Monday, November 9, 2009

Bleg: Any Solutions for a Computer Virus

After clicking on a tinyurl link at twitter that was supposed to be a link to some Federal Reserve news, my laptop has become infected with a virus (I think a version of BankerFox.A).

It's a nasty one. I use Avast as my anti-virus and it seemed to clear up some of the virus but not all. All sorts of alert bubbles keep popping up every few seconds trying to direct me to pseudo software protection sites.

Does anyone have any suggestions on what type of virus software I should use to remove these completely annoying pop ups? In the time I have written this post I have had 6 pop ups.

Or do I have to find a computer repair shop?

Or just junk this and get a new laptop?


  1. You can try malwarebytes anti-malware software.

  2. Avast has a feature where you can lock it in quarantine. Try that.

  3. Thanks for the tips.

    Lori, I ran a full scan with Avast and it picked up some of the virus but not all.


    Thanks for the tip on Malwarebytes, I'm writing from my desktop now, and running malwarebytes on my laptop.

    I'll fill you all in with the results.

  4. I have had the same problem, and basically I use every free program I can find to get it to detect the virus, then search the name on Google. It has taken me several random, open source, command line programs to get rid of stuff like that. Spybot Search and Destroy is free, Spy Sweeper will detect for free but not fix, etc.

    Good luck.

  5. Malwarebytes seems to have taken down about 80% of the alert warnings, but not all.

    The ship is stable, but still taking on some water.

    Anyone else have any suggestions, before I toss this baby?

  6. Yikes Stephen,

    Thanks for the pointers. I don't have time to hunt and peck my way out of this zoo.

    Maybe, I'll donate the laptop to an econometrician.

  7. Replace your operating system with Linux.

  8. Go here:

    And download Process Explorer and TCPView. For non-known viruses this is probably your #1 method of attack.

    Run Process Explorer and wait for a popup - you'll see what program file is causing the popup (as the browser window that opens should appear under another files).

    If that doesn't work you can right click on the browser window that popped up and hit "Properties". Then go to the "Threads" tab. It should show you what specific files/dlls/etc that caused the window to open. You can then hunt them down (feel free to check other tabs for references, too, but the "Threads" one should be the big one). If you find something suspicious suspicious, search for it on your hard drive and also Google its file name so you don't try to kill a necessary process. If the file looks bad, search for any references to in your registry and clear it out (BACKUP YOUR REGISTRY FIRST!).

    TCPView is used in much the same way though it's more for identifying problems than trying to solve them. With this you'll be able to see all open TCP/IP connections on your machine. Use this in tandem with Process Explorer to help track the problem down.

    Make sure to write down paths, file names, etc. when doing this, as when this virus is finally identified and logged by the pros they'll list the specific actions, files, registry entries it makes. You can then refer back to your notes to make sure you got everything and clean up what you didn't, as if you "solve" the problem now but leave a few stragglers a future anti-virus scan might not catch it.

    I cannot tell you how valuable these tools are. If you're wanting to get real down and dirty go download WireShark, a packet sniffing program, and you can identify every single packet of data sent to or from your PC.

  9. Have you seen this?

    Whatever you do, don't junk an otherwise perfectly good laptop just because of an infection!

  10. I got a trojan on my PC at work two weeks ago. Two days wasted trying to get rid of the bugger!

    That's why I run Macs at home. I know they're not for everyone, but you might one a try.

  11. What you need is a firewall and a good antivirus. The pop-ups can be turned off in settings of any decent browser.

    I use and I am totally happy with:
    1. ZoneAlarm Pro firewall. Normally it needs no maintenance. They offer a free trial.
    2. KAV antivirus. It's a nuclear weapon against viruses. Also offer a free trial.

    ZoneAlarm has a version with a hidden KAV antivirus in it, probably a simpler version. KAV has a version with its own firewall. If I had to choose only one program, I'd go for KAV with its own firewall.

    Having a bunch of antiviruses running simultaneously is a bad idea. Same goes for firewalls.
    A new laptop will not save you. It will pick everything you have now just as well.
    Repair shop is not needed, your laptop is just defenseless, not broken. The programs mentioned can solve the problem, at least for the trial period. Oh, I hope that's not a Mac you have there :)

  12. The best way is to restore your computer from a previous back-up. If not you could try the following programs. All are free as far as I know.

    Spybot Search & Destroy *Recommended
    Windows Defender

    If you wish you can visit the following site if you have a friend who might take the time to clean your machine for you.

    Having a good backup is probably the best way all things considered.
    ERUNT is a good program that is free that works well as a backup. A little technical, but it works well.

    Hope it helps.

  13. Bob, I would back up your data and reformat your hard drive. Then reload the OS and other software applications. Let me know if I can do anything else to help. Rayne

  14. Don't get a new computer because of a virus. Is is that debilitating? Unless its been rendered useless, some anti-virus software exists that may remedy the problem.

  15. The best advice I can give is to flatten the machine and do a fresh install of the OS and your software...

    It seems like a massive hammer for what appears to be a small problem, but for every virus and variant out there once one gets in it opens a door that others later enter by.