Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please would you help me


  • Please log in to reply
7 replies to this topic

#1 Randomguy68

Randomguy68

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:41 AM

Posted 05 March 2010 - 11:03 PM

My other laptop recently has been taken over by a virus protector scanner and I can't do anything when I start up my laptop it is the same one from here http://www.bleepingcomputer.com/virus-remo...-protector#keys and it shows that but difference is on my scanner is up the desktop is black and theres no access to anything. Please would you help me.
SPYWARRRRRRRRRRRRRE!!!!

BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:41 PM

Posted 06 March 2010 - 03:13 PM

Hi,

Are you able to boot up in Safe Mode with Networking?

If so, then follow the instructions in that Removal Guide. However, before step 3 do the following:

Please download RKill by Grinler

Link #1
Link #2
Link #3
Link #4
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Download Link #1.
  • Save it to your Desktop.
  • Double click the RKill desktop icon.
    If you are using Vista please right click and run as Admin!
  • A black screen will briefly flash indicating a successful run.
  • If this does not occur please delete that application and download Link #2.
  • Continue process until the tool runs.
  • If the tool does not run from any of the links please let me know
Does that work?

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 Randomguy68

Randomguy68
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:41 AM

Posted 06 March 2010 - 09:19 PM

When i load up my other laptop(the infected one) it pops up virus protector and I alt f4 it shows a completely black screen with no desktop stuff at all. I can boot up safe mode with networking, but after closing the virus thing it's completely blank.
SPYWARRRRRRRRRRRRRE!!!!

#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:41 PM

Posted 07 March 2010 - 05:29 AM

When you boot in safe mode can you do anything - or do you have to close virus protector first? (Which then results in your blank screen?)

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 Randomguy68

Randomguy68
  • Topic Starter

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:41 AM

Posted 08 March 2010 - 01:11 AM

I'm not able to do anything before or after the virus protector shows up.
SPYWARRRRRRRRRRRRRE!!!!

#6 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:41 PM

Posted 08 March 2010 - 04:34 AM

Hi,

OK, with the information you have provided I believe that you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. Help is on the way!

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,995 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:41 AM

Posted 09 March 2010 - 12:13 AM

Hello Randomguy68,

I removed your new topic in the Malware Removal forum as it doesn't include any of the required logs. If I'm interpreting what you have written properly, you are unable to create any logs. I shall contact our first responders to assist you in creating some logs to post in the Malware Removal forum.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#8 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:11:41 AM

Posted 09 March 2010 - 08:30 AM

Hello Randomguy68

Let's take a different approach and see if we can acquire some logs for your new topic.

You will need a clean computer to create this disc...

Print these instruction out so that you know what you are doing
After you have successfully burned the OTLPE ISO to disc you will need to transfer the disc to the CD drive of your sick computer and boot from it.
  • Insert the CD-ROM into the CD-ROM drive, and then restart the computer.
  • If your PC is not booting from the CD, you need to change the boot order:
    • Restart your PC
    • As soon as you get an image, press the Setup key. This is usually F2, or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
    • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
    • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
    • The tab should now show your current boot order.
      If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
    • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.
    • Your PC should now boot from your CD.
    • Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.
  • Please be patient as "Windows" loads
  • Your system should now display a REATOGO-X-PE desktop.
  • Double click on the Posted Image icon on your desktop.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Under "Extra Registry" please check "Use Safelist" and also check "LOP Check" and "Purity Check" as pictured.Posted Image
    • Copy and Paste the following code into the Posted Image textbox. Do not include the word "Code"

      Please note: Double click the Firefox Icon on the desktop to connect to this thread if you have a Wired connection otherwise you can use a flash drive and copy this script into a txt file from a clean computer to transfer to this computer.

      netsvcs
      msconfig
      safebootminimal
      safebootnetwork
      activex
      drivers32
      %ALLUSERSPROFILE%\Application Data\*.
      %ALLUSERSPROFILE%\Application Data\*.exe /s
      %APPDATA%\*.
      %APPDATA%\*.exe /s
      %SYSTEMDRIVE%\*.exe
      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      /md5stop
      %systemroot%\*. /mp /s
      %systemroot%\system32\*.dll /lockedfiles
    • Push Posted Image
    • When finished, the file will be saved in drive C:\OTL.txt
    • Please create a new topic HERE and post the contents of the C:\OTL.txt file in this new topic along with a link to this topic. Do not post the logs in this topic
    • Copy this file to your USB drive if you do not have an internet connection.
Let me know if you have issues.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users