Personal computing discussed
thegleek wrote:What would you have done differently?
StuG wrote:- Before turning it into safe-mode, ensure that it is unchecked from msconfig startup and services. If this is left checked, for whatever reason it will come back.
StuG wrote:- Reboot computer into safe-mode WITHOUT networking, with networking will allow it to come back.
just brew it! wrote:My two tools of choice these days are Malwarebytes and MS Security Essentials.
just brew it! wrote:Edit: Are there any other machines on her network that could have re-infected it?
MadManOriginal wrote:You may want to convince her to get a router as well, aside from Windows Firewall that will add a layer of protection from incoming port scanning-type infestations. Without looking I don't even know if anyone makes wired-only routers any more or they may be no cheaper than wireless ones but you could always just turn off the wireless.
wirerogue wrote:http://www.bleepingcomputer.com/virus-removal/remove-security-defender
I've followed their instructions on 4 or 5 different machines to remove. works fine.
just brew it! wrote:Try downloading and installing the registry patch linked about halfway down this page (in the Step 3 section). I've successfully used this to re-enable EXE files on infected systems in the past.
Edit: Hmm... use at your own risk, I think it is actually designed for XP. But if your alternative is a full wipe and reinstall, I guess it can't make things any worse than they already are...
Firestarter wrote:I'd get her a router ASAP. IMHO, a completely exposed Windows computer that's not being cared for by a competent administrator is just begging to be an important botnet node.
thegleek wrote:Firestarter wrote:I'd get her a router ASAP. IMHO, a completely exposed Windows computer that's not being cared for by a competent administrator is just begging to be an important botnet node.
Um and yer way off base dude. She is single, lives alone in an apartment complex. There is no "administrator" for this type of situation.
thegleek wrote:"Security Defender"
I haven't had the pleasure to meet & greet this fella on any of my own, but I just got drafted into fixing a computer (family!) that has this sneaky rat on it.
.....
What would you have done differently?
just brew it! wrote:Try downloading and installing the registry patch linked about halfway down this page (in the Step 3 section). I've successfully used this to re-enable EXE files on infected systems in the past.
LaChupacabra wrote:just brew it! wrote:Try downloading and installing the registry patch linked about halfway down this page (in the Step 3 section). I've successfully used this to re-enable EXE files on infected systems in the past.
Do this, but before you do go into the task manager. Defender spawns a process that hijacks your browser and .exe files. What you have to do to properly clean it is
1) Open task manager. There will be a process that is assigned 3 random letters. That is the defender process. Kill it and do not run any other files (it takes over pretty much every file type and runs it through it's own program and will respawn defender)
2) Run the registry fix. This re-associates .exe files with the proper windows programs and allows you to
3) Install malwearebytes
4) Update malwarebytes
5) Perform a quick scan (this catches it) and have malwarebytes clean the system
6) reboot
And you're set. Do not run any other programs until these steps are completed. It will cause defender to spawn again and you will have to start over. We had a pretty massive outbreak of this on our XP machines at work. It took hours to figure out how to properly deal with it the first time, but following these steps it's all of 10 minutes now.
Good luck
WalkCMD wrote:I can't even open Task Manager - it won't allow me to even do that.
thegleek wrote:Even if I'm successful, I think it'll just be refreshing to install Win7 over that crappy Vista junk.
thegleek wrote:This thread is obviously popular.... Why hasn't this ever been addressed before?
Are your virus experiences proprietary or something? I think shiz like this needs to be shared so others can LEARN from it.
So I dropped by her place and picked up her laptop. I'll try a lot of the steps ya'll posted above... Even if I'm successful, I think it'll just be refreshing to install Win7 over that crappy Vista junk.