Computer infected by an anti-virus conpany's virus

[Ingenium]

So for the past 2-3 weeks, when i open up any internet browser, i get random pop-ups that i have never gotten before (internet surveys for wikipedia and facebook, and random program download links). So I called my older brother who is really good with computers and he said that my computer has been infected with a virus that one of the anti-virus companies made so that i would have to buy their product. He told me that he would fix it when he got back home (he's out of state for college and won't be back for another month). After that I just dealt with the pop-ups and always Xed out of them.

But today when i turned on my computer (which is now on max security with zone alarm anti-virus stuff) and i got more security alerts than i normally do (6 instead of the usual 1) and i didnt think anything of it until i got back from church and noticed that a new program was installed on my computer called pc defender. My computer also would not play my Call of Duty (which now works), but when i go to use ctrl alt delete to see what was going on, it says that it (the task manager) is disabled by the administrator. And now whenever i start a program (my games or internet) it opens up a list asking me what i want to open this program with.

I've tried using mbam, but apparently this virus blocks that too because it says it can't find the .exe file thing. So is there any way to fix this problem? I'm worried that my computer might get really messed up from this thing.

 

[dE_logics]

Why not just format your PC once again?...like every windows user does every week.

Your PC is most probably a bot on the net now...the only option is to format it.

 

[Ingenium]

so how do you go about formatting it and what exactly does it do?

 

[The_Absolute]

This sounds to me like a terrible computer virus which poses as anti-virus software which you must give your personal financial information to, especially credit card numbers in order to "buy" the bogus software. This information gets sent directly to people whom use that information for very fraudulent means.

These types of computer viruses can most commonly be gotten from shady pornographic websites, social networking websites such as MySpace and Facebook.

You should unplug your internet connection until you get this problem fully resolved. A 3rd party may be running key loggers, and other tracking cookies and scanning them for credit card and bank account #'s.

I NEVER put any financial or personal information on my computer for reasons like these.

This is a classic example of a phishing scam. I don't feel sorry for people whom are dumb enough to fall for them.

If this "anti-virus" impostor asks you for any personal financial information to "buy" their "product", DO NOT give type it in. I'm sure you get the point about what would happen. People in a strange, foreign country (usually Nigeria) will wipe out everything you have in the bank.

 

[Ingenium]

im still in high school so i have no financial information to speak of. only things in your list that i go on is facebook. didnt realize that you could actually get viruses from something like that. and i never buy anything off the pop-up things that come up

 

[Topher925]

A lot of times these virus's just live in the browser files. Try uninstalling your browser, clearing all the files, and then reinstalling your browser.

What OS are you using?

 

[Ingenium]

im using microsoft xp. how do you go about removing all the files from the browser?

 

[DavidSnider]

Run Malwarebytes http://www.malwarebytes.org/.

It will probably clean it off.

 

[Ingenium]

ive used malewarbytes before all this happened and it worked fine. but when all these problems started i tried to run it again and it said it couldn't find the .exe file thing to run it. so i unistalled it and reinstalled it, only to find that the same thing happened again (i think i tried about 4 times before i gave up)

 

[Math Is Hard]

I got a rogue anti-virus on my PC and was able to clean it off by running malwarebytes, but I had to run my computer in safe mode while I was doing it.

 

[rcgldr]

On a somewhat related note, why doesn't Microsoft's malware removal program remove Microsoft's genuine advantage validation programs?

 

[Chronos]

Do you have a system restore file that was created before the problem originated?

 

[Ingenium]

im not really sure about the system restore. how do you that out?

 

[Chronos]

Instructions for using system restore found here. http://support.microsoft.com/kb/306084 Try picking a restore point prior to date of infection. You can undo the restore if unanticipated problem occurs. If virus interferes with system restore, load windows in safe mode and restore from there.

 

[Ingenium]

because of that virus, every time i try to start a program (even the internet) it opens up a little window that says open with... and i have to choose the program. but i can't seem to find where the program itself is located at. and when i tried searching for it using the search function to search through the files, the blue screen of death came up and restarted my computer. so where exactly is the program to start the system restore at? (which folder and such)

 

[rcgldr]

To prevent problems like this in the future, I'd recommend getting a second hard drive, partition that drive into at least two partitions, installing another instance of the OS (or a compatable OS) on the second hard drive's first partition, using the second hard drive's second partition to back up the OS.

Since some boot files on C can't easily be restored, you might consider separating your first hard drive into at least two partitions. A small C partition with just the boot files, and then a second partition to install the primary OS into.

With this setup, you can backup (copy works fine), compare (I use windiff), and if wanted, format, restore, compare to defrag either OS partition using the other instance of OS.

 

[Chronos]

Start your computer in safe mode, then run system restore.

 

[pallidin]

Malwarebytes will work fine.
What is happening is that the virus is keeping it from running.
So, what you do is this:

Download it from a different, clean computer.
Rename it! VERY IMPORTANT!
Transfer to a thumb drive, CD, etc... and install on the problem computer in SafeMode with Networking.
Update, then scan.

If joy, you need to clean System Restore.
Do this by disabling it, re-starting your computer, then re-enabling it.

 

[The_Absolute]

Probably 75% of all websites on the internet are illegitimate (usually pornographic in nature) and used as vehicles to infect Millions of computers with malware, spyware, key-logging tracking cookies, and other malicious viruses for the intent of collecting personal financial information.

One website to stay away from are, DON'T CLICK THE LINK ---> www.finallyfast.com <--- DON'T CLICK THE LINK! which promises to remove viruses and spyware from your computer for "free" but what it actually does is installs viruses onto your computer and demands that you pay them for removal. It's a classic scam.

I don't understand why the FTC or the government haven't gone after them for fraud and anti-trust and criminally prosecuted the owners of that website, and then demanded financial compensation for it's victims.

www.freecreditreport.com is also another site that deceives people into using their "free" services but then stiffs them into paying a few Hundred dollars.

It's the same with "free" Ipod and ringtone popups. You have to enter your personal financial information to a very shady source, and then claims that you have to buy another product in order to receive your "free" gift.

Most of these are pilfering scams operated by shifty and illegitimate "companies" or by individual criminals, whom just send out Billions of spam e-mails, pop-ups, and other electronic communications to pilfer from it's victim.

Others are related to more organized crime and used for identity theft, and to steal bank account and credit card numbers. It's called "phishing."

These websites actually advertise on television in hokey, and overly enthusiastic commercials,

Read this article on the official FTC (Federal Trade Commission) website about the CAN-SPAM law.

The internet is a spawning pool for criminals of all different kinds, in pursuit of fraudulently obtaining money.

http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?c=ecfr&sid=14055e58afb9046553e3ed2f75dc0e2e&rgn=div5&view=text&node=16:1.0.1.3.40&idno=16

 

[pallidin]

Yeah, it's really getting bad out there.

 

[The_Absolute]

I have NEVER entered ANY personal information on my computers for those exact reasons.

 

[pallidin]

Hear you on that! And when I do online purchases(not often) I only use a debit card that's "filled" not much above the purchase price. Keeps me safe.