|
|
Post by movieman36 on Jun 20, 2011 7:34:49 GMT
This weekend has been interesting. My main family PC (still running XP, fully patched and with up to date AV) suddenly started to display a message from a program that looked very much like a genuine Microsoft program stating my computer was infected with a long list of viruses and Trojans. It in effect had made the computer unusable as it would not let me run ANY executable files (.exe) which effectively is any program. I couldn't get internet access, every time I tried to open a program the rogue would pop up and run what looked like a virus scan. After not much searching at all (from another computer) I discovered this is a quite common and virulent piece of Mal ware. I got blow by blow instruction on how to rid my system of it from a site called www.bleepingcomputer.comIt involved downloading a few little apps one of which was a registry hack that ran from a memory stick. In effect what it did was make some changes to the registry which disabled the Mal wares ability to stop me running executables which then allowed me to run another little program that then killed the MAlware off which was followed by running Malwarebites which cleaned it out and rid my system of the problem. Here is a link to the help guide. www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2012It might be an idea to download the registry fix and malware killer ap and store it on a memory stick in case this happens to any of you and you can't get on line. By the way, it effects all versions of windows and can get round most AV packages. |
|
|
|
Post by Lynnrose on Jun 20, 2011 19:27:39 GMT
Thanks for the head's up MM x
|
|
|
|
Post by johnnyangel58 on Jun 23, 2011 15:41:12 GMT
Hi mm I too had this false virus and boy it looked more like an official msn warning than msn itself does. The loop just kept going round click on this then trying delete then freeze, the way I got rid of it was to run Malwarebytes from my memory stick and luckily it opened up fully and after a full scan it got rid of about 15 nasties, then it was fine.
Tho this week I got done again by looking at some Torchwood images online and my whole system threw a wobbly cor blimey I had to run everything on full scan before I got it clean again and reboot, but it took about 5 hours before I had it ok again. Twice in about 3 weeks wot have I done to deserve that lol
Chers,
John
|
|
|
|
Post by pluckyfilly on Jun 23, 2011 21:41:38 GMT
YEP was just to ask about this as I had serious problems today and couldnt get past this window (Fake internet security infection) my son is also infected and my neighbour to, thanks for the link. I had a friend help me but I was trying to help my neighbour and my youngest son with this problem and I cant get past this wretched window on their machines. Will make a note of the URL thanks and pray it does the trick - thanks for this information.
Ann
|
|
|
|
Post by Lynnrose on Jun 26, 2011 20:44:47 GMT
MM, just had a phone call from my son...guess what, he has the same virus.
It is rife this week.
So he will be bringing the laptop to me to fix, so thanks again for the link 
|
|
|
|
Post by tuesdaymine on Jun 27, 2011 14:58:38 GMT
I also had this and to me it look very real, also asking me to forward payment so they could rid PC of these virus's.
PC completely froze on every think i tried, even from doing a full scan.
I panicked and took lappy down PCW, they explained that the message itself was the virus, so i paid the guy £15 for him to run a full scan.
Alls OK now, but it looked very genuine to me.
Tuesday
|
|
|
|
Post by Angelstardust on Jun 27, 2011 16:10:49 GMT
It does look very genuine. I had problems even doing a system restore, but once I did I could clear it out (fingers crossed).
|
|
|
|
Post by movieman36 on Jul 17, 2011 11:31:20 GMT
Glad you people have managed to rid yourselves of this scourge. Make sure you download and keep on a memory stick both the little app I posted and a nice new clean version of Malwarebytes, that way, if it strikes again you'll have the tools to deal with it.
Movieman :-)
|
|
|
|
Post by Pete on Jul 18, 2011 10:40:11 GMT
Thanks MM, very nice bit of help for all of us.
Pete.
|
|
jiff1
Full Member
Posts: 157
|
Post by jiff1 on Jul 18, 2011 17:45:52 GMT
Thank for the info. very helpful.
However, I have tried to install 'Secunia PSI' but seem unable to do so. I get as far as the 'please wait while Network connectivity is verified' but nothing happens although it appears to be seeking a connectivity.
I've reloaded several times with the same result.
Any suggestions?
|
|
|
|
Post by movieman36 on Jul 18, 2011 19:07:59 GMT
Have you downloaded and run the FixNCR.reg file from the link I posted above? Then run the Rkill app then once you have control again (the rogue app will still be on your computer but crippled) then run Malwarbytes to clean it out. Print out the detailed instructions in the first link and follow them.
|
|
