What a coincidence.
I got hit with the same malware while visiting this site on 23 Dec. What a shocker!
I think I’m up to 4 times being hit with malware from the SD.
MalwareBytes did the trick for me but the EXE thing was a bitch and everything had to be run as an administrator so I rolled mine back too.
If you get it again, with the added EXE twist, try renaming the malwarebytes executable from mbam.exe to mbam.scr and then double-clicking it. Worked for me when I had this problem.
That’s much too mild. I am generally opposed to capital punishment, but I would make an exception for virus writers.
I caught this one just a week ago. I happened to be visiting my daughter and SIL over the holidays. My SIL googled the name of the virus and found instructions. I don’t recall exactly what they were, but I do know it involved downloading something on his computer, copying it to a USB memory stick and then booting in safe mode and running whatever was on the stick. It worked! He ran two different programs and I think Malwarebytes was one of the them.
I got this malware a couple of weeks ago.
I just went back to a restore point from a couple of days prior to the infection. That seemed to clear it right up.
Easy-peasy.
I got this very same malware while surfing the SDMB last month. Twice. It seriously fucked up my computer. Windows firewall was disabled, and even doing registry imports could not fix it. I ended up reinstalling Vista and spending a week doing updates and scans.
Now I only use Firefox with FlashBlock, AdBlock, and NoScript add-ons. Acrobat Reader is not on my system, only Foxit Reader.
Go to bleepingcomputer to remove. In my case, it was all “removed” and Malwarebytes, SuperAntispyware, and Microsoft Security Essentials all said my system was clean. I went back on the web and within a few clicks my browser was redirected and my system was reinfected.
Good luck, everyone.
That is because you probably had the TDSS/TLD4/Alureon rootkit, which is capable of hiding files so securely no antivirus/antimalware can detect them.
I was in exactly the same state. Combofix (http://www.combofix.org/) did the trick though
I just gonna copy & paste a post I made from a different forum.
When it is real bad, I take the time and have professionals at another forum help me. I can’t not post the link so hopefully I can just tell you how to get there.
Copy & search “everyone read before posting malware” into Google and click the first one.
Edit Turns out you can post links at the StraightDope
http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html
You would have to register and follow the directions thoroughly. Using a forum you can’t expect them to respond immediately and may be some hours or more before they can go over it and they will have to give you further directions with some issues. They know what they are doing and it is free. I’ve used them once and it works, also sometimes just because the issues seem to be resolved, your computer could still be infected or hijacked.
Good luck
It may be similar to bleepingcomputer.com
For those using Windows 7 who might be worried about using a restore point because you don’t want to lose work, note that it doesn’t wipe out changes you made to documents since the last restore. It wipes out only application installations. So if you haven’t installed any new applications since the last restore, it’s the easy way to get rid of the virus.
I was hit by this same malware twice (yes, on the SD both times). The first time I used Bleepingcomputer, rkill, and all that stuff. It worked fine but took some time. The second time I used a restore point and it was completely recovered in 10 minutes. Take the easy path if you can.
I got it from this site earlier today.