Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Severe repeated infection, malware/ransomware


  • Please log in to reply
2 replies to this topic

#1 Salival

Salival

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 19 January 2010 - 03:10 AM

I have done the best I can on my own, and I am not getting anywhere.

Over the past few months I have had alot of trouble with malware ransoming my computer. It usually starts out with some fake virus protection warnings etc and after a few reboots my system is totally screwed up.

Last time it got so bad I couldnt boot up, it went straight to blue screen before even attemtping to start Windows. Had to ultimately wipe everything and start from scratch.

I do not understand how this keeps happening, as I run MBAM and SAS on a regular basis, and also have virus protection in the form of Shaw Secure (from my ISP, created by F-Secure, i know, not the best)

Anyway right now it is at it again, cannot run most programs, I get a dll or image not valid message. There is a little red X in the bottom right on task bar, that keeps asking me to activate virus protection, but even clicking OK doesnt do anything. I can run scans with SAS and MBAM and it always finds things, such as Trojan.Vundo, Trojan.fakealert.BTQ, gen.trojan.heur, rogue.w32 etc etc, so i get rid of them, reboot and things just keep getting worse. I can no longer update SAS or MBAM because my connection is ransomed, but I believe I have the latest versions anyway.

Why cant MBAM and SAS get rid of my problems, despite repeatedly finding and removing these threats?
What do I do next as I am fearing another wipe?

I am extremely frustrated and would appreciate any insight or help.

Thank You!

~Adam

BC AdBot (Login to Remove)

 


#2 Salival

Salival
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 19 January 2010 - 04:06 AM

I just want to add a little bit more information to my above post.

I am running Windows XP. My background has been changed to blue, and I am unable to change it to anything else.

I just finished running MBAM and SAS full scans again, 3rd or 4th time this evening. Found Trojan.FakeAlert (cannot remove, delete on reboot) and a pair of Warning.html files.

Rebooted, and, as usual, my virus program (from F-Secure) identifies a threat (FakeAlert.BTQ) and attempts to remove it, then asks for a reboot. Error message keeps popping up anytime a programs trys to run: "The application or DLL C:\Windows\system32\helper32.dll is not a valid Windows image..."

No internet..etc. Rinse, repeat and so on. At least I can still boot up, and hopefully will be able to fix this before it's too late again.

Thanks again

~Adam

#3 Salival

Salival
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 19 January 2010 - 11:40 AM

Woke up this morning on the right side of the bed hoping my problems would disappear, to no avail.

Same cycle, when I boot up and scan I keep finding the same threats, so I get rid of them, reboot, and scan, find the same threats etc etc.

Can anyone help?

Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users