Annoying virus - Please help !

I've managed to pick up an annoying virus that pops up loads of blatantly fake anti-virus programs telling me that my computer is infected, won't let me open some programs, and won't let me go on any website when using internet explorer.

I've had a very similar virus(es) before and last time I used an anti-malware program to remove it/them. Last night I ran the same anti-malware program but it didn't cure it, although I only used a quick scan. I'm running a full scan now, but any ideas what to do if that doesn't cure it either?

So far its only affected one user account on my computer. I know I'll probably get replies saying that I was downloading porn, but I wasn't and thats why its so annoying

So, any ideas how to cure it before I go and get a hammer from the shed?

ETA - I tried using system restore too, but that didn't work either

Thats what I'm using at the moment. Like I said I've tried a quick scan, and that didn't work, so I'm running a full can now.

Although it is a slightly older version that I'm using, so I might try updating it and trying again if it doesn't work.

If it is the same one I got a few days ago from looking at chilli plants on a gardening forum of all things (all the crap I have seen over the years and I get it off a chilli plant picture ffs)

Anyhow, it was called security tool and it was a pain in the arse.

I downloaded rkill to kill the process as it wouldn't let me use taskmanager then downloaded the latest malwarebytes and ran a full scan, it didn't get rid of it so I looked for a program called 123456678.exe in my appdata folder (would be documents and setting on xp) but obviously the numbers were random, once found I deleted it.

Ran malwarebytes again and that clean other parts of it out.

After that I ran hitmanpro which is a cloud av using several scanners and it showed no trace.

I run MSE and ad-aware ad watch live which both picked it up and said they stopped it from running but they didn't, I now run IE if I have to use it in a programme called sandibox, that isolates the IE process and won't let things that run in IE run on your PC.

No, but I think thats the one I had before. The one I've got now is called 'Antivirus software alert', and has a message that says:


I've also got a popup in the bottom right that says "Windows Security Alert: Application cannot be executed. The file wlcomm.exe is infected. Do you want to activate your antivirus software now?". I also get this as an error message when I try to open nearly any program.

When I try to open any website in internet explorer I get the message "Internet Explorer Warning - visiting ths web site may harm your computer!". It even says that when trying to open my homepage, which is google.

I would post screenshots, but I can't even open paint!

Thanks for the tips everyone, will try them once the scan has finished.

Had quite a few like these to fix now, seems to be really spreading.

Malware Bytes seems to be the most effective way to remove. Quite a few guides about to help you e.g. http://www.bleepingcomputer.com/virus-removal/remo...

PS, You need to boot in safe mode [F5] to download and run the Malwarebytes program.

New problem - I can't open safe mode. Or am I just doing it wrong? (pressing F8 at startup)

Be quick, press f8 a few times when your screen goes black, before the starting windows logo comes up.

Which version of windows do you have?

how old is your pc, is it a usb keyboard?

That may be your problem, your keyboard may not be showing up in the OS till it has booted on xp anyhow, can you press delete to get in to the bios?.

Anyhow did you kill the process before you ran the malwarebytes scan?