Fake Antivirus Peddlers Helped by Microsoft, IRS

This threat is very severe and kinda scary. I got hit last night around 4:37pm surfing the stories on here from one of the sites.(no pun intended to this site) I have the timeline down, just have not figured out which website it was that redirected me. It happened so fast, I didn't have time to react. When I realized what was happening, all I could do was unplug my network cable to my router. I suggested earlier in a previous thread about using ctl+atl+del (brings up task manager), I did try that and usually works, but this time, it was faster then me. After unplugging the network cable, it was already running rampid on my system. Only then I was able to use the task manager to a certain extent. I started up the antivirius software, did a quick update of the definitions, all while I was using the task manager to slow down the services on these trojans.

The update was able to catch some of the trojans but not the heart of it. The so called software that will take over and ruin your system is called spywareguard2008 with many names of trojans. It looks very authentic to microsofts securiy center that most of us have running in our O/S. I was able to control it while I researched this so called spywareguard2008. I googled it and was kinda concerned because I didn't want to be in the same situation with my notebook. I found a malware forum that took me to the heart of the issue. The sites owner gave two antivirus suggestions that would remove this fake spywareguard from your system completely.

Most of the antivirus out here are not completely removing this bug from your system. Which my antivirius didn't completely remove it either and continued to play havoc with me all night. The antivirius I used is called SuperAntivirius. They have a free edition with limited use or a professional edition that is free for 15 days or you can purchase a copy for $29.99. This antivirius completely removed it from the system files and registry.

Normally, I can go in to a system files/registry and remove this annoying crap. Not this one. The more I deleted it, the more it seemed to grow. After it got tired of me continously trying to delete, it would throw a generic host process is shutting down. If you didn't hit don't send button, it would time out and then give you a NT authority is shutting down. It started at a minute and count down, then shut the system off. Yeah, I had my hands full for many hours. Needless to say, I was able to regain my system with a few pots of coffee in tow .

The total damage for me was 10 hours of work. 5 memory items detected, 100 files detected, 171 registry errors, for a total 277 errors and lots of trips to the bathroom.

 

I would have to disagree with you on that. That would be ideal solution but in a large network, you would lose productivity. Productivity means time, and time means money. The antivirius software I used to remove this bug, completely removed it from my system.

 

I know about reimaging but what is steady state ?

 

I must say, its a great program. Its basically a IT software that does everything for you. I could have used this software on my sisters kids computers. The only thing I didn't understand is, Why did it set up a administrator account when I had one?