I got a damn virus on my new laptop. It installed some Antivirus Pro program and it wont let me access anything.
I cant go into ad/remove programs, system restore, nothing!!!
A web page pops up that says osadware.com.
Any ideas on how to get rid of it?
[Reply]

Reboot to safe mode, and do a thorough scan with both your AV and anti-spyware software.
Posted via Mobile Device
[Reply]

We got this one at work. Nasty bugger. According to our IT guy (All Hail IT Guy!) it's not a virus. It's malware. He used a program called Malwarebytes to remove it. Good luck!
[Reply]

Yep. Download Malware Bytes and run a full scan in Safe Mode. If that doesn't work, try ComboFix.

MCS
[Reply]

it wont let me access any website in order to download Malware.
Any website I go to, it says its infected.
[Reply]

Have you rebooted in Safe Mode?
[Reply]

You've tried ALT-CTL-DEL and looking for anything that looks like osadware in the running processes and ending it?

Else, DL the file onto a USB drive on a separate computer. Boot into safe mode .. press F8 when booting. You might have to F8 a few times. access the malware bytes program on the thumb drive and install it then run it.
[Reply]

sounds like vundo... that sux man... I deal with it at work too..

download malwarebytes, install it, update it, restart into safe mode and run it..

You may also be able to find the process listed in TaskManager like SeanGAR mentioned, I always look for processes with random letters and end those.
[Reply]

Maybe someone could paste manual removal instructions from a reputable site like Spybot, McAfee, or AVG? I'd do it, but the instructions are way over the clipboard limit for my phone..
Posted via Mobile Device
[Reply]

can you access this site: http://www.bleepingcomputer.com/viru...virus-pro-2009

Also, get malwarebytes on a usb drive or something by using another computer if you cannot access it.

Worst case, reformat (typical response)
[Reply]

Reboot in safe mode.
Go to your Local Drive.
Go to Documents and Settings (and choose You).
Go to Local Settings. (If this doesn't appear, go to tools/folder options/view/and click the tab beside "Hidden files and folders" and Apply)
Go to to Application Data
Look there for a nonsense folder that begins with the letter a (forget the string).
It's abeghfdgt or something ridiculous like that.
Inside that folder will be a program called osadware.exe (again, don't remember the exact file name) or something of that nature and it will say it is a Microsoft Corporation file. It is not.
Delete it and it's containing folder.
Empty your recycle bin.
Reboot into your normal mode.
Then be careful where you are getting your torrents. :-)
[Reply]

Oh yeah, once you've done that, you'll likely need to do a system restore to the day before you jacked up your rig. :-)
[Reply]

Fought it at work and BIL fought it a couple of weeks ago. There are a couple of things you can blow it away from the registry (script from symantec to unlock the registry) or there is a dos prompt to kill it and a restore point that will fix it also. More solutions are out there now on google but easier if you search from another computer. Time I fought it, it blocked malwarebytes install.
[Reply]

It's pretty much advanced to where it blocks all executables, and it hijacks your browser so you can't even do an online scan.
I found it last week, worked out the solution, re-aquired the virus purposely, and retested.
The system restore is a lot easier than cleaning the registry for the browser hooks. :-)
[Reply]

I had it about 8 months ago before I installed Kapersky....It was a ***** to remove then, I can only imagine what it is like now.....

Hope you get it all worked out Travis
[Reply]

There are some sites that can be accessed by typing directly into the address window. Sometimes you can also search by going through a third-party site like a news site. Clicking on links is almost 100% disabled. Its a serious pain and will take some time to get rid of all instances. I used ComboFix and a second program to clear a similar redirect a few months ago. Good luck.
[Reply]

I agree, these pain in the arse people need to invest their time in Linux then it really would bring down MS. Unfortunately though it looks like they are moving towards virus hijacking and ransoming of the computer which is what this is/is leading to.
[Reply]

My daughter clicked on one of those fake ativirus warnings and downloaded a rouge security malware. It was blocking all attempts to remove it.
I had to boot into safe mode and I ran a program called SuperAntiSpyware from a CD. It removed all the malware plus some adware plus the tracking cookies and a trojan backdoor. I rebooted and ran a Windows Defender full scan and found a couple more evil program files. This took hours. I will run a registry cleaner next.

Those fake antivirus warnings are convincing enough except I get them telling me my Windows files are infected when I'm not running Windows.:-)
[Reply]

Typically you can run either Malwarebytes or Combofix by changing the file name... :-)
[Reply]

I am lost when it come to the crap being sent out today. I am lucky, I have an IT friend that I give my lap top to twice a year and he goes through my files and cleans it up. If you cant figure it out, you may have to take it to someone for service.
[Reply]