GRRRRR!!!! I've got a friggin virus!!!!!!!

B

Blasphemous

Joined
2 Oct 2006
Messages
6,654
Reaction score
290
Country
United Kingdom
I run McAfee.

I have a Malware type virus popping up telling me I have a virus!... Ya don't say!

I tried running Malwares Anti-Malewares in normal windows mode but it wouldn't let it open up and run! So i booted into Safemode and ran it from there. It ran and found one item and deleted it. I booted back into normal Windows mode and the virus is still there popping up!!!

It displays an icon next to the McAfee icon on the taskbar next to the clock (bottom right hand corner of the screen). The icon looks like a red shield with a blue stripe across it. The pop ups don't show any name for the 'product'. So I clicked on the buy it button (obviously I have no intention of purchasing this shyte). I don't recommend anyone goes to it but the link takes you to the following website:

http://siegare.c0m/shop.... etc etc

So the only reference I have is to a 'product' under the name of 'siegare'.

McAfee has popped up twice saying that it has found a virus and deleted it but it's still very much there! I'm running a full system scan with McAfee but it's at 91% now and it's found nothing!

I have a dual screen set up on my PC and what I've noticed is that when I have the 'product' webpage open on the 'other' screen, the pop-ups stop coming. I assume it's part of the whole scam so you can make a nice pop-up free payment to them!!! However Firefox has force closed once already!

I need to do a fair bit of online shopping this afternoon but obviously I ain't buying anything with this thing on my PC.

Can you offer any help guys? Thank you in advance.

EDIT: I've had to come onto my Laptop now as it is forcing Firefox to 'hang' all the time now. If I try IE it stops me from loading a page stating that this (that's THIS.... DIYnot, website), may damage my PC! It won't let me open ANY website in IE. I tried too load Task Manager to close Firefox but it won't let me open that either! So I've got Firefox hanging and I'm just waiting for McAfee to finish but I don't hold out much hope as it's now at 96% and still nothing found! This couldn't have come at a worse time!

Any help would be appreciated.
 
I've downloaded STOPzilla (was recommend to me some time ago), but I cannot execute the program. I've tried in Safemode with networking but nothing happened! Actually something did happen, the PC crashed completely!

This is an absolute nightmare!

Please help guys!
 
I have the same issue going on my laptop and I have tried all sorts of things but no luck. Any HELP would be greatly appreciated. I also have McAfee that I installed and ran in Safe mode but nothing came up. In the regular windows mode I am unable to run anything and just get messages saying I have a virus and to buy the siegare software. Please HELP!!!
 
An effing porn site just popped up on the desktop! This is really serious! I NEVER look at porn.... EVER! I have a very young son who wouldn't know what porn is. he never comes on here unattended anyway but I cannot let him near it now knowing that that might/could happen again.
 
I hope you get it sorted out, but it's a really REALLY bad idea to post a link to the site that is invoked when you hit the 'buy' button. I'd very very strongly suggest that you edit the post and remove that, or someone else may be 'caught' with it...

Have you tried Avast! and Malware bytes - seem like good anti.... products. Free too :D

It may help to attach the HDD to another machine as a slave while you scan it with the above tools.

If you have to use Windows (which is insecure), try Microsoft security essentials in preference to Mcaffee (also free).

Good luck,

Colin
 
Thanks for replying guys.

I've tried Malwares Anti-Malwares and it found two items on the first scan but the virus was still there after rebooting! I've tried that link you provided John (I was already at that site when you replied mate but thanks anyway). I followed all of the instructions.... its still there!!!!

I've tried the instructions at www.bleepingcomputer.com/virus-removal/remove-antivirus-action including deleting and replacing the host file... its still here!!!!

It seems to be called 'Antivirus Action' if that prompts anyone?

I'm REALLY peed off!
 
What I did was run my windows recovery by clicking the f11 button when the computer started and changed the settings to run a previous earlier version of windows and that worked. Now I am good and the computer is running fine. I am running some virus scans and going to run a malware program to ensure everything is clean but I am back to normalcy. Hope this helps you.
 
Blasphemous, most on here are not experts in fact they haven't got a clue, they bumble along saying download this or try that and are about as much help as a chocolate teapot! I've used this Forum http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/ although you need to start here http://www.techsupportforum.com/sec...read-before-posting-malware-removal-help.html on occasion and the guys on that site live for it just check out some of the threads on there but there are similar Forums out there. I can tell you though there won't be a 2 min cure for this, you need to get the advice of some proper experts and follow their every word.

Edited to increase the 'thumbs downs' even more from the ******'s.
 
freddymercurystwin said:
Blasphemous, no disrespect to anyone else on here but most on here are not experts, I've used this Forum http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/ although you need to start here http://www.techsupportforum.com/sec...read-before-posting-malware-removal-help.html on occasion and the guys on that site live for it just check out some of the threads on there but there are similar Forums out there. I can tell you though there won't be a 2 min cure for this, you need to get the advice of some proper experts and follow their every word.
Click to expand...

Yeah I tried the second link earlier mate. No joy! Gonna try one more thing then call it a night. I ain't too well and this ain't helping one bit!

Thank you for all the replies so far guys.
 
Bleedin Hell!!!!!!!!!!

Right, I 'think' I've killed it! Or rather 'Hitmanpro' has.

Was looking here: www.2-viruses.com/remove-antivirus-action

In the user comments toward the bottom there are quite a few mentions of hitmanpro's success at removing this whoring bloody virus. So I downloaded it, ran it, requested the free user licence and it only went and killed the bartender!

Any ideas how to stop this happening again guys?

Anyway, hope the info helps others.

Blas.
 
Blasphemous said:
Yeah I tried the second link earlier mate. No joy!
Click to expand...
What does that mean? You followed all of that, joined the Forum, waited whilst they approved your membership, posted the results, waited for replies, followed their inevitable further advice and posted back the results etc etc all in 51 minutes, a process that normally takes a few days at best. Yea you really tried that link didn't you! You can lead a horse to water ......
 
My mates sister had a similar Fake Anti-Virus on her laptop last week, it breezed past both McAfee, Norton and F-Prot background AV programs (that she had all 3 running simultaneously shows her level of computer savvy..). When it was running it disabled Taskmanager, Regedit and the active scan sections of the other 3 AV programs.

But wasn't too hard to winkle out once booted into safe mode and had a browse through the obvious areas of the windows registry.

Blasphemous said:
Any ideas how to stop this happening again guys?

Anyway, hope the info helps others.

Blas.
Click to expand...

Well, the trite answer is : never go to dodgy sites, never open mail from anyone you dont know blah blah smug smug....

In more practical terms, ditch McCrapee antivirus - I've yet to find a version that doesnt take 99% of the CPU when it decided to do a 'background' update or scan. I'd rather have a virus...

Personally I run AVGFree antivirus which has a Firefox plugin as well as a resident checker, and SpyBot Search and Destroy which has resident checker too. The Spybot one is a bit of a resource hog so might be more of a pain than its worth.
Couple with ZoneAlarm free firewall (dont install the free toolbar which is ask.com rebranded) which will warn you when odd programs want to talk to the internet.

I've heard good reports on Microsofts own Security Essentials package, but being MS, you can bet that every virus writer will look for the flaws in it.
 
i would try running an online virus scanner to make sure you have fully removed it.

I use nod32 as my day to day antivirus scanner but have been known to use the trend micro housecall online scanner if i want a little reassurance.

heres a link to the trend micro online scanner.

http://housecall.trendmicro.com/uk/

Hope this helps.

Bolty
 
Download MalwareBytes (Make sure you click 'Download the latest version')
http://www.filehippo.com/download_ma..._anti_malware/

Open malwarebytes and goto UPDATE and click 'check for updates'.
After its updated goto SCANNER
Click PERFORM QUICK SCAN then click SCAN
Remove everything thats found (needs to be ticked)
Post the COMPLETE log here AFTER you've deleted everything it finds
If anything was found then do the exact same but run a FULL scan

Reboot

Download HiJackThis (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
Click MAIN MENU then DO A SYSTEM SCAN AND SAVE A LOGFILE(Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log)
If you get a message that you cant write to the hosts file then Press the SHIFT key, and whilst holding it RIGHT CLICK and select RUN AS (admin)
 
You must log in or register to reply here.
Back
Top