You do not want this! Not sure how it found me, but I received a popup from this at lunch today, and my computer has gone downhill since then. This is a nasty virus, that will cause you lots of grief. Not sure how much damage was done already even by the time you see the popup, but as soon as you get a popup, touch nothing, shut your computer off, and find an alternate computer to plan your attack on preserving your system. I did not install this (intentially anyways), but I did click cancel, and that might have been enough, as cancel buttons can be set to function exactly like the 'Ok' button. It looks official enough when it first popped up, and it will run a fake scan that tells you to install it now to fix these, so unless you are aware of it ahead of time, you might make the mistake of clicking something.
This virus attacks your registry. It will change values to limit your ability to perform functions, and this is the beginning of the end. It changes your login info, disables your task manager, and who knows what else. I was able to go into my registry, and enable the task manager (which you need to do to kill the virus processes currently running), and I reset my login info. However, once I was in the task manager, the process names were multiples of each other (some being Microsoft), so I was unable to determine which threads to kill. It will also block you from installing, and running things set to kill it, such as Malwarebytes, so this was another punch your fist through the wall set back.
After a couple hours of trying to oust this beast, and an hour more of planning how I was going to find the fucker that codes these, and apply some pain, I gave up, wiped all my drives, and have begun the reinstall process. I have windows back up and running with all patches and drivers current. Got all of my HDDs reformatted, and defragged, etc, so at least functional. Currently going through the eight hour reinstall of wow.
A note on security apps, as I suggest everyone make sure theirs is current, and of good quality. If not, get it current, and find one that is. I was using the free version of AVG, and it still got through. To hell with AVG. I brought home a paid version of Kaspersky from work, and that is my new protection. We'll see how it works.
Any interaction with the pop-up (assuming you're talking about a pop-up on a web page) will usually mean "Yes."
Formatting was a good idea.
If you got this from the web (most likely), here are my recommendations to help prevent this kind of thing from happening. 1) Use Firefox. No other browser is as customizable and secure as Firefox. 2) Use the "NoScript" Addon. This takes the out of the box Firefox, and makes makes it super secure by disabling JavaScript. It doesn't allow scripts to run unless you allow it.
The bad thing about this is that it breaks some web pages. You pick and choose which scripts are allowed. For example, if I didn't want to wait for the vent add-in to load on this site, I would just click the NoScript button and click "Forbid ugt-servers.com" This speeds up the load time by not processing any information sent from that site. The bad news is I can't see who's on vent (not a huge deal anyway).
Most sites are untrusted to begin with, so I had to allow scripts to be run to show that.
3) Use Ad-Block Plus. It blocks ads, or more specifically, traffic from known advertising sites. You can ad filters as you go. For example, I have a filter "*double-click.com*" The *'s mean a wild card, so my browser just ignores traffic from anything that has "double-click.com" in it's name.
------------------
I rarely get SpyWare / AdWare and viruses.
I'd also recommend a good Firewall. Zone Alarm Plus is pretty good I hear.
