Solved Segurazo (Malware) - how can I remove remotely?

[jeanrouge]

Segurazo installed itself on my remote mailserver (running win7)

I am thousands of miles away from base.Last night I got a neighbour to reboot the system.
I got in briefly until I tried removal then it flooded the memory and I lost the connection.
I'll have to get the neighbour to reboot again...

The Segurazo install process deleted all prior Restore Points (!!!)

I wonder if anyone has experienced the same thing and found a solution.
Thanks
Jean

 

[jeanrouge]

PS until it is rebooted I won't receive any notifications I'll just look at this site from time to time.

 

[Paul Black]

Hi jeanrouge,

Segurazo installed itself on my remote mailserver (running win7)

I am thousands of miles away from base.Last night I got a neighbour to reboot the system.
I got in briefly until I tried removal then it flooded the memory and I lost the connection.
I'll have to get the neighbour to reboot again...

The Segurazo install process deleted all prior Restore Points (!!!)

I wonder if anyone has experienced the same thing and found a solution.

Download and run Malwarebytes [FREE] from here => Malwarebytes.

I hope this helps!

 

[jeanrouge]

Hi Paul and thanks - Yes and thanks. I had read up about Malwarebytes. The instructions appear to suggest that you've got to go into SAFE mode which is something too difficult to explain to a non-IT neighbour. Do you think (I suppose I can but try) that I can run Malwarebytes without having to worry about SAFE mode? My experience this morning was that any action causes the memory to flood. I sent an email to Segurazo asking their advice for uninstall - Ha! Ha!

 

[z3r010]

One option to get into safemode could be to add a shortcut to your context menu so you can do it yourself remotely.

This is at our Windows 8 site but it works on 7 - Safe Mode - Add to Desktop Context Menu in Windows | Windows 8 Help Forums

 

[jeanrouge]

Hi and thanks - I've downloaded the tool to my local machine (Win10) just to get an idea of what it is. I haven't tried to install it. Just to make sure I understand - once I go through STEP 1 and install it on the win7 machine I will see somewhere on the Start Button menu an option to reboot into safe mode with networking. I can then do what is required to remove Segurazo and finally reboot into normal mode. I can then uninstall with STEP 2 Am I correct?

 

[z3r010]

Just follow the instructions in the tutorial - unzip the file, copy the safe_mode folder to your C:\windows directory then double click the add_safe_mode_to_desktop_context_menu.reg to add it to your registry.

Then when you right-click on your desktop you will have a new safe mode option in your context menu that gives you the option to reboot in the different safe modes.

 

[jeanrouge]

I am being thick - where do I find the Context Menu? - The tutorial instructions were absolutely clear by the way. Jean

 

[torchwood]

Hi Jean,

Just RIGHT click on your desktop.


Roy

 

[jeanrouge]

Thanks - hope all goes well once the neighbour reboots and I get in - will let you all know - thanks to everyone for the kind help - next report tomorrow! Jean!

 

[Alejandro85]

The same as any malware infection, there is only one way to completely remove it: Reformat the affected computer and reinstall the OS from scratch, and restore your most recent data backup and other programs along with it.

Don't bother with antiviruses or any thing like that, there is no way to ensure your computer is clean any more. Just blow the whole thing up and perform a safe clean install.

 

[jeanrouge]

I am being thick - where do I find the Context Menu? - The tutorial instructions were absolutely clear by the way. Jean

 

[jeanrouge]

Thank you all for your help and suggestions - all went well and Malwarebytes successfully dealt with Segurazo (and some others)!

 

[z3r010]

I am being thick - where do I find the Context Menu? - The tutorial instructions were absolutely clear by the way. Jean

It's the menu that appears when you right click your mouse on your desktop.

 

[Paul Black]

Thank you all for your help and suggestions - all went well and Malwarebytes successfully dealt with Segurazo (and some others)!