We created another administrator account on all of our computers named rescue. Since the virus only infects (so far anyway) the account you normally log in with if you log in on another account you can seek to do repairs/fixes to the other.
That's good information to know. I'll keep that in mind next time.
Most of the virus I read about stick a small file in your startup directory and when the computer starts the virus begins. If you can go to that start directory and delete it then you can run a drive scan and it will rid the drive of anything else it might find.
This must be why the anti-virus companies have you create a boot disk out of a flash drive or CD, because it bypasses the start up files on your C:\ drive and boots from the anti-virus boot disk instead.
Here's a trick I've learned. Immediately after you've discovered an infection do a search of all your drives (but typically the C:\ drive) looking for any executable files that were created in the past 24 hours or so. Search for:
*.exe
and set the custom search by date to a 2 day span or so.
If you find any executable files write down the name and the folder where it was found. Then do your virus and malware removal regimen. Afterwards, check to see if this executable file is still on your hard drive. If it is delete it.
Some evil nasty people out there in this world.
There ought to be mandatory minimum sentences for these people, at least 5 years. The loss of productivity they cause every day must be enormous. Just take the time you spent on getting rid of this virus and multiply it by, say, 250,000 other people, then multiply that by 365 days a year. Such a waste of time being spent to rid our computers of these things.
