| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 101373 | 2009-07-13 00:53:00 | System Security 4.52 infection | rebels181 (14841) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 791165 | 2009-07-13 00:53:00 | Hi I've just been given a friends laptop to try and remove this virus The laptop is using Vista Home Edition I not sure if it has SP1 installed yet. Its got Avast 4.8 Home Edition Malwarebytes anti-malware spybot search and destory installed What is the best procedure for removing this virus? Thanks |
rebels181 (14841) | ||
| 791166 | 2009-07-13 01:02:00 | Kill its process first, since it looks like it stops anti-malware programs from working. Use ccleaner and delete the entry/entries for the files it loads in startup (system security.exe or similar maybe the main file). Reboot. Then do a scan with malwarebytes (update it first). Its rogue software (whats appearing on the screen is FAKE), not a virus. It looks like someone installed some kind of video codec, which installed it. Is it on the net?? If it is you could get teamviewer. And I could see if I can get rid of remotely from here | Speedy Gonzales (78) | ||
| 791167 | 2009-07-13 01:11:00 | Run Combofix (download.bleepingcomputer.com) too. :) | wratterus (105) | ||
| 791168 | 2009-07-13 01:23:00 | Just run malwarebytes found 5 infections removed, rebooted now scanning with avast. | rebels181 (14841) | ||
| 791169 | 2009-07-13 01:27:00 | Remember to update both, before you scan. There SHOULD be more than 5 infections according to some sites | Speedy Gonzales (78) | ||
| 791170 | 2009-07-13 01:33:00 | I thought that was a bit to easy. | rebels181 (14841) | ||
| 791171 | 2009-07-13 01:36:00 | Click on the orb down the bottom, and type msconfig. Go to the startup tab and untick the entry for it then reboot. Thats if ccleaner isnt on it and you didnt delete its entry under tools/startup | Speedy Gonzales (78) | ||
| 791172 | 2009-07-13 01:51:00 | Ok we're on the net so updating Vista, Avast and malwarebytes. Download ccleaner & HJT Where do I go to see if SP1 is installed? |
rebels181 (14841) | ||
| 791173 | 2009-07-13 01:53:00 | Click on computer on the desktop / properties / or the orb / right mouse on computer / properties. Or if the keyboard has a windows key, press that + pause | Speedy Gonzales (78) | ||
| 791174 | 2009-07-13 03:01:00 | Ok just updated and rescaned with malwarebytes found another 7 infections. Installing SP1 now.I had a look at installed updates and found that 7 had failed to install including KB890830 Malicious Software Removal Tool June, Do I have to go to M/S website and download again or will Vista try again? |
rebels181 (14841) | ||
| 1 2 3 | |||||