Malware Minute: Malware Now Imitates PC Utilities

More info

(Visited 6 times, 1 visits today)

78 thoughts on “Malware Minute: Malware Now Imitates PC Utilities

  1. I have been jumping thru hoops with this one. Wish I had read this thread before now. Infection finally gone with Microsoft’s help, but I have Active X problems and need the OS CD, which I don’t have, to fix the issue. Also , can’t update OS , XP Pro, thru the regular channels. I have to go to update.microsoft.com to do it.

    Any help with the Active X would be greatly appreciated.

  2. I was able to fix this “hijacking” by logging onto the PC under another profile and modifying my startup programs. These had been changed by the malware. It was not A VIRUS. The malware program had been installed under the other profile in the documents folder. Once I got this startup changed, I was good to go. You might also be able to do this under the “hijacked” profile, but you have to be very, very quick; must modify the sytartup before the program activates.

  3. We see this virus everyday in our repair shop. Best method of prevention is to not click any links from emails or facebook as this is where most these malwares originate! Best way to remove is to boot into Safe Mode (turn computer on, tap F8 until menu shows and select Safe Mode with Networking). Download malwarebytes and ensure its updated to the latest virus defs then perform a FULL system scan. On completion, visit Trend Micro and run Housecall online anti-virus scanner and also perform a FULL scan to ensure everything is ok.

  4. 3Weeks ago my computer was hit with a virus, it all happen when I get an alert from Microsoft, thinking that it was really Microsoft sending this with all the Microsoft logos looking genuine, so I click on it and was redirected to a fake page advising me to scan my computer with an online scanner, what happen to me was a rogue ware installed on my PC, this rogue antivirus application block the access to get to my computer desktop,”someone told me that every time I restarted my computer the fake software get deeper into my system”
    I was also urged to pay money to clean the system.I boot-up into safe mode and use my Avast antivirus to do a boot up scan, and it found ” fake alert Trojan & malware Tinkpoint.” I tried malwarebytes that didn’t help, I had to reinstall my windows 7 ultimate..I learned a lesson the hard way.

  5. Just to add to what a few others have stated about Malwarebytes, if you get the paid version – it has “active protection” which catches in real time – anything that the free version finds during scans. Much better to spend the money up front than the time and effort later on – in my humble opinion.

    I also disagree with Lucid Dreamer. A backup drive ready to install is overkill. But everyone should have a backup drive (via E-SATA or USB) and backup their prescious documents there. Then use your favorite imaging software (I’m an Acronis True Image fan myself) and keep an backup image of your drive there too. It takes me all of an hour to reload my OS, and a few hours to copy the 2TB of data back. 🙂

  6. Look at the up side. If not for the !@#$%Q!
    responsible for screwing up your puter, you might not be as savvy or proficient due to the “forced schooling” these nuisances demand.

    Everyone should have a back up drive (updated monthly) ready to install and important stuff backed up on an external drive. Cloning a drive isn’t difficult and allows you to avoid time consuming updates, software installs and preferences/settings.

  7. I got system tools 2011 malware, i took my harddrive out inserted into a external case and deleted the files, and turned off system restore to delete any files that could be in there. And the restarted the puter and turned system restore back on.

    My puter still lages and thinking of reinstalling windows.

  8. I saw someone mention vipre antivirus. It isn’t very good. I replaced it with kaspersky, which is much better. I still use malwarebytes antimalware for scans, though. I have cleaned a lot of these viruses off of people’s computers. They are a pain if it is well embedded. And I recommend not shutting down a computer until this is removed.

  9. I was told or read somewhere that you should not be running your computer as an Administrator. If you run as an administrator you run the risk of unwanted programs installing on your computer. Running without Administrator rights prevent these viruses from taking over your computer.

  10. At the risk of “Plugging” a utility I recommend “Comodo Firewall+Defence” as a useful tool to combat that sneaky Popup that literally locks your computer! and prevents you seeking help! ……. go to Comodo in startup bar and open to Defence and select “Running Processes” scrole to the Process running the Popup! .. your browser and right click and select “Terminate” .. end of problem! …………….

  11. I have had a few of these pop-ups appear on my computer while browsing, each informing me that my C: Drive was infected. The only problem with that is I run Linux instead of Windows, and there is no “C: Drive”
    And the best part is: Windows executables (.exe) don’t run in linux, so my system doesn’t get infected by them. But just last week, I had to scan the systems of 3 friends who came across the same pop-ups and got their Windows systems infected. Windows makes it too.

  12. As a qualified IT technician I spend a lot of time removing these things and have devised a fool proof method for their removal. The most important tool I use is Hirens disk this comes with a cut down version of XP which is bootable directly from CD/DVD and as this operating system is kept in RAM and doesnt use any files on the hard disk you know it is free from nasties. I then Use Hirens to install Malwarebytes & SuperAntiSpyware to this MiniXP and then get all the updates for these and scan the system with both of them. It takes anything up to 24 hours work to completely remove these malware and that is why professionals like myself cannot stress enough the importance of firstly a good Internet Security Suite (I use Comodo) and secondly a good backup program. Whenever I clean someones computer I always recommend they buy Acronis True Image Home and then make a recovery partition so if they get infected again it is a simple matter to revert their system back to a non infected state.

  13. I’ve already had issues with this malware…went onto a site I use frequently and up this popped. Luckily I recognised it for the potential nusiance it was. I closed the browser with little trouble and then set Avira after it. I have booted up since then with no problems.
    Personally, if you see anything stating you have issues, virus etc…close all browsers straight away…and fully scan/defrag/clean your system. It should save problems developing down the line.

  14. One disturbing thing I saw a lot of people posting here, was to use System Restore. In my experience, this is also one of the worst things to do. I have seen many bugs of all kinds, which “just keep coming back”, no matter what antivirus programs are used to remove them. Where were they hiding? In the System Restore, which Windows doesn’t like letting other people into. My first step when cleaning a computer (especially Windows XP) is to disable System Restore, which wipes all restore points (and any nasties which have backed themselves up into the restore points). And yes, my toolkit usually starts with MalwareBytes, SUPERantispyware & Spybot Search & Destroy 😀
    For general Windows problems, yes, use System Restore. It generally works great. For viruses? Heck no!

  15. actually this particular malware was easily eliminated. My son used my desktop the night before. When I tried to use it that malware gave me a fit. In safe mode I found it in my users temp dir. It was a number.exe file. Something like 954467.exe. In safemode I deleted it and it was gone.

  16. I sold a desktop to a coworker and he fell for the fake antivirus software, fixed with AV, my wife, however, fell for the facebook scam and then sent the laptop to a friend to fix it.
    Manual registry deletions, remnants of the infection… when I got home eventually it led to a format of the hard drive and reinstall all programs and files as backups were overwritten by backups made after the infection, nice!
    Never, ever , ever let someone fix your computer for you unless they are a profesional or will take full responsibility for their F*&^% ups.
    Make back ups, but most importantly don’t let some schmo touch your backups, keep them locked up!

  17. A year ago, I was talking to a owner of a computer store. I told him that I wish someone would do something about the mal and spyware coming out.
    He said, “I am glad they don’t! I make a lot of money on cleaning this out of computers.”
    Here is some of the problelm.

  18. I don’t know if this will help, but I run Zone Alarm and when anything weird pops up I right click on the Zone icon and stop all internet activity and then do the task manager thing and stop iexplore. Avast also stops most trojans.

  19. Unless I missed it, I didn’t see anyone use the magic fix. Whenever there is an ad letting the user think he is infected, the 1st thing the user does is hits the X in the upper right corner of the pop-up. Do they really think the X is from Microsoft? Like this would rid you of anything? Next time, simply hit Alt, F4 at the same time and it will USUALLY harmlessly disappeared. However, your security allowed it in, so get it updated. Using Malwarebytes, update it and run a scan. If you are also using Avast!, you will see that they work in pairs like well, like any 2 things that work in pairs, and Avast will catch all Trojans and Viruses, and Malwarebytes will catch all the spyware. If they want $29.95 to fix the virus they are about to drop on your computer, just stop for a second. Don’t panic and DON’T hit the X. Put your mouse pointer somewhere on the ad in a blank spot – DON’T click it – just put it there. Hit ALT, F4 and it should set your mind at ease. I always tell my wife to update Malwarebytes and run a scan just in case. It has not failed in several years. Hope this helps. When a customer drops off his computer for this “crash’, I do as a previous user mentioned – Pull the drive and connect it externally to my computer and run a scan. This doesn’t always work because you may remove a file necessary to boot Windows while cleaning the drive. So, I load a fresh drive with Windows and drag any important items Files, documents, photos, music, etc., from his old drive over to the new drive and they are back in business. Another tip – LEARN DOS. It is extremely valuable. Today, all people know is WINDOWS. Sorry, I can’t help you there. I’m sure there is a DOS for Dummies out there somewhere.
    Chuck

  20. I recommend you NOT use a USB drive for copying the programs from a clean PC to the infected, as the USB will get infected and you might spread it to a clean PC.

    After cleaning your PC, it would be wise to turn OFF System Restore, reboot, and turn it back on. This deletes your old Restore files. System Restore files can get infected and can reinfect your PC.

    System Restore takes your system back to an earlier state and may not fix the problem. It does not affect your personal (pics, etc.) files, but can require you to reinstall some programs installed between now and the restore point.

    Repair, done with the OS CD/DVD (or an option when pressing F8 on bootup, for some machines) can fix damaged Windows files. Repair also does not lose personal files. Repair does not clean viruses.

    Recovery, usually accessed from the boot screen or from inserting a Recovery CD/DVD (from the PC maker), will wipe the drive and restore it to the same state as when purchased. You must reinstall all programs, and you will LOSE ALL PERSONAL DATA. This is a last resort you want to use, but the FIRST thing your tech support (for your retail PC) will try. It is quick, thorough, and fixes any software issue, but it does not consider the Owner/User who will be losing all personal files.

  21. Two products that are free (you can make a donation) that compliment your existing AntiVirus and Firewall are called Spyware Blaster and Spybot Search & Destroy. Highly rated and perennial power user favorites since they don’t slow your PC down — and are an additional layer of protection since they work differently. Everyone should have them. Both comapnies update them so evolving threats are dispensed with. And Malwarebytes is top notch and large AntiVirus software companies actually refer their customers to use it since it works and removes threats that escape stuff and/or your A/V has trouble removing. This one acts in yet a different way as well and it’s free (and complete AND won’t nag you with ads or appeals) but I opt for the full version that is very thrifty with added features. With these three your PC won’t be compromised by threats, spam or rootkits yet operate without slowing it down.

  22. @Keith: Many legit sites (Facebook, Myspace, etc.) have had infected advertisements that try to install these programs. It is RARE that one needs to reinstall the OS to fix a problem.
    @Everyone else…
    If you suddenly have a window open that appears to be scanning your PC for problems, X out of the window and any Warning dialogs that result (they are fake warnings). It would help if you unplug the cable that gives you internet (phone or ethernet). I use MajorGeeks.Com to get all my free software. You need Malwarebytes, Avira or Avast, CCleaner, and RKILL. If you cannot get internet on the infected PC, burn these programs to a CD from a clean PC. RKILL will stop any processes that prevent installation of the other programs you need to install. Install, update, and run each of the above. If you have trouble installing or running the above, try SAFE MODE by tapping F8 key while starting the PC. Once in Safe Mode, run RKILL then the others. If your machine is so messed up that Safe Mode will not work. Remove the Hard Drive and install it as a second drive in a PC that has each of the programs above installed and updated. Scan the infected drive with Malewarebytes and Avira/Avast (CCleaner only works on the drive that boots up) and delete all malware found, repeating until clean. Put the drive back into the original machine, boot to Safe Mode and install/scan. Boot to Windows normally, and scan again. Keep your programs (and Windows) updated and schedule regular scans.

  23. So far, in the several attacks that have overcome my computer’s protections, the first (and most important in my opinion) is when my browser automatically shuts down for no reason. I may or may not have noticed a weird URL pop-up or change just before it happens. As long as I immediately shut down my computer, I have been spared having to do a System Restore. However, that means I may have to do a hard shutdown (i.e., not waiting for Windows to shut down, but using either the power switch or the auto-reset button; both of which are much faster than a standard shutdown).

    A similar one is one that pops up with running a virus/spyware scan. Follow the above steps.

    Several times I was too long and got stuck with System Restores. The one I dislike the most (so far anyway) shows up with a Windows Security Window lookalike. It replaces your normal Security Window with its copy; disables Task Manager and making it almost impossible to get to a System Restore option; eventually your Internet access; and disassociates many of your normal file uses (.doc is no longer recognized as being a Word doc., etc.).Thankfully, I have not had to resort to paid restoration yet.

  24. The best solution is to dump windows for Ubuntu Linux. I use Ubuntu to remove malware and viruses from Windows PC s all the time.

  25. D’Arc Kingham,

    Lots of mail has been sent asking for a Mac & Debian Linux version of PCpitstop scan… It would also be great in the Microsoft world if Google Chrome was used instead of Internet Explorer…

    JR

  26. I repair and maintain computers here in Spain and viruses are one of my new clients biggest problems, I can pretty much guarantee the majority will be running Norton, it is a resource hog and quite frankly doesn’t work, or at least not effectivley. Removal of the virus and Norton and installation of AVG and Malwarebytes for emergencies and periodic scans and a little advice and tuition has prevented problems for 95% of my clients. One piece of advise dont run more than one antivirus program you can pretty much guarantee they will conflict and prevent each other from working, and a question now for all you out there, why are these companies who use their so called antivirus software as a virus to illicit money get away with it, why are they not prosecuted and put in jail and made to pay compensation to all the people they have infected and this goes for anyone who advertises them also……????

  27. I had “HDDSCAN” lock up my computer(McAfee didn’t catch it),I got a BSOD when I tried to restart. I installed the system on my slave drive, ran SuperAntispyware to delete the virus, deleted my temp files, but got the message”A disk read error occurred” when trying to reboot. I then ran demos of partition fix programs. I saw that the total sector count of the infected drive(320 gig) had been changed to that of the slave drive(150 gig). Since you have to pay for those programs to actually fix things, and I had no money, I tried to find a free program and came across “bootmaster”. It let me correct the sector count, then I ran a fixboot, and voila, everything is back to normal! Once before, one of those trojans renamed my hard drive, so I had to go into bios to fix it….I don’t know if this will work for you, since those trojans are very tricky and change all the time, but it’s something to check for before you loose all your data or pay someone alot of money

  28. This is what I did to remove HDD malware…. go to Windows Defender. Once there there is a drop-down button for other options. One of them allows you to see what is running on your PC. It shows running program details (such as where the program is on your hard drive). Look for the HDD program and Copy the Directory location into memory (high light the text, right click, Copy).

    Use windows explorer to traverse to that directory (or paste directory into windows explorer from memory) and delete the malware .exe file that running. If the delete attempt fails due to being “in use”, you will need to go to Windows Tasks Manager and kill (right click, End Process) any process that look suspect. This kill the program that is currently running. Don’t worry about killing a legitimate program, as this only “stops” the current instance in memory from running.
    Again, don’t remember what process name I shut down this way, but believe it had HDD in the Name or the Description. Once you killed the HDD running process, go back and re-attempt the .exe delete.

    For my wife’s laptop, it was a give-away because it was running under “C:UserNameApplication DataTemp” where no legitimate program would install and run from.

    Hope this helps.

  29. I use Avira antivirus – free for personal use. It does a good job. I think you can download from CNet site. However, I combine that with ZoneAlarm Firewall (also free), AdAware (free version) and Threatfire (free version). Sometimes I think it takes longer to boot but they work well together and I’m safe.

  30. I got rid of this virus easy(Not being big headed), simply do a CTRL-ALT-DELETE and then goto the File menu and Run, type in explorer and it starts the rest of your system. From here you can get rid of this bugger of a virus/malware/whatever.

    Hope this helps someone else else out there, this almost drove me mad until I tried the simple approach(Remember to use Malwarebytes, Spybot and RegEdit to delete the bugger from the Run section 🙂

    If anyone wants any more detailed info, then just ask and I’ll write up a step by step guide 🙂

  31. I use Malwarebytes., a free download, which so far Has always removed all Worms, Trojans ect. I run a complete scan daily. Additionally I have AVG 8.5 anti-virus a free download It does a very good job an all viruses but does not detect most Malware and Trojans I also installed Windows defender and windows firewall. I check for updates daily on all my anti-virus.You can pay for anti-virus tools but why when excellent ones are available free. Any time I see one of these rogues or any thing suspect I start a Malwarebytes’ scan. So far this method has kept my computer free from infections. I am on the web about 4-6 hrs. daily. Brenda the people that design these rogues and try to harm other people’s computers are mentally sick degenerates.

  32. Agreed. Malwarebytes rules. SuperAntispyware works well also, I’m constantly removing junk off our office computers because the other guys can’t keep their hands clean

  33. My PC got infected last week with System Tool Essentials 2011. It would not allow me to open any applications. I was finally able to boot up in “safe”mode to a earlier date and then run my CA antivirus program. After several daily scans I finally remove all malware and virus'(I think) I knew better but somehow I let it in.

  34. I have found a free website from microsoft that does a great job at cleaning your computer, plus it wont clean anything that may stop a program from working….here is a link http://onecare.live.com/site/en-us/default.htm

    its from microsoft and they now offer it for Vista and Win7…..ITS A ACTIVE X program so you dony have to install a program on your computer, you use in from your browser while on the web…I fix and build computers an I use it regurly…..great utility

  35. This is nothing new. And it’s actually quite easy to remove the rogues without paying for it or reformatting. First download Malwarebytes and Advanced System Care. Also download Rkill. Boot into Safe mode with networking. First run Rkill to kill known malware processes. Install Malwarebytes and update if you have an internet connection. Scan and remove whatever it finds. Install ASC. Scan and remove any remaining spyware and fix registry errors. Reboot normally and install a good Antivirus Program (anything but Norton, Mcafee, or CA – resource hogs). I prefer AVG or Avast.

  36. I got a laptop in today from a user that had a “Disk Defragmenter” on it. The computer wasn’t completely overrun and I was able to install Malwarebytes and remove all the trojans.

  37. I’ve found that having Microsoft’s Auto Updates enabled along with using their Security Essentials and letting the monthly Malicious Removal do it’s thing I have managed to avoid malware so far. I would highly recommend such policies for others.

  38. Yes. I found out the hard way also about 2 yrs. ago. I have only had my own comp. for 3 yrs. I knew very little about security. It was a Co. Lap Top. I applied for any security system , that was “Free”-Wrong-They put all kinds of viruses & advertizers into my computor.
    Then I purchased Norton 360-Now it tells me if it is safe to open.

  39. Anti-virus software is reactionary. Thus, the black hats are always one step ahead of the white hats. I have read that it can take up to one month for a large company, such as Norton, to counteract one new virus. Hundreds of new malware emerge everyday.

  40. @Brenda: People use malware and viruses for a variety of purposes. Someone once said, “Data, that isn’t backed up, isn’t important.” If you frequently backup your data, you can easily reinstall Windows without having to pay a technician.

  41. i too have run across this several times both by myself and other family’s computers. these thing should be illegal. they are hard to get rid of, but i have done it several times. people whom make these what i call “extortion” programs should be procecuted in some way.

  42. The solution that I use, if you have a PC that is infected with malicious software is to connect another computer to your home network (either wirelessly or wired) and use a program called “Remote Process Explorer” available from LizardSystems.

    Using the uninfected computer, open “Remote Process Explorer” and add the computer with the infection to the list of computers. “Remote Process Explorer” will allow you when the location of any processes that are running and allow you to kill the process. The majority of malicious processes are using running from a location in your user profile or from the “Program Files” directory and usually has a randomly created name to it. Before killing any processes that you are not sure about, use the Internet on the uninfected computer to research the name.

    After you kill the malicious processes on the infected computer, attempt to run the portable version of CCleaner on the machine. In CCleaner go to “Tools -> Start Up” and “disable” (not necessarily “delete”) the entries that are malicious. I recommend not deleting because if it is a legitimate process and you delete it, you will have to recreate the entry and CCleaner doesn’t support that.

    After using CCleaner, reboot the computer and see what happens. If you are satisfied with what happens when you login, download, install, and run Malwarebytes.

    This is what I do on a regular basis with computers at work, computers that I work with on the side.

    Good luck!

  43. This is not new. I was hit with it five years ago and it got so bad I ended up replacing my then five year old computer. Real copies of anti-virus and anti-spyware eventually did clean it out, however, so that computer has become a spare. Recently, I in Tokyo and my brother in Maine were hit by another variant again within a two week period of each other. Powering down IMMEDIATELY got rid of mine long enough to run Spybot and McAfee and my computer has been clean since. My brother was not so quick and his became more entrenched with each boot up. However, a program offered by HOWTOGEEK.COM got rid of his malware and he has been running fine ever since. There are numerous sites online that give free utilities to rid this malware. Google “get rid of fake antivirus” to find them.

  44. This happened to me when I went to a website I have visited for 10 years. The only way I could get rid of the harassing malware was by going to safe mode and running Malwarebyte’s Anti-Malware which I had already installed some time before. It’s a great application that ferrets out some of the most difficult malware and bots.

  45. Why is PCPitStop taking ads for PCMatic? What a scam that is!! I know someone who fell for that and finally gave up and got a new machine.

  46. DC, of course there are ads for Pitstop products….we are at their site! I first learned about their reliabilty & trustworthiness form a Microsoft technician. Since then, several more technicians from other places have told me they were to be trusted.

  47. Surprised you did not correct Brenda’s advice about shutting down your pc immediately–I was told by a reputable anti-virus company rep that you should NEVER EVER shut down your pc if you have a virus–CLEAN THE VIRUS FIRST–even if you have to telephone your anti-virus company support–because if you shut the pc down you run a pretty solid chance of writing the virus to the hard drive and may not be able to restart at all

  48. @DC,

    Many of these self-install, even if you have very high security enabled on your computer. In addition, I have a great A/V program, also use Spyware Blaster, Ad-Aware, Spybot, and a dozen other anti-spyware/malware programs on my system.

    @Brenda,

    I agree. I have avoided this problem most of the time because I did immediately power down as soon as I realized what was happening. If I waited a couple of seconds, it was too late.

    @Sherrie,

    Best hope it that you have backed up all of your personal files recently; something that should be done very often.

    You can try using a Bootable CD and see if that works. If not, best case scenario is that you can find someone who can either get Windows back up, or at least recover any files/documents you don’t want to lose.

  49. Just ran OverDrive and came out Bottom 32%, not bad for an Outta the box HP from Wally World. PCPitstop was the first site on the net after I set it up after loosing My Beast in Katrina. a1203W model was like leaving the Caddie and driving away in a Kia, not that thats a bad thing. heheheh was going to say V/W but they cost as much as a Caddie today.

  50. The other day I clicked on something for information and immediately my virus scan software started alerting me and blocking the downloads. I quickly closed the website link did a full scan and everything seemed to have been stopped and qurantined. I’m using Microsoft Security Essentials and running a scan every night. So far I’ve been running this the past 8 months or so and everything seems fine.

  51. Hahaha Ran Both those before doing a defrag and coming on line to read this page. Yeahhhh I admit whipping out the credit card and listening to its screams were justified. LOL

  52. This happened to me twice. The first time I restored the PC using an external drive and Acronis software. The second time I hit the off button quickly. Then brought the PC up in safe mode.Then restored with Windows Restore to a previous day.Then downloaded and ran the free version of Malwarebytes. That removed the damaging trogens.

  53. These rogues have been out there for a while! General rule of thumb do your research before installing anything that claims to repair errors for whatever! Oh and I like the subtle PCMatic and Optimize 3.0 adds on the side and top of this post (Hint Hint!):)

  54. I sovled my Experiments of On-Line Scans with the purchase of a 1T External Drive I use as Back-up C:.
    Quarterly I Format the internal C: and do a transfer from the External Drive. I look at the labor cost saving from the Tech Shop, it pays for itself in 6 months.

  55. Hi i always use the free software spybot to clean and then protect my computer from future problems, it is best to clean in safe mode first time if your computer has a lot of problems

  56. most of these viruses that cripple your system can be easily fixed with a simple vista exe fix run the program it cripples the virus so that you can run exe files such as malwarebytes and superantispyware or just your regular antivirus. i search for new viruses every day on my crash box to learn how to remove them my local computer shop even comes to me when they have a bug they cant remove..if you see the virus start to scan or even the program starting it is too late and shutting off your computer will only help aid in the program taking over your machine.

  57. To Sherrie. This has happened to me too but fortunately I had my system backed up on an external hard drive which was disconnected from my computer. This is important otherwise both the computer and backup become contaminated with the same virus. Make sure that the external drive (USB) has the complete operating system not just your documents and files and then you can format your ‘C’ drive (cleans everything off it) and reinstall everything again. Disconnect from the internet while you do this. Reconnect and install ‘Microsoft Security Essentials’ (free app from Microsoft)

  58. To fix this problem download malwarebytes and superanti spyware it will take care of the problem.Also if it wont let you on I downloaded iobit secuity 360 it let me run it and took care of the problem these jerks have nothing else better to do than to wreak havoc on your pc.Hope this helps.Also one last thing if this fake virus comes up on your pc dont click anything just shut down your pc

  59. This is really nothing new. The hardest viruses to get rid of are the ones that act like they scan your computer for viruses then offer to get rid of them for 39.95 and use up all of your comps resorses, disable the restore, and pretty much you gotta reload evevything.

  60. Also the malware types are getting very clever. So do not close a pop up window that claims to want to scan your PC or something like this with the red X in the upper right hand corner. This causes the executable to run. Instead hit control alt delete to start task manager and close it that way. then run scans with your antispyware and antivirus software

  61. Some of my older friends were taken in by these fake PC utilities pop-up virus warnings. By the time they called me to help, their PCs were “locked”. The answer is to perform a BIOS “safe mode” boot and then a system restore. Nothing elso works. When these malware pop-ups appear, they can be defeated by immediately performing a right click on the system tray program “utility” icon and then clicking “close”.

  62. Too easy. Insert the restore disc and wipe the computer, and stay off the porn sites. The only time I ever have an issue is surfing for porn. Better be prepared to lose some data, unless your PC is like my emachines with PC angel, at least it saves your old files. Truth hurts, I know.

  63. I had a friend who had that same problem. Luckily, I was able to boot his computer through safe mode and was able to get the malware of his computer. The best way to avoid is research and go to the website that has the program. Usually, it is the best way to go. Mostly, no one wants to buy McAfee or Norton subscription at the end of a 30 days free trial or already using the programs for a year. I used Microsoft Security Essentials and Malware-Anti Malware. You can also use AVG and Avast.

  64. The last time I saw one of these scams my bro-in-law had it…all I did was ran a restore back to the last backup date which was 2 days and this took care of it. I would say this would work for them all…dont quote me tho, just as long as you have this feature ON…most people turn it off to save disk space…you got your work cut out for you if its off.
    I usually use another PC to google the software and normally find a fix for it. PCMatic and Malwarebytes ( http://www.malwarebytes.org/ )are both excellent to help resolve issues also.

  65. I have been a victim of this even though I’m a techie and have antivirus et al software (don’t know how it did not get caught.) Anyways, you generally can boot but it goes to the same “site” to get you to pay for cleaning your computer. I wish a hacker would hack that site. But you should create a bootdisk (AVG free allows this) reboot and run tools such as malwarebytes to clean your machine. I was able to do this even though I had failed to create a boot disk previous to the infection. should work for you

  66. I got hit with the one that rode in on the ITUNES update. WHat I did was remove the hard drive from the tower and put it in my hard drive docking station (great to have-$23 on Amazon) then using my laptop scanned the infected hard drive using the Microsoft Security Essentials-then it distroyed the virus (malware)-I put the hard drive back in the desktop and the computer worked fine.

  67. There are a few you tube videos that give you step by step instructions on how to remove the malware and get your computer back. I was able to follow the prompts and restore my computer and it only cost me my time….

  68. Sherrie, I haven’t seen one that prevented a reboot. The creators of this malware want you to send them money for their “AntiMalware”, so it’s in their best interest to make sure your computer stays running.

    I come across it frequently. With XP, you have to “End Task” from Task Manager (Ctrl-Alt-Del) because any mouse click within the dialog box prompts the download. Windows 7 will close your browser window.

    Avast will prevent it from making big changes (but won’t always stop the script / redirect) and Mawarebytes does the best job of getting rid of anything leftover.

  69. I have learned from paying twice this year to get virus off my computer. If you see anything that says it will fix something wrong with your computer even if it says it is Microsoft(which I trusted last time) hit the power button as soon as you can, I mean A.S.A.P. and hope when you power back up you caught it in time. This virus speaders are very smart also I learned that they pay for cookies when you do scans and lookups. Just get a very good virus protection that will not let these things come thru. I am currently looking for that.

  70. Last time this happened to me I had to take my and get it fixed and of course I had to pay. I don’t understand how this can make someone happy to hurt other people’s things.

  71. So lets say you get this HDD fake malware…how do you get rid of it when your computer won’t let you do anything? Then when you reboot your computer it no longer will log into windows…not in safe mode, or using last known good login. What now?

Leave a Reply

Your email address will not be published. Required fields are marked *