Urgent! Virus Attack

[Just Me]

I've never seen anything so dirty and diabolical.

1. Pop-ups started to appear warning of a virus attack.
2. I clicked "okay" to open my protection software.
3. What loaded was NOT my program! The graphics were way CRUDE, the
English grammar was defective. Mine is the free Microsoft virus and
spyware scan--forget the name, and can't find it now because it's
GONE, replaced with this fake job.
4. Meanwhile, every program on the desktop I tried to load, every
website was refused with an "error" message, declaring that the
program was "infected". I could not so much as get Vista Help to load.
Worst of all, the notepad file containing my passwords, though it
would start to open, WHACK, down it goes with another "error" message.
5. In desperation, I finally clicked okay to "my" virus protection
program, offering to remove the virus.
6. A webpage loads! No other pages would load, but this one does,
offering to sell me one of three virus protection programs.
7. I refuse that, close the program.
8. A porno site loads to replace the "virus software" page!!!
--
That's my Toshiba laptop. So I put the RESTORE disk into the DVD slot
and what do I find? There's no "restore point" feature! Two options
are offered: a complete restore, deleting all files, with a return to
the default condition of the computer, OR an option to reload certain
default program files.

Still desperate, I almost clicked the full restore. Since most of my
text work is saved on-line, like in the Drafts folder of my Gmail
account, I'm not sweating that stuff. It's that Notepad password file
I don't want to lose, let alone a vast collection of Favorites. So
here's what I need to know . . .

Is there a program in this, my Desktop Sony VAIO with XP that will
allow me SAFE access to my infected laptop hard-drive with Vista, via
USB cable? A computer to computer file transfer program is what I'm
after. The desktop is running McAfee virus protection which I will
make sure is totally up to date before I attempt any such transfer.

Your help will be sooo greatly appreciated.

 

[Alias]

I've never seen anything so dirty and diabolical.

1. Pop-ups started to appear warning of a virus attack.
2. I clicked "okay" to open my protection software.
3. What loaded was NOT my program! The graphics were way CRUDE, the
English grammar was defective. Mine is the free Microsoft virus and
spyware scan--forget the name, and can't find it now because it's
GONE, replaced with this fake job.
4. Meanwhile, every program on the desktop I tried to load, every
website was refused with an "error" message, declaring that the
program was "infected". I could not so much as get Vista Help to load.
Worst of all, the notepad file containing my passwords, though it
would start to open, WHACK, down it goes with another "error" message.
5. In desperation, I finally clicked okay to "my" virus protection
program, offering to remove the virus.
6. A webpage loads! No other pages would load, but this one does,
offering to sell me one of three virus protection programs.
7. I refuse that, close the program.
8. A porno site loads to replace the "virus software" page!!!
--
That's my Toshiba laptop. So I put the RESTORE disk into the DVD slot
and what do I find? There's no "restore point" feature! Two options
are offered: a complete restore, deleting all files, with a return to
the default condition of the computer, OR an option to reload certain
default program files.

Still desperate, I almost clicked the full restore. Since most of my
text work is saved on-line, like in the Drafts folder of my Gmail
account, I'm not sweating that stuff. It's that Notepad password file
I don't want to lose, let alone a vast collection of Favorites. So
here's what I need to know . . .

Is there a program in this, my Desktop Sony VAIO with XP that will
allow me SAFE access to my infected laptop hard-drive with Vista, via
USB cable? A computer to computer file transfer program is what I'm
after. The desktop is running McAfee virus protection which I will
make sure is totally up to date before I attempt any such transfer.

Your help will be sooo greatly appreciated.

Download Ubuntu from www.ubuntu.com. Burn the ISO to a CD. Run the Live
CD without installing Ubuntu and use it to transfer your files to
external media like an external hard drive. Once you're done, DON'T
reinstall McAfee as it's one of the worst anti virus programs out there.
Install Microsoft's AV "Security Essentials" or Avast, both free.

 

[Pegasus [MVP]]

I've never seen anything so dirty and diabolical.

1. Pop-ups started to appear warning of a virus attack.
2. I clicked "okay" to open my protection software.
3. What loaded was NOT my program! The graphics were way CRUDE, the
English grammar was defective. Mine is the free Microsoft virus and
spyware scan--forget the name, and can't find it now because it's
GONE, replaced with this fake job.
4. Meanwhile, every program on the desktop I tried to load, every
website was refused with an "error" message, declaring that the
program was "infected". I could not so much as get Vista Help to load.
Worst of all, the notepad file containing my passwords, though it
would start to open, WHACK, down it goes with another "error" message.
5. In desperation, I finally clicked okay to "my" virus protection
program, offering to remove the virus.
6. A webpage loads! No other pages would load, but this one does,
offering to sell me one of three virus protection programs.
7. I refuse that, close the program.
8. A porno site loads to replace the "virus software" page!!!
--
That's my Toshiba laptop. So I put the RESTORE disk into the DVD slot
and what do I find? There's no "restore point" feature! Two options
are offered: a complete restore, deleting all files, with a return to
the default condition of the computer, OR an option to reload certain
default program files.

Still desperate, I almost clicked the full restore. Since most of my
text work is saved on-line, like in the Drafts folder of my Gmail
account, I'm not sweating that stuff. It's that Notepad password file
I don't want to lose, let alone a vast collection of Favorites. So
here's what I need to know . . .

Is there a program in this, my Desktop Sony VAIO with XP that will
allow me SAFE access to my infected laptop hard-drive with Vista, via
USB cable? A computer to computer file transfer program is what I'm
after. The desktop is running McAfee virus protection which I will
make sure is totally up to date before I attempt any such transfer.

Your help will be sooo greatly appreciated.

Here are a few options:
a) Remove the disk, then put it into a USB case which you connect to some
other PC.
b) Boot the machine with a Bart PE boot CD, then copy your files to an
external USB mass storage device.
c) Boot the machine with a Windows 7 Repair CD, then copy your files to an
external USB mass storage device.

a) is probably easiest if you can remove the disk.
b) requires a bit of an effort until you can figure out how to make a Bart
PE boot CD.
c) is easy but it takes a while to download the image file from
http://neosmart.net/blog/2009/windows-7-system-repair-discs/.

Note also that b) and c) require a good knowledge of console commands.

You should treat this event as a wake-up call. Important files *must* be
backed up regularly to an external medium. Next time, if your disk goes bad,
you might lose the lot.

 

[PA Bear [MS MVP]]

You do NOT want to connect ANY computer to the infected computer!

Any flash drives, SDCards or other external drives which have been connected
(or are connected) to the infected computer should also be considered
infected!

 

[Just Me]

Download Ubuntu fromwww.ubuntu.com. Burn the ISO to a CD. Run the Live
CD without installing Ubuntu and use it to transfer your files to
external media like an external hard drive.

Thanks! A whole bunch. Looks like you are cautioning against a direct
connection between the laptop and desktop. So, unless I miss my guess
you are saying not to trust my virus software to scan those files as
the transfer is in process--maybe because there is no signature file
for this virus, it's that new, or . . .

Once you're done, DON'T
reinstall McAfee as it's one of the worst anti virus programs out there.
Install Microsoft's AV "Security Essentials" or Avast, both free.

Yeah. "Security Essentials". See, that's what I have--or had till last
night--on my laptop. When Microsoft offered it, I took it and
uninstalled my free AVG. McAfee is what's on my (presently)
uninfected desktop. Glad you named it, so now I can add to this the
horrible fact that the FAKE virus program (that came with the virus)
is a clone of "Security Essentials", displaying that trademark and
logo--only the graphics are totally suckola. So you're sitting there
thinking, "What? This is NOT the way these windows looked before, not
AT ALL, and as mentioned, the English grammar is stinko, and appears
to be from a non-English speaking source.

They offer to sell you one of three flavors, the 3 month "protection"
for 49 bucks! The 6 month for 59 bucks, and then it's like, the
eternal protection for 69 bucks. Also, there is no Microsoft Logo
anywhere on the screen. Right away, I'm thinking, if MS says it's
"free" -- what's this?

Again: Big Thanks!

 

[Just Me]

You do NOT want to connect ANY computer to the infected computer!

Any flash drives, SDCards or other external drives which have been connected
(or are connected) to the infected computer should also be considered
infected!

Okay! That's how I want to hear it stated: in NO uncertain terms.

Thanks!!

Now a question re: Ubuntu. Is that strictly a file transfer program--
or will it open a text file for viewing? Otherwise, is there any
software (free, preferably) that will permit you to do that from the
DVD drive--so you can get around the feature of that virus which stops
all files from executing? All I need is to get into my text files, and
the desktop folders I keep my web shortcuts in.

Any help for that?

 

[Greg Russell]

I've never seen anything so dirty and diabolical.

You must've just started using the Internet.

1. Pop-ups started to appear warning of a virus attack.

It's called "scare-ware" and is simple programming by any teen-aged web
author.

2. I clicked "okay" to open my protection software.

No, you chose to download and execute their virus-installation program.
Lerning to rede is guuuud!

 

[Just Me]

Here are a few options:
a) Remove the disk, then put it into a USB case which you connect to some
other PC.
b) Boot the machine with a Bart PE boot CD, then copy your files to an
external USB mass storage device.
c) Boot the machine with a Windows 7 Repair CD, then copy your files to an
external USB mass storage device.

a) is probably easiest if you can remove the disk.
b) requires a bit of an effort until you can figure out how to make a Bart
PE boot CD.
c) is easy but it takes a while to download the image file fromhttp://neosmart.net/blog/2009/windows-7-system-repair-discs/.

Note also that b) and c) require a good knowledge of console commands.

You should treat this event as a wake-up call. Important files *must* be
backed up regularly to an external medium. Next time, if your disk goes bad,
you might lose the lot.

You got that right. Wake up call for sure. If I can get those
passwords, I'll print that file, frame it, and hang it on the wall, if
I have to, or see if I can get a safety deposit box for it at Fort
Knox. Fortunately, I had no trouble getting my NetFlix password reset.
All they wanted was my email addy.

HAS ANYONE HERE HAD WORD OF THIS MONSTER VIRUS/VIRUS PROTECTION SCAM?
Or anything similar?

 

[Alias]

Okay! That's how I want to hear it stated: in NO uncertain terms.

Thanks!!

Now a question re: Ubuntu. Is that strictly a file transfer program--
or will it open a text file for viewing?

Yes. You can also go online and copy the text to a web email and send it
to yourself. The Live CD comes with a word processor and Firefox for
surfing. All without installing *anything* on your hard drive. It uses
memory and the Live CD to do things.

Otherwise, is there any
software (free, preferably) that will permit you to do that from the
DVD drive--so you can get around the feature of that virus which stops
all files from executing? All I need is to get into my text files, and
the desktop folders I keep my web shortcuts in.

Any help for that?

The good thing about using the Ubuntu CD is that Ubuntu doesn't do
viruses that are created for Windows. When you first boot the Ubuntu CD,
be sure and choose to load it without installing it.

 

[Craven Moorehead]

HAS ANYONE HERE HAD WORD OF THIS MONSTER VIRUS/VIRUS PROTECTION SCAM?
Or anything similar?

 

[Just Me]

On 08/20/2010 05:45 PM, Just Me wrote:

Yes. You can also go online and copy the text to a web email and send it
to yourself. The Live CD comes with a word processor and Firefox for
surfing. All without installing *anything* on your hard drive. It uses
memory and the Live CD to do things.

Wow! No, I mean, Double Pow, How Now Brown Super Cow WOW!!!!!

That's going to solve ALL my problems.

The good thing about using the Ubuntu CD is that Ubuntu doesn't do
viruses that are created for Windows. When you first boot the Ubuntu CD,
be sure and choose to load it without installing it.

Man, that is really something. And no problem with the platform
difference between XP and Vista -- I take it? I'll be downloading
Ubuntu to XP, and using the CD on Vista.

Alias --

Thanks a million, man.

 

[PA Bear [MS MVP]]

Avoid Rogue Security Software!
http://www.microsoft.com/security/antivirus/rogue.aspx

 

[Just Me]

Download the Avira Antivir Rescue System program which will burn a CD
image to a blank CD.  It's updated a few times per day.  Insert the CD
into the damaged machine and let it do a scan of your system.  Before
starting the scan, select "Configuration" and set to repair or rename
the infected files.  Sometimes your machine won't restart after such a
repair process, so you might want to save needed files to another system
before using this.  If you can't, then you can move the hard drive to
another machine to copy needed files.  You can do that before, or after
this scan.

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

Then run these:

Malwarebytes© Corporationhttp://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispywarehttp://www.superantispyware.com/superantispywarefreevspro..html

AVG now has a Rescue CD that's free.  They also have a free USB download
that should work on newer systems that can boot from a USB device.  Get
them here:

http://www.avg.com/us-en/avg-rescue-cd

You can try some of the CD's mentioned at the following site.
BitDefender was my favorite, but if the infected machine can't connect
to the internet to get updates, Avira comes with current virus
definitions.  Also, some of these just won't run on some systems,
perhaps because there's no drivers available for some system devices,
motherboard, graphics card, etc.  So try a few of these till you find
one that works:

Burn BitDefender, or another program listed at the link below, to a CD
(using a working machine) and test the infected machine with it.
BitDefender also has a Rootkit checker on the Linux Desktop; run it if
you think that's the problem:

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-...

Download the executable rather than the .iso image, if one is available,
(though no .exe is available for BitDefender).

After the scan is run, if you elect to quarantine files, they're
quarantined to RAM and lost after you reboot.  You'll need to copy any
quarantined files to the hard drive, a thumb drive or elsewhere before
exiting.

Thanks Joe! Appreciate the time you put into that, whenever you did
it, just now or earlier for other people in my fix. That's quite the
deal about the scan, with Avira -- although the problem of maybe not
being able to reboot does concern me. What's your view of the Ubuntu
application that Alias is talking about?

 

[Alias]

Wow! No, I mean, Double Pow, How Now Brown Super Cow WOW!!!!!

That's going to solve ALL my problems.


Man, that is really something. And no problem with the platform
difference between XP and Vista -- I take it? I'll be downloading
Ubuntu to XP, and using the CD on Vista.

The .iso image can be burned just fine to a CD using XP. I've done it
many times.

Alias --

Thanks a million, man.

Sure, let me know how it goes.

 

[Justin]

Thanks! A whole bunch. Looks like you are cautioning against a direct
connection between the laptop and desktop. So, unless I miss my guess
you are saying not to trust my virus software to scan those files as
the transfer is in process--maybe because there is no signature file
for this virus, it's that new, or . . .

Do what he said, reformat and reinstall your operating system.
That is the only way you can disinfect that machine and be 100% sure.
Malwarebytes, AVG, McAfee and MSE may claim to disinfect the machine but
it doesn't repair the damage that has already been done to the core OS.

For your next computer get a Mac you won't have this problem.

 

[Just Me]

The .iso image can be burned just fine to a CD using XP. I've done it
many times.





Sure, let me know how it goes.

Success! Whew. Thanks to SAFE MODE, I was able to run a SYSTEM
RESTORE, setting the restore point at three days previous to the
attack. Upon reboot to the full system, things were back to normal but
for a WARNING window about "security issues" that this time I knew
enough to ignore. I downloaded a copy of AVAST anti-virus, ran a
complete scan and here's what it turned up . . .

GoogleUpdate Setup JS:Fake Warning- E [Trj]

There were three installations of that which managed to get in even
after I did the System Restore. Fortunately, those were stopped by
AVAST in time. Rotten thing was still trying to get me.

What's that look like to you?

GoogleUpdate Setup JS:Fake Warning- E [Trj]

I'm running Google Chrome -- so, I'm getting this with the Google
Updates -- or what?
--

I visited the link you posted to Ubuntu. But I have to admit, for
somebody at my basic level of computer savvy it looked pretty hairy,
all the steps required to get that disk burned. So, maybe I'll just
get on that long waiting list for purchase of the CD that's all set up
and ready to run. It looks like a great tool to have on hand. That's
a whole new technology to me, way out of my range of experience of
burning a simple CD, knowing enough to punch the F8 key--simple things
like that. ;-)

I do thank you for your help, even if I'm too far back around the
curve to take advantage of it.

Thanks!

 

[Alias]

I visited the link you posted to Ubuntu. But I have to admit, for
somebody at my basic level of computer savvy it looked pretty hairy,
all the steps required to get that disk burned. So, maybe I'll just
get on that long waiting list for purchase of the CD that's all set up
and ready to run. It looks like a great tool to have on hand. That's
a whole new technology to me, way out of my range of experience of
burning a simple CD, knowing enough to punch the F8 key--simple things
like that.;-)

I do thank you for your help, even if I'm too far back around the
curve to take advantage of it.

Thanks!

Don't bother trying to learn how to do the MD5SUM. I've never had a
download that didn't have a correct one. Just download the .ISO, burn
the image to a DVD using something like Nero and you're set to go. That
said, being as you're coming from Windows, you would be better off
checking out Linux Mint as it is much easier to install than Ubuntu.
It's based on Ubuntu but the DVD download will install Flash, Java,
codecs, fonts, etc as a part of the OS install. Mint can be found at
www.linuxmint.com. You can install Mint as a dual boot with XP and you
will be asked if you want to install it "side by side" when you run the
install of Mint.

 

[Just Me]

Don't bother trying to learn how to do the MD5SUM. I've never had a
download that didn't have a correct one. Just download the .ISO, burn
the image to a DVD using something like Nero and you're set to go. That
said, being as you're coming from Windows, you would be better off
checking out Linux Mint as it is much easier to install than Ubuntu.
It's based on Ubuntu but the DVD download will install Flash, Java,
codecs, fonts, etc as a part of the OS install. Mint can be found atwww.linuxmint.com. You can install Mint as a dual boot with XP and you
will be asked if you want to install it "side by side" when you run the
install of Mint.

--
Alias

(e-mail address removed)
Remove shoes to email me.

Thanks, alias. Sounds good. I'll check it out!

 

[Incognitus]

Thanks, alias. Sounds good. I'll check it out!

You may find these useful as well.

DistroWatch.com: Put the fun back into computing. Use Linux, BSD.
http://distrowatch.com/

Comparison of Linux distributions - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Comparison_of_Linux_distributions

The LiveCD List
http://www.livecdlist.com

The Official ImgBurn Website
http://imgburn.com