WIN 32 fakesysdef trojan

[Dorset Girl]

According to the system I use (Vipre) this Trojan was released on 27 12 2010 so it should have had protection against it by now.
Marion

[Devonmade]

My next door neighbours had a similar experience with Win 32. It was flagged up by "Windows Security Centre" they were supposedly infected with lots of other things also. This was a complete red herring that caused a lot of worry. Their McAfee was up to date and once a complete scan was carried out and nothing was found their minds were put at rest and the computer behaved normally and nothing was lost.

Sue

[tony vines]

Marion

Your information chimes with the info on MS. However, they also state that it has grown more sophisticated as new versions have been released. That means that as usual the virus writers are always likely to be one step ahead of the anti-virus writers. McAfee initially but belatedly reported the trojan but only after it was too late. What good is software that can spot something but cannot stop it?

It may now have been zapped but only by using another malware program. Sadly however, it has caused a lot of damage in the meantime and may lead to us scrapping the laptop after only 2 years.

[tony vines]

Sue there are lots of viruses called by the prefix Win 32. The one in question is genuine and has caused real damage. If you are interested Google "Win32/FakeSysdef" and have a look at the Microsoft site information about it. I have an old Windows laptop which I use for genealogy projects and I have now put Windows Security Essentials on it in the hope that it does a better job than the McAfee product.

[Mutley]

Sue there are lots of viruses called by the prefix Win 32. The one in question is genuine and has caused real damage. If you are interested Google "Win32/FakeSysdef" and have a look at the Microsoft site information about it. I have an old Windows laptop which I use for genealogy projects and I have now put Windows Security Essentials on it in the hope that it does a better job than the McAfee product.

I've used AVG for years but a while ago I had a power switch blow and the repair shop removed AVG and replaced it with Microsoft Security Essentials. I was not a happy bunny and seeing as AVG and MSE will not sit on the same PC together I thought I would try MSE for a while. It was the one that let my virus in but it worked doubly hard to get rid of it and finally succeeded without me losing anything.

A friend has been blowing the trumpet of an anti virus called Kaspersky (sounds like a motor bike). He said everyone was talking about it and it was excellent. I'd never heard of it but was surprised to find Barclays Bank offering it for free.

Any one tried it?

[roan]

Viruses like this are a real problem and in my experience the best option is to save any files you have created to an external Hard Drive or USB stick, then re-install the operating system from the discs that came with the computer or from the restore drive on the computer, making sure you use the option to format before re-installation. Then it will be necessary to re-load all your other programs etc., including your anti-virus before copying your saved files back onto the computer. A real pain, but well worthwhile and the computer will run faster too!

[Dorset Girl]

Tony,
Don't know if you have looked at this site - Bleeping Computers. (Ignore the first part where they say register or log in - just wander down the page and there is quite a bit on it - how to fix etc). You've probably seen it but just in case not

https://www.
bleepingcomputer.com/virus-removal/remove-disk-optimizer

Marion

[tony vines]

Hi Marion

What a great steer, thanks. I wasn't aware of this site although "her indoors" may have come across it as she wrestled with this virus. I have of course told her about it. Is the site reliable in your experience?

regards

[Dorset Girl]

Hi Tony,
Bleeping Computers usually seem to be pretty reliable and they point you to Malwarebytes - which I have used on many occasions - and Hijack (also used). Having looked through their instructions I couldn't see anything that would worry me - and I would always recommend Malwarebytes - from memory I had to start my computer in safe mode when I got "hit" some moons ago and then use Malwarebytes in safe mode. Hope it is of some help.
Marion

[tony vines]

Hi Marion

Yes she used Malwarebytes in safe mode. It seems to have removed the trojan but there is still damage. I suspect it is because she followed several of the spurious instructions provided by the trojan before McAfee woke up and told her that she had the virus. It's a useful site so thanks for your help.

regards