VO-BB - 20 YEARS OLD!

[allensco]

Although I don't use windows...I have cleaned a few machines of this particular piece of crap. It's more or less malware, not a virus. Malwarebytes will get rid of it, IF you have it (Malwarebytes) already installed. Don't count on being able to get to your task manager, registry editor or msconfig editor. It blocks all those plus any anti-virus you may have (in my experience). It makes doing anything on the infected machine very difficult because of the continuous pop-ups telling you the machine is infected and you need to buy it....so the suggestion of waiting would seem....wrong (my opinion). If I recall, this is the 2nd (or possibly 3rd) incarnation of this bogus virus scanner/malware.

IF you can get to your task manager, look for a process running with "sysguard.exe" in the name. It may be preceded by a random set of numbers or letters. That is the little bugger right there. IF you can get to msconfig, use selective start-up and turn off anything you don't recognize...especially if it has "sysguard" in the name. I was able to remove it easily after getting to msconfig and shutting it off and rebooting the system.

Your mileage may vary....but that's been my experience with it.
Good luck!

Don't use IE or Outlook Express. Use Firefox, Opera...anything but IE. For email, try Eudora (my pick) or Thunderbird.

A~

[Bish]

[allensco]

Peter, I see that you and I are mostly of the same opinion on this topic. All my desktop computers run a version of Ubuntu Linux (8.04 LTS). The laptop runs Linux too (version 8.10). I keep Win XP Pro for the studio computer. Linux lets me do my day to day work without any worries of such things...and when needed, the studio drive is fired up.

I've not personally had this problem...BUT, several of my family member's computers have had it. After removing the bugger, I go in and change the name of the IE exe file to something else so when they try to bring it up, the system can't find the program. Same for Outhouse Express. I install Firefox and T-Bird (or Eudora) and tell them to use ONLY these programs for internet surfing and email. I also add MalwareBytes and Avast Antivirus to those systems...removing any other AV/malware programs. Most of the time, I don't get any callbacks regarding reinfection. The only calls I get is asking the question like, "where did my big blue E go?" I just say, the big blue E was the virus and I removed it. Use the one called Mozilla Firefox, it's better. So far, all has been well

A~

[Jason Bishop]

Might also give Malwarebytes a try.
It's a free download at malwarebytes.org (there's pay stuff too) and cleared wicked stuff Norton and Windows Defender missed.
It takes a while to scan and kill.

Good luck

Jason B.
_________________
____________________
"Be like water my friend."
-Bruce Lee
Martial Artist & Philosopher

[Steve Royal]

I do some IT servicing for some local clients, and this thing is popping up all over the place!
I've found that if you start the computer in safe mode and do a registry clean and virus scan (and clean out your startup list) it gets rid of it.

[Chuck Davis]

My wife ran into this issue about a week ago. Rather than trying to click out of it I simply turned the PC off (via the power button). I turned the computer back on and immediately ran a scan. Looks like we got out OK.
_________________
Wicked huge.....in India.
www.chuckdaviscreative.com

[bobbinbeamo]

My daughter downloaded a "Free Game" yesterday and her laptop has since been taken over by a new malware called "Personal Security", which is a very nasty bugger, which even slipped by Norton Antivirus. This new program will take over the computer. We've just spent 99.00 and the past 1 1/2 hours with Symantec and it ain't over yet. Right now, a tech is remotely manually removing it while in DOS mode, and Norton is scrambling to update their own databases. PAIN IN THE BUTT!

News at 11....
_________________
Bobbin Beam
www.bobbinbeam.com
blog.bobbinbeam.com

[Drew]

It's an iteration of the same blasted bug. That was just one name of the three it released on me. I've been working on my travel rig since Tuesday, as my IT guy is still trying to unravel the bastage on my main rig.
_________________
www.voiceoverdrew.com
Skype: andrew.hadwal1
Although I have a full head of hair, I'm quite ribald.

[bobbinbeamo]

After about 3 hours and $100.00 later, my daughter's laptop is clean, but what an ordeal. We had a Symantec tech remotely access and fix. It took a long time. A lot of folks are getting this. We aren't sure how it hitchhiked onto her machine. Really gotta watch out for downloads of movies, games, music and emails embedded with executable files. Here's some info on it:

Personal Security is a rogue anti-spyware program from the same family as Cyber Security. This program is promoted through the use of malware that will install it on your computer without your permission. In order to protect itself, this program will automatically attempt to terminate security programs that may help to remove it. When installed, Personal Security will be configured to start automatically when Windows starts. Once started, it will scan your computer and display a variety of infections, but will state that it will not remove them unless you first purchase the program. In reality, the infections it finds are either fake or legitimate programs that if deleted could cause problems with the proper operation of Windows. Therefore, please do not act upon any of the files it states are infections.
_________________
Bobbin Beam
www.bobbinbeam.com
blog.bobbinbeam.com

[ConnieTerwilliger]

My mom is constantly searching for Free Jigsaw puzzles. And then calling me to tell me that her homepage has disappeared. Somehow she keeps getting the Alot tool bar loaded. I uninstall it, but it still shows up on the search drop down bar. A bit of research shows very complicated methods of permanently deleting this little worm, but she doesn't use that search box, and it doesn't seem to be interferring at the moment, so I'll save the $100 for when it becomes more virulent.
_________________
Playing for a living...
www.voiceover-talent.com
YouTube Channel: http://youtube.com/connieterwilliger

[JTVG]

I got nailed a couple of days ago and it was a tense couple of hours. I couldn't open or get anything to function correctly. Switched to safe mode and did a System Restore. Bingo. That's the best feature ever created.

That was the first time I've had a virus take over my computer to that level of craziness.
_________________
Joe Szymanski
http://www.joethevoiceguy.com

[SoundsGreat-Elaine Singer]

Man I hate to say it, but me too!

Now I am unable to get into my computer at all. It just loops at the logon screen. Even when I try to log on as Administrator, no joy.

I just spent hours in DOS (boy, that really takes me back) trying to fix it - to no avail. Thank goodness for my netbook so at least I was able to get on the internet for some advice.

Nothing worked though so I guess I'll have to lug the CPU down the stairs somehow and get it to the shop.

In all my years of computing (over 25), nothing like this has happened to me before. I am so very careful.

What a royal pain.
_________________
Elaine
The Youthful Mature Voice (Emeritus)
Senectitude is not for the faint of heart.

[Yoda117]

Couple of things... it's malware, but falls under the category of "scareware" in most variants (this is good... as it trys to get you to purchase a "security tool" by stating that your system is infected, but has no truly malicious payload... yet).

Bad part is that some variants use a nasty little trojan (spyware as are of little use if such is the case). Additionally, the little bugger opens a port for communication which means that anyone on a broadband connection (most of us) have a potential hole in the defenses. This is particularly true if you leave your computer on 24/7 (you'd be amazed how often your computer or local firewall gets port scanned; the last thing you need is to have a port opened and unprotected).

I don't have this particular wee beastie as of yet (happy to take a copy if someone wants to send it to me... my "zoo" has lots of critters for this guy to play with), but if it's like most scareware, then you can stop it dead via the registry (Google the particular item, and for those who are tech saavy you'll quickly find the item you need to do a REGEDIT on).

FWIW: those of us running VMs (Virtual Machines) are pretty safe. You're still at risk for infection, but if you kept a copy of your vmdk files, it's a 2 minute fix. These items don't affect a hypervisor as of yet.
_________________
Voiceovers by Gregory Houser
Philadelphia based Voice Actor

Blog - A man, a martini, and a lot of microphones

[allensco]

[Yoda117]