So I was looking at a computer at work yesterday for a friend because it was infested with a Virus disguised as Anti-Virus called XP Anti-Virus 2008 (http://www.xp-vista.com/spyware-removal/xp-antivirus-2008-removal-instructions-xp-antivirus-2008).

It stops you from installing Norton, McAfee, AVG and others. It pops up and disables your screensaver and wallpaper. You won't be able to access them! I used my flash drive (Corsair Survivor 32GB; the one I reviewed here at TBCS) to install Avast and Adaware with no success. Needless to say, I was unable to fix it.

Today I wanted to update my daughter's computer. I put my flash drive in and Boom! she had the virus too!! Unknown to me it hitched a ride from the infected PC I looked at earlier.:mad:

I ran Avast!, AVG, Adaware, and spybot, but nothing worked.

After a couple of hours of research I discovered MalwareBytes (http://www.malwarebytes.org/). With a quick 3 minute scan it found and removed the virus. I rebooted and everything was back to normal:up:

Next, I ran a scan on my flash drive and deleted the trojan. Then My flash drive stopped working all together. I had to reformat my Flash Drive and reload all my backed up files.:hurt:

What have you experienced?

Heh, this is just after i got a virus on my mom's pc. It hiijacked the web browsers, making all major search engine results(google yahoo live search etc) redirects to ad sites. It blocked access to all ways of getting an antivirus(and even if you found a site it didnt block, it corrupted all downloads so they wouldnt load.Then it didnt let you open notepad(to prevent you from changing system text files it had edited) We were afraid to back up all the stuff to a usb drive and reformatting because the virus could spread to the external drive(as had happened to TGS) So my mom ended up paying mcafee $90 to remotely access her computer and get rid of the virus. The computer is working fine, all is well, but now im never even aloud to touch that computer again.

Want virus-ville? Come to my uni, your flash drives will have a 95% of being infected. I notice the viruses because it writes 2 system hidden files, one of them being autorun.ini. (btw TGS, that's what was 'wrong' with your drive).

I was at a lan party. Everything was going good. Long night of killing folks in CoD4. Well we all camped out and went to sleep. Couple of the guys stayed up late. I wake up the next morning adn check my email and the computer is going crazy. I look down at the bottom and now have 143 IE windows open. Apparently my anti virus got shut down while I was gaming cuz off some error that casued the game to crash. Well I was feeling froggy so i did a scan of the network we were on. Then i found it. When someone at the lan is abusing the 10mb pipe and downloads 5gb of pron from bearshare and then plays in everyones shared drive for music and such it results in a bad day. We found the system that casued it all after teh fact. Total infections on my rig was 3576. I was the system with the least infections. We later got even for that.

Holy crap!:eek:

My Dad picked up that XP Antivirus 2008, its quite the buggar.. but I gotta say Google is your friend.

(Google search for "Antivirus 2008")

http://www.google.com/search?q=antivirus+2008&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

The top 7 hits are how to remove it.

I picked the BleepingComputer.com link, mainly because they are one of the best forums for virus, malware, spyware stuff, and had him fixed up in about 15 minutes.

At our office we are always running into this stuff, mainly because our managemnet staff talked our senior staff into making us give them local administrator rights on their PC's. Slowly we are demonstrating through these viruses why they shouldn't have local administrator rights on their PC's. :D

I highly recommend Bleepingcomputer.com if you run it problems in the future.

I went to Bleepingcomputer.com and even joined the site to get what I needed. I just felt that their site is confusing and difficult to navigate. I did try the manual removal at first, but it was far too extensive. I like it easy. Problem with searching via Google, Yahoo, etc. is that when you search for "Anti-Virus 2008" you get lots of hits from places saying that they can remove it with no real evidence that they can. Finally I went to Microsoft's site and did a search. Several forums are linked to them and that's where I found MalwareBytes.org

I had testimony from those forum members whose systems it worked for and peace of mind in knowing that the FREE version is what they used.

Well you did end up in the right place.. as far as I know.. Malwarebytes Anti-Malware is just about the only scanner that will remove it automagically! And I agree the manual process is quite lengthy. I just don't understand why the other AV guys haven't put something in their products to fix it yet or even detect it! It's been around for the better part of a year now.

I guess for some people it's a HUGE problem, and for them a non-existant one.

I've been lucky so far--not a single virus. Ever. Been surfing the internet since its' public debut as well. However, that's not to say that I haven't had roommates who've been hammered by viruses. One of my former roommates picked up a virus similar to the one TGS got a few years back. Here's the kicker: his laptop didn't have a wireless connection, so he went and bought a PCMCIA wireless card. Installed went flawlessly, and within five minutes his machine was infected. Severely infected.

All from some shady pr0n site.

All told, I think he spent a good $150 getting it fixed--took the tech a bit longer than he anticipated to fix it.

I thought all of those sites were shady....

You've been to the wrong ones!

I got infected with win.love.32 a LONG time ago, i used magic bullet to get rid of it (Mcaffee now owns that and nolonger make it)

Then earlier this year, i reinstalled my laptop and lost my install backups, so i relucetnly ent online to download some form of antivirus, somehow a virus got into the antivirus installer and infected my machine, the AV didn't see it, and any of the onlne scan systems i went to didn't work, in the end i reinstalled again and downloaded AV on another machine and did it that way.

also one guy at work this week told me he "Uninstalled my Antivirus because it slowed down my PC too much, it went blisteringly fast until yesterday and now its slower than when i had antivirus, also i can't install it anymore!"

Sounds like he's got a virus....

I actually don't have Anti-Virus on my desktop because I got fed up with it all, although I'm most likely going to install Malwarebytes Anti-Malware.

I had mentioned this thread to my coworker who pulls the day shift and he was reading and got a good laugh(he was at the lan party too). Then he reminded me of the worst on ever. I had totally forgotten baout it as it sucked so much I blocked it from memory. See we both worked together at the call center I worked at. He was IT and I was his assistant and the assistant to the telecoms guy. Weel there was another man by the name of Shackleford who we deemed shacklenuts. This man was notorius for killing the network and to make it worse he was the senior admin over us. I mean he gave of a field or some crap. there were days he would walk into the building and the network would die. Any how our favorite msblaster came down the line and it hit the 600 seat call center like a bag of wet crap. We got the email to patch the antivirus server we had. So we go in there and start the update and it didnt go. Some douche had brought a usb memory key from home so he could listen to music at work. This is a big no no. He then plugged it into a computer on the call floor and it fired up with an autoexe. Lo and behold it spread through the network like wildfire. It hit everything inclucing the main servers. We scrambled and and pulled 2 guys to help becasue we had to MANUALLY PATCH EVERY COMPUTER IN THE BUILDING. Needless to say this sucked and took 9 hours. This happened at 10pm and we closed at 11pm. So here we are proud we defeated virus at around 7 am the next morning. So we go grab a cigarette and some coffee. As we are sitting there we hear this furious knocking on the window and turn around to see one of the managers holding a peice of paper to it with SHACKCOM 5 in big letters which meant his dumb a** was in the building and going to the server room. We get in and there he is in the server room with a cat5 cable from his laptop right to the switch rack. We panic. But we were like everything is running, were alive, things are alright. I glance over my shoulder as I hear a user say "I think there is something wrong with my computer." as her screen along with everyone else in the building gets a popup and then the systems start shutting down. He brought in the variant of msblaster that came out a few hours later that the patch was still in the works. So here we are 7am the doors are open and people are on the phone doing tech support and then everything dies.Again. I spent the next 9 hours repatching all the systems in the building. To make things even better we reported him as the cause of the outage which reulted in a investigation. Turns out his entir career was a sham. The MCSE cert # he gave them was some random guy. He never passed his certs or anyhting. He had actually stole part of the guys identity just to ge tthe certs for it. He was fired on the spot and walked outside of the building. He thought he was scott free until he made it to the front door and seen the cop car. Needless to say I went home and drank like a fish for the next 3 days.

Computer Viruses in Outer Space!


Astronauts aboard the International Space Station (ISS) took some time to update their orbiting laboratory’s antivirus software to ensure their laptops are safeguarded against intrusions like one caught in July.

The updates were aimed at ensuring the space station’s computers continue to quarantine viruses like W32.Gammima.AG, a Windows-based worm detected and properly quarantined in the outpost’s computers in late July. The low-risk virus, which is designed to steal passwords for online computer games, was first reported on July 25 after being detected by the station’s protection software. It did not infect the station’s command and control computers and posed no threat to the orbiting lab, though NASA engineers were hoping to find out exactly how the virus reached the station.

Via: LiveScience (http://www.livescience.com/blogs/author/tariqmalik/)

*snip snip*
HOLY CRAP! That's one hell of a story... but still... wow.....

I have a nice little VIRUS in my throat ATM.... 1 of the only kinda virus you cant get rid of.

It's pretty funny, my Father-In-Law hit that same @#%^ Anti-Virus - Virus. It was a royal pain, it's not the worst I have ever seen. For example it prevents the installation of anti-virus based on a file name blacklist, so just using them with a different name by-passed it to some degree.

Just wanna give a heads-up. If you are looking for an anti-adware program, particularly AdAware, a program called "No Adware" comes up in the search. DO NOT download this, it is a virus.

EDIT: In other news, I have had a few viruses that just killed my PC, lol. I had one that wouldn't let me even reboot my own computer and it screwed with all my programs so that when I would try to open them it would say "Program is not a valid System32 Application." I've had others that have just totally screwed over Windows too.

I turned my daughter's computer on yesterday night and the virus was back. I'm pretty sure I got it this time.

I had to manually delete some registry entries too.

my dad just got that virus, he has managed to contain it (He Hopes) he's dissconnected the server the other night to prevent it getting that far.

Has anyone ever heard of "Darksma"? My fathers laptop is infected with it, anyone know how to get rid of it?

heh ive had to deal with a few for clients... but nothing really terrible... heh i got this wicked solution..... no its not an AV.... or a anit malware of any sort... wait for it... wait for it.... yes.. you all know what is coming... LINUX!!! MUAHAHAHHA..... sorry im a penguin fiend... :D

I just got this wcs.exe thing on my machine. Is that what XP Antivirus 2008 is? It came up just like some kind of antivirus.

I could not get my machine into safe mode with F8 because I have a USB keyboard. The USB works once the machine loads software, but I can't get into the BIOS because that keystroke is detected before the software loads. I just foolishly gave away my extra PS2 keyboards and other PC junk.

I booted up with a Bart's PE disk and removed the wcs and iebtm executable files. Now the machine can't get on-line or read a USB drive. I'm going to try to do a repair install tonight. If that doesn't work, I'm just going to try and pull all my data off the drive and start over.

You try a system restore to fix your settings?

heh ive had to deal with a few for clients... but nothing really terrible... heh i got this wicked solution..... no its not an AV.... or a anit malware of any sort... wait for it... wait for it.... yes.. you all know what is coming... LINUX!!! MUAHAHAHHA..... sorry im a penguin fiend... :D
http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses

Enjoy. :P

lovely!

I use linux on my download machine as it is LESS PRONE to virus's, not immune like some people think, just less prone, it still has AV, and uses the same database as the windows one aswell as its own linux database, so i can scan any files before they get moved to a windows machine.

I dug out an old 13 GB disk that I haven't got rid of yet and installed Ubuntu. The Bart PE disk I had would not run my USB drives, so I gave Linux the opportunity to help. I managed to get all of my Quicken data off of the Windows disk.

Ubuntu is pretty nice. The orange color scheme for the login is kind of ugly in my opinion. I've only used Red Hat, Monte Vista, and CentOS at work. Ubuntu worked without all the usual work required to make the sound and other things work properly.

If it weren't for Quicken and a few video games, I would probably just keep using Ubuntu.

I keep meaning to try my copy of Linspire out

I could not get my machine into safe mode with F8 because I have a USB keyboard. The USB works once the machine loads software, but I can't get into the BIOS because that keystroke is detected before the software loads. I just foolishly gave away my extra PS2 keyboards and other PC junk.


You need to enable "USB Legacy Mode" in your BIOS.

-Dave

My friend called be up and said that she had a virus on her computer and I asked "what did you do to the anti virus I put on?" "Well I deleted it" she said. It turns out when I got to her house she had the same virus as you TGS because she didn't like avast so she deleted and some how with out either of the people in the house downloading it the virus ended up on the computer. I ran the malware thingy and put it on strongest settings and in about 2 hours worth of running it found 190 viruses.

So +rep for the find TGS

heh i wasnt sayin there is no viruses for linux.. that would be foolish.. but he chances of them r slim to nill.. can ya find a list of all windows viruses??? i unno.. would prolly overload your computer crenn... if so tho.. lemme see. heheh... i would rather run an OS without a HUGE chance of catchin a virus the second you plug it into the net..

heh i wasnt sayin there is no viruses for linux.. that would be foolish.. but he chances of them r slim to nill.. can ya find a list of all windows viruses??? i unno.. would prolly overload your computer crenn... if so tho.. lemme see. heheh... i would rather run an OS without a HUGE chance of catchin a virus the second you plug it into the net..

I've run vista with only the stock firewall for a while and haven't had a problem ;)

If you know what you're doing, you don't need anti-virus. Also, why write viruses for a minority (at this stage) of the computer market? ;P

If you know what you're doing, you don't need anti-virus. Also, why write viruses for a minority (at this stage) of the computer market? ;P

crenn, you might have some kind of malware on your machine without even knowing it unless you do not access the internet at all. What you think is a reputable website might put advertising on it that gives you junk.

I do run a scan every month with good virus detection ;)

Also, I have yet to see a vista computer with a virus :P

So +rep for the find TGS

No prob!

i have seen a vista PC with a virus,

also List of windows virus' (http://en.wikipedia.org/wiki/List_of_computer_viruses)

When i had windows 98 i didn't use a firewall, when i have XP i disable the firewall, same in vista, i used a hardware firewall, and strangly when i do an attack check i get the same result as with the firewall, or any other 3rd party firewall.

What 'attack' check do you use?

the online check from mcafee and Sygate(Now Norton)

I did at one point have my own firewall but i've lost it and cba to re-write it

Edit:
Currently running Windows XP SP2 on wireless behind a router,
did a test at:
https://www.grc.com/x/ne.dll?bh0bkyd2
Passed with flying green colours!
Every test failed (Or Passed in a good way)

Ran that, and I passed with flying green!

Althought it could be the cisco hardware firewall ;)

did i mention i only had a hardware firewall and the windows firewall when i did that test

My PC passed everything. I am using Comodo Firewall, which apparently is working very well.

Comodo Firewall annoys me.... I set an exception (rule) and it doesn't work.

I passed too.

For everyone, I highly recommend you download Advanced Windows Care V2 from Download.com.

http://i406.photobucket.com/albums/pp143/TheGreatSatan/awc.jpg

It tests your security vulnerabilities and fixes them for FREE. This is one of the best programs I have found in recent times and I give it to every one of my customers. A+

Downloading it now. Thanks dude.

It's so worth it.

I have it running right now. Seems like a pretty thorough utility.

When it finds problems with start up management, uncheck the ones you do not want to load with windows. The others click on once to highlight then on the left side choose "Add to Ignore List". When you're done click apply at the bottom and OK.

TGS

Aight, I ran the scan and fixed a TON of things. I also checked the start up stuff and unchecked a few things I really don't use. Sweet App. :D

I bet you had over 30,000 vulnerabilities!

I did, lol... and I immunized them all!

I've never had major problems myself, though my mom hasn't had the same luck. She's had a few and they've been dealt with, but it's always a shock to see them. Anyways, right now I'm using Kaspersky Internet Security 2009 and it's been pretty nice so far, so problems yet. Hopefully I'll be able to throw on something a little better (I'm looking at you Ubuntu ;)) but when I get Vista on here Kaspersky will definitely stay.

Tell your mom to stop looking at Pron

Tell your mom to stop looking at Pron
Will do ;).

Once, I was infected by a virus that changed the time/date formats to blank and when I pulled up McAfee, it was the regular window but only the borders were there. The middle was gray.
I just did a quick system-restore and everything was back to normal.

I had a friend, who, two years ago got a vius that deleted the entire partition from his hard drive. He gave it to me to recover all of his data. I was surprised at how easy and fast it was with some data recovery software.