Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware that looks like an AV program on vista laptop


  • Please log in to reply
6 replies to this topic

#1 BrownDevil

BrownDevil

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 11 January 2010 - 08:50 PM

Hi,


Came across that same annoying fake virus scanner thing that blocks all apps about 5 seconds after start-up right...
I used CCleaner in the startup folder, and it ran when I restarted.
That went fine. Then I put the malwarebytes install file in startup and it was blocked not by that fake AV thing, but windows defender. It allowed me to see the blocked startup programs, and it was in there, I clicked allow and it installed.
Next reboot I put the actual Malwarebytes icon in startup, and this time it won't let me cuz of stupid windows defender. I tried everything I can to disable that win def, and the one time I think I was quick enough to load it, it failed with some time of visual basic error or maybe it was a run time error...
I've since tried malwarebytes and ran as admin since it's vista, but it's not quick enough before that stuff blocks it.

I've never used Vista before but I already hate it. When I try to run ANY app, some stupid thing asking me to confirm pops up, and I have to click it every time just to load anything. This went on for about a dozen reboots and failed attempts. Finally I surrenderd and got the hijackthis to run and here is the log. Thanks in advance.
Robert

---------------------------
HJT Log removed-not allowed in this forum

Edited by garmanma, 12 January 2010 - 01:11 PM.


BC AdBot (Login to Remove)

 


#2 trev47

trev47

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 11 January 2010 - 10:53 PM

Try downloading rkill to your desktop from one of the following links. Double click the file and a black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. If it does not work, then download the next file and try again.
try this one http://download.bleepingcomputer.com/grinler/rkill.pif
or this http://download.bleepingcomputer.com/grinler/rkill.scr
or this http://download.bleepingcomputer.com/grinler/rkill.exe
or this http://download.bleepingcomputer.com/grinler/rkill.com

Now, download Malwarebytes from http://malwarebytes.org/ update it and run a full scan. Remove any infections found and post the results in your next reply.

#3 BrownDevil

BrownDevil
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 11 January 2010 - 11:15 PM

Did the trick!!
You rock! :thumbsup:

#4 trev47

trev47

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 11 January 2010 - 11:49 PM

Glad it worked. You should run a scan at http://www.eset.com/onlinescan/ to verify that you are clean.

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:09 PM

Posted 12 January 2010 - 12:30 AM

Actually you should post the MBAM log so we can see what was found on here and know what else is going on.
Do run the ESET scan also

I recommend that you both read this topic. It is Pinned at the top of this forum for a reason. Non Staff aren't permitted to reply to posted HJT logs.

How do I get help? Who is helping me?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 BrownDevil

BrownDevil
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 12 January 2010 - 12:34 AM

I fixed it and gave it back to my daughter and off she went. I will post it when she comes back.

Not to hijack my own thread, but I also posted a redirect thread on here I could sure you help with :thumbsup:

Linky

#7 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:02:09 PM

Posted 12 January 2010 - 01:19 PM

Not to hijack my own thread, but I also posted a redirect thread on here I could sure you help with


That one is properly posted in the Hijack This forum
The only members who are allowed to respond there are HJT team members who have gone through rigorous training learning how to get rid of the most stubborn infections out there
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users