dopetalk does not endorse any advertised product nor does it accept any liability for it's use or misuse

This website has run out of funding so feel free to contribute if you can afford it (see footer)

Author Topic: Windows 7 - Destroyed and Recovered from Adware: the Shell$ServicesEngine virus  (Read 215 times)

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6509
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:October 14, 2021, 09:08:18 AM
  • Deeply Confused Learner
  • Profession: IT Engineer
I had a virus/adware nightmare so I tried to remove Shell$ServicesEngine with an adware remover and it completely destroyed my main windows 7 desktop machine (with a ton of settings that i want saved).

the virus kept on hijacking the browser and displayed a warning and some ads.

i had an old *Clonezilla backup of my (main) Windows 7 Desktop but it's from January.

i knew Windows was on the disk partitions 1 and 2 so i restored just those from *it (lost a few months of minor downloads and some music i tried to make).

to remove the adware i used msconfig to stop the following services from starting:

Shell$ServicesEngine
Shell$ServicesEngine_updater_service


NOTE: I decided to leave the following application in place:

Shell$ServicesEngine 3.0.0 (in Control Panel > Programs and Features)
.

so far, so good ... i thoroughly recommend using Clonezilla to backup your important machines, it was a life-saver

more info at https://forums.malwarebytes.org/topic/176156-removal-instructions-for-shellservices/
« Last Edit: March 19, 2016, 11:05:26 PM by chipper »
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
I do not condone or support any illegal activities. All information is for theoretical discussion and wonder.
All activities discussed are considered fictional and hypothetical. Information of all discussion has been derived from online research and in the spirit of personal Freedom.

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6509
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:October 14, 2021, 09:08:18 AM
  • Deeply Confused Learner
  • Profession: IT Engineer
Malwarebytes is a good free anti-virus tool for Windows, i recommend it as it also detected this particular virus.

i decided to handle it myself for now but it's worked wonders before.

if the virus comes back then i will deploy Malwarebytes.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
I do not condone or support any illegal activities. All information is for theoretical discussion and wonder.
All activities discussed are considered fictional and hypothetical. Information of all discussion has been derived from online research and in the spirit of personal Freedom.

Offline Zoops

  • Filius non bonum de canis femina.
  • Deceased
  • Hero Member
  • *****
  • Join Date: May 2015
  • Location: Nodsville-on-Patawomeck, Virginia, USA
  • Posts: 1729
  • Reputation Power: 58
  • Zoops has got loads of potential.Zoops has got loads of potential.Zoops has got loads of potential.Zoops has got loads of potential.Zoops has got loads of potential.
  • Gender: Male
  • Last Login:September 29, 2017, 04:49:02 AM
  • Keeping the wolves at bay with a sharp stick.
I run AVG for my anti virus software. It's pretty good. I used to have the $30/year subscription one, but now I am running the free one.

Well, about a year and a half ago, I was offered a free "computer cleanup" thingy from AVG, which completely fucking DESTROYED my Windows machine. Had to completely re-install the operating system and everything. I was like a 12 hour long nightmare. Wasn't sure if I was going to be able to recover my shit at all. Had to download a pirated copy of Word afterwards because my paid, legal copy was on there and I didn't have recorded anywhere that authentication number thing that you get when you buy a copy of it.

My advice is not to install and run any "disk cleanup" or "PC doctor" shit that you get ads for, even if it's free- especially if it's free!
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
"The future ain't what it used to be."
"When you come to a fork in the road, take it."
"You can observe a lot just by watching."
- Yogi Berra

"Drugs are so fucking good....that they'll ruin your life."
- Louis C.K.

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6509
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:October 14, 2021, 09:08:18 AM
  • Deeply Confused Learner
  • Profession: IT Engineer
Zoops, it WAS advertising something very much like that, good advice.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
I do not condone or support any illegal activities. All information is for theoretical discussion and wonder.
All activities discussed are considered fictional and hypothetical. Information of all discussion has been derived from online research and in the spirit of personal Freedom.

Offline Zoops

  • Filius non bonum de canis femina.
  • Deceased
  • Hero Member
  • *****
  • Join Date: May 2015
  • Location: Nodsville-on-Patawomeck, Virginia, USA
  • Posts: 1729
  • Reputation Power: 58
  • Zoops has got loads of potential.Zoops has got loads of potential.Zoops has got loads of potential.Zoops has got loads of potential.Zoops has got loads of potential.
  • Gender: Male
  • Last Login:September 29, 2017, 04:49:02 AM
  • Keeping the wolves at bay with a sharp stick.
I finally broke down and DL'd Chrome as my browser. IE is sooooo fucking clunky it's sad. Just sad. I know there are a few Linux snobs on here that will laugh at my choice of Chrome. But hey, at least it's better than IE.

I am computer retarded. I really like and appreciate that you don't jump all in people's shit about being that way, Chipper, even though you are above most people's level of functioning insofar as computers and shit go.

You know, those of us that don't make a living doing this stuff simply don't have time to devote to learning Linux and code and all that other stuff.

I wanted to DL Tor so that I could get pirated music and movies anonymously off Pirate Bay, but it said that Tor wouldn't hide my identity for torrenting sites. Is that true?
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
"The future ain't what it used to be."
"When you come to a fork in the road, take it."
"You can observe a lot just by watching."
- Yogi Berra

"Drugs are so fucking good....that they'll ruin your life."
- Louis C.K.

Offline dizzle

  • that nizzle
  • Sr. Member
  • ****
  • SA_Chat+
  • **
  • Join Date: Aug 2015
  • Location: chi-tizzle
  • Posts: 691
  • Reputation Power: 40
  • dizzle is now getting very popular.dizzle is now getting very popular.dizzle is now getting very popular.dizzle is now getting very popular.
  • Gender: Male
  • Last Login:February 15, 2019, 02:40:50 AM
RUN LInux cinnamon (Mint but it's a cinnamon build), download it for free, it's STUPID fucking easy.


If you have windows on a machine already, don't rewrite the mint OVER your windows partitiion, shrink the windows partition, and install mint cinnamon alongside windows.


This will give you a DUAL BOOT machine. This way, if you're like me and occaisionally HAVE to run programs that will only play nice with windows, such as, photoshop, dreamweaver, solidoworks, and all types of shit for my 3d printer, you CAN boot into windows, do your trhing, and then when you're done, power down.

When you're machine starts up it'll just ask you what you want to boot into, for me, I actually have a tri-boot machine, running Kali (pentesting linux platform), Mint, and Win-doesn't 7. This way when my neighbor pisses me off by playing their netflix movies too loud, or fucks up the airwaves by downloading superlarge files over their wifi, which makes my ps4 controller not work well as it runs on the same freq as wifi, I can boot into kali and run a few kill command lines after check to see what network is wrecking the havoc on the airwaves.


But anyways, yeah, linux mint ins't all about command line anymore, it's very easy to do standard stuff on it, if you're just browsing the web, fucking around, watching movies, whatever, then it's for you. It'll speed up your machine like 3x over windows because there's not all types of stupid bullshit running in the background.



to answer your q, zoops, yes and no, it'll hide it while downloading, but the trackers and BS installed when you pull down a torrent have the ability to reveal your real IP.
« Last Edit: March 22, 2016, 02:43:09 PM by dizzle »
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline Esoteric Anhydride

  • I <3 Mods
  • Tech
  • Full Member
  • *
  • SA_Chat+
  • **
  • Join Date: May 2015
  • Location:
  • Posts: 486
  • Reputation Power: 0
  • Esoteric Anhydride has hidden their reputation power
  • Last Login:October 14, 2019, 06:26:54 AM
I finally broke down and DL'd Chrome as my browser. IE is sooooo fucking clunky it's sad. Just sad. I know there are a few Linux snobs on here that will laugh at my choice of Chrome. But hey, at least it's better than IE.

I am computer retarded. I really like and appreciate that you don't jump all in people's shit about being that way, Chipper, even though you are above most people's level of functioning insofar as computers and shit go.

You know, those of us that don't make a living doing this stuff simply don't have time to devote to learning Linux and code and all that other stuff.

I wanted to DL Tor so that I could get pirated music and movies anonymously off Pirate Bay, but it said that Tor wouldn't hide my identity for torrenting sites. Is that true?

If you don't know what you're doing, ya, it can be pointless. Plus there's some mixed opinions about using up tor bandwidth sucking down torrents.

Unless you're bringing down a shit ton of data every minute, I wouldn't worry about it. Use tails for tor and just use yer regular PC and whatever client for grabbing torrents.
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Offline Chip (OP)

  • Server Admin
  • Hero Member
  • *****
  • Administrator
  • *****
  • Join Date: Dec 2014
  • Location: Australia
  • Posts: 6509
  • Reputation Power: 0
  • Chip has hidden their reputation power
  • Gender: Male
  • Last Login:October 14, 2021, 09:08:18 AM
  • Deeply Confused Learner
  • Profession: IT Engineer
@dizzle, I use Mint for a multi-boot manager on my desktop. how about that ?
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
I do not condone or support any illegal activities. All information is for theoretical discussion and wonder.
All activities discussed are considered fictional and hypothetical. Information of all discussion has been derived from online research and in the spirit of personal Freedom.

Offline Esoteric Anhydride

  • I <3 Mods
  • Tech
  • Full Member
  • *
  • SA_Chat+
  • **
  • Join Date: May 2015
  • Location:
  • Posts: 486
  • Reputation Power: 0
  • Esoteric Anhydride has hidden their reputation power
  • Last Login:October 14, 2019, 06:26:54 AM
Also,if you're running AV scans from within an infected computer, you're wasting time. That's like asking a crazy person if they're sick.

You gotta scan the disk from an external, trusted OS. IE, scan the machine when it's NOT RUNNING.

There are a few ways to do this, last scanner I used that could do this was AVAST.

Not much use in scanning a machine if the kernel is just gonna sit there and tell you stories. Once infected, you can't trust the machine for shit anymore..
friendly
0
funny
0
informative
0
agree
0
disagree
0
like
0
dislike
0
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions
No reactions

Tags:
 

Related Topics

  Subject / Started by Replies Last post
0 Replies
2820 Views
Last post December 04, 2014, 04:32:29 PM
by Chip
6 Replies
8500 Views
Last post June 19, 2016, 12:24:06 AM
by DiacetylKineval
11 Replies
8710 Views
Last post June 23, 2015, 06:51:47 AM
by Chip
3 Replies
3894 Views
Last post February 10, 2015, 02:18:16 PM
by Chip
3 Replies
158 Views
Last post March 09, 2015, 03:57:56 PM
by Chip
0 Replies
722 Views
Last post January 06, 2015, 10:18:33 PM
by andrew
0 Replies
2505 Views
Last post July 21, 2015, 09:59:49 AM
by Chip
0 Replies
2650 Views
Last post July 22, 2015, 07:51:56 AM
by candy
6 Replies
4051 Views
Last post September 27, 2015, 05:19:42 AM
by Jega
19 Replies
8792 Views
Last post July 27, 2016, 06:11:06 PM
by Chip


dopetalk does not endorse any advertised product nor does it accept any liability for it's use or misuse





TERMS AND CONDITIONS

In no event will d&u or any person involved in creating, producing, or distributing site information be liable for any direct, indirect, incidental, punitive, special or consequential damages arising out of the use of or inability to use d&u. You agree to indemnify and hold harmless d&u, its domain founders, sponsors, maintainers, server administrators, volunteers and contributors from and against all liability, claims, damages, costs and expenses, including legal fees, that arise directly or indirectly from the use of any part of the d&u site.


TO USE THIS WEBSITE YOU MUST AGREE TO THE TERMS AND CONDITIONS ABOVE


Founded December 2014
SimplePortal 2.3.6 © 2008-2014, SimplePortal