Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with rogue antivirus malware


  • This topic is locked This topic is locked
4 replies to this topic

#1 kricks808

kricks808

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 29 December 2010 - 01:02 AM

Hi,
So, I read the Preparation Guide and I know I'm supposed to accompany this post with a log, enable my firewall, and disable my cd emulation software, but I haven't been able to do all that because the rogue virus that has infected my computer doesn't let me launch anything. I can't open antivirus programs, system restore, task manager, or any application for that matter. I can't run in safe mode either. When I try to launch something it displays the message: "Application cannot be executed. The file <filename>.exe is infected. Do you want to activate your antivirus software now?" My internet browser will open, but it only goes to a site where I can purchase antivirus software, but I know enough to realize it's bogus, so I have not purchased it. A bunch of warnings will pop up saying that my computer is infected and encouraging me to activate antivirus software, all of which lead back to the website with the bogus software. Sometimes the browser will randomly open up and go to viagra or porn sites. :wacko: I'm doing research and typing this from another computer.

I did some google searching and found out it's a rogue malware virus. Further searching lead me to howtogeek.com, which later lead me here to this site. I tried SUPERAntiSpyware as howtogeek.com advised. Downloaded it onto a usb drive from a different computer, then tried to launch it on the infected computer, but got the same "Application cannot be executed..." message. So then howtogeek said that ComboFix would be the next step, which brought me to this site. I read the warning that I shouldn't run it unless advised by a helper, so here I am, asking for advice.

The infected computer is a Dell desktop computer that runs Windows Vista. Not sure what other info to provide...

Please help! So stressed out about this stupid rogue malware thing. Thanks

BC AdBot (Login to Remove)

 


#2 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:12:47 PM

Posted 05 January 2011 - 11:05 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic and do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Shannon

#3 kricks808

kricks808
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:47 AM

Posted 06 January 2011 - 12:51 AM

I see. Well, I think in my situation I'd best seek help elsewhere since I can't figure out how to get around the virus disabling my applications and do the log and other things you need in order to help me.

Thanks anyway, and I think you guys are really generous to offer help the way you do.

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:47 AM

Posted 06 January 2011 - 05:42 PM

Hello kricks808,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • Finally, please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


If you still need our help please let us know.

Please try and run DDS and Gmer is Safemode.

Now reboot into Safe Mode.
This can be done tapping the F8 key as soon as you start your computer
You will be brought to a menu where you can choose to boot into safe mode.
Make sure you choose the option without networking support.
Please see here for additional details.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:47 AM

Posted 08 January 2011 - 05:48 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users