Always have a Linux live disk handy.

Life is but a game, some players win some players lose.   

The rest of us are looking for the damn basters so we can hang them from a tree and watch their legs kick. 

Good suggestion, 2of3. 

@ Dr Guy:

Where/how did you catch it, what program? Did it give any specific "hostage" message? 

Consider a free program like Sandboxie to isolate your OS from any "New Program" or executable. 

Hope you have a clean backup.

Sorry this happened to you! 

You can install the 30 day trial of Kaspersky even on an infected computer.

How about cutting off their fingers and shoving them where the sun don't shine. Them hang 'em from a very long rope off the Golden Gate bridge with a bag full of bull ants in their underwear.

That would be too kind.

Got to rewrite mine - the CD expired (they do after a time, but this one was only 4 years old).

And toast marshmellows?

I will look into sandbox.  But this one was my son's (away at college), so not a lot on it except his music and movies.  I got everything saved (xcopy is your friend).  As for the name, once the kid told me I had "viruses", I unplugged it from the network and started working on it.  I found the file (another one of those number and letter things), and the name was AntiVirusSuper 2011 (it actually had several names) - I have the silent runner log saved so I can go back and look at it.

If I had the time (family reunion this weekend), I would have tried to dissect it before reformatting.  But once I figured out how bad it waws, I just saved all the data and started the reformat.  I figure that will only take a day (versus perhaps days the other way).

I heard making them slide down a razor blade into a vat of vinegar is fun to watch!

Well - as long as it is not hanging them by the neck - I would go for it! (The neck is too quick - but I like the bull ants touch).

Here are the list of names I found in the registry.  I guess it was try one and see if it snookered?

AlphaAV.exe
Anti-Virus Professional.exe
AntispywarXP2009.exe
AntivirusPlus.exe
AntivirusPro_2010.exe
AntivirusXP.exe
antivirusxppro2009.exe
AntiVirus_Pro.exe
av360.exe
AVCare.exe

I honor your choice.... get an ext. drive and Acronis. You'll never be sorry.

Got the exterior drive.  Will look into acronis.  I finally got it reconfigured last night upon my return.  And promptly (I know!  Do not have to say it should have been done before) set the user account to restricted (actually Power user, but at least they cannot get to the system or the admin).

That sounds like XP Total Security 2011, which I caught yesterday from the Witcher Wiki.

It is one %*(($ to get rid of, too! It totally screwed my primary user profile, even blocking me from getting on the internet.

I created a second user (in secure mode), got Malwarebytes (using another computer and a flash drive), and eradicated it.

My old user ID is still trashed, so I had to recreate my old desktop using the new user ID.

This thing slipped right past my Mcafee Internet Security (which is now uninstalled in favor of MWB and AVG).

All in all: 6 to 8 hours of gaming time lost! Waaaahhhhhhhh!

blank

Thanks!

Yep!

After I found the infection in the All user profile, I did not think to try that.  Another quiver in the arsenal!

I was running AVG on the computer - but I have found it slips by all of them.  As I told the kid - AV does not work when you invite it in.

Great suggestion!  I have been too lazy to do that, but given the time expended, it was lazy time wasted.

For a Linux live disk, related to security, i use Knoppix STD for repair ( kubuntu/Win xp pro x64/opensolaris for normal use )... a list of the tools can be found at http://s-t-d.org/tools.html ... if you don't like Knoppix STD, take a look at http://www.knoppix.net/wiki/Security_Live_CD , you have several choice... Helix3 pro is very good but at 239$ by year, it is more a tool for people in the security business...

Usual Linux live disk have not always the needed tools for repair... only a security live CD/DVD can maybe have all the tools you need...