Killer Computer Virus
Dec. 18, 2010
I lost my hard disk this week. My computer was infected by a killer virus, "My Security Shield."
You can read about it here. There are lots of solutions. They don't work. Once you get hit, it's too late.
My son-in-law got hit weeks ago. It took days to get his disk back. It takes a professional. But mine locked up tight.
It looks like a legitimate virus warning. It tells you that you have been hit with several bad viruses. It asks if you want to remove them. DO NOT CLICK YES. If you do, your disk is as good as gone.
I was fortunate. It was my first day working with my computer for online tasks. It is my video production computer. I lost a few videos -- that's all. I can re-shoot them. No big problem. What if I had lost years of data?
Back up your disk.
Do not click YES if you see a warning.
A subscriber responded:
You can download Malwarebytes for free. I got something similar and this fixed the problem without any ill effect to my drive.You may have to boot your computer in Safemode to install it if you have the virus, but keep the networking cababilities running and then download it and run it.
This worked the first time. I've had to use it on my computer and my mother-in-law's machine.
Thanks for your weekly tips.
Another subscriber had a more typical experience.
I had one of these in September. It popped up warning notices that my computer was infected and asked if I wanted to clean the virus. The notices didn't look right so I knew not to click on them. But when I didn't click on them, it opened a new tab on my browser taking me to a porn site, and when I shut my browser down it opened it up again going to another porn site. Then the notice would pop up again, "Do you want to clean your computer now? Only $69.95." (Yeah, right, and give them my credit card number!) It also shut down my anti-virus program and made it so I couldn't open any other files on my computer. So I shut down my computer and went and got some advice.My first priority was to salvage my data. I went and got a 15GB jump drive. Fortunately Safe Mode wasn't affected, and opening in Safe Mode I was able to manually copy/paste my files onto the jump drive. It took hours! Then I called a friend who is a geek and he was kind enough to come over on his day off and rescue my computer.
While I couldn't follow everything he did, here are some points I did get that may be useful to others dealing with this situation:
1. He opened up a list of files created, including when they were created. (Not sure how he got to this.) As I could pinpoint when the virus attack occurred, we were able to identify the name of the file containing the virus. (Caution: Viruses sometimes disguise themselves by generating different file names for themselves, so you can't be sure you've got it by finding this name, as it may be just a decoy name.)
2. He opened the Start Menu, listing all the programs that open up when you start your computer. (Not sure how he got to this.) Being a geek, he knew what should be there, and zeroed in on a program that was unfamiliar to him. It also had the same file extension as the file we'd found in the previous step, and a similar name (same letters but different numbers). He unchecked the box next to this program, so that the program wouldn't load on starting the computer. We then tested this by restarting the computer in regular mode, and hooray, the virus didn't start! This was not the end of it, however, as the virus was only disabled, not removed, and could potentially replicate itself and start up again.
3. We then went back to Safe Mode and he ran a deep scan using a program called "VIPRE Rescue" that he brought with him on a jump drive. This is a free program that is available at http://live.sunbeltsoftware.com/. He says it's the best in the business. One caution is that you have to turn off any other virus program you have while you're running it. The scan took about 6 hours and it removed the rogue security program, as well as some other malware that my regular anti-virus program had either missed or had only been able to quarantine and not remove.
4. Later on I ran another deep scan with another program that had also been recommended to me called "Malwarebytes Anti-Malware" and removed some more pieces of it. This is also a free program and is available at http://www.malwarebytes.org/.
Some general notes: Even if you're not a geek, you could probably get the same results just using the scanning tools, as long as you can get into Safe Mode. (To get into Safe Mode press F8 while the computer is booting up, then select Safe Mode on the screen that comes up. You may have to hit F8 several times to make sure you catch it at the right moment.) The download page for VIPRE Rescue even includes steps to activate it on the command line, bypassing Windows, in case Windows is totally not working. The instructions are not complicated.
You may have to scan more than once, even with the best program, in order to get all the pieces of the virus. Or scan once using what you have, wait a few days, update your scanner, and scan again. The virus you have may have been modified to escape detection. After a few days the anti-virus people may have updated their virus definitions, allowing their scanning software to spot the new version.
VIPRE also has a paid anti-virus program that takes care of your routine, real-time anti-virus needs. My geek friend says it's the very best anti-virus program out there, and it is not expensive. You do have to completely uninstall any other anti-virus program you have on your computer before installing VIPRE Anti-Virus. VIPRE is however compatible with the Malwarebytes product. You can use the two together for top-notch protection.
My geek friend uses VIPRE Anti-Virus as his routine anti-virus program, and also runs a deep scan overnight once a week to keep things really clean.
Better safe than sorry.
Dropbox is an amazingly easy and simple program that allows seamless access to the same files on multiple computers. I can't describe it better than themselves, so if interested watch their video: https://www.dropbox.com/ I personally use this program instead of a USB drive to access projects and personal files from my work computer, my wifes computer, and my own personal pc. They also have apps for smart phones available to give you mobile access. The FREE version gives you 2gigs of space to use. If interested, use this referral from me (yes, shameless plug) https://www.dropbox.com/referrals/NTU5NzkwNzQ5?src=global0 and we will both get an additional 250megs.Allway Sync ( http://allwaysync.com/ ) is a great sync program I use to sync my personal computer and work computer to external discs (one I keep at home, one I keep at work, but both hardisks have backups of both computers). It registers the changes in specific backup folders, and makes the changes necessary. Easy to use, quick, with a lot of options for specific uses. Free for use if you don't back up often.
Having lots of subscribers sure helps!
For 300+ more tips, go here://www.garynorth.com/public/department54.cfm