Windows 7 - Destroyed and Recovered from Adware: the Shell$ServicesEngine virus

[Chip (OP)]

I had a virus/adware nightmare so I tried to remove Shell$ServicesEngine with an adware remover and it completely destroyed my main windows 7 desktop machine (with a ton of settings that i want saved).

the virus kept on hijacking the browser and displayed a warning and some ads.

i had an old *Clonezilla backup of my (main) Windows 7 Desktop but it's from January.

i knew Windows was on the disk partitions 1 and 2 so i restored just those from *it (lost a few months of minor downloads and some music i tried to make).

to remove the adware i used msconfig to stop the following services from starting:

Shell$ServicesEngine
Shell$ServicesEngine_updater_service

NOTE: I decided to leave the following application in place:

Shell$ServicesEngine 3.0.0 (in Control Panel > Programs and Features)

.

so far, so good ... i thoroughly recommend using Clonezilla to backup your important machines, it was a life-saver

more info at https://forums.malwarebytes.org/topic/176156-removal-instructions-for-shellservices/

[Chip (OP)]

Malwarebytes is a good free anti-virus tool for Windows, i recommend it as it also detected this particular virus.

i decided to handle it myself for now but it's worked wonders before.

if the virus comes back then i will deploy Malwarebytes.

[Zoops]

I run AVG for my anti virus software. It's pretty good. I used to have the $30/year subscription one, but now I am running the free one.

Well, about a year and a half ago, I was offered a free "computer cleanup" thingy from AVG, which completely fucking DESTROYED my Windows machine. Had to completely re-install the operating system and everything. I was like a 12 hour long nightmare. Wasn't sure if I was going to be able to recover my shit at all. Had to download a pirated copy of Word afterwards because my paid, legal copy was on there and I didn't have recorded anywhere that authentication number thing that you get when you buy a copy of it.

My advice is not to install and run any "disk cleanup" or "PC doctor" shit that you get ads for, even if it's free- especially if it's free!

[Chip (OP)]

Zoops, it WAS advertising something very much like that, good advice.

[Zoops]

I finally broke down and DL'd Chrome as my browser. IE is sooooo fucking clunky it's sad. Just sad. I know there are a few Linux snobs on here that will laugh at my choice of Chrome. But hey, at least it's better than IE.

I am computer retarded. I really like and appreciate that you don't jump all in people's shit about being that way, Chipper, even though you are above most people's level of functioning insofar as computers and shit go.

You know, those of us that don't make a living doing this stuff simply don't have time to devote to learning Linux and code and all that other stuff.

I wanted to DL Tor so that I could get pirated music and movies anonymously off Pirate Bay, but it said that Tor wouldn't hide my identity for torrenting sites. Is that true?

[dizzle]

RUN LInux cinnamon (Mint but it's a cinnamon build), download it for free, it's STUPID fucking easy.


If you have windows on a machine already, don't rewrite the mint OVER your windows partitiion, shrink the windows partition, and install mint cinnamon alongside windows.


This will give you a DUAL BOOT machine. This way, if you're like me and occaisionally HAVE to run programs that will only play nice with windows, such as, photoshop, dreamweaver, solidoworks, and all types of shit for my 3d printer, you CAN boot into windows, do your trhing, and then when you're done, power down.

When you're machine starts up it'll just ask you what you want to boot into, for me, I actually have a tri-boot machine, running Kali (pentesting linux platform), Mint, and Win-doesn't 7. This way when my neighbor pisses me off by playing their netflix movies too loud, or fucks up the airwaves by downloading superlarge files over their wifi, which makes my ps4 controller not work well as it runs on the same freq as wifi, I can boot into kali and run a few kill command lines after check to see what network is wrecking the havoc on the airwaves.


But anyways, yeah, linux mint ins't all about command line anymore, it's very easy to do standard stuff on it, if you're just browsing the web, fucking around, watching movies, whatever, then it's for you. It'll speed up your machine like 3x over windows because there's not all types of stupid bullshit running in the background.



to answer your q, zoops, yes and no, it'll hide it while downloading, but the trackers and BS installed when you pull down a torrent have the ability to reveal your real IP.

[Esoteric Anhydride]

I finally broke down and DL'd Chrome as my browser. IE is sooooo fucking clunky it's sad. Just sad. I know there are a few Linux snobs on here that will laugh at my choice of Chrome. But hey, at least it's better than IE.

I am computer retarded. I really like and appreciate that you don't jump all in people's shit about being that way, Chipper, even though you are above most people's level of functioning insofar as computers and shit go.

You know, those of us that don't make a living doing this stuff simply don't have time to devote to learning Linux and code and all that other stuff.

I wanted to DL Tor so that I could get pirated music and movies anonymously off Pirate Bay, but it said that Tor wouldn't hide my identity for torrenting sites. Is that true?

If you don't know what you're doing, ya, it can be pointless. Plus there's some mixed opinions about using up tor bandwidth sucking down torrents.

Unless you're bringing down a shit ton of data every minute, I wouldn't worry about it. Use tails for tor and just use yer regular PC and whatever client for grabbing torrents.

[Chip (OP)]

@dizzle, I use Mint for a multi-boot manager on my desktop. how about that ?

[Esoteric Anhydride]

Also,if you're running AV scans from within an infected computer, you're wasting time. That's like asking a crazy person if they're sick.

You gotta scan the disk from an external, trusted OS. IE, scan the machine when it's NOT RUNNING.

There are a few ways to do this, last scanner I used that could do this was AVAST.

Not much use in scanning a machine if the kernel is just gonna sit there and tell you stories. Once infected, you can't trust the machine for shit anymore..