[Closed] HELP...Virus!!

Microsoft Security Essentials?
What AV do you have?

Cougar is your man, apparently he was found guilty of crimes he didnt commit but escaped to the L.A. underground, not sure he is still wanted by the government but if no one else can help and you can find him ..............

a few of the AV makers offer online scanners - try googling "panda online scan" or eset online scan

(you might need to run the pc in safe mode with networking but I don't know much about it - what you need is a grown-up computer person to help. If only we had any at all on here 🙁 )

Don't do online scans!

Have you googled for how to remove this thing? What are the symptoms? Is it one of those ones where every webpage gets redirected to the same page?

molgrips - Member
Don't do online scans!

She has googled how to remove yes and it comes up with lots of solutions but they all want to charge for there services! though we have now found a couple that say they are free so are waiting to here back from people on here before we go ahead and try one of the so called free removals!

The symptoms are that it says her AV is out of date and the system is at risk of being attacked and they are trying to get us to pay to prevent that happening and no matter what she try's it just keeps popping up with the same messages all the time! she says her AV is up to date and when we google it seems the virus is quite well known!

Am thinking just go buy a new lap top as she has had this one for a number of years now!

Buy a new laptop?

Do you replace your car if it gets a flat tyre?!

Laptops don't get slow over time - Windows does. Just restore it from the recovery partition if it's playing up.

it says her AV is out of date

Where doe sit say this? Is it an internet explorer pop-up window? Or is it some other message?

[i]Am thinking just go buy a new lap top[/i]

😯

Cougar will confirm but I'd go on one of the reputable AV sites on another pc (Avast/MSE/etc) and use their tools to create a boot cd/usb stick with an AV on it.

Boot from the cd/usb stick and clean the laptop from there.

Alternatively go along to your local computer shop and they'll probably do the same for £25.

You really don't need a pc and I suspect from what's been said there may stuff on there she hasn't backed up so you'll need to get that off without infectign wherever it's going to.

System restore to a restore point a few days ago might help, although it's not guaranteed.

EDIT: Searching 'Disc Anti-virus Professional Malware' seemed to throw up a few reasonable-sounding ways to get rid.

If you feel out of your depth then it may be worth buying some decent AV and Firewall security?

I use and rate Comodo's suite of products. Its about $20 for a year's subscription and they have online remote assistance with a thing called Geek Buddy and they can help fix you up. Often when you try to install AV systems or removal tools when you are infected the virus works to prevent you from doing so and unless you are really savy it can be a bit boggling.

Download and burn this to a dvd or put on a usb stick: [url= https://support.kaspersky.com/viruses/rescuedisk ]https://support.kaspersky.com/rescuedisk[/url] boot from it (usually f9 to choose boot options) enable networking, let it download latest definitions and then run it (takes a while) should remove all that cr*p. All Free.

[url= http://downloads.malwarebytes.org/mbam-download.php ]Malwarebytes[/url] is your first port of call, if it will install. Download it on a clean machine and copy it to a USB stick.

Cougar can i download this from my mac onto USB then insert USB to PC and download onto infected PC/Lap top? Will it matter that i a have used a Mac?

Fingerbike thanks for your input will try that next should this not work and thanks to everyone else for there input!

right forget what this lot say go see somebody and pay them to fix it 🙂

OK Cougar in turns out she has already installed Malwarebytes but they are asking for a fee and we are trying to avoid paying to remove, what next please? if i need to pay i will but would prefer not too!

Download and burn this to a dvd or put on a usb stick: https://support.kaspersky.com/rescuedisk boot from it

That sounds like a good idea, as if you are booting from the USB stick then it doesn't matter how buggered your system is, it'll still work.

OK Cougar in turns out she has already installed Malwarebytes but they are asking for a fee

Malwarebytes is free.

Thanks for that mikewsmith that would be my last resort but going to try and see if i can remove myself with a little help from these guys on here

molgrips not sure what you are saying there, is it a good idea to try what fingerbike suggests or not? with regards the USB?

OK molgrips thanks for tip with regards Malware, we now have it running so will be interesting to see what happens! any idea how long it takes and what i should expect at the end of it? Hopefully a virus free lap top!

if it's asking you for money it's still the original virus.

As above, get Malwarebytes on a usb stick on a sifferent pc and boot from that rather than the laptops hard drive.

yeah I was thinking the last resort is coming close 🙂

not sure how Kapersky rates these days but getting some fresh AV in there is the key. Read the info on their site first and print off any instructions.

I have rescued stuff with avg free and others, better to use a CD if you can as it can't get infected back if it goes wrong.

Yup.

When it completes, it'll save a log (opens in Notepad). A copy of that text would be helpful.

is it a good idea to try what fingerbike suggests or not?

Yes. However if you've managed to download and install malwarebytes the usual way, then it should be ok.

Once again guys thank you for your help so far.

Having to pop out for a couple of hours so will leave the Malware to do its thing and see what happens when i return.

Cougar will get you a copy once it has gone into notepad..thanks

The very first result on google for the name of the virus is a detailed step by step removal guide.

http://malwaretips.com/blogs/remove-disk-antivirus-professional-virus/

And yes, all free.

OK guys it looks like the Malware has sorted the problem but says we only have 13 days left of its use?!

What do you guys reckon we should have as security for this Lap top in the future? once again not really wanting to pay if possible!

Cougar i hope i have sent you a Email with what you requested! lol

MBAM is free, but there is a paid-for 'pro' option which you don't need.

I'm going to write a blog post or something about Windows security as this is a common question. The short version is: safe computing practices, software updates, AV (in that order).

I've got your email ta, will review it shortly.

Right.

You have - or have had - a Virtumondo infection and the 0Access rootkit (and a bunch of other stuff).

As a minimum, I'd run [url= http://vundofix.atribune.org/ ]Vundo Fix[/url] and TDDSKiller (see the excellent post by "MrCharlie" [url= http://forums.malwarebytes.org/index.php?showtopic=115373 ]here[/url]).

However, given the severity of the infection and the nastiness of the payload, I would give serious consideration to backing up anything you want to keep and then wiping the lot and rebuilding. Note that 0Access can compromise personal details; I'd suggest changing passwords for any websites you've logged into recently, particularly bank and email accounts. [b]Do this on a clean machine![/b] If you've used internet banking or bought anything online I would also, seriously, review your bank balance and recent transactions for malicious activity.

Thanks for that cougar we have now changed all passwords on a clean computer and so far so good with no unauthorised transactions! And we will take your advice and do a complete clean up of the Lap top.

Thanks so much for your help on this matter and fingers crossed that is the end of it!

Cool. No worries.

Most modern laptops come with some sort of 'restore factory defaults' option; the last one I did you'd to press F3 on bootup, but this will vary between manufacturers.

Wow, you were done pretty good!

the last one I did you'd to press F3 on bootup

Northerner!