Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am infected: Police Pro


  • Please log in to reply
3 replies to this topic

#1 gilbertnak1000

gilbertnak1000

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 02 September 2009 - 02:23 PM

I am new to this so... I have picked up something that keeps bringing up this police pro and virus program. It starts scanning and when you tell it to quit it ask if you want to continue unprotected and to buy their program. By now it has pretty much shut down everything. I can't get on the internet, I can't restore the computer, I can't even delet a song off itunes. Needless to say i'm ready for a new computer. Luckly I have my computer at work.

I not very computer savy so I may be a lost cause. But if anyone would like to answer the call, step on up!

Thanks,

Kevin

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:26 PM

Posted 02 September 2009 - 03:20 PM

Hello gilbertnak1000 and :thumbsup: to BleepingComputer.

Let's see if we can get a look at this thing. Since you are unable to access the internet on the infected computer, download requested files using a clean computer and transfer them to the infected machine using a CD or Flash drive. Also, you can use the same method to move requested logs from the infected computer to your clean computer so that you can post them here. If you choose to use a flash drive, please run the following program on your clean computer before proceeding.

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well. <-- THIS IS IMPORTANT!!!
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

***************************************************

Please install RootRepeal
Note: Vista users ,, right click on desktop icon and select "Run as Administrator."Disconnect from the Internet or physically unplug your Internet cable connection.
Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
Temporarily disable your anti-virus and real-time anti-spyware protection.
After starting the scan, do not use the computer until the scan has completed.
When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
  • Extract RootRepeal.exe from the zip archive.
  • Open Posted Image on your desktop.
  • Click the "Drivers" tab, and then click the Posted Image button.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
~Blade


In your next reply, please include the following:
RootRepeal log

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#3 gilbertnak1000

gilbertnak1000
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 02 September 2009 - 10:00 PM

:thumbsup: Thanks for answer my call.
After I posted my problem, I read through a couple of other peoples problems and one gave a hint about putting the computer in safe mode. After I did that I was able to run my Malwarbytes program. After a couple of warnings came up, I aborted the Malwarbytes program and let it fix the problem. At this point i regained control of the Malwarbytes in standard mode. I hooked by to the internet and downloaded the Malwarbytes updates. I ran the updated Malwarbytes and it seemed to remove all my problems. Im using the "infected" computer now. Still I have one more problem. The internet search goes into a redirect mode when search. I am going to run the Malarbytes full scan when I sign off. Do you know anything else I could try?

Again, thanks for taking the time to help.

Kevin

#4 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:26 PM

Posted 02 September 2009 - 11:07 PM

You need to run the RootRepeal scan I asked for. . . you've still got the bulk of the infection in your computer; you just can't see it directly right now.

~Blade

Edited by Blade Zephon, 02 September 2009 - 11:07 PM.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users