Evening all-
Any computer gurus out there? My PC got some damn virus that is a fake security console. My Webroot anti virus finds it and quarantines it but it keeps coming back. Any way to clean it out without loosing all of my info?


Along the same lines-if you are trying to get in touch with me for Gunsmithing work please bear with- I will get back with you as soon as I can.

Frickin viruses suck[Bang]

Turn off system restore. This WILL DELETE all of your previous restore points, but chances are they are all infected anyways. Then check your dns settings. If your dns servers are getting manually set to some server(s) in a third world country, you cannot trust your web browser results. Fix this by setting dns resolution to automatic or by selecting known good dns servers. Ensure your browser isn't getting directed to a proxy. fix that if needed. Then get and run combofix. Follow the instructions carefully. http://www.combofix.org

After, and if, combofix is successful, re-install your AV software (a good one with updated AV signature DB) and run a full scan.

Malwarebytes Antimalware

http://www.malwarebytes.org/mbam.php

Download the free version

Malwarebytes Antimalware

http://www.malwarebytes.org/mbam.php

Download the free version
+100

^^^Great suggestions!!

Depending on how long you've had your computer it may be worth doing a clean install of your OS. Get a external hard drive nd move all your files worth keeping over to it. Throw in your recovery discs and format your hard drive. If your computer didn't come with the recovery discs you can usually contact the company and get them for pretty cheap. I think Dell even gives them to customers for free (or so I've heard).

After the computer is back up and running, scan your external HD to make sure it's clean and then you should be able to move them back over and be good to go. I do this at least once a year just to keep my computer running as good as it can. It's a little more in depth but completely worth it IMO.

Good luck!

I think Dell even gives them to customers for free (or so I've heard).

I take it that you have never met Michael Dell.
He wouldn't give you a glass of tap-water if you were on fire. Now he Might sell you a glass of tapwater at a discounted price if you agreed to a 5 year service contract using his non-durable proprietary equipment with inflated replacement costs.

Give? he doesn't know how. There is a cost built in somewhere with a large profit margin.

This is the only a/v stuff I trust:

http://www.kaspersky.com/

H.

Malwarebytes Antimalware

http://www.malwarebytes.org/mbam.php

Download the free version


+101 ... we get hit with these fake security suites about once a month on one of the machines here at work and removing them has become easy and routine with MalwareBytes.


Another little utility I've found useful in removal of these things is this Start-up Manager (http://www.wheresjames.com/index.php?page=startupmgr) It sits in your tray and allows you to disable any piece of software that starts at startup. Makes it easier to get MalwareBytes up and running since some of these faux security suites will hijack all .exe files and not allow you to run MalwareBytes or any other software.

(of course if you can live without Windows I recommend this (http://linuxmint.com/))

This is the only a/v stuff I trust:

http://www.kaspersky.com/

H.


I gave him a call, if he needs any help, I owe him a favor anyways.
We will get him straightened out.



Another little utility I've found useful in removal of these things is this Start-up Manager (http://www.wheresjames.com/index.php?page=startupmgr) It sits in your tray and allows you to disable any piece of software that starts at startup.

MSCONFIG

got the same virus, it was part of a mass-drive by attack using infected web widgets.

If you need to know how to get it off still, hit me up with a PM. It's pretty easy to remove even without A/V software.

MSCONFIG

Which is often disabled by these faux security viruses. But since the startup manager is already running in the tray its usually there when I need it.

After getting to a clean computer and doing a bit of snooping this is "Security Center" malware. It is not a virus but it attempts to get you to buy the "Security Center" and then hijacks your Credit Card. I was able to download a couple of removal tools from Malwarebytes and will give it a go. It seems pretty straightforward and hopefully I can get it cleaned up.

It took me a few different runs of Malwarebytes through Safe Mode to get it gone. At first I thought that it didn't work (because it didn't), but then it just kind of went away on its own.

Keep in mind that sometimes after you remove it, there's pieces of it left on your system that lie dormant and it'll flare up again. My rule of thumb here at the office is that if a machine gets infected more than once it gets wiped, reformatted and windows reinstalled (don't have this problem at home on my Macs :D)

God I hate Windows ... almost as much as I hate the dirty Russians that write these scam faux security programs.

I take it that you have never met Michael Dell.
He wouldn't give you a glass of tap-water if you were on fire. Now he Might sell you a glass of tapwater at a discounted price if you agreed to a 5 year service contract using his non-durable proprietary equipment with inflated replacement costs.

Give? he doesn't know how. There is a cost built in somewhere with a large profit margin.

Strike a nerve did I? Lol. I spoke with a friend of mine today. He did get his recovery discs sent to him at no charge from Dell. He said that he had no special warranty or anything like that. Worked for him. Just a suggestion.


My rule of thumb here at the office is that if a machine gets infected more than once it gets wiped, reformatted and windows reinstalled (don't have this problem at home on my Macs :D)

Good rule. It's sooo nice to have a freshly formatted computer. The only problems with Macs is that they're Macs. [Poke]

[Beer]

Strike a nerve did I? Lol. I spoke with a friend of mine today. He did get his recovery discs sent to him at no charge from Dell. He said that he had no special warranty or anything like that. Worked for him. Just a suggestion.



Good rule. It's sooo nice to have a freshly formatted computer. The only problems with Macs is that they're Macs. [Poke]

[Beer]

as I Said... it's worked into the price somewhere.

trust me at one time I had Dell certs coming out of my .... Umm, Pocket.

and as far as the nerve.. I really don't give a shit anymore, I let the certs expire. Industry doesn't even really recognize them and they never got me anything except heartache.

Your friend that got the ~75 cent disks "for free" had to enter a service tag number. if that tag number is over a certain age the product is no longer "under service". If it is under that age they do a service check. if you have ordered discs in the past or had to have a service call it is "outside of standard service". and there is an allowance built into the original price of the machine to More than cover it, trust me, it wasn't "free".

That's all I was trying to say.

No free lunches . . .

But wait! Obama wants to stimulate the economy with MORE free money. I bet you he could get you a disc. [Bang] Sorry. Just being facetious.

Well post up what you end up doing. I'm interested either way. [Luck]

Well after an hour and a couple of "Safe" mode scans I think we are back in business. But I am going to take the time and do a complete re-format and re-install very soon..........

Thanks all for the help.[Beer]

Good news! I would continue to scan it regularly for a while to make sure you don't have any residuals.

Malwarebytes Antimalware

http://www.malwarebytes.org/mbam.php

Download the free version

i'm late in the game on this... Thumbs up for malwarebytes.

i'm late in the game on this... Thumbs up for malwarebytes.
Yup- Thats what I used and seemed to work very well..........so far[Roll1]