JS Shadraem.a

Posted on 2010-01-04
Last Modified: 2013-11-22
A PC detected the JS Shadraem a virus.  This machien was up to date with anti-vrus, but log said cure failed and fiel was restored.  I looked online but there is not much out there about this one.

Does anyone have any removal tips?

Thank you.
Question by:LionelR2D2
    LVL 13

    Accepted Solution

    Run a temporary file remover...CCleaner is a good one and it's free.

    Download Combofix by sUBs.

    Before running Combofix, temporary disable any firewall(s) shield(s) prevent any conflicts with Combofix. After Combofix is done scanning, it will create a log, for futher instructions, save and paste the results by Attach File, or by Code Snippet so other experts can take a look at it. Once after the log looks clean, you may enable your firewall(s) shield(s) ect. Combofix will disconnect your machine from the Internet. Your Internet connection will be automatically restored just before Combofix completes its scan. If Combofix runs into problems, your Internet connection can be manually restored by restarting your machine.

    You'll might need to rename the file before saving to your desktop so it will not be blocked.

    Please note: Don't run Combofix in Safe Mode.
    LVL 8

    Assisted Solution

    I've had pretty good luck with CCleaner over the years but I always tell people to scan with more than one product because not all are exactly the same.

    Download trustworthy virus scanners such as A-squared, Malware Bytes, etc.  Update all virus scanners to the most recent virus definitions.

    Turn off System restore on your machine temporarily.  Go to 'My Computer', 'System Restore', select 'Turn off system restore'.

    Reboot your machine into Safe Mode, press F8 after you see your computer manufacturer 'splash screen'.

    Run the tools using Deep Scans or Full Scans and remove any malicious items they find.  Reboot your computer normally, re-enable system restore if you want and away you go.
    LVL 26

    Assisted Solution

    by:Thomas Zucker-Scharff
    I agree with what joefreedom said, but you should note that turning off System restore deletes all your restore points.  This is important because restore points contain protected files which will not be deleted by any program no matter what it says.  Once SR is off the points are deleted, but as has been said, you should run your software to be sure.

    Before doing this make sure your computer reboots.  Try to make sure your system is clean of viruses except in system restore.  Do NOT follow these directions if you have tried to restore to an earlier time before you were infected.  An infected restore point is better than none at all.  But once you have a clean machine, the following procedure is the ONLY way I know of to clean your restore points because they are protected files.  

    No matter what your software says it is doing it cannot clean your restore points.

    WARNING:  This will DELETE ALL your system restore points

    Disable System Restore:
    Click Start, right-click My Computer, and then click Properties.
    In the System Properties dialog box, click the System Restore tab.
    Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
    Click OK.
    When you receive the following message, click Yes to confirm that you want to turn off System Restore:
    "You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
    Do you want to turn off System Restore?"
    After a few moments, the System Properties dialog box closes.

    Reboot your system

    Follow the above steps to reenable system restore

    Create a manual restore point:
    click the start button
    all programs
    system tools
    system restore

    choose to create a restore point and follow the prompts - name it appropriately
    LVL 8

    Assisted Solution

    I would also consider running an antiroot kit -- Sophos makes a very good one:
    LVL 26

    Expert Comment

    by:Thomas Zucker-Scharff
    Yes but don't just run one antiroot kit, I usually run 3 to make sure.  Try the sophos one suggested above (an excellent one) and these 2:


    They seem to have varying sensitivities.  I believe that the Sophos app is the most sensitive, the downside being that it will find false positives, depending on your computer usage.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Suggested Solutions

    It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
    Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now