Buying a new computer is never necessary to get rid of a virus. The same can be accomplished by simply wiping the hard drive and installing Windows from scratch. Admittedly this is still a major step to take, but not as major as buying an entirely new computer.

That's exatly what I thought. I'm trying to get some more information from this guy to see what he thinks the problem is, though I can't say that I'd necessarily believe it even if he explained it to me.

Ditto chrismear.

Oh, and this "computer guy" wants to help us "backup" our files before we buy our new computer. For $196 an hour, for up to 5 hours.

Get another computer guy.
Where is this church? (I assume you're in NYC)
Did he say what the virus was?
How did he determine it?

$200/hour! Even our plumber doesn't charge that much. And he knows what he's doing.

Apparently he doesn't know what the virus is, it's something "new he's not familiar with". Baloney sandwich, all of it. I think we're gonna bring in somebody else for a second opinion; I've had good luck in the past with Techs in a Sec.

How does he know it's a virus at all?
What anti-virus program do you run?
Do you have any backups?

Here's some notes from the secretary:

He did not know what the virus was, it is a newer one he is not familiar with, he did clear up the other viruses that were in here.

He installed 2 programs he had to do the virus scan and removal as soon as he downloaded them the virus deleted them.

The download is ok to do I can do some of in the next couple of days but he said a professional would have to transfer to new computer because you don't want to save the virus in a back up.

This virus he is assuming was picked up at a website that was not secured.

We were using AVG Free, as far as I know. This is not a high-tech operation, clearly; I would eat my shoes with ketchup if there's any sort of backup system.

Yea, a second opinion from a trusted person is the way to go. And you definitely need a backup system in place eventually.

AVG is good and it's probably set up to update automatically. I'm not sure why he had to download anything as AVG can do the system scan itself. But who knows. Maybe he has a preferred scanner he uses.

I've never heard of a virus DELETING programs. Sounds fishy to me like he may be just giving edited answers to questions because he's the big tech guy and you all are just silly schlubs - in his opinion.

Yea, get a second opinion.

"I've never heard of a virus DELETING programs." Check out Conficker D and E.

Thanks, that's helpful. We're gonna try the Windows Malicious Software Removal Tool.

What kinds of things are on this disk that you'd want to save?

Oh wait, apparently : this program was the one downloaded by the guy this morning as soon as he installed it the virus deleted it.

Things on the disk to save? Well, our books are in Quickbooks, for starers, that's important. Minutes from council and congregational meetings, service program templates and files, and I'm sure lots of little random stuff that's helping the office run.

Check out Conficker D and E.

Okay, I'm never using the internet ever again.

I'd also recommend running SuperAntiSpyware too. I've always found it to be better at finding/destroying Trojans and worms than AVG. I also switched my anti-virus to Avast!, which I prefer to AVG, it seems to pick up and alert me to things that AVG never did.

AVG takes too long to scan and isn't as good as anti-vir.
You don't have hours of stuff to back up, it appears.
The virus won't be in quickbooks data. There are MSWord virii but they can be disabled in Word.

I use Avira, and lost my only reason for hating it after I learned how to disable the nag screen.

TPS, you will probably need to boot Windows from a CD to remove this infestation. If you are feeling brave, there is an excellent generic Windows boot CD, with anti-malware apps included, at http://www.ubcd4win.com/
I can't recommend this program (and the guy who provides it) highly enough. The software is free to download and has copies of all the drivers and disk utilities that you are likely to need (you can download the latest updates for the anti-malware utilities before you burn the project -- see the CD creation instructions). Its originator can be trusted (i.e. it is free from malware) -- he has been running this project for about 6 years (he has the cease-and-desist letters from Microsoft to prove it!). His website has a wealth of PC recovery info on it.
You will need to burn the recovery/AV boot CD on a different PC to the infected one, obviously! The CD takes about 20 minutes to make up and you'll need a Windows operating system install CD to compile it (use the same operating system version as your infected computer). This software has saved my bacon quite a few times - I highly recommend it.

Noting this thread for my own use, since I still haven't had any success cleaning up my desktop pc and am afraid to use my laptop due to viruses of the Conficker flavr. Good luck exorcising the church computer.

Find a new computer guy. A good person should want to use either "BartPE" or "WinPE" to boot to a known-safe, read-only environment for cleanup operations. Susurration's excellent suggestion of ubcd4win is a derivative of BartPE.

Anybody who wants to clean things up by trying a different antivirus program but booting from the same Windows installation they're trying to clean has no business asking money for their incorrect advice.

Finally - the malware industry (the virus writers) moved away from simplistic childish and destructive behavior long ago. Now they are very sophisticated professional crime networks, which quietly steal your private data and use your computer's resources to further extend their reach. "Randomly deleting stuff" + "Too clever to stamp out" is a very 1995 perspective on malware, and sounds suspiciously like fresh 2009-era BS.

Is there some sort of firewall or "Broadband Gateway" device protecting the network? (Is it even a network?) In the future, you could use OpenDNS as an upstream web filter to help stop the nasty stuff from coming in.

My son had a problem with his computer at college. I spent about 3 hours this weekend cleaning it up. In his case it was obvious-- every few clicks, something called Cyber Security popped up and said the site he was accessing was infected and gave a link labeled, "To Remove Click Here" or something like that.

I Googled Cyber Security removal and got several suggestions; after reading them I followed the guide at bleepingcomputer.com which worked like a charm. The program they recommended to do the dirty work is Malwarebytes' Anti-Malware. When I mentioned this to my other son later on, he said he's been using Malwarebytes' Anti-Malware for sometime.

I guess my point is this: The computer guy thinks there is a virus. Ask him WHY he thinks this.... what evidence is there? Then plug that evidence into Google and see what different geeky forums recommend doing to fix the problem. Just be careful about removal instructions that are on commercial sites; using DIY instructions from forums is my preferred method. You can read what they say about it on the forum and usually the people on those forums keep each other accountable.

Oh... one more thing: The malware loaded at startup, and once started, could not be deleted. Part of the instructions included how to shut the virus program down before running Malwarebytes to remove it. If your IT guy didn't disable the virus before attempting to delete it, it may not be able to be removed from the system.

Re: getting a new IT guy: I have a good pal & former co-worker who does small business IT stuff just like this. I know he's looking for work, even just a few hours, and I expect he will negotiate very friendly rates for a friend of a friend and a non-profit too. He's in Baltimore, but I know he can hop the train to NYC without difficulty. At a guess, he'd recommend Untangle for you. If you'd like to be put in touch, let me know. (and if this is too crassly commercial, I apologize, delete away)

Get yourself a copy of the UBCD, as Sussuruation advises, attach a USB storage drive, boot up and harvest your files. Then wipe the drive and reinstall everything.

$196/hr? Sheesh, I knew I was undercharging.

Susurration and Triode's suggestions are good but they may not be enough for some variants of the Conficker. I speak from experience. theora55's suggestion "Get yourself a copy of the UBCD, as Sussuruation advises, attach a USB storage drive, boot up and harvest your files. Then wipe the drive and reinstall everything." is right on.

As for $196/hr., I was billed out at $187 for solving enterprise OSI protocol issues.