Beesource Beekeeping Forums banner

1 - 8 of 8 Posts

·
Premium Member
Joined
·
4,656 Posts
Discussion Starter · #1 ·
Hey everybody,

Today I got an involuntary education in computer virus removal.

The last two days, my computer started acting weird. Turns out I had a computer virus that made things progressively worse to the point that my computer nearly shut down. It is called the "Internet Security 2010" virus. It makes it appear that you: (1) have a new computer anti-virus software program on your computer; and (2) that there are real viruses/trojan horse programs on your machine that need to be removed.

In reality, the new "Internet Security 2010" program IS the virus and the trojan horse program. It wreaks havoc on your computer, to the point that you can barely do anything. It is also able to get around legitimate anti-virus software and turns off anti-virus software that tries to remove it. It took quite a bit of effort, after I found some instructions on the internet for how to deal with this thing, to get it removed.

In addition to messing up your computer, it is a scam. It tries to trick you into buying a non-existent service that, if it does anything, turns off the Internet Security 2010 virus. Also, I got on the internet and tried to buy legitimate anti-virus software on line. This nasty program intercepted my credit card number and charged a total of about $400 to several different dot-com companies. (I got a warning email from my bank because they suspected that the charges were bogus, which they were. The charges were declined by my credit card bank before and after they called me, so nobody lost anything.)

This thing apparently is one of the more sophisticated viruses to come down the pike to the extent that it avoids and disables real anti-virus software. If you get weird warnings that you have an infected computer or an indication that you now have a program called "Internet Security 2010" on your computer, you have a problem.

If that happens, DON'T SEND ME AN EMAIL!!!!!

Neil
 

·
Registered
Joined
·
2,473 Posts
Wow, thanks for the heads up, Neil. For about the last two days I've had a heading in red saying NEW GOOGLE SECURITY I wonder if this is the same thing. I haven't even opened it though.
 

·
Premium Member
Joined
·
4,656 Posts
Discussion Starter · #3 ·
I am pretty sure that I got this through a fake "security update" download. I get those fairly regularly, and I vaguely remember doing some quick update earlier this week. As I understand it, once the initial program installs, it then downloads more nasty programs.

I don't if the New Google Security is legit or not.

The problem as I see it is that there is no way to tell for sure whether an update download is legit or malicious. I don't want to quit updating my computer, but then I don't want to download anything like this virus ever again. For a while, I thought it was time to buy a new computer.
 

·
Registered
Joined
·
2,488 Posts
I run AVG and it scans emails as well as everything else. Great program that doesn't bog down your computer like some of the others. You can download a free version, but the pay for one covers much more.
 

·
Premium Member
Joined
·
4,656 Posts
Discussion Starter · #5 ·
This virus, once it gets set up, blocks virus removal programs. You can go to the internet and download a program called "rkill" that will turn off the virus and only then can you use a spyware/virus removal program.

To make matters worse, the virus blocks the download of the program that will turn the virus off. To download the program, you have to start your computer in safe mode. Then you have to try to download the silver bullet program. The virus will block that once, and while it is blocking that, you download the silver bullet program again and it will work. Once you run the silver bullet, you can then remove the virus with virus removal software, which you have to run twice, because it won't always remove all the malware the first time.

Apparently, on some operating systems the virus will also prevent the user from starting the computer in safe mode. It could be that the longer this goes on the worse the computer gets. I'm not what you can do at that point other than go to a computer store and get their hard drive wiped and completely reformatted.

Before I started this project, I did not know what "safe mode" is. Forturnately, I was able to get on the internet and find a techie site that explained what do to along with lots of comments from people who know what they are doing.

I would like to track down the dirtbags (what I really want to say won't get through Barry's filter) who do this stuff and put them in a cell with Bubba for a long, long time.
 

·
Registered
Joined
·
2,368 Posts
Just had Desktop Defender 2010 removed from mine. Sounds the same, got a kick out of the wording of the warnings, when I wasn't about to throw the whole thing out the window.
 

·
Registered
Joined
·
4,265 Posts
I have had something like that a couple of times but it was always easily controlled until yesterday. It was extremely persistent and the system was degrading rapidly.

I was able to restore the computer system to an earlier "restore point". I had Avast do a scan and after cleaning up a lot of files, especially some Verizon files, I upgraded to the "Pro" version. I also updated and ran a complete scan with Ad-Aware.
 

·
Registered
Joined
·
14 Posts
Apparently a window popped up asking permission to download an important security update and my teen innocently said yes. Those of you who have been cursed by this pestilence know what happened next. It promptly disabled Ad Aware, AVG, and McAfee and began blocking every attempt to regain control of the computer. It also refused to let me shut down the computer or disconnect from the internet - and there was apparently a LOT of traffic going in and out until I physically unplugged the router. Had to unplug the computer to shut it down, and restart in safe mode going line by line. Thank heaven for the old days of reading command lines.

One nasty trick this thing pulled - McAfee and Ad Aware had actually been uninstalled, not just disabled, and the files corrupted so I also wound up going back to a previous restore point. It took running several scans to pry out assorted malware.

Somebody is not playing nice at all.
 
1 - 8 of 8 Posts
Top