[DerbyX]

I think a thread that deals with specific viruses/worms/trogans and how best to handle them.

Just recently I was bouncing from this site and my Facebook account. Might a clicked a few links on either when suddenly I was kicked off the net. I couldn't go back on nor use any other program except crt-alt-dele and the option to shot down a restart. Tried many different thinks and eventually was able restore my computer to yesterday.

Don't know what I hit or how I hit it. It kept bring up an official looking microsoft windows virus scanner which was little more then a movie since no option worked execept the directions to the payment screen.

A file search kept showing epy.exe ... I don't know if its fully gone ore why it suddenly took over???

[CommanderSock]

Yes I've dealt with this one before.

Run Spybot Search and Destroy to remove the virus. Also run Malwarebytes to make sure it's gone.

[BartSimpson]

Hi Derby - Spybot is a good choice and it's good advice. But to get things started go to Start > Search and run a file search for *.exe with the date parameter of the past day or so. Delete the files that show up **unless** you've run Microsoft patches and then do not delete anything that installed to a Microsoft program folder. You can tell the bad stuff by hovering your cursor over the .exe to show the description. The description on the evil stuff will be in Chinese or Russian.

After that, run Spybot to clean up the balance.

I've been seeing this spyware/scareware 3-5 times a week at the agency I work for.

[Yogi]

I just got nailed with this one on Saturday. 2nd time in the last few months.

Nothing worked!

Finally found my own simple fix.

reboot; as this starts, keep hitting F6 (XP) or F9 (Windows).

'Start in Safe Mode' Go to restore and go back a couple days. That's it!

Then do a complete scan.

[CommanderSock]

BartSimpson BartSimpson:

Hi Derby - Spybot is a good choice and it's good advice. But to get things started go to Start > Search and run a file search for *.exe with the date parameter of the past day or so. Delete the files that show up **unless** you've run Microsoft patches and then do not delete anything that installed to a Microsoft program folder. You can tell the bad stuff by hovering your cursor over the .exe to show the description. The description on the evil stuff will be in Chinese or Russian.

After that, run Spybot to clean up the balance.

I've been seeing this spyware/scareware 3-5 times a week at the agency I work for.

I think it might a java exploit, had a java app running in the background when this one slipped. It made it through 2 times actually, right past Avast.

Also the 2nd time there was an activex script.

I've stopped using mozilla FF 4 as both times it slipped through it was from mozilla FF 4.

[Regina]

For you to start with run Malwarebytes in safe mode.
I run the quick scan at least every week and the full scan at least once a month. It's picked off a few and I'm not sure where they came from and although my computer was running fine it deleted them. I also run a full scan if anyone else has been on my computer for anything.

[Curtman]

Thanks for the trip down memory lane.. Now I remember why I got rid of Windows.

[BartSimpson]

Curtman Curtman:

Thanks for the trip down memory lane.. Now I remember why I got rid of Windows.

Blaming Windows for viruses and etc. is like blaming Toyota because their best-selling Camry is the #1 car stolen by thieves.

Think about it.

[Curtman]

BartSimpson BartSimpson:

Curtman Curtman:

Thanks for the trip down memory lane.. Now I remember why I got rid of Windows.

Blaming Windows for viruses and etc. is like blaming Toyota because their best-selling Camry is the #1 car stolen by thieves.

Think about it.

Yep. Being the weakest link in the chain is not for me.

[herbie]

TIP: most of the previous suggestions won't work once it's got in. It kills your ability to run .exe files and do automatic updates.
Download Malwarebytes from another computer onto a stick. And MSoft's Update Fix Tool
Rename mbam...exe to mbam.com and copy it to the desktop, then it will run.
Update it, run it. If mbam doesn't update, run it get what you can, reboot in safe with networking, update run again.
Then run the Windows tool to fix your auto updates.
This week it's coming mainly from email attachments and infected music downloads.

And get rid of your System Restore - it's just another place to hide viruses. If you really want turn it back on after and set it to 2% diskspace, save a restore point as "DateOK"

[monkeyboy]

I'm coming pretty late to this thread, but for the future I highly recommend installing Microsoft Security Essentials. It's easily the best free antivirus software.

Oh, and like Yogi said: Starting your computer in safe mode is always a good first step. You can then scan your drive for any malware, etc. while it's inactive.

If you're new to this whole thing, think of it this way: You should maintain your computer like a property maintenance expert would maintain your home. If you let things go for too long (in this case, virus scans), then it will be significantly more difficult to restore you computer. This also applies to maintaining your hardware, like cleaning your case every few weeks.

[Wada]

Would any of you guys recommend a "Sandbox" application like Sandboxie?

[desertdude]

Only benefit of being behind a ISP firewall to censor the net is that it keeps majority of the junk at bay aswell. Plus I have AVG set on scan daily at 4.00pm. Ever since I've been running that, been around two years now I think, I never had a problem.

[OnTheIce]

Yogi Yogi:

I just got nailed with this one on Saturday. 2nd time in the last few months.

Nothing worked!

Finally found my own simple fix.

reboot; as this starts, keep hitting F6 (XP) or F9 (Windows).

'Start in Safe Mode' Go to restore and go back a couple days. That's it!

Then do a complete scan.

It's actually F8, not F6 for those trying to boot into safe mode on all Windows versions.

[herbie]

And being simple it works in about 5% of cases.
System Restore is one of the first place most viruses go to hide. So scan again afterwards.
The ones I see the owner knew something was wrong but they just had to exchange these so f'ing important pictures of their one year year old ramming his head into his birthday cake with every friend on Facebook for two more weeks. Until every contact they have is infected and their system is completely fubar'd.