There’s a Philippine-made malicious software (or malware, for short) scouring the Internet and looking for potential victims, and it’s famously known as the “Jollybee virus” here in Davao City. If you want to remove this dastardly annoying malware, here’s how to do it (link at the bottom).
This specific malware disables Windows Task Manager and the Run feature. You’ll know you’re infected if you suffer from any (or all) of the following:
- Ctrl-Alt-Del does not bring up the Task Manager. Instead, it will appear to be disabled by the administrator.
- The “Run… ” feature does not appear in the Start menu.
- At startup, you see a popup window with the following message: “Hi. Howaryu? Aym Jaw-ly-bee-cute 3 yehs old frum da bheig bheig manchion ein Shurigaw. Ayl stey hirh forawhile bcos duhbad ghuys tukmehan lefme sumwerh inda leibleib phleiys and ayduno how tu get bak howm. Dows badguys promishd me five moh box of cholate afterh ay join dem indahgeymof haydenshik. Little duhayno bout theyrh ploy of shelling me to dah burgoise. Gudtinh Jawllybeeismart to trwikdemowt anfund weyh hirh tuhuyd.”
- Your Internet Explorer title bar has an additional text that reads “Jollybee is watching…”.
- Your desktop wallpaper is just blank, even if you assign a picture on it.
- The Windows Registry Editor appears to be disabled by the administrator.
- Windows recognizes the computer’s owner as “Jollybeecute” and the organization as “Da Seeker Inc.”.
- Your hard drives and removable drives contain a file AUTORUN.INF that opens a “wscript.exe system32.dll.vbs” script.
- Your Internet Explorer home page is set to a certain jollybeecute website (which I will not post here, for fear that you might click on it).
To remove the Jollybee virus from your PC, you have to follow the instructions in this website, step by step.
Once you’ve successfully performed the instructions, you have to use a good antivirus software that can kill this kind of malware.
My hubby has recently received feedback from at least 5 people in Davao City that their computers are indeed infected with this malware.
Hope this helps.