (OC-110,000km)
'16 E400 4matic Sedan - 148k - Brothers (OC-155k)

Any of our resident experts familiar with the latest Firefox redirect virus??

I have run malwarebytes, spybot, and avast multiple time with no avail. Forced to remove Firefox, and use Chrome...

Think I might just dump my data and reinstall my OS (vista).

__________________
On some nights I still believe that a car with the fuel gauge on empty can run about fifty more miles if you have the right music very loud on the radio. - HST

1983 300SD - 305000
1984 Toyota Landcruiser - 190000
1994 GMC Jimmy - 203000

https://media.giphy.com/media/X3nnss8PAj5aU/giphy.gif

http://spillspace.com/2009/new-firefox-virus/

__________________
99 ML320
94 SL600
92 SL500
95 E320 Cabriolet
87 560SEC
86 300SDL Grease Car
80 380SLC Euro

13 Fiat Abarth
02 Maserati Spyder Cambiocorsa
00 BMW Z3
90 Rolls Royce Silver Spur
80 Ferrari 308 GTSI
88 Jaguar XJS12 H&E Edition
99 Land Rover Discovery

For the OP virus, I had this on a few boxes at my house. Pretty easy to get rid of actually.

Also for any other browser related mishaps check out HiJack This. It will list out a lots of items and typically something like a redirector or browser object will show.

1) Boot up in safe mode w networing
2) open internet explorer, goto tools, internet options, connections, Lan Settings at bottom. Ensure the "use proxy server" is unchecked. The virus will typically set it to 127.0.0.1 (which is your computer itself) This will re-enable your internet.
3) Run HiJack This, look in the O4 entries for a randomly named file (like C:\user\account\appdata\werasfsda.exe). It will tell you where its located, go find and delete. Then remove the O4 entry.
4) That should fix the problem, but as a good measure, run Malwarebytes in the user account folder (C:\user\ or C:\documents and settings\)

HiJack This and Malwarebytes are both pretty helpful and good stuff. Also, I recommend running Microsoft's Security Essentials as your antivirus. I just had a machine in here that had McAfee on it and as soon as I installed Essentials, Essentials starting detecting Trojans, McAfee just sat there.

__________________
Cruise Control not working? Send me PM or email (jamesdean59@gmail.com). I might be able to help out.
Check here for compatibility, diagnostics, and availability!

(4/11/2020: Hi Everyone! I am still taking orders and replying to emails/PMs/etc, I appreciate your patience in these crazy times. Stay safe and healthy!)


82 300SD 145k
89 420SEL 210k
89 560SEL 118k
90 300SE 262k RIP 5/25/2010
90 560SEL 154k
91 300D 2.5 Turbo. 241k
93 190E 3.0 235k
93 300E 195k