system defragmenter malware help

[mikestatt]

I have somehow picked up a piece of malware called system defragmenter that pretends it is a legit program on my computer.

It given constant warning messages and shuts down my computer.

Having searched Google there are lots of programs on offer that supposedly will sort it but I don't want to download something that causes more problems without addressing my original problem.

Has anyone experienced system defragmenter or can anyone recommend something to get rid of it.

Thanks

Mike

 

[Buttso]

this looks like a good guide...
http://www.bleepingcomputer.com/virus-removal/remove-system-defragmenter

although I am surprised microsofts malicious software removal tool didnt have this one listed..

there are a few other guides out there to remove this, as well as automated tools if you have problems with the first one

 

[Cestria]

Doing a system restore going back to before you picked it up may do it.

 

[mikestatt]

Thanks chaps. I tried the Microsoft thing but it didn't find it. I'll have a read see what it says.

 

[mikestatt]

I did as instructed in the above link. Seems to have made no difference. Bloory malware.

 

[Popell]

Make sure you followed the instructions on Bleepingcomp, they are usually pretty good, you may need to try it again.
Sounds like a rootkit barsteward, best of luck with the fix

 

[mikestatt]

I'm running it again as we speak. The malware doesn't seem to be running as the messages have stopped although its still there on the toolbar.

 

[mikestatt]

No its not worked. second scan found nothing. When I start the comp the bloody malware starts up. Back to the drawing board.

 

[shugie]

If you can boot the machine in safe mode, then type msconfig in the search box and run the file that finds. Click "selective startup", then go to the services tab and look through the services for any that have a really random name, and when you look at the command column are loaded from a sub-directory with a different really random name. Untick the box next to that service, so it doesn't start, and make a note of the file name and subdirectory.

Then restart the machine, and run your malware finder again (I like malwarebytes for this sort of problem), if it identifies the program name you noted that's obviously the culprit and can be deleted.

Doesn't work for all the malware I have to admit, but it's a useful starting point.

 

[rjsmith26]

Download a program called malware bytes

When you install it - make sure you install it in a directory like - robs malwarebytes instead of just the malwarebytes dir as putting it in the default directory can make it vunerable to attack.

Once installed let it update and then run a full scan and clean up.

If this doesny solve your problem, then boot into safe mode via f8 on start up and run malware bytes again.

I work in IT and the above should fix it for you.

Cheers

Rob

 

[mikestatt]

Thanks for the help guys. I think it may be sorted now but time will tell.

 

[shugie]

Download a program called malware bytes

When you install it - make sure you install it in a directory like - robs malwarebytes instead of just the malwarebytes dir as putting it in the default directory can make it vunerable to attack.

Once installed let it update and then run a full scan and clean up.

If this doesny solve your problem, then boot into safe mode via f8 on start up and run malware bytes again.

I work in IT and the above should fix it for you.

Cheers

Rob

Malwarebytes does not find all the crap when run in safe mode, it relies on the malware actually running when it hunts for it. Also, as well as renaming the malwarebytes directory, it can be a cunning wheeze to rename the mban file too.