Wealth & Glory To Whoever

**C0FFINCASE** · 27 Feb. 2011 09:35pm

...can assist me in my current endeavor.

I've spent two days trying to save my parents computer from the clutches on what is by far the worst bit of, I don't even know what to call it...I suppose its malware.

Backstory:
My mother decided it was cheaper not to renew her anti-virus/firewall subscription and went a year on guarded, I ran several spyware removal programs, malwarebytes, put on a firewall and several other things they needed. Only to discover something call "Internet Security Essentials" was on the computer. Nothing seems able to touch it. I killed the process tree, I went in and found several of its files, an invisible folder, unregistered is .dll, and killed a ton of its registries. Still it persists. Its not running as far as I can tell and every file that seems to be know to be associated with it has been deleted.
I'd like to run AVG but it seem that ISE is blocking it or any antivirus from installing because it lists itself as an antivirus and firewall. I've researched the bastard at length and applied several method of killing it and it won't die.

If any one can assist me I shall reward you.
Google link does not get you shit cause I've gone about 20 pages into several google searches seeking an answer.

**Smithno13** · 27 Feb. 2011 10:05pm

windowsbbs.com.
Post your problem there, they will remove it.
You have a rootkit/rogue antivirus (Rogue being malware posing as antivirus.)
Post in forum Security > Malware and Virus Removal
http://www.windowsbbs.com/malware-virus-removal/

**Supra** · 27 Feb. 2011 10:12pm

Format and reinstall.

**Eli** · 27 Feb. 2011 10:13pm

I had the same problem about a year ago, same virus name.
My computer had it much worse, I was unable to connect to the internet, even after I killed the process tree, deleted registries etc. The only thing that removed it was a complete system restore, and I got the virus while running kaspersky 2010.

Contact a proffesional, or Chad or gamechief if you can contact him.

**Drakonid** · 27 Feb. 2011 10:14pm

Now it's the moment to delete system32.

**Taz** · 27 Feb. 2011 10:31pm

Contact Defy.

**DarkEternity** · 27 Feb. 2011 11:21pm

That used to happen a lot when I was at work, since we were all connected in the state computer network people would get that same crap on their computers and eventually I'd end up with it. Our IT people used Super Anti Spyware (go to |MG| SUPERAntiSpyware 4.49.0.1000 Download ) and run that on safe mode after installing it. It will install even if the malware claims to be an antivirus, and this picks up a lot of stuff other programs wont. Run a complete scan and then run malwarebytes after it. If all else fails though do a system restore and run the programs again in safe mode.

**C0FFINCASE** · 28 Feb. 2011 01:42pm

Originally Posted by Mx250z

Format and reinstall.

That's for failures.

Originally Posted by Drakonid

Now it's the moment to delete system32.

After that I should pull the hard drive out and rub it with an industrial strength magnet right?

Ultimate solution, was to run rkill, run Malware bytes twice, then install and fun Avg, then Avg Tune up, CCleaner, regedit, cmd to unregister dll, and finally install Spybot and run its ass too. Multiple restarts were involved as well.

The internet connection problem is due to ISE configuring your connection for a proxy and running your connection through a lan. That's the easy part to fix.

**Kain** · 01 Mar. 2011 12:17am

Wealth and Glory = to me.

Huzzah!

Thread: Wealth & Glory To Whoever

LinkBack

Thread Tools

Search Thread

Rate This Thread

Display

Wealth & Glory To Whoever

Posting Permissions