HELP, Me Remove A Computer Virus

[Targa Me]

Hello Everyone.

Can someone here help me remove the "win7security2012" virus?

Help, please.
Thanks.

[chuckr]

Remove Win 7 Security 2012 (Removal Guide)
Have you tried this ?

[Joe Bob]

There was a recent thread on it....'Zeke' was part of the discussion.

[azasadny]

Follow those instructions and you should be able to remove it, I've taken it off 6 PC's in the past several weeks now.... Download and run Microsoft Security Essentials and keep it updated to prevent the infection in the future...

[Targa Me]

Thanks !

[azasadny]

I'll make the offer again, if you give up and consider paying someone to clean it, DON'T. Send it to me and I'll clean it and get it running like new again, just for shipping charges... I think you'll be able to clean it yourself. On my father's PC, the trojan set a hidden attribute on all documents so it looked like his pictures and documents were all deleted, but they weren't... Don't Panic!

[Targa Me]

Thanks for the offer Art.
I'll try to clean it up myself but if i can't I'll get in touch with you.

[azasadny]

You can do it, just follow the instructions and don't panic. I'll help you out if things get ugly!

[Joe Bob]

www.awellsetup944.com is the source of the infection.

[Bob Kontak]

I would take Art up on his offer. Especially if you have a back up machine for a few days.

My comments - Not advising - just talking.....

I have worked on two XP machines with that stinker on them. I did not see the "attribute" problem Art describes but was finally able in safe mode/w networking to get Malwarebytes to update it's definition file and ran combofix and malwarebytes and that fixed it.

Before I was able to gain the malwarebytes updates I purged several processes using hijack this after looking up what the processes were on google. I killed anything that appeared non-essential. I am not sure if I killed the "ping" process (that is the "evil" process running I saw in task manager) that allowed me to update the definition file.

The second machine, I just reinstalled the op system.

[azasadny]

I tried MalWareBytes today and it didn't clean it up, but MSE did. There are so many varieties of malware out there that almost every one is "unique" because the nasty virii writers constantly change them so they can get by the A/V. McAfee and Symantec are useless, IMHO. I test A/V software as part of my job and most of that "bloatware" is terriblw, MSE seems to be very effective, but not perfect. It doesn't slow the PC down like many others do...

[Bob Kontak]

Quote:

Originally Posted by Joe Bob

www.awellsetup944.com is the source of the infection.

Ha.

I think I got mine while on an airplane with three hours to kill and foolishly accessed some peer to peer link in wireless mode - As if that would allow me to gain internet access at 30k feet. I don't know what that does but I have had viruses before after doing that. Stupid is as stupid does.

[Joe Bob]

BTW, MSE is good.....but the local kwikie scan needs to be followed up with the full sacn once a week.

BTW, Bob...does porn at 30K qualify you for the mile high club?

[Targa Me]

Virus is gone.
Thanks to all for your help.

[azasadny]

Download MSE from Microsoft's website and update it. Scan your PC (full scan) and you're all set. Good work!

Here's the link...

Microsoft Security Essentials - Free Antivirus for Windows

[azasadny]

January 25, The Register – (International) Super-powered ‘frankenmalware’ strains detected in the wild. Viruses are accidentally infecting worms on victims’ computers, creating super-powered strains of hybrid software nasties. The monster malware spreads quicker than before, screws up systems worse than ever, and exposes private data in a way not even envisioned by the original virus writers. A study by antivirus outfit BitDefender found 40,000 such “Frankenmalware samples” in a study of 10 million infected files in early January, or 0.4 percent of malware strains sampled. These cybercrime chimeras pose a greater risk to infected users than standard malware, the antivirus firm warns. “If you get one of these hybrids on your system, you could be facing financial troubles, computer problems, identity theft, and a wave of spam thrown in as a random bonus,” said the BitDefender analyst who carried out the study. “The advent of malware sandwiches throws a new twist into the world of malware. They spread more efficiently, and will become increasingly difficult to predict.” BitDefender does not have historical data to go on. Even so, it posits that frankenmalware is likely to grow at the same rate as regular computer viruses, or about 17 percent per year. All of the malware hybrids analyzed by BitDefender so far have been created accidentally. However, the risk posed by these combinations could increase dramatically as criminals latch onto the idea. Source: Super-powered 'frankenmalware' strains detected in the wild • The Register

[Bob Kontak]

Quote:

Originally Posted by Joe Bob

BTW, Bob...does porn at 30K qualify you for the mile high club?

Is it even available on the internet? I had no idea.

I use MSE. I like it.

Mildly off topic - Found a "Root kit" virus on my sister's machine separate from the antivirus virus. Nothing touched it except for hitman pro and it found it in about 3 seconds. svchost.exe would hog memory till it maxed.

[Zeke]

Quote:

Originally Posted by Joe Bob

There was a recent thread on it....'Zeke' was part of the discussion.

I was? Since I'm using a computer recovered out of a trash can, I haven't had a virus. I did switch to Chrome as FF was giving fits (and viruses). I visit the same sites.

MSE is my protection as per Art.

[RWebb]

what is a malware sandwich?

[Bob Kontak]

Worm infected with a virus. Bread and meat.