Author Topic: System Check Malware/Virus?  (Read 16495 times)

0 Members and 1 Guest are viewing this topic.

Offline akama1

  • Sr. Member
  • ****
  • Posts: 286
  • Never give up on anything!
Re: System Check Malware/Virus?
« Reply #15 on: February 05, 2012, 08:52:42 AM »
boot to safe mode - download install malwarebytes run it if blocked run chameleon - download and run hitman pro - download and run combofix - do boot time scan - clean up remaining files with glary utilities - job done- cant connect internet? then use another computer from i dont know where and download the programs...into usb... dun care usb infected just clean it after :) computer cured :)
win7 ultimate 32 bit/ 3gb ram/intel core 2 duo 2.1 ghz/ avast 7 free / comodo firewall 5.9/ mbam free/ emsisoft emergency kit/ CCE

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40631
  • Dragons by Sasha
    • Malware fixes
Re: System Check Malware/Virus?
« Reply #16 on: February 05, 2012, 01:29:46 PM »
Ah if only it was that simple

Offline iroc9555

  • CCS, Vzla.
  • Avast Überevangelist
  • Starting Graphoman
  • *****
  • Posts: 7464
  • No soporte por PM.
Re: System Check Malware/Virus?
« Reply #17 on: February 05, 2012, 03:23:57 PM »
@ Konfoozed.

Follow my advice and post in the viruses and worms forum. Essexboy is expecting you. The use of Combofix or Hitmanpro can render your comp inoperable if you do not know what you are doing. Besides, this scarewares or rogues some times comes with some rootkit variants making it difficult to clean.

Regards.
Hernan.
Dim 9200. C2D E6600; 2.40GHz. 4GB DDR2RAM. XP Pro_86. Spk3. IE8 & FF41. Avast FREE 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. SpywareBlasterOpenDNS. uBlock. WOT. Sandboxie

Offline konfoozed

  • Jr. Member
  • **
  • Posts: 61
Re: System Check Malware/Virus?
« Reply #18 on: February 05, 2012, 05:55:38 PM »
Just to say that I bit the bullet today and followed the advice proffered on this great forum and, fingers crossed, I succeeded in getting rid of the System Check virus. Even more pleased that the procedure only needed to be done once for my dual boot configuration which incidentally will now be quickly switched over to a cradle system so I hopefully won't infect both at the same time!
Now for one more question.....is it possible that my laptop (used wirelessly and fairly infrequently) is now carrying the same System Check virus?
Thanks for the help so far which is greatly appreciated.

Offline iroc9555

  • CCS, Vzla.
  • Avast Überevangelist
  • Starting Graphoman
  • *****
  • Posts: 7464
  • No soporte por PM.
Re: System Check Malware/Virus?
« Reply #19 on: February 05, 2012, 07:01:56 PM »
Just to say that I bit the bullet today and followed the advice proffered on this great forum and, fingers crossed, I succeeded in getting rid of the System Check virus.

Glad to hear you got rid of it, and I suppose the Bleepingcomputer instructions worked nicely for you.

...is it possible that my laptop (used wirelessly and fairly infrequently) is now carrying the same System Check virus?

Usually you will see System Check UI ( User Interface ) alerting you of something wrong with your comp. Anyways you could always install MBAM and do a quick scan just in case.

Thanks for the help so far which is greatly appreciated.

You are welcome.
« Last Edit: February 05, 2012, 07:04:15 PM by iroc9555 »
Hernan.
Dim 9200. C2D E6600; 2.40GHz. 4GB DDR2RAM. XP Pro_86. Spk3. IE8 & FF41. Avast FREE 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. SpywareBlasterOpenDNS. uBlock. WOT. Sandboxie

Offline akama1

  • Sr. Member
  • ****
  • Posts: 286
  • Never give up on anything!
Re: System Check Malware/Virus?
« Reply #20 on: February 06, 2012, 06:56:08 AM »
ur right combofix and hitman pro are  scary tools if u do not know how to use them :/
win7 ultimate 32 bit/ 3gb ram/intel core 2 duo 2.1 ghz/ avast 7 free / comodo firewall 5.9/ mbam free/ emsisoft emergency kit/ CCE

Offline konfoozed

  • Jr. Member
  • **
  • Posts: 61
Re: System Check Malware/Virus?
« Reply #21 on: February 06, 2012, 11:12:33 AM »
To be on the safe side I ran Avast this morning and it picked up 3 threats which I moved to chest. One was: H:\...\mbamsevice.exe. Is this a false alert? The other two were Win32Fake Alert BYN Trojan.
The recommended boot scan brought forth another 12 items (including mbam-setup.exe....another false alert?) all of which have also been moved to chest.
Guidance much appreciated.

Offline ady4um

  • Massive Poster
  • ****
  • Posts: 2667
Re: System Check Malware/Virus?
« Reply #22 on: February 06, 2012, 11:40:39 AM »
Update to the latest definitions update. The MBAM* files could potentially be FP.

Leave them for now in the chest, as with the VPS updates, they are sent to double check to avast labs.

After updating, you can rescan them inside the chest with right click, until they are clean (repeat the scan after each definitions update so to check when they are confirmed as FP, if they are indeed FP).

Or, you can report potential FP at http://www.avast.com/contact-form.php?loadStyles (but FIRST rescan with the latest definitions updates).
ADD/REMOVE PROGS -> avast -> CHANGE/REMOVE -> REPAIR & REBOOT
Avast! 7 FAQ | FAQ & KB | Docs | Removal Utils | Configure Mail Shield | report FP | License Registration | UNSECURED?

Offline konfoozed

  • Jr. Member
  • **
  • Posts: 61
Re: System Check Malware/Virus?
« Reply #23 on: February 06, 2012, 12:20:34 PM »
Update to the latest definitions update. The MBAM* files could potentially be FP.

Leave them for now in the chest, as with the VPS updates, they are sent to double check to avast labs.

After updating, you can rescan them inside the chest with right click, until they are clean (repeat the scan after each definitions update so to check when they are confirmed as FP, if they are indeed FP).

Or, you can report potential FP at http://www.avast.com/contact-form.php?loadStyles (but FIRST rescan with the latest definitions updates).

Be gentle with me (a newbie)......FP = False Positive?
                                  VPS updates = ???

I've checked I'm uptodate and they still show as Trojans. I'll leave them in the chest and check daily.
Meantime  will MBAM function OK?

Offline ady4um

  • Massive Poster
  • ****
  • Posts: 2667
Re: System Check Malware/Virus?
« Reply #24 on: February 06, 2012, 12:30:23 PM »
FP = False Positive? YES
VPS updates = ??? engine and definitions updates

I've checked I'm uptodate and they still show as Trojans. I'll leave them in the chest and check daily.
Meantime  will MBAM function OK? There is no way for me to know. Maybe you should download MBAM again?

Probably you should open a new topic in the "Viruses and Worms" subforum (read the stickies of the subforum first, specially the one for the required logs).
ADD/REMOVE PROGS -> avast -> CHANGE/REMOVE -> REPAIR & REBOOT
Avast! 7 FAQ | FAQ & KB | Docs | Removal Utils | Configure Mail Shield | report FP | License Registration | UNSECURED?

Offline konfoozed

  • Jr. Member
  • **
  • Posts: 61
Re: System Check Malware/Virus?
« Reply #25 on: February 06, 2012, 01:51:52 PM »
Thanks for the education and advice. Will look in the subforums.

Offline iroc9555

  • CCS, Vzla.
  • Avast Überevangelist
  • Starting Graphoman
  • *****
  • Posts: 7464
  • No soporte por PM.
Re: System Check Malware/Virus?
« Reply #26 on: February 06, 2012, 02:11:34 PM »
Sorry to hear that you still have problems. Like I said sometimes this rogue comes with extras making it difficult to clean. Follow my advice given in reply 12 which is the same given by Ady4um.

You should follow this instructions to generates the logs to assist you in cleaning your comp:

http://forum.avast.com/index.php?topic=53253.0

and attach logs for MBAM, OTL, and aswMBR.exe here:

http://forum.avast.com/index.php?board=4.0

where Essexboy or Oldman will help you out.
Hernan.
Dim 9200. C2D E6600; 2.40GHz. 4GB DDR2RAM. XP Pro_86. Spk3. IE8 & FF41. Avast FREE 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. SpywareBlasterOpenDNS. uBlock. WOT. Sandboxie