5 Replies Latest reply on Dec 31, 2011 5:38 AM by exbrit

    System Fix virus - can't get rid of it

      My daughter's laptop - VISTA sp2. Was running virus protection, but still got this nasty thing.  Advice would be greatly appreciated.  I've thrown everything at it but the kitchen sink, and still no help.  I would be willing to pay for a virus checker that would guarantee removal.  Can't seem to find any company that will say that.  Thanks in advance.

        • 1. Re: System Fix virus - can't get rid of it
          exbrit

          These things unfortunately know their way around any antivirus on the market.   See this thread at a forum that is dedicated to malware removal:  http://www.bleepingcomputer.com/forums/topic430218.html as the steps posted there may be of help.

           

          McAfee has a paid virus removal service that often utlizes third party tools anyway, so you may as well try to do it for free to start with.

           

          Message was edited by: Ex_Brit on 29/12/11 8:31:48 EST AM
          • 2. Re: System Fix virus - can't get rid of it
            Hayton

            I think this belongs in Top Threats, so I've moved it there.

            • 3. Re: System Fix virus - can't get rid of it

              Removal steps for System Fix / System Restore Spyware

               

               

              Please select the Tools menu and click Folder  Options.
              After the new window appears select the View tab.
              Put a checkmark in the checkbox labeled Display the contents of system  folders.
              Under the Hidden files and folders section select the radio button  labeled Show hidden files and folders.
              Remove the checkmark from the checkbox labeled Hide file extensions for  known file types.
              Remove the checkmark from the checkbox labeled Hide protected operating  system files.
              After this please press the Apply button and then the OK

              Press on the key Alt+Crtl+Delete key on the  keyboard. Now you will get a new window called Task Manager.  Now hold the Ctrl key on the key board and  click on File, New Task on the Task Manager.  Now you will get a new black  window.
                Inside that black window type CD/ and hit on enter.
                Now type ATTRIB –H –R –S /S /D and hit on enter.

              It will unside all of the files on your computer. Now you have to delete all of the infected files from the follwoing location

              Associated System Restore Files:

               

               

              These are the shortcuts in your start Menu.

              If you delete these folders you will lose all of the shortcuts in the start menu. First take a back up of these folder

               

              %Temp%\smtmp\

               

              %LocalAppData%\<random>

              %LocalAppData%\<random>.exe

              %LocalAppData%\~<random>

              %LocalAppData%\~<random>

              %StartMenu%\Programs\System Restore\

              %StartMenu%\Programs\System Restore\System Restore.lnk

              %StartMenu%\Programs\System Restore\Uninstall System Restore.lnk

              %Temp%\smtmp\

              %Temp%\smtmp\1

              %Temp%\smtmp\1

              %Temp%\smtmp\2

              %Temp%\smtmp\3

              %Temp%\smtmp\4

              %UserProfile%\Desktop\System Restore.lnk

               

              Don't delete the folder

              %Temp%\smtmp\

              %Temp%\smtmp\1

              %Temp%\smtmp\1

              %Temp%\smtmp\2

              %Temp%\smtmp\3

              %Temp%\smtmp\4

               

              These are the shortcuts in your start Menu.

              If you delete these folders you will lose all of the shortcuts in the start menu. First take a back up of these folder

               

              %Temp%\smtmp\

               

               

              http://123seminarsonly.com/Tips/007/system-restore.html

              • 4. Re: System Fix virus - can't get rid of it

                I will try and remove it myself, but I would appreciate information about how much it would cost to do the removal if I fail.  Who do I contact for that?  Thanks for your help...this  has been a real nightmare.

                • 5. Re: System Fix virus - can't get rid of it
                  exbrit

                  The BleepingComputer page I linked earlier has the easiest instructions and support if needed.   But Virus Removal Service is available if you wish to pay someone to do it for you.

                   

                  http://home.mcafee.com/root/stdlandingpage.aspx?LPName=vrs_v2&affid=0&culture=en -us&mm_campaign=905652cc39caaa3e7b5e6e4837f0b0be&aco=0&cid=99724