1. We have added a Gift Upgrades feature that allows you to gift an account upgrade to another member, just in time for the holiday season. You can see the gift option when going to the Account Upgrades screen, or on any user profile screen.
    Dismiss Notice

Computer Virus

Discussion in 'Computer Talk' started by Dubzilla8, Nov 13, 2011.

  1. Dubzilla8

    Dubzilla8 Just Right of Center

    Joined:
    Mar 9, 2006
    Messages:
    89
    Hi all,

    It's been a while since I've posted on CivFanatics, but I have a problem I think the helpful CivFanatics community may be able to help with. On Friday, my fiancee's laptop was infected with a computer virus called AV Security 2012. This virus essentially acts like an anti-virus program, but it prevents the user from running any computer programs at all and declares that program infected by a virus. AV then offers to remove the infection if you will buy their anti-virus software. The program also causes her web browsing to redirect to the AV website purchase page. There are also a bajillion pop-ups notifying her of infected files and programs, and the thing is constantly scanning her computer for more viruses.

    Anyway, I've disconnected it from the internet (funny that her web browser still opens and displays an AV website page), and we've kept it off ever since. My immediate thought is to format her entire computer using the disk that came with it (this is a Dell laptop, btw). However, I'm not sure even a format will fix the problem. There are a few videos on youtube about removing the virus, but they mostly tell you to download some form of anti-virus software. I tried to download AVG from my computer and transport it via flash drive, but the virus won't let me install AVG (no surprise).

    I imagine someone out there has experienced this virus and may have a solution. Any help would be greatly appreciated.

    Best Wishes.
     
  2. Antilogic

    Antilogic --

    Joined:
    Sep 2, 2006
    Messages:
    15,602
    Have you tried booting in and installing in safe mode? You can also try to use the Task Manager (Ctrl-Alt-Delete) to end some of the virus' processes so that it will stop hitting your legitimate antivirus software.

    I suffered from something similar to this years ago, and I was able to get my actual AV software working using some combination of these methods.
     
  3. Tecknojock

    Tecknojock Keeping the world running

    Joined:
    Feb 19, 2011
    Messages:
    918
    Location:
    Hearth's Warming Eve Pagant
    If you have access to another computer you could burn a windows ubcd and use that to run agv or manually remove the virus.
     
  4. aimeeandbeatles

    aimeeandbeatles watermelon

    Joined:
    Apr 5, 2007
    Messages:
    19,961
    Gender:
    Female
    It should. Backup & reinstall is the surest way to clear out an infection. Be careful not to backup the virus though.
     
  5. cardgame

    cardgame Obsessively Opposed to the Typical

    Joined:
    Apr 1, 2009
    Messages:
    15,044
    Location:
    Misery
    I had one of these antivirus suites get me once :\

    I killed it by booting into safe mode and running Malwarebytes.
     
  6. muhtesem insan

    muhtesem insan Amateur Revolutionary

    Joined:
    Jun 14, 2010
    Messages:
    563
    Gender:
    Male
    Location:
    Istanbul
  7. innonimatu

    innonimatu Deity

    Joined:
    Dec 4, 2006
    Messages:
    13,261
    Modern versions of those nasties are always checking for the process manager process and kill it immediately after it's open.

    If it's one of the most harmless kind, rebooting windows in "safe mode" should allow a login without it starting. Then it's a simple matter of finding out wehere the executable is (I suggest you search the usual keys in the registry used to run programs, HKLM/software/microsofy.../run) and delete it. Delete also those keys, but they become harmless.

    If it's a more elaborate kind, it can download all kings of trojans. So to play it safe, reinstall. That will get you rid of it.

    Also, this should be in the computer talk subforum.
     
  8. CommonKnowledge

    CommonKnowledge Warlord

    Joined:
    Jan 22, 2011
    Messages:
    190
    If it does that you could try opening the command prompt and using the tasklist and taskkill commands.
     
  9. Camikaze

    Camikaze Administrator Administrator

    Joined:
    Dec 27, 2008
    Messages:
    27,312
    Location:
    Sydney
    Moderator Action: Moved to Computer Talk. :)
     
  10. Atlas14

    Atlas14 "Sophomoric Troll Master"

    Joined:
    Apr 11, 2004
    Messages:
    7,502
    Location:
    Maryland
    Next time don't use AVG...it's basically acts like a virus as well.
     
  11. Grisu

    Grisu Draghetto Retired Moderator

    Joined:
    Dec 20, 2001
    Messages:
    10,521
    Gender:
    Male
    Location:
    Switzerland
  12. Unix

    Unix Chieftain

    Joined:
    Nov 16, 2011
    Messages:
    4
    Location:
    Texas
    Not sure if you've still got it or not. In my job I manually remove viruses and fix computers remotely all day long. To give it a try yourself at removal, I'd suggest running this program.

    http://freeofvirus.blogspot.com/2009/05/remove-fake-antivirus-10.html

    It's programmed to remove any traces of most of the well known fake antivirus program. It was last updated November 9th I believe.
     
  13. Narnia

    Narnia Prince

    Joined:
    Nov 19, 2009
    Messages:
    513
    If you still haven't fixed your computer, try microsoft's process explorer and autoruns. Like other people have stated, malwarbytes is also good. They are free downloads off the internet, you should be able to get them on your computer via usb/cd/etc.

    Also, if you can still access it, try disabling it via msconfig (use the run command and type in msconfig, it should already be on your computer).

    Also, run all of these commands the minute you log on, if your fast you can sometimes start a program before the virus gets a chance to start up. And if you use process explorer to kill it, be sure to suspend it first, don't kill it outright. Some viruses will use several processes and if you kill the process, the virus might detect that one of it's processes quit working and will restart it. However, if you first suspend all of the virus's processes, you will disable it, you can then kill it's processes without it restarting them. You should then be able to use real antivirus software to find the virus and remove it.



    PS: good luck
     

Share This Page