[Hidden-tech] Ack! 'System Media Codec' virus
David Korpiewski
davidk at cs.umass.edu
Sun Apr 18 00:46:15 EDT 2010
Best way to try to purge this threat is to run rkill which hopefully can
kill the virus, available from
http://www.technibble.com/rkill-repair-tool-of-the-week/
Then after running rkill dload and run MalwareBytes.
Good luck. I've been running into a bunch of these that just can't be
removed and I've had to format and reinstall a bunch of machines.
David
On 4/17/2010 7:03 PM, RA Cohen wrote:
> ** Be sure to fill out the survey/skills inventory in the member's area.
> ** If you did, we all thank you.
>
>
>
>
>
> If you can somehow get MalwareBytes to run in safe mode you may get
> lucky - there is also a tool called Universal Boot CD for Windows - but
> I would try MalwareBytes first. You've got to download it, install it,
> and update it before running, of course.
>
> In the end, it may be for the best to get your data off (external usb
> drive or the like) and start with a fresh clean slate. Then put
> LinuxMint8 on the machine, run your Windows apps in a VirtualBox
> VirtualMachine and you may never look back! (Well, if your machine has
> goodly amounts of RAM and a decent processor, that is...)
>
> Best of luck,
> -Roy
>
> On 04/17/2010 06:09 PM, David F. Farkas wrote:
>> ** Be sure to fill out the survey/skills inventory in the member's area.
>> ** If you did, we all thank you.
>>
>>
>>
>>
>>
>> I've been trying to sanitized my desktop from the System Media Codec
>> virus. It intercepts anything and everything with a popup that goes to
>> thier web site.
>>
>> I've worked in Safe Mode with SpyBot, Registry Cleaners, and a special
>> tool for this virus that I download. And... the I'm still getting pop
>> ups and the machine is compromised... now it's even defaulted to 640 x
>> 480 desktop with blue background. <sigh>
>>
>> Help? Puleeeze?
>> Thanx
>> David
>>
>> --
>> !¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!
>>
>> DAVID FRANKLIN FARKAS
>> www.HouseHealing.com <http://www.HouseHealing.com>
>> Remote Healing for Real Estate, People & Business
>>
>> Web Site: www.HouseHealing.com <http://www.HouseHealing.com>
>> Email: david at HouseHealing.com
>> Twitter: http://twitter.com/HouseHealing
>> FaceBook: www.facebook.com/d.f.farkas <http://www.facebook.com/d.f.farkas>
>> FB Page: http://tr.im/HouseHealingFan
>>
>> Snowmen Fall From Heaven... Unassembled
>>
>> !¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!¡!
>>
>> No trees were destroyed by sending this message.
>> However, many electrons were sorely inconvenienced!
>>
>>
>> _______________________________________________
>> Hidden-discuss mailing list - home page:http://www.hidden-tech.net
>> Hidden-discuss at lists.hidden-tech.net
>>
>> You are receiving this because you are on the Hidden-Tech Discussion list.
>> If you would like to change your list preferences, Go to the Members
>> page on the Hidden Tech Web site.
>> http://www.hidden-tech.net/members
>
> --
> 413-223-9007 opt 1
> www.net-vantage.com
>
> Our Mission:
>
> "Providing the same technology advantages enjoyed by large organizations to small and medium-sized businesses, professional practices, schools, and non-profits, at a realistic and practical cost."
>
>
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
--
===========================================
David Korpiewski
Software Specialist I
CSCF - Computer Science Computing Facility
Department of Computer Science
Phone: 413-545-4319
Fax: 413-577-2285
===========================================
More information about the Hidden-discuss
mailing list