Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with System Security / Security Alert Virus!!!!


  • This topic is locked This topic is locked
7 replies to this topic

#1 AHHHHHHHHelp

AHHHHHHHHelp

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 28 October 2009 - 07:32 PM

My mom's computer has got this virus that is really tricky, and I can't figure out how to get rid of. It pops up when windows loads and scans the system saying it's finding all these viruses and spyware, and asked if you want to clean it or continue infected. I slows the whole system down, and clears all the desktop icons off. It also blocks all websites that have anything to do with viruses, and other websites like microsoft and stuff. Says internet connection not working when going to those sites, and popups will come up. Also, it prevents task manager from being run, and for that matter, ANY .exe executable file. ANY. So I can't run any program to run spyware or antivirus programs. I can't even get in command prompt, run task manager, or goto system restore. Nothing. I tried running a bunch of programs off a flashdrive too, and same issue. I've read al these things about using malware bytes & combofix, but yet again, they are executable files, and when I try to run them I see a popup from the security alert icon in the bottom right corner that says that file is infected and "trying to send credit card info to ...." and to register the program again.... The computer doesn't start in safemode either, it will restart and ask to start it in normal or last known good config...

Any ideas?

Ryan

Edited by garmanma, 28 October 2009 - 07:52 PM.
I deleted your duplicate post


BC AdBot (Login to Remove)

 


#2 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:01:23 AM

Posted 28 October 2009 - 07:42 PM

So when you try to start it in safe mode, your only option is last known good configuration?
DJ Digital Gem

I gave up on computers and now I just DJ!

#3 AHHHHHHHHelp

AHHHHHHHHelp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 28 October 2009 - 07:58 PM

When I goto Safemode, or safemode with networking or safemode with command, it goes like it's loading up in safemode... and almost starts windows, but then returns to that 'F8' screen and gives me all the options all over again... So something isn't loading up right in safe mode... It'll keep doing this cycle until I pick normal or last known good...

#4 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:01:23 AM

Posted 28 October 2009 - 08:04 PM

Well, it sounds like it's prety much hosed then. What I would do is take the hard drive out and load it in another computer as a second drive or a "slave" so that the scans can be run without the drive ever having to be booted up.
DJ Digital Gem

I gave up on computers and now I just DJ!

#5 AHHHHHHHHelp

AHHHHHHHHelp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 28 October 2009 - 08:06 PM

ya bummer... I was hoping since I could still get into windows that there was some trick that I could try, that didn't involve running an executable file, or going to a website, or trying the other options I did... Thanks though!

Ryan

#6 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:23 AM

Posted 28 October 2009 - 10:41 PM

I think if you wait for one of the staff members here to help you there might be a way to proceed without removing the drive.

I do not know how to link you to the program that they have that might let you run some programs to clean up your system, but if you are just patient, one of the staff members might pop into this thread and help you with that.

If you do not already have Malwarebytes downloaded and installed on your computer and have access to another computer to download it to, you might want to go ahead and get that program on a disk to put on your computer, same with SuperAntiSpyware.

I only suggest using another computer because you say you cannot access sites that pertain to virus removal programs. However you can get there, it would be good to download those programs and you can get them from.....

Malwarebytes.org and SuperAntiSpyware.com.

If by chance you can get them to run, run them using quick scan, Malwarebytes first, let them remove anything that they find and then post the logs here. If you cannot get them to run, all I can suggest is to wait for a staff member to come to the rescue. Good luck


Ok, I found a way to link you to the program that might let you run some cleanup programs, follow the directions by boopme in the second post in this thread for downloading rkill.scr and for how to run malwarebytes if you have it....

http://www.bleepingcomputer.com/forums/t/267684/win32trojandownloader-renosjs/

You are probably still going to need help from a staff member, but this might get you going while you wait.

Edited by Stang777, 28 October 2009 - 10:55 PM.


#7 AHHHHHHHHelp

AHHHHHHHHelp
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 29 October 2009 - 09:40 PM

Ok, so I was unable to get anyone to help me with getting rid of this System Security / Security Tool Virus on my mom's computer, but no one was able to being I couldn't start windows in safe mode, run ANY executable file, or goto websites. SOOOOOO I took her harddrive out and am going to hook it up as a slave drive on my computer at home. My question is this, what programs or processes should I take to clean off her harddrive of this virus? I haven't tried anything yet, as I'm at work, but will be trying tonight. I already know that some programs like combofix won't work for a slave drive? Or I don't know how I would get them to work on this. Any suggestions? I plan on using malwarebytes and some other spyware programs, but I don't know what else I'll need. Also, would hijackthis work?

Thanks in advance,
Ryan

Edited by Orange Blossom, 30 October 2009 - 09:11 PM.
Merged topics. ~ OB


#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:23 AM

Posted 30 October 2009 - 09:11 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/268166/recently-tried-removing-virut-virus-system-security-virus-is-it-gone/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days, up to two weeks perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users