The Gang of Five
Beyond the Mysterious Beyond => Hobbies and Recreation => Computer and Electronics => Topic started by: Malte279 on July 03, 2011, 08:21:20 AM
-
I do not know how this software which I did not install found its way onto my computer but "System Smart Security" is a very vicious program pretending to be an anti virus program while being quite the opposite using warnings of alleged (but not existing) viruses on your computer to get people to release credit card information, send moned and the like.
There are many descriptions in the internet how to get rid of the program but many of those involve the purchase of other software :anger
Do you Austin know how to remove "System Smart Security" from a computer?
Did anyone else experience this?
-
I searched and found these manual removal instructions that doesn't involve any program you have to download/buy.
System Smart Security manual removal:
Kill processes:
MS345d.exe
Delete registry values:
HKEY_CURRENT_USERSoftware3
HKEY_CLASSES_ROOTCLSID{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOTMS345d.DocHostUIHandler
HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes "URL" ="http://findgala.com/?&uid=195&q={searchTerms}"
HKEY_CURRENT_USERSoftwareClassesSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://findgala.com/?&uid=195&q={searchTerms}"
HKEY_CURRENT_USERSoftwareMicrosoftInternet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload "RunInvalidSignatures" = "1"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "My Security Engine"
HKEY_CLASSES_ROOTSoftwareMicrosoftInternet ExplorerSearchScopes "URL" = "http://findgala.com/?&uid=195&q={searchTerms}"
Unregister DLLs:
mozcrt19.dll
Delete files:
2322.mof mozcrt19.dll MS345d.exe MSE.ico sqlite3.dll vd952342.bd MSJKEJCCE.cfg My Security Engine.lnk cookies.sqlite Instructions.ini c:Program FilesMozilla Firefoxsearchpluginssearch.xml
From my experience with removing spyware like this, this should work. Whenever I have had a program like this install itself on my computer, I'd always look up the name of the program to find removal instructions similar to these instructions here. They always involve going into task manager and shutting down certain programs, trudging through the registry to delete said registry values, and looking for and deleting certain files.
Tell me if that works. :yes
-
Oh gee sorry to hear this I hope nothing is destroyed on your computer.
-
The manual removal technique described above should work to remove that threat. Manual removal is the best way. There are literally tens of thousands of rogue antivirus programs like this out there. The method described above will take about 15 minutes for someone with limited technical experience. Make sure you change the settings so your computer will show hidden files and folders, otherwise the files you need to delete might not come up under a search.
If you don't feel comfortable modifying the registry and such, just kill the program using the task manager and run the free version of Malwarebytes. Make sure to update it several times until it says "no updates available" and do the full scan. Manual is the best way, but Malwarebytes should take care of most if not all of that stuff for you.
-
I tend to use Malwarebytes to remove malware, but it depends on how vicious this rogue is. I heard the newer ones are tougher to get rid of. If your attempts to get rid of the rogue antivirus fails, please let us know. If manual removal doesn't work and if Malwarebytes doesn't work, there are other programs that can help.
-
I've had my fair share of these. And yes what those too said work. Just download a removal program and it should work.
-
I've had my fair share of these. And yes what those too said work. Just download a removal program and it should work.
-
And unfortunately the rogues are getting stronger. Mrizos posted a blog sometime ago about a new rogue (I think it was a rogue) that was extremely hard to completely remove, to the point where almost every program he tried wouldn't work. Hopefully security and removal programs will get stronger as well.
-
My computer is officially dead now and I'm going to take it to repairs. Unfortunately I couldn't even try the solution that involved the killing of a process because the task manager (which is the only way I knew to kill a process) was no longer starting. When I rebooted the computer in the hope that it would bring back the task manager the computer did not upload at all anymore but demanded the windows CD-Rom (which having purchased a computer with preinstalled windows 7, is not in my posession).
Currently I am writing from a computer to which I have only very rare access (regular computers at the university have the GOF blocked). I hope to be able to restore (currently still trying with an anti Vir recovery CD) or have the computer restored but I cannot yet predict when I will be back regularly.
I apologize for any delays or inconveniences that might result.
-
Have you tried booting in safe mode? Just keep pressing F8 every second when starting up until you get a menu. Most rogues don't corrupt your Windows installation. Unless of course you tried to edit the registry and messed something up. Then you've got a problem. If that's the case, the only thing you can really do is back up the data and wipe the thing out - an expensive procedure unfortunately. But if you can get it booted into safe mode, let me know and I'll do a remote repair for free for you.
-
Alas even the save mode is impossible to access :cry
-
Damn, that presentation is important!
You need Windows XP Live version. It has only 150 MB, and doesn't need to be installed on the hard disk. It runs from a CD or USB drive. You can use it copy the files from the hard drive onto a USB (if the Windows run from a CD) or onto a second USB drive (if the Windows run from an USB). Can you go to a friend's house and download it (what is 150 MB these days?), then put it on a CD or USB?
Alternatively I can send you the program in an e-mail attachment with instructions.
This way you won't have to pay for repair (the repairmen will most likely use the same program or connect your computer to another with Windows, but they will charge like they did something very complicated).
-
That's okay I hope everything works out.
-
Malte, if you can get access to a webcam I can walk you through fixing your computer. I can help you recover the data and restore the OS and make things even better than they were before. If you take this to a shop you're looking at $200-$300 easy. It doesn't matter that you don't have a disk. I can either get you one through the net or we can use your recovery partition if you have one. But be warned, do NOT screw with the recovery partition before backing up your data otherwise you're totally screwed.
-
Sent you Windows XP Live CD with instructions. Tested it on my own computer. Had no problems and transfered some files to my USB for practice. Read the files on another computer. That should save your presentation.
As for bringing the computer back to shape, that will take longer and my knowledge is insufficient in that regard, so I'd listen to Austin.
-
If you're using Bart PE there's a much better one that I use. It's about 200mb but well worth it. Though PE will work too. Just make sure you plug in any USB devices BEFORE you start up the computer. Otherwise some USB devices won't be recognized by the OS.
-
That's a shame about your computer, Malte. :( But there may still be a chance to save it. If you do not have any webcam or anyway for someone to help you remotely, another option that may help is to burn a rescue CD such as Kaspersky or AVG and run it. I recommend, if the other options don't work, to look online whenever you can and find a rescue CD and obtain one.
But if all else fails, try to see if you can get your files backed up (not sure how much this will cost) and reinstall your operating system, wipe it clean. If you don't know how to do this, there should be instructions online on how to do it, or someone here can tell you how.
Another option is to get a new OS, a free one. There's a lot of them out there you can easily option, such as the various types of Linux, Solaris, and OpenBSD. But I'd only recommend this option if you are unable to get Windows back at all on that computer and if you are unable to afford a new computer.
-
^ To Austin: yes, it's Bart PE. No bells and whistles, but it will serve Malte well. Which one do you use?
-
I use the one included in Hirens Boot CD. It's based off PE but has been heavily modified. The most recent version of the boot CD also includes a mini Linux, which is useful for backing up entire hard drives without getting "filename too long" error messages. :rolleyes: Not to mention all the cool tools included with the boot CD itself. Though they recently were forced to remove all commercial software from their boot CD. My custom one takes the original 14.0 version and reintegrates all the old commercial software giving you the advantage of having the newer non commercial programs along with the really good commercial programs of version 10.1.
-
I wonder how his computer is coming along. I hope he fixes it soon.
-
if you don't have a installation disk, call the manufacturer of your pc, and ask if they can send you one. I had to do that once when my computer messed up. I called them up, and ordered another installation disk for like 10 or 20 dollars.
-
^I wouldn't do that if I were you. It'll install a bunch of garbage. I'll let you download a disk for free and I'll even ship one to you free of charge (well, other than shipping that is) if you just can't download one. Just shoot me a PM and we can get started. We'll get your computer back up and running in no time. :D
-
One thing that could have helped Malte out, and I wish I had told him before this incident happened, was if he installed a new partition on his computer with another operating system, most likely Linux due to its diversity. If he had Linux, or some other OS, on the machine, he could still boot into that and be able to receive help remotely. I'm pretty sure that you can access Windows files through a Linux OS on the same machine.
-
Yeah he could have done that. How would Linux help remove the virus program?is it a removal tool>?
-
No, it's an operating system. But you can, last I heard, access Windows files through Linux, so if you know how to manually remove viruses, you could do that. And there are antiviruses made for Linux. If they can detect Windows viruses, that's another option as well.
But in Malte's case, having Linux would have enabled someone with computer knowledge to connect to his computer remotely and sift through the Windows files and remove the offending file. The good news with having something like Linux on is, in the event that Windows no longer works, he could either move his files onto Linux and switch entirely to Linux or he could use Linux to back up his files and do a fresh install of Windows.
Something like that anyway.
-
I'm sort of online again. Sort of because it is from a borrowed computer from the computer repair shop where I handed in my own one (this borrowed computer has some crashing issues but it still is quite a relieve compared to having not access at all).
Booting attempts with a recovery CD had not brought forth the desired results and quite frankly I'm too illiterate in higher computer technology to risk messing up worse than messed up it already was. The repairs however won't cost me a cent because I got an insurance when I purchased that PC that does cover all the costs. So the worst case scenario is that Data optained since the purchase of the PC (February of this year) may be lost which is painful but not quite as painful as a worst case scenario could be. Chances are that not much data will be lost because of the partitioning of my hard drive in which most of my data is not stored on the same drive as the system data. So here is to hope.
-
Here is a removal guide for future reference for anyone.
http://www.bleepingcomputer.com/virus-remo...-smart-security (http://www.bleepingcomputer.com/virus-removal/remove-smart-security)
-
Wow! I'm sorry you got something so deadly, Malte. Hopefully your computer will get fixed and you won't have to worry about that ugly thing again.
It's sad us Windows Users have to deal with such things that can literally kill our computers and Mac is just barely getting their share of Rouges. Right now, switching to Linux is looking like a REALLY good idea.
We need a new OS. One that is more secure than ANYTHING we've made before. Still, who could program something like that? It would take a real genius with computer coding to pull that off.
At this point, we can only pray for something like that.
-
What I'm most irritated about is that I have no clue as to how it got onto my computer. Whenever I download anything I made it a habbit (even in case of files which I know to be clean) to run antivir over it before I open any files. I'm therefore wondering how this thing found its way onto my computer in the first place.
Most importantly I want to thank all of you for your support and your offers of help. Thank you Austin for your very generous offer, thank you jansenov for the boot files you sent me, thank you vonboy, Katie and Petrie85 for your advise :yes
-
You're Welcome Malre279. I hope you're back here soon.
-
We need a new OS. One that is more secure than ANYTHING we've made before. Still, who could program something like that? It would take a real genius with computer coding to pull that off.
So far, the most secure operating system I know of is Linux. The reason it's so secure is due to permissions. You see, no program on Linux that wants to change something at the system level can run without your explicit permission through the use of a password. Anything involving changing the system requires this password.
This isn't so in Windows. In Windows, it is deliberately designed to allow third party programmers to run stuff on Windows without the users' permission. The purpose wasn't really to increase the users' vulnerability to viruses, but to allow the user to have a more refreshing experience by having cool stuff happen. Something like that. But such an act is why Windows is so vulnerable to viruses.
With Linux, due to the need of a password, software (such as installing programs, or launching programs that may change the OS at the system level) can't run unless you tell it to. For instance, in order to install a new game, you need a password. And to uninstall it, a password. If I wanted to open up the built-in firewall, I need a password. If I want to install updates, a password. Yes this does sound annoying and redundant, however this password system is why Linux is safer than Windows. Windows viruses will not work on Linux (obviously) so it's safe to download any file no matter how infected it is. While you can install an emulation of the Windows kernal (Wine), the system itself will not be damaged.
Linux viruses are almost unheard of due to how hard it would be to program one. A Linux virus would need to be run from root (equivalent of Windows' admin) to do any real damage). And of the Linux viruses that are made, they are easily made useless through updates. Unlike Windows, Linux updates far more often, quickly sealing up any new security loopholes. And unlike Windows, Linux is open source, meaning any one with enough computer knowledge and programming skills can look through the code and help spot security bugs and other issues and help fix them. Oh and with Linux, while you can get an antivirus, because of how hard it is for Linux to get viruses, you don't need an antivirus software installed.
Windows is run by a corporation who want money, and charge a huge sum of money to buy their operating system and programs. Linux is free and is run by a community who want a safer operating system with more efficient programs, nearly all of which are completely free of charge to download. Right now I'm only running Windows out of necessity, but if I could find a way to run what I want to on Linux and be sure that all my hardware stuff works, you'd bet I'd switch to Linux.
-
Ah I've used Window's my whole life and nothing has happened at all. Si won't be switching any time soon.
-
Windows is much more vulnerable to viruses than other OSes due to its popularity. But it should be fine as long as you take good care of it and be vigilant on what gets installed on your system. Oh and run regular scans with up-to-date antivirus and antispyware programs.
-
We don't need a new OS at all. Windows will run great so long as you've got modern hardware (quad core and DDR3 preferably, but dual core with DDR2 is fine too). What we need is for companies like Dell, HP, Gateway, etc. to stop putting all that garbage into the OS. If you've ever run Windows just as it's supposed to be directly from Microsoft without OEM's like Dell cramming it full of shit, you know what I mean. They do it right from the factory. Even if you remove all the crap programs and tune it up, it's still not anywhere near the same as the original OS. That's why I use my universal OEM disks to install just the OS and nothing else. It will make even an old P4 fly.
As for security, just have a decent antivirus and security precautions and you'll be fine 99% of the time unless you're doing lots of porn or visiting a ton of spam sites from Russia or something. Very rarely do I have a real problem - but I do what's required to keep a system running properly.
-
True. Windows can run great with the proper equipment. The viruses are still a pain though. I did hear that future operating systems (I think including Windows) will come with a sort of virtual immune system, where the system actively protects itself much like the human body against natural viruses and bacteria. That would be pretty neat I think.
-
65% of the cause of viruses is people being dumbasses and clicking on ads that say "Ooh, you're infected with 2,344 viruses! Click here now to remove them!" and crap like that. Another 25% is from people being dumbasses again and going to non reputable porn sites and downloading suspicious torrents. When a song which should be 3-12mb is only 25kb, don't download it. Only 10% of infections are from driveby downloads and other things that the end user can't really control. And 99% of those infections should be stopped by a good antivirus program. Realistically, getting infected more than once a year is not very likely if you use your brain.
-
Exactly. I agree with that post you made. A lot of people who use computers are morons with no brains. So they shouldn't even use a computer at all. People should heed those warnings so nothing can happen. I'm very careful with the stuff I use on my computer. Hence why I still have one. I don't download anymore. Due to the virus's and other stuff. I learn from experience. And it's gotta be the right virus protection also. A ton of them suck and and worthless. Like Macafee is awful. It just sucks so much. I used it and it only found some of the virus. And than I used Ad-AwareSP Personal and it found the twelve Trojan Virus's that Macafee couldn't find. Norton sucks. I had that it sucked. I have Microsoft Care One and that was was decent, It worked very well. So people need to be more smarter if they want a computer. Or take some classes to learn how to use one and to learn not to download stupid things.
-
I won't get my computer back before next week and as of now they seem to be unable to say anything about it at all :(
Till I get it back my possibilities to work online (the borrowed computer is somewhat varrying in its performance) are a bit inhibited (but to be fair the need to focus on impending exams also plays a role).
-
Ah that's good. I hope it will be okay when you get it back. And I hope you will have better virus protection.
-
I hope it all works out for you and soon. :goodluck
-
I didn't know any of this happened with you Malte.Hope to see you on MSN again bro
-
I won't get my computer back before next week and as of now they seem to be unable to say anything about it at all :(
That's appalling. Even if the whole system needs to be wiped out and all your data needs to be backed up and transferred, it'll take 1-2 hours tops. I can clear most infections within 15 minutes. I wish I could have done it over the webcam Malte. We could have gotten it done very quickly - at least compared to this incompetent shop. Even if they're backed up, I can work on 5-6 computers at a time with this issue easy. There's no way they're THAT backed up. I can pop a few dozen computers out my ass in a single day just by myself without any employees. Of course, I'm set up properly and know what I'm doing.
-
I'm sure his computer will be fine when he get's it back.
-
That's appalling. Even if the whole system needs to be wiped out and all your data needs to be backed up and transferred, it'll take 1-2 hours tops.
Well 1-2 hours is a bit of an exaggeration I think. It could take longer than that, depending on what equipment he has and the size of the drive. I doubt it'd take a week, though.
-
In my experience, 95% of people have 10gb of files or less when you're just backing up their pictures, documents, movies, etc. Transfer time is about 30 minutes tops. Then you'll need 45 minutes to install Windows, 15 minutes to install drivers and set up the software, and another 30 minutes to transfer the files back to the computer after formatting. These are maximum times here. A decent machine can install Windows 7 in 20 minutes or less. Some machines require only a few drivers, meaning driver install time can be as low as 5 minutes. And the time it takes to transfer data depends on how much space the files take up and how many individual files there are. For example, 100 files taking up 20gb of space will transfer faster than 5,000 files taking up 5gb of space. I get a backup, format, and driver reinstall done in 1 hour quite frequently actually.
-
In spite of the announcement I got on wednesday that it would take till next week I did get my computer back yesterday after all. I can't say I'm particularly happy now though since they really did wipe out the whole system and all of my data (which includes a lot of the material I prepared for lectures to be held in September, mails, MSN chats, as well as a higher resolution version of my most recent LBT image, most of the (not very far) LBT story I had been writing etc.) are lost.
I never seem to learn to always save such data at another place too :bang
-
Sorry to hear that. But at least you got the computer back.
-
Yeah, I know how it feels, Malte. I lost all my files on my old computer back in 2007. I back up my computer about once a month now, just in case. An external hard drive is a pretty good investment. It seems time consuming, I know, and most of the time I just don't think about doing it, but it'll be worth it in the end saving all of your work and files. At least you got your computer back now, and can maybe start making monthly backups or so. :)
-
Glad you got your pc back. Terrible to hear about everything being wiped. The idea about the external hdd may be good if you want to back up stuff once a week, twice or once a month, ect. Personally I save a lot of stuff on discs, but that is not for everyone.
At least you have your computer back. That is something.