Worst Malware Ever!!

Discussion in 'Windows Vista Help' started by Pfsszxt@aol.com, Feb 16, 2013.

  1. Guest

    I need help from some real computer experts.

    My wife's machine (I'm an XP Pro guy!)
    Vista with all updates to date.

    Some unknown way my -- wife generally doesn't download anything -
    and unless accidently ---didn't download this time ---but.
    The machine is now TOTALLY controlled by a thing called "Direct
    Antivirus". Every attempt to do anything is stopped . Try a program
    and get "can't open because infected". Try a web address in IE and get
    the same . Try to import from flash drive and get the same. That is
    nothing can be done. After the "---is infected" message there is an
    "offer" to correct he problem with their "Pro" verson for "only $89"
    which of course they want paid with credit card!
    Is there any way to deal with this. WE can't run anyything or use
    anything! The computer is totall hostage to thisthing.
    Can anyone out ther gibve me some clues as to how I can correct
    this??
     
    , Feb 16, 2013
    #1
    1. Advertisements

  2. Guest

    OOPS! I misspoke here --- its Disk Antivirus -- which I fnd is in
    fact a virus!
     
    , Feb 16, 2013
    #2
    1. Advertisements

  3. Guest

    Me once again --before I get a bunch of do this etc.

    I've looked at all the so called methods found by Google to remove
    this thing. Virtually all call for downloading something to use.
    Usually something called Rkill "disguised as Internet Exporer": !!!
    ???
    DUH! I can't even get to anything which could download it. I am
    totally unable to access anything. And how do I download from "safe
    mode" ??
     
    , Feb 16, 2013
    #3
  4. VanguardLH Guest

    All you get here are volunteers.
    Did you review your post before submitting it? That doesn't make any
    sense even after trying to parse out the mismatched interjectory
    phrases. You meant to go somewhere but never reached your target.
    That would be hijackware. Sometimes it changes the attributes on files,
    like making them hidden so they cannot be normally found. Sometimes, if
    given enough time, it runs through all the non-critical files to encrypt
    them. You cannot regain access until you pay their ransom and hope they
    then give you the decryption program.

    Usually they put a button in a popup saying to Buy or Cancel but both
    buttons do the same thing: download and install. There's another prompt
    from the OS or web browser asking if you really want to run the program
    but the lost user okays that, too (they get click-happy to escape or
    figure they want to run/install that software that reported all those
    bogus infections). Even the "X" titlebar close button might be bogus
    and do the download and start the installer. The only safe way to avoid
    the bogus AV page is to kill (not exit) the web browser. Go into Task
    Manager and kill the web browser's process(es).
    Restore from your image backups to get back to a prior known state.
    /(Yeah, I know, now you're staring like a deer in headlights trying to
    come up with an excuse why you don't do image backups for system
    disaster recovery.)/

    The "removal" tools you find through a Google search are often
    bogusware. They may be from the same hijacker (under several different
    disguises) so you end up paying them to regain access to your files
    (well, for awhile). Any "solutions" that ask for money are also bogus
    as they are looking to cash in on common malware and providing a limited
    resolver. Many are distributed by crappy or sham AV vendors (there are
    thousands of these that are worthless). Look only for *free* solutions
    and preferably those that not only may give you .reg files to fix the
    registry but also describe manual steps to do the same with you editing
    the registry that their .reg file does. You want to find something that
    is free and a well-known and respected anti-malware tool or an article
    that tells you all the steps that YOU go through to eradicate the pest.

    On another host, you could download portable AV apps, fully updated, and
    put them onto bootable media (floppy, CD, USB drive) and boot using that
    to run the AV program against your system drives.

    A Google search:
    http://www.google.com/search?q=disk+antivirus+rogueware+hijack
    found:
    http://www.zimbio.com/Remove+Malwar...install+Disk+Antivirus+Professional+Rogueware
    and:
    http://malwaretips.com/blogs/remove-disk-antivirus-professional-virus/

    The last one has you use MalwareBytes has a free version. I'd start
    with that one. Then keep that installed and periodically update it.
    Use it as a free passive scanner.

    Also suggested is Hitman Pro (this is teaseware: free to scan, pay to do
    anything real). I remember trialing that product but discarded it
    (probably because you have to buy it to have it actually remove the
    pests). They offer a fully operational 30-day one-time license so you
    could try using it to eliminate this pest. After a month, it's crippled
    and you'll have to buy it or discard it (although the free scan probably
    still works).
     
    VanguardLH, Feb 17, 2013
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.