3 Replies Latest reply on Jun 5, 2012 12:13 AM by Peacekeeper Branched from an earlier discussion.

    Security Shield virus removal help on server

      Hi All,


      Sorry to bring back a dead topic but I have a couple notes to add from my experience with this today. All in all It took me nearly 4 hours to remove this thing from a terminal server. So far the infection was limited to one user and has no appeared for any other users, the software was never installed as the user didn't have administrator rights but instead created an Autorun object in the Temporary Internet files. Also no changes were made to the hosts file permissions or otherwise perhaps due to the lack of permissions on the user account it had infected.


      For anyone else who suffers from this in future I can definitely recommend the guide linked on the first page from BleepingComputer.com the guide was easy to follow and so far seems to have worked like a charm. On Bouncer's note about it being difficult and the locations and files not matching up, I wouldn't worry about that too much Virus' and Malware are constantly changing those are just some of the locations it has been seen previously and is not guaranteed to be the same every time. If you ignore everything but the step by step guide they have provided it should remove your Malware.


      A couple notes on the other topics posted within this thread. As the mods have mentioned epecting an AV to defend against things like this is like using a rake to dig holes in your garden. Just like the Anti Malware Tools are not very effective at removing or stopping Virus' each tool is useful for its own purpose and not very effective at a purpose its not designed for. E.g A rake will clear your driveway of leaves fine but won't do very well at digging holes in your garden. Whereas a Shovel will make short work of digging holes but not clearing up the leaves.


      Thanks to those who have helped in this thread 30 seconds of googling brought me here which seems to have removed the virus straight away for me.