Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Internet Security 2010 Trojans


  • Please log in to reply
11 replies to this topic

#1 jimjimaustin

jimjimaustin

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 15 December 2009 - 03:37 PM

I'm infected with the Internet Security 2010 trojan and after searching your site, I downloaded the malwarebytes setup and installed it, but when I went to doubleclick the icon to start it up, it says it couldn't find the program. I attempted to do this a few times. Any reason why this wouldn't work, or are there other full instructions to automatically get rid of this program? I use McAfee and Spyware Doctor.

Thank you

BC AdBot (Login to Remove)

 


#2 techextreme

techextreme

    Bleepin Tech


  • BC Advisor
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:17 PM

Posted 15 December 2009 - 03:41 PM

You might want to have a look at the instructions posted here.

Read carefully and pay close attention to details. You should be able to remove it with these instructions.

If that is not the case, please post back.

Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca

 


#3 jimjimaustin

jimjimaustin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 15 December 2009 - 04:20 PM

Thanks. These are the instructions I used. I'll try again tonight. When I doubleclicked on the mbam-setup.exe shortcut on my desktop that I downloaded, it says it couldn't find the application. Not sure if it was removed by Spyware Dr or McAfee or the trojan or if that was even possible?

#4 techextreme

techextreme

    Bleepin Tech


  • BC Advisor
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:17 PM

Posted 15 December 2009 - 05:35 PM

You may want to try downloading Malwarebytes and renaming it to something like newsetup.exe. Something completely off the wall. That way any spyware or malware on your computer may leave it alone during install.

Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca

 


#5 jimjimaustin

jimjimaustin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 December 2009 - 08:49 AM

I tried to do that and it wouldn't work. I was able to download the rkill.com and run that program, but couldn't get the anti-malware program to work. I tried to then get on the Internet to try and download it again, and my computer kept locking up, so I manually re-booted my CPU, but now I can't even get my computer to turn back on. Everytime I try to turn it on, nothing happens. I can press F8 in the very beginning and it brings up some options, but I'm not sure what to do next.

#6 techextreme

techextreme

    Bleepin Tech


  • BC Advisor
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:17 PM

Posted 16 December 2009 - 09:17 AM

Ok. Reboot your computer in "safe mode".

When you get to your desktop, run rkill.com. Once that completes, once again install Malwarebytes from the "newsetup.exe" file that you just downloaded.

Open malwarebytes and click on the settings tab. Make sure you put a check next to: Terminate Internet Explorer during removal.

Go back to the scanner tab and run a full scan on your computer. When it is finished, allow malwarebytes to remove the entries shown to be malware or malicious ( everything in the list ). If Malwarebytes asks you to reboot to complete the cleaning, allow it to reboot.

Let your computer reboot in normal mode. Once your desktop is visable, once again, open malwarebytes and click on the update tab.

Click Check for Updates. After the updates have been downloaded and applied, once again run a Full Scan of your system. Once complete, allow malwarebytes to remove everything in the list and if it needs to reboot, allow it.

Once rebooted, go here and download Dr. Web CureIT.

Download this to your desktop. It will be a strange file name ( i.e. 23ewt48d.exe ) as this is done purposely. The icon will look like a spider.

Open Dr Web CureIT and you will be presented with a screen asking you to view the purchase terms. Click on Cancel. Next, click on Start. You will be given another screen stating what Dr. Web CureIT is about to perform on your computer and asked if you want to "start scan now". Click OK to this and allow the scan to run.

Let me know if you have any problems.

Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca

 


#7 jimjimaustin

jimjimaustin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 December 2009 - 09:53 AM

Thanks. I'll try that later when I get home. Do I have to do anything special to reboot in safe mode, besides pressing F8 right away when I turn the CPU on? I thought I tried that last night, and it didn't work, but I'm not 100% certain

#8 techextreme

techextreme

    Bleepin Tech


  • BC Advisor
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:17 PM

Posted 16 December 2009 - 10:18 AM

Booting into safe mode is actually quite simple.

Turn your computer on, start tapping the F8 key. If you see something like a boot menu and not the options for Safe Mode, Safe Mode Command prompt only, and so on, then your BIOS conforms to the F8 Boot menu options standard.

In this case, Select "Boot from hard drive", hit enter and again immediately start tapping F8 again. This will bring up the Boot Options for Windows ( i.e. Safe Mode, Safe Mode Command Prompt Only and so on ).

Hope this helps,

Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca

 


#9 jimjimaustin

jimjimaustin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 17 December 2009 - 11:16 PM

I tried to get in via safe mode and it still wouldn't work, the computer wouldn't boot up. it came up with about 14 instances of this:



Multi(0)disk(0)rdisk(0)partition(2)/windows/system32/ntoskrnl.exe or some .dll or some .sys

and then just sat there

#10 techextreme

techextreme

    Bleepin Tech


  • BC Advisor
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:17 PM

Posted 20 December 2009 - 09:11 AM

You may want to try running SafeBootKey Repair. This can be found here.

•Please download Safe Boot Key Repair and save it to your desktop.
•Run SafeBootKeyRepair by double clicking on it or Right-click on it and click Open. If you are using Vista, please right-click and choose run as administrator...•A black command prompt window shall appear with the message "Please Wait..."
•It will now begin to scan, please be paitent while it scans The scan should take no longer than 1 minute
( Instructions thanks to extremeboy )

Once SafebootKeyRepair has finished, reboot your computer in SafeMode and once again follow the instructions I posted here.

Hope this helps,

Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca

 


#11 jimjimaustin

jimjimaustin
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 23 December 2009 - 08:37 AM

Hi. Thanks for the info. I'm going to have one of my friends look at it. He's able to fix these types of problems more effectively than I would. Thanks for your help

#12 techextreme

techextreme

    Bleepin Tech


  • BC Advisor
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:12:17 PM

Posted 23 December 2009 - 01:42 PM

Sounds good. If you still need help, come on back.

:thumbsup:

Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users