Urgent - virus help needed

Discussion in 'Computer Corner' started by Madahhlia, Jun 25, 2013.

  1. Madahhlia

    Madahhlia Total Gardener

    Joined:
    Mar 19, 2007
    Messages:
    3,678
    Gender:
    Female
    Location:
    Suburban paradise
    Ratings:
    +3,090
    I visited an education website on my main laptop about an hour ago, and it now seems to be infected by a thing called Systemcare antivirus software which keeps popping up and saying my computer is infected with horrible viruses. It wants me to click to remove them. I haven't and my Avira software has run a scan and says there is no problem. However, nothing is working right, system restore says it cannot operate, and apparently my Windows firewall is off and won't turn back on again. I am really worried, what should I do? Should I switch it off? And what then?
     
  2. JazzSi

    JazzSi Super Gardener

    Joined:
    Jun 2, 2013
    Messages:
    786
    Ratings:
    +2,239
    • Useful Useful x 1
    • Madahhlia

      Madahhlia Total Gardener

      Joined:
      Mar 19, 2007
      Messages:
      3,678
      Gender:
      Female
      Location:
      Suburban paradise
      Ratings:
      +3,090
      Is that safe? I'm not feeling very trusting of computer stuff right now!
       
    • Madahhlia

      Madahhlia Total Gardener

      Joined:
      Mar 19, 2007
      Messages:
      3,678
      Gender:
      Female
      Location:
      Suburban paradise
      Ratings:
      +3,090
      Also, i've checked on the programs list and Systemcare does not feature on it, so I don't see how I could uninstall it.
       
    • JazzSi

      JazzSi Super Gardener

      Joined:
      Jun 2, 2013
      Messages:
      786
      Ratings:
      +2,239
      It's actually a virus itself, designed to steal your personal details.
      Has it asked you to buy software to clean your computer?
      Thats how it gets your details, it also turns off parts of windows such as the firewall.
      You will have to remove it some how.
       
      • Agree Agree x 1
      • Friendly Friendly x 1
      • Useful Useful x 1
      • Kristen

        Kristen Under gardener

        Joined:
        Jul 22, 2006
        Messages:
        17,534
        Gender:
        Male
        Location:
        Suffolk, UK
        Ratings:
        +12,669
        Lots of these things that tell you that you have a virus and supply a cleanup-program "for money" ... need to get a bona fide program to remove it, but these malware products thrive but being difficult to remove. You might have some luck starting Windows in Safe Mode and then trying to remove it. (It may actively prevent you installing things designed to remove it - safe mode may help with that). You normal anti-virus software may sort it out if you start your computer in Safe mode (but I don't know that for sure)

        The link JazzSi provided details removal without installing anything - although there is a follow-on step to clean up the registry using a downloaded "cleaner" product. It also recommends MalWareBytes (which has a good reputation) - the links to that look dogy because they are going via a 3rd party marketing site - which is probably giving WinTips a kick back for any successful sales ... you can just go direct to MalWareBytes:

        http://www.malwarebytes.org/

        That's one of its cloaking ploys I'm afraid.
         
        • Useful Useful x 1
        • Palustris

          Palustris Total Gardener

          Joined:
          Oct 23, 2005
          Messages:
          3,670
          Gender:
          Male
          Occupation:
          Retired
          Location:
          West Midlands
          Ratings:
          +3,089
          Google Systemcare antivirus removal and there are plenty of step by step instructions on how to remove it, from trustworthy sites. Take your pick really.
           
        • Scrungee

          Scrungee Well known for it

          Joined:
          Dec 5, 2010
          Messages:
          16,524
          Location:
          Central England on heavy clay soil
          Ratings:
          +28,997
          When my daughter's laptop got infected with something very similar (Install Shield Bug?) I used the instructions from this website to get rid of it, and this is the link for their System Care removal guide http://www.bleepingcomputer.com/virus-removal/remove-system-care-antivirus

          I seem to recall downloading RKill and or Malwarebytes onto a USB stick using another computer and running it from that (must of had a problem accessing their site with that malicious software on her computer).


          P.S. It's handy to keep up to date versions of those 2 bits of software on a USB stick. I'd hate to be away on my hols and have something nasty on my laptop until I got home.
           
          • Informative Informative x 1
          • OxfordNick

            OxfordNick Super Gardener

            Joined:
            Jul 25, 2011
            Messages:
            677
            Gender:
            Male
            Location:
            Oxfordshire
            Ratings:
            +1,615
            Yes - as others have said, malware bytes should clear it up with a couple of full scans. Nasty bit of work that, can make a real mess.
             
            • Friendly Friendly x 1
            • Madahhlia

              Madahhlia Total Gardener

              Joined:
              Mar 19, 2007
              Messages:
              3,678
              Gender:
              Female
              Location:
              Suburban paradise
              Ratings:
              +3,090
              Many thanks for your help.

              So, to summarise, i should open Malbytesware on this computer, (my old one, the RM) and download their software onto a memory stick. Is the free removal software OK?

              Try to open my other computer (the HP) in safe mode - it wouldn't last night- then open the program from the memory stick and click "run".

              It was also suggested that I should should run some software direct from the Norton site on the HP.
               
            • Madahhlia

              Madahhlia Total Gardener

              Joined:
              Mar 19, 2007
              Messages:
              3,678
              Gender:
              Female
              Location:
              Suburban paradise
              Ratings:
              +3,090
              Hooray! I have run malbytes ware and the laptop seems to be back to normal, more or less. However, i still have not been able to turn the Firewall back on, it still comes up with an error message.
              I omitted to run RKill first, perhaps I should run that in safe mode, then repeat the Malbytes ware scan?
               
              • Like Like x 1
              • Palustris

                Palustris Total Gardener

                Joined:
                Oct 23, 2005
                Messages:
                3,670
                Gender:
                Male
                Occupation:
                Retired
                Location:
                West Midlands
                Ratings:
                +3,089
                It would do no harm.
                Might I then suggest that once the machine is fully cleaned up and running properly you download and install something like Win Patrol. This is a program which runs in the background and basically prevents anything from altering your computer without your permission. Google Win Patrol. There are other programs which do the same thing as well, but I only have experience Win Patrol .
                 
                • Like Like x 1
                • Useful Useful x 1
                • Madahhlia

                  Madahhlia Total Gardener

                  Joined:
                  Mar 19, 2007
                  Messages:
                  3,678
                  Gender:
                  Female
                  Location:
                  Suburban paradise
                  Ratings:
                  +3,090
                  I tried to download Rkill but it didn't seem to want to on the Bleeping computer site. Every time I clicked on a download link it took me to a forum page.

                  I think I already have a bit of software that asks for permission - didn't seem to stop the Systemcare, though.
                   
                • Madahhlia

                  Madahhlia Total Gardener

                  Joined:
                  Mar 19, 2007
                  Messages:
                  3,678
                  Gender:
                  Female
                  Location:
                  Suburban paradise
                  Ratings:
                  +3,090
                  Tried to download RKill again on the HP - says it is corrupted by a virus. Hmmm.
                   
                • Kristen

                  Kristen Under gardener

                  Joined:
                  Jul 22, 2006
                  Messages:
                  17,534
                  Gender:
                  Male
                  Location:
                  Suffolk, UK
                  Ratings:
                  +12,669
                  Ongoing race between Virus Writers and Preventers :(. All you can do is to routinely keep everything up to date.
                   
                Loading...

                Share This Page

                1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
                  By continuing to use this site, you are consenting to our use of cookies.
                  Dismiss Notice