Earlier on tonight I contracted the FakeHDD family of rogues, "System Check".

"System Check is a fake computer analysis and optimization program from the FakeHDD family of rogues. This rogue displays false alerts that are designed to make you think that your computer has hard disk problems that have lead to corrupt and missing data. It displays these alerts in order to scare you into purchasing the program so that you can fix these issues. In reality, though, there is nothing wrong with your hardware or data, so please ignore any error messages that this program displays. System Check is installed through hacked sites that exploit vulnerabilities in software that may be installed on your computer or through fake online scanner pages. Once installed, System Check will display false error messages and security warnings on the infected computer. These messages will state that there is something wrong with your computer's hard drive and then suggests that you download and install a program that can fix the problem. When you click on of these alerts, System Check will automatically be started.

System Check will be configured to start automatically when you login to Windows. Once started, it will display numerous error messages when you attempt to launch programs or delete files. System Check will then prompt you to scan your computer, which will then find a variety of errors that it states it cannot fix until you purchase the program. It will then prompt you to repair your PC, where it will pretend to fix fake problems on your computer and state that it was unable to repair some of them in order to make you feel there is a problem with your computer." (courtesy of bleeping computer.com)

This insidious, nasty little rogue required me to boot into safe mode with networking (so I could access my router and the internet) and using the Windows/R key combination, I could open Iexplorer and download and run Malwarebytes and destroy the pest. However this was not the end of my problems but a great little program called "unhide" restored my desktop to its original state. ( http://download.bleepingcomputer.com/grinler/unhide.exe)

Thanks to the fact that I have two pcs (not networked) I had my pc back to it's original state after 2 or 3 hours. I wish I could have the pond scum that wrote this nasty rubbish in a room for an hour...

Man that bites! That happened to me on once and after many hours of trying to find a solution I just ended up re-formatting the hard drive.

I just fixed my friends laptop the same way. I don't think it took me two hours. The longest time spent was doing a deep scan with Malwarebytes. Quick scan didn't find it. Bleepingcomputer tells you to do the quick scan but my buddy was getting jumpy. He thought for sure he was going to have to pay someone to fix it. I told him to bring it over and at least give me a shot at it.

Roger

This is a nasty family of viruses. It will get in no matter what browser you are using.

Your problems may not be completely fixed. This family of virus also makes numerous changes to your registry. It will delete Windows Defender, Windows Firewall, Base Filtering engine and Microsoft Security Center services. It also deletes all of the system restore points so you can not restore your system. It also changes the registry values that tell the system to warn you when you have no Anti Virus, or Firewall.

This renders all of these functions useless.

Microsoft's Official stance on how to fix this issue is to format the drive and reload windows. Of course after you clean the infection and backup all your data. The Problem becomes they are not quite sure what all has been modified or changed and there have been so many variants that all add something new to the table that once infected a reload is the only safe thing to do.

****However if you have need to continue on and reload later you can fix most of these issues but it is not recommended. ****

You can restore the MS Security Center, Windows Firewall, Base Filtering Engine and Windows Defender. You will need to restore all of the deleted registry keys.

First confirm that you do not have these services installed by typing services.msc in the run box. Look on the list of services. If you do not find them then look in the registry for this key.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic es\wscsvc

If you don't see it then you are in the same boat I was in when I got bitten last month.

Download the attached zip file and read the readme inside. Take the time to read all of the posts on the provided links.

You can open the .reg files with a text editor and view the contents. You may want to look for each key before you start restoring them.

What this will not do is fix your notifications. I have not figured out how to turn them back on and in truth I don't plan on figuring it out. since no one knows what all this thing hacks up when you get it I feel the best thing to do is rebuild. I am going to restore from a backup of my system after we complete our race.

Many thanks Dave:ernae: