Don't like the adverts?  Click here to remove them

System Fix Virus

Ecoman

Well-Known Member
Joined
Sep 8, 2010
Messages
1,896
Country Flag
scotland
Just a quick heads up about a virus I have recently encountered :twisted:

Last night while surfing the web for wiring diagrams for the MK4 Hilux. I managed to access a site that kindly downloaded a virus to my computer. The first thing I knew about it was a pop up window from AVG telling me about a threat. The next thing I knew about 20 alerts popped up saying that certain system tasks could not be performed. I then got a window up like this:

windowsdetectedaharddiskproblem.jpg


It won't let you do anything other than move the window of click the buttons.

I then got the following warnings flashing up randomly fron the taskbar:

critical_error_RAM.jpg

ram_low.jpg

crit_err.jpg

files_indexation_process_failed.jpg


The worst bit about it is that it hides everything on your hard drive or any hard drive attached to, or in your computer. It also empties your start menu so that all you can do is restart or switch off your computer. Basically it renders the computer unuseable. It also keeps asking you to buy a piece of software called "System Fix" that will eradicate the virus. The idea being that you enter your credit card details and pay for this illegal software. I never buy software in these circumstances as it is obviously a sham and there is always a free solution to antivirus/ malware issues.

At this point I started to panic but had the sense to walk away and have a think. It was then I decided that if all the files were gone why was this program and windows still operating. I had my netbook to hand and started browsing phrases that popped up in the warnings and finally got a solution to the problem.

The trick to its removal is to make the virus think you have paid for the solution to the issue by entering cracked codes from the website below. That way it gives you some breathing space. Once you have got the space you can then work through the rest of the solution to remove the virus from your system.

Another problem with this SF virus is that it can download a whole software bundle onto your computer so you will need to be pretty vigilant when it comes to removing it as it is acompanied by different trojans and worms that will alter registry keys and the like. Use all the tools linked to in the solution and follow the instructions to the letter. Also make a point of deleting the rogue files in the "application data" folder after the process has been followed as it can miss a few.

The only part of the following solution I didn't agree with was using the "STOPzilla" software as, although the scan is free, you have to pay for the virus removal. Also it not as good as "Malwarebytes" as it missed a couple of trojans that MB picked up.

http://deletemalware.blogspot.com/2011/09/how-to-remove-data-recovery-uninstall.html

Oh and one more tip is the file names of the SF virus can change so don't specifically look for what is quoted in the solution.

I hope you don't get this virus as its a PITA to get rid off and took me about 6 hours in total to be sure the virus and all its mates was all wiped from the system. But on the bright side it looks worse than it really is and it finally kicked my arse to sorting out the files and folders on my machine. :thumbup:
 
Did you not have some sort of anti-virus software installed? :hand: I have Norton 360 which so far, has stopped all intrusions. :dance:
 
This is a well known con that attaches to certain websites and is, as you say, a right royal PITA. The way I get rid of it is to kill the browser asap. Since it takes focus away from the browser I start the task manager (if you have Windows XP it is REALLY worth getting ProcessExplorer from Microsoft to replace the normal task manager - windows 7 users have it by default :) ) and kill the browser thread. I have never had anything go wrong with my computers when I hit this "Virus" warning but I may have been lucky.

Adrian
 
I got hit by this around a year ago - a right PITA as has been said! :evil:

I can't remember the exact details but when I googled it (using a different machine), a solution was something like shutdown your PC,
restart it (do not start IE etc.)
delete a particular file.
Once that was deleted you were OK,

I actually had AVG home (free) version on that machine and is usually very good - so not sure why it wasn't picked up. :?
 
I have AVG (full version), spybot, avast, malwarebytes and Zonealarm on this machine. I have AVG as my main AV software and the others as secondary dormant backups. Zonealarm is my firewall but since this is the third malware attack I have had in the past year with that as my firewall I have decided to change to an alternative.

AVG did spot one of the trojans once the attack was underway and the virus was established and running but it didn't even detect the intrusion. I have been using the full version of AVG for 5 years now and is updated on a daily basis. I have found that AVG has become bloated with gimmiky software since I started using it and it has subsequently slowed right down and become less effective. I swapped to AVG from Norton for this exact same reason. I have now decided, as my AVG licence runs out in a couple of months, to change to a different AV software package. I am going to try out Kaspersky and Sophos and see which I prefer.

In all I repaired 6 registry key alterations, removed 7 trojans and countless other spyware programs and deleted several incomplete or corrupt files from when I cut the router signal and this was just one attack :o

I'm very careful of spyware and malware and even delete all cookies and files once I finish browsing. I do daily, malware, spyware and general virus scans. I even have a a "panic" button to instantly cut the signal to my router in case I get hacked. But it just goes to show that with all that protection there is still a chance that something will slip by unnoticed :roll:

Adrian I couldn't kill the browser as it closed it for me along with all other running applications and then removed all the links, buttons, files etc so I couldn't do anything. Even the usual keyboard shortcuts didn't work. :thumbdown:
 
I find Trend Micro Titanium Internet Security very effective. It's cheaper if you buy it from somewhere like Amazon rather than direct.
 
Don't like the adverts?  Click here to remove them
Back
Top