[PCWorld]

Post your comments for Sneaky New Virus Spreads via Ads here

[Jhudson13]

I have seen this on several different systems so far in the past few days. I have found that for me it is very hard to remove. I have noticed that registry keys that are infected or modified on one system will not be the same on another. I know that there are many of you out there much smarted than me on this kind of stuff as i have read may post/help articals here. Who ever did this was and is one very smart person/s I just wish they would have used there skills in a different way.

[normR]

In the last paragraph of the article, mention is made od the ad-tracking company, Doubleclick. What is their connection with this anti-virus malware? I also had an infestation of this type in an earlier form, about a month ago. It took a very good tech 2 hrs to get it off. Now I don'r click on any pop-up like those. On some, the "X" button to close the pop-up is part of the "trap", and it you click on it, you're off to the races.

If the pop-up window shows on tor task bar, right-click it and choose "close". If it doesn't show, close your browser (or the Tab tou are in), and don't go back to the webpage you went to just before the pop-up appeared, it's corrupted.

NL

[Scorpion7]

I believe that NoScript for FireFox would have prevented this problem.

[Jhudson13]

The technology from the old ad-tracking company Doubleclick is the base line so to say for the technology use to spread this virus. It is spread by clicking on the add link by trying to close the adds or by in the case on my desk now clicking and downloading a add.

[Scorpion7]

Bleepingcomputer.com has posted a procedure (use at your own risk) to remove the sneaky "Anti-virus-1". I have found links to BeepingComputer's
<a href="http://www.woodsmall.com/security.htm#REMOVE-ANTI-VIRUS-1">Anti-Virus-1 remove guide</a>,and also to <a href="http://www.woodsmall.com/security.htm#NOSCRIPT">NoScript</a>, which I feel might have prevented the re-direction to the malicious web site. These links are found on
http://www.woodsmall.com/security.htm

[trinu]

or adblock plus

[Jhudson13]

Thank you for the likn. I did not see this before not sure how or why I over looked it. I will give it a try on the next one.

[Stranded]

Removing malware is what I do for a living. The method of transmission may be sneaky, but the apparent cure was not comparatively difficult based upon my limited experience with this creature. Perhaps there are other versions that are difficult to remove, i.e., prevent from reappearing, but I haven't seen one yet.