HELP-Nasty Computer virus attacking - "MS Spyware"

I think I'm screwed

Been fighting some Phisher Virus disquised as Microsoft Anti-Spyware

Can't turn it off
Dis-ables the "Task Manager"
Endless Pop-ups saying it can't read memory location "FFFFFFF9"
Directs me to some Non-Microsoft Website wanting me to enter my "Credit Card" information

"-ttp://xp-police-av.com/go.php?id=232127&n=0"

It was disquised as an "Update for Vid-player"

Anyone got any advice

HELP !!!!!!



This does a whole lot more then "Disable" it wants my credit card

mho, it's a good anti malware scanner.

http://www.malwarebytes.org/

liked it so much I bought it. I also use spybot search and destroy as well as ESET.

and I'm running Norton right now

but what I'm seeing is some one took an existing virus and turned it into a "Phisher". Trying to find if this version has been addressed by the Anti-Virus Mfgs

Get AVG or Avast-both free. Get Spybot Search and Destroy and Malwarebytes Antimalware-also free. You may have to turn off System Restore to totally disinfect the computer.

was easy to dowload even while my computer was going crazy with things like the OP mentioned I managed to download, install quickly and it killed the sucker off.

Love that program.

:hi:

Failing that, shoot your current computer full of holes and then go get yourself another one and load Linux on it.

Is Linux compatible with MasterCam X

MasterCam is $17K by itself and I was paid over $100K for the work on thios computer

I have extra Mirrored Drives containing all the work but DAMMMMM....... I need to finish this project

had been taken over and completely fucked up by criminals because 20 years after the first DOS virus M$ STILL hadn't learned to safeguard the shit they sell, I'd be looking for work arounds.

How much is your time worth? How much is your work worth?

in the shop that is not even connected to the internet.

but this my "Underware Machine" located in the study at home.

I like the freedom of a a little distraction such as "Democratic Underground" while doing my work. Can't stare at numbers and lines ALL day long without going batty in the head.

My 11 year old was searching the internet last night and perhaps that is what planted the seed. I thought I was uploading an update for a video player on the computer because the Cam program has been acting very unstable since last night. Cam software is heavily Video driver dependent and I was hoping this would stabilize the Graphics drivers

I run Ubuntu linux on my hardware, and then I use virtual machine software to run Windows XP in its own window.

I'm currently using VMWare Server, but there are other options.

Download a copy of Trinity Rescue Kit. It will be in an .iso file. You can burn it to a CD with a Free program called "ImgBurn". Once burned to a CD, put it in your CD drive and boot the machine. It will boot to a Linux command line. Make sure the computer is hooked to the Internet and type in the following, sans quote marks: "virusscan -a avg" Hit return. Let it run to the end. Then, type in the following command: "virusscan -a bde" . It will ask for certain yes or no answers from you before working. Answer them, then let it run. Then reboot the machine.

If the machine reboots and allows you access to online, then download "A Squared Anti-Malware Free". Install and run it. Finally, a run with Spybot Search & Destroy will never hurt.

And stop clicking on anti-spyware popups that occur while you are browsing.

I went into

C:\WINDOWS\Prefetch

and changed "A EXE.OCOAC950" from a .pf to a .tx file

now I need to clean it up without trashing my computer

I told you how. And please: start saving ALL work product off the machine, if that work product is as valuable as you say.

Also, make sure you check the work product on the external storage. Them things can get around.

Like I said it appeared to be an adaptation of an existing Virus that was redirecting me to a "Phisher Site"

Here was Norton's analogy of the Virus



I guess the adaptation was close enough to the original for Norton to pick up. I don't see any thing in Norton's description saying it directed you to a phishing site

The necessity for someone like you, who has important stuff on his computer, to download Trinity Rescue Kit. I have rescued a lot of computers from the gaping maw of the abyss with that thing. In fact, were I where you are, I would run it, even though you got rid of the KNOWN threat. There may be others and Trinity gets them goddamned good.

This is a no-shitter alert.

SmithFraudFix will do the trick....


http://forums.cnet.com/5208-6142_102-0.html?forumID=5&threadID=182891&messageID=1995815

Follow the instructions...

Let me know how it goes..

http://housecall.trendmicro.com/

Get an online scan. Trend Micro is going to ask you to install a bit of software. It's okay. Trend Micro is a reputable company. Perform the scan and hopefully the software will detect it and show you exactly where the baddie is located. It's been a while but I'm pretty sure Trend Micro's scanner will delete/disable the virus for you.

After you've done that go get and install a collection of anti-spyware/PC protection programs. Use a trustworthy site like Download.com for your searches.

my google has been totally 'hacked' if you will.

All the links for your searchs are to spam sites, so my google is comepletely broken.

Goto http://siri.geekstogo.com/SmitfraudFix.php and download SmitfraudFix.exe

then boot into safe mode and go through steps 1 and 2. That should fix it.
I used this on a friends computer a few months ago and it worked like a charm.

It really works great... I know people who have had to reformat because they did not know how to remove this trojan....

I'm working on the clean up now

I guess the mock up phishing site scared me

Anyway, Great minds think alike :)

Get it here

However, USE WITH CAUTION! You should know something about the editing your system registry and know the line(s) to delete for this infection which can be tricky.