Forums » Off-topic discussion » Nasty computer virus is running amok « 1 2 »
  • EastCoastMojo

    April 26, 2011 1:42 p.m. EastCoastMojo SuperDork

    Just wanted to give a heads up to all GRMers, my IT guy notified me yesterday of a nasty virus that's making the rounds. This is a very convincing pop up that says a virus has been detected on your computer click here to fix it. We've all seen those before and I started to dismiss his warning with a "I would never click on that" but he insisted that this one looks very much like a windows security essentials window and several of his clients clicked on it. This particular virus relocated the files on your computer, so in addition of getting the virus off there you are also faced with the daunting task of locating all of those files, and they apparently go EVERYWHERE.

    This morning I got the pop up and let me tell you it looked VERY CONVINCING. I almost clicked on it. I could hear the hard drive activity starting after the window popped up. If you get the pop up you should not even click on the red X to close it, you have to pull up the task manager and shut down from there. Clicking anything on the screen will initiate a download.

    Luckily I had the heads up, I wanted to pay it forward. Happy surfing!

  • Woody

    April 26, 2011 1:46 p.m. Woody SuperDork

    Tell me more about this Task Manager...

    Cars, I know. Computers, not so much.

    I lift things up and put them down.

  • slefain

    April 26, 2011 1:56 p.m. slefain SuperDork

    I got hit with this one a few weeks ago. Major pain to hunt/kill.

    Lorem ipsum dolor sit amet, consectetur adipiscing elit.

  • Duke

    April 26, 2011 1:58 p.m. Duke SuperDork

    In Windows, hit the "Vulcan Nerve Pinch" of Control, Alt, and Delete keys together. This will bring up a dialog with a few options to choose. One is Task Manager. Using the Task Manger, you can force the computer to quit any particular open programs without having to make them active.

    Junior Brown is my hero.

  • 914Driver

    April 26, 2011 2:08 p.m. 914Driver SuperDork

    I got it two months ago.

    Got a new laptop six weeks ago.

    DOA.

    BMW -- You don't need a hibachi to cook rice.

  • dogbreath

    April 26, 2011 2:28 p.m. dogbreath New Reader

    If you get the virus you can start your computer in safe mode (mash F8 a few times after the single 'beep' when you first turn it on) and run the Windows Malicious Software Removal Tool or MalwareBytes or some other trusted malware remover to deal with it.

    Don't search for 'malware removal' or anything like that because the first results on any search engine will be more scams.

  • MA$$hole

    April 26, 2011 3:10 p.m. MA$$hole Reader

    This is why I love owning a Mac

    2008 Civic Si sedan (torqueless wonder). 1988 Starion ESI-r (toy)

  • wbjones

    April 26, 2011 3:20 p.m. wbjones SuperDork

    what he said

    understeer: when you hit the wall with the front end,,, oversteer: when you hit the wall with the back end.... horsepower: how hard you hit that wall.... torque: how far you drag that wall

  • rob_lewis

    April 26, 2011 3:59 p.m. rob_lewis Dork

    MA$$hole wrote: This is why I love owning a Mac

    Yeah, what's the point of writing a virus when the company's willing to screw it up for you.....

    (From an iPad owner that has NEVER seen a "software update" not blow the machine away and watched Apple updates kill his son's Mac Mini on several occasions...)

    -Rob

    "I berkleyed up the kink!" My 8 year old after losing a race by .025 seconds.

  • AquaHusky

    April 26, 2011 4:00 p.m. AquaHusky Reader

    This is why I run Linux. Which is safer than even a Mac. Macs can get a nasty virus, but, no one cares to make them. Not as fun as a Windows virus I guess?

  • pstrbrc

    April 26, 2011 4:00 p.m. pstrbrc New Reader

    Huh. Macs are for sissies.

    UBUNTU RULES!!!!!!

  • Toyman01

    April 26, 2011 4:05 p.m. Toyman01 SuperDork

    No one wants to take the trouble to write a virus for 4.3% of the computers sold.

    I had a similar situation a few months ago. Malwarebytes and AVG took care of it without too much drama.

    The voices in my head may not be real, but they have some good ideas!

  • Toyman01

    April 26, 2011 4:05 p.m. Toyman01 SuperDork

    Thanks for the heads up Ms Mojo.

    The voices in my head may not be real, but they have some good ideas!

  • Grtechguy

    April 26, 2011 4:54 p.m. Grtechguy SuperDork

    Combofix.exe will remove it. I run into it often with clients

    Would rather be riding my Bi-Valve lnterior Combustion Twice-Exhausted Bi-Axle Nitro-Cycle

  • mtn

    April 26, 2011 4:57 p.m. mtn SuperDork

    Does anyone know what it is called? I think I got it this morning, and I think that I probably clicked the red-x.

    Will ad-aware take care of it? And GRtechguy, more info on Combofix.exe?

    Anytime somebody tells you that vodka mixes well with anything, slide them a jar of mayonnaise and tell them to practice what they preach.

  • Twin_Cam

    April 26, 2011 5:29 p.m. Twin_Cam SuperDork

    What's a virus?

  • Curmudgeon

    April 26, 2011 6:26 p.m. Curmudgeon SuperDork

    It calls itself Win 7 Security Update. The kid downloaded it onto her laptop Saturday, I was up till midnight getting rid of it and it popped up again yesterday. Dammit. She and the computer are at gramma's this week, I guess I get to do battle with the damn thing again next weekend. My computer guru told me how to get rid of it through Safe mode using Malwarebytes and something else: the latest version masquerades as a Java update window and there have been instances of it showing up as an Adobe version as well. So be REAL careful.

  • JoeyM

    April 26, 2011 6:36 p.m. JoeyM SuperDork

    pstrbrc wrote: UBUNTU RULES!!!!!!

    I don't get religious disscussions about OSs anymore, but in this case, I'll agree with you. I picked up a similar virus to the one described above, except that it was worse....the data was still on the drive, but it was inaccessible under windows.

    Ubuntu saved the day. I could still mount the drives and read the data, so I used it to copy everything onto a new hard drive. More info here: http://grassrootsmotorsports.com/forum/off-topic-discussion/recovering-data-from-a...

    (BTW, if I was going to get into an OS war, I'd say OpenBSD is more secure than Linux. )

    Curmudgeon wrote: there have been instances of it showing up as an Adobe version as well. So be REAL careful.

    That's the variant I was dealing with....Like I said, it "locked" the hard drives (as far as windows was concerned.)

    914Driver: "Except for us {GRMers} who the hell would build a 1932 Japanese car?"

  • JoeyM

    April 26, 2011 6:38 p.m. JoeyM SuperDork

    Twin_Cam wrote: What's a virus?

    A nucleic acid core, with a protein capsule around it. Possibly a membranous envelope from the host cell. If it is a retrovirus it will have the enzyme reverse transcriptase packed inside with the core.....never mind.

    914Driver: "Except for us {GRMers} who the hell would build a 1932 Japanese car?"

  • MCarp22

    April 26, 2011 6:46 p.m. MCarp22 HalfDork

    JoeyM wrote:
    Twin_Cam wrote: What's a virus?

    A nucleic acid core, with a protein capsule around it. Possibly a membranous envelope from the host cell. If it is a retrovirus it will have the enzyme reverse transcriptase packed inside with the core.....never mind.

    The punchline of that should be "but that's not important right now"

    Mike Carpeter - 1991 Miata base

  • April 27, 2011 5:44 p.m. spitfirebill SuperDork

    Curmudgeon wrote: and something else: the latest version masquerades as a Java update window and there have been instances of it showing up as an Adobe version as well. So be REAL careful.

    Oh E36 M3

  • April 27, 2011 7:42 p.m. 93gsxturbo HalfDork

    Good news is most of them can be fixed by running the recovery console through the command line.

    DOS saves the day again!

  • Slyp_Dawg

    April 27, 2011 7:51 p.m. Slyp_Dawg HalfDork

    I've had those rogue anti-spyware/anti-malware viruses a time or two between a few different computers, and after a day or two PER COMPUTER to root out the little piece of E36 M3, I have come to the conclusion that the guy who wrote that particular code deserves to go straight to hell. he does not get to pass "Go" and he most certainly does not get to collect $200. berkleyers, the whole stinkin' lot of 'em.

    oh, and +eleventybillion for Malwarebytes, I'm just about convinced that program can root out any malicious bit of code known to man

    "We are on the cutting edge of cocking about" Richard Hammond

  • Travis_K

    April 28, 2011 1:26 a.m. Travis_K Dork

    I made $20 getting rid of it for someone once, I used microsofts process explorer to kill it (you have to rename it to iexplore.exe or something to get it to let you run it), then once the program (virus) is no longer running, malwarebytes will get rid of the bad files. It could have gotten more sophisticated since then, but that worked when I did it.

  • cwh

    April 28, 2011 12:21 p.m. cwh SuperDork

    Can we just send him our viruses? Huh, please?

« 1 2 »  

You'll need to log in to post.

konicms
Moroso
CMS Ad Dept

Birthdays

Yes or No

What’s your favorite British sports car?

Triumph

45%

MG

13%

Austin Healey

19%

Aston Martin

3%

Jensen / Jensen Healey

3%

TVR

13%

Morgan

3%

Check back soon for the next poll. View all polls