Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected with virus


  • Please log in to reply
2 replies to this topic

#1 rns25

rns25

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 13 March 2010 - 07:01 PM

Hi,

I am looking at a friend's computer, and it seems that they are infected with malware. Rather than do what I did to my comp, I thought I would consult here for any suggestions.

A weird process I cannot quit is called "avast.setup."
There were also messages like "Critical Update Information!" and an "Avast" antivirus pop up message.

It does not allow installation or execution of Malwarebytes, and it redirects search engines.

The startup utility shows a random eight letter process called "vufimihe," executing from the windows folder.
Vundofix turns up nothing.

They are running XP home edition, SP3

BC AdBot (Login to Remove)

 


#2 jackbrennan

jackbrennan

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Trondheim
  • Local time:07:39 PM

Posted 13 March 2010 - 07:11 PM

Download Rkill.exe (Link below) and when you log into windows run Rkill.exe from a usb flash drive* and then try to install the antimalware package: Rkill terminates any unknown processes (malware) which in turn should give you enough control over your computer to install Mbam and other tools you are planning to use to remove the spyware!

http://www.technibble.com/rkill-repair-tool-of-the-week/

*If you cannot open My computer, type: Windows Key + R to bring up the run box and then type the drive letter of your flash drive example E: and then Rkill.exe. Which would be E:\rkill.exe.

Edited by jackbrennan, 13 March 2010 - 07:14 PM.

Australia by birth, Norway by marriage.

#3 rns25

rns25
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 13 March 2010 - 07:17 PM

Thanks, I have RKill on my flash drive already, and I used it before, but I wasn't able to install Malwarebytes.

I tried it again though and it worked.

By the way, I also cannot uninstall a program called "Antivirus Pro." I know avast itself isn't harmful, but I don't think it's the actual program that's causing these "virus alert" popups.

Nevermind, I thought it had worked, but it didn't. It still won't let me launch or update Malwarebytes. It deletes it immediately.

Edited by rns25, 13 March 2010 - 07:20 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users