Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SECURITY TOOL protect your pc


  • Please log in to reply
1 reply to this topic

#1 ug39mxa

ug39mxa

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:08 AM

Posted 04 August 2010 - 04:25 PM

Hello Bleeping Computers,

PLEASE HELP! sad.gif It appears that a piece of malware software has magically appeared on the taskbar. It initially looked like a legitimate antivirus software, but upon googling I discovered that this is quite a serious threat! There are two shields in the task bar (bottom right); one red and the other blue. When I hover over these, a random number is displayed (usually begins with 5XXXX, where x are random numbers). I have tried to run add/remove programs from control panel, but this doesn't work. I can't even run microsoft security updates, as this malware blocks and tells me that it's a virus!

After 10 mins or so, the blue screen of death appears with a rather lengthy message, before the computer restarts again!

Please, please help - I'm so worried that my computer will destroy and infect all of my files! sad.gif sad.gif

I eagerly await your reply. Thank you for your consideration!

Regards,

Sara

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:08 PM

Posted 13 August 2010 - 07:03 AM

Hello ug39mxa

Welcome to BleepingComputer smile.gif

Please do the following in Safe Mode with Networking to bypass the malware from blocking it.
You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode with Networking then hit enter.
==========================
  • Download OTL to your desktop.
  • Double click on OTL to run it.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under Custom scan's and fixes section paste in the below in bold

    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll

  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users