This past Sunday my computer became infected with this virus. This is the first time I have had to battle one of these buggers. I have done some research on it but trust you guys to lead me to a program (freeware) that will rid my machine of this ugly virus. I have shut down my rig until I find the right path to follow. Thank goodness my wife has this iPad so I can stay in touch and do research on the matter.
Thanks for any help.
Jim
I have battled that virus a number of times on my wife's aunt's computer (the gal is 72 years old and insists on looking at internet porn...and I am dead serious about that). The only sure way I have been able to rid her system of it is to do a full format and rebuild of the OS. Luckily, she has few programs installed....just some Hoyle games....so I don't have to go through a bunch of jumps and hurdles...just takes a long time to fully update Win XP.
OBIO
My wify was web surfing on Sunday but she does not remember downloading anything but that is the day it launched on the rig. when I came home and saw the first pop up from this virus I thought my wife had added a new security program but nothing made sence. It was saying the computer was doing a scan and I had to fix al these issues. I never even activated the program, these windows just kept popping up so went into remove programs and did the uninstall but of course that did I not work...so i shut the whole computer down.
Jim with a virus
Give this article a read and see if Windows Defender Offline would help. You will need an uninfected computer to download the software to some recording media.
http://www.infoworld.com/t/windows-s...he-dead-191053
Your wife's aunt sounds like a COUGAR and probably surfing match.com. Porn sites would certainly be the greatest "hook" to install malware on your machine. If/when your Windows computer is disinfected or another computer that is NOT indected, install Windows Security Essentials and keep it updated.Originally Posted by OBIO
Both below advise to review all the steps top to bottom then print them out before starting.
This describes one way to get rid of it as reported by Cnet
http://www.bleepingcomputer.com/viru...ecurity-shield
and here, I think essentially the same way but maybe worded differently. I only skimmed it.
http://www.bleepingcomputer.com/viru...ecurity-shield
It might help in the future to have at least one extra administrative user account on your system. I got rid of one persistent virus that was associated only with the primary by deleting the account. At least I had another clean log on to rebuild from. And since a few bugs have waltzed past MSE, I run that plus AVG concurrently and between the two, so far, have apparently done pretty well. Good luck.
AMD II X2 3.0GHz, 4GB RAM, 3400+, NVIDIA Ge Force 9400 GT, ASRock MB, 1TB SATA HD
"And so my fellow Americans, ask not what your country can do for you - ask what you can do for your country"
John F. Kennedy
1961
I read the bleeping computer advise last night and sounds like a good rout to go. I did do a system restore before the launch date of virus and I am back in control of the computer with no more pop ups. Also Looked through programs and did not see it anywhere at this point but I am sure you can't get rid of this one that easy according to what I have read.
Thanks for your help all.
Jim
System restore will only hide it for awhile because those types of virus infections tend to hide in the system restore files. Works okay for a couple weeks or sometimes even days and then comes right back.
Bleeping Computers offer a program called Combofix (get this file from Bleeping Computers and only Bleeping Computer), its free, then run it in safe mode with networking.
Then after it does its work, it will probably reboot the PC and will boot into normal mode which is fine.. Restart again and boot into safe mode with networking and then download MBAM and Spybot, from a site like Download.com.
Do make sure to clear your system restore cache, all of your cookies and temp files; easiest way to do that is with a program called CCleaner (download.com). All of these programs are free!
" If your not breaking the law then you have nothing to worry about!"
Intel Core 2 Duo E8500 8 gb Ram GTX460 W/ 1GB of Ram on Windows 7 64-bit
Intel Core 2 Duo E6600 3 GB Ram Zotac 9800
May I suggest creating a hidden partition on the hard drive and next time after your have re-built her O/S, make an image of the partition containing Windows and save it to the hidden partiton. It will only take 15 or so minutes to restore from that image when next she catches something nasty.
Loved this story BTW
Have you tried Spyware Doctor? You can download a free ver. of that and try it for 30 days. It should remove it. As far as I am concerned if I got a virus I don't care if it says it is removed or not I will always format my system. I feel you will always have bits and pieces of it still on your hard drive. If you want to see what I am talking about DL a program and then remove it. Go into your HD and look under data file. It is still there. Also look in your registry and it is still there. Even CC will not remove it. You have to go into each location and remove it manually. Even then I still don't feel right. There are so many different area on a HD you can hide things. So to me the best way to remove it is to do a total wipe and I don't mean using Windows to wipe the disk because using MS to format leaves way to much info on the HD. A third party program does a better job.
Asus Rampage Extreme Motherboard /EVGA AR GeForce GTX 295 1792MB 896 Bit GDDR3 /Corsair 8gig XMS DDR3/Intel Core 2 Extreme QX 9770 Yorkfield OCed 4.2 LGA 775/136W Quad Core / Water Cooled/ 2 WD Raptor 150gig 10,000 rpm Drives in Raid O Mode/WD Raptor 150gig internal back up/400 gig External WD back up Drive/Thermaltake 1200 Watt PS/Sony Dual Layer DVD RD/RW/Plextor DVD/RW/ Thermaltake Kandalf Tower/ Sound Blasters X-FI Platinum / X52 Pro
Does your ISP provide a free one?
Regarding payware internet security, I would recommend Kaspersky or Bit Defender and I am pretty sure that they allow a 30 trial for you to clear your computer. i wouldn't recommend Norton or McAfee.
I know that AVG is quite popular for a freeware package but as the old adage goes, "You get what you pay for".
I don't want to desillusion anyone, but there is almost nothing you can do against these infections on a normal system these days. Regardless of which virus scanner you use, once the bugger is executed a scanner can only prevent further damage by finding and deleting / quarantining files when they are written on the HDD __after__ the infection process. How can they start in the first place? Many Virii / Trojans camouflage themselves by building variants while spreading. Usually these stealthy ones only get caught by AV programs because they try to download and install further malicious code, which has a more static code and is usually in the signature databases of AV software. But until then, half of the infection process has already happened.
Then there are nice little buggers that control the data streams the AV software reads and simulate a clean system - the AV software will happily report that everything is fine. Or, a bit on the strong side, permanently deactivate the AV software and prevent every other known AV software from being executed or installed.
I liked the one that installed as a (signed!!) hdd driver and ciphered it. Now that was a creative idea. Once you get rid of the malware, you also have gotten rid of all the data on the hdd. Bummer!
AV software __cannot__ completely disinfect a system. Usually it doctors around on a symptom anyhow. I wouldn't rely on any desinfection software, because most infections I have seen were cross infections of several types of malware that started as a single infection process. The only thing most AV software can do is to delete malicious files, but what use is that when the malware(s) resides in the windows/system32 folder? And/or gets installed fresh on each system boot? And/or is a signed driver? And/or in the boot sector? Hides malicious data from it? This is like Don Quixote fighting windmills.
IMO, the best shield against that stuff is the own behaviour (__where__ do I want to go today..., and think before clicking "OK"), nevertheless install an AV software on the system, and running the web browsers + e-mail client strictly in a sandboxed environment (i.e. like sandboxie).
Cheers,
Mark
PS: If malware infects the boot sector of a hdd or parts of your backuped data (which you most likely will restore) you'll have it again after re-installing / formatting.
I am running malwarebytes now to see what it comes up with but may do the format to be on safe side. Thanks again all for your valuable input on this matter.
Jim
By the way I do run Mcafee so looks like I need to get a better program to watch guard my system.
I ran Malwarebytes with computer on normal operations twice full scan and then full scan twice in safe mode and it found nothing so for the moment ...cross my fingers....I think it is gone. I will remain Vigilant though watching my system the next few weeks for anything weird. May still look at doing the format as well.
Jim
Oh my Lord! This has actually gotten quite funny. During the infection I found two e-mails sent out to our local Goverment from my e-mail address. The e-mails were not signed by anyone. So I sent the the Goverment officials a follow up e-mail letting them know my machine had beed infected with a virus and to ignore the e-mails they had recieved. They replyed back and said thanks for the heads up.
Well, today looking through my e-mail my niece sent out a heads up to everyone in her address book letting us know her machine had been hijacked and sent out the Secuity shield virus via a link that was not her doing. So At least now I know where the attack came from, but then I got to thinking why did my computer shoot off only two e-mails to the local Goverment. So I asked my wife if she new anything about this. My daughter laughed and said...Mom..you didn't tell Dad! Well, turns out my wife got pulled over by the police and was not happy with the way the police handled her ticket, so she fired off the two complaints to the Goverment. This all happened the day the machine was infected and it was not shut down as of yet, so I thought it was the virus. So now as Paul Harvey would say..."now, you know the rest of the story"
Limjack with closure
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Avsim - Flightsim - SimFlight - Simviation - iflyonline - CFS IP - Quarter Moon Saloon - Com-Central
Reply With Quote
Bookmarks