Tuesday, May 10, 2011

Update on Fake Alert Virus Infections

Seems like everyone I know has been getting hit by this malware. Sophos reports that there are over a half million variations of this attack! Thus far, Malwarebytes and Combofix have been successful in removing it, followed by scan with multiple anti-virus programs using their free online scanners. I've had to boot the computers into Safe Mode (press and hold F8 while the computer boots up and choose Safe Mode with Networking) in order to be able to even run Malwarebytes but it works. Also, rebooting into Safe Mode has re-enabled the previously installed anti-virus programs to be able to run as well, such as Microsoft Security Essentials. MSE was also able to remove the fake alert virus in Safe Mode.

Combofix, while effective, just removes things and makes changes without asking you. It removed my custom Hosts file, which I then had to replace.

No comments: