Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Infection


  • Please log in to reply
8 replies to this topic

#1 tvarnell

tvarnell

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 17 June 2011 - 11:29 PM

Greetings,

I have been infected by the Security Protection/Windows XP Repair Malware. I cannot see my desktop icons, or access any of my files. I have tried starting my computer in "safe mode", but the malware is still there and prevents me from running malwarebytes, rkill, unhide.exe or any other remedies I have reviewed on this site (and others). Please help....it is greatly appreciated!

BC AdBot (Login to Remove)

 


#2 tvarnell

tvarnell
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 18 June 2011 - 07:02 PM

Please, can anybody give me a little one on one assistance? I have read the thread(s) concerning this problem and have tried what they instructed. I cannot download Rkill or iexplore.exe. I was able to download malewarebytes and run successfully, but files are still flagged as hidden, IE explorer is still acting funny and my desktop is blank, except for programs I've managed to download, since getting infected. Please....can anybody help me?

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:43 AM

Posted 18 June 2011 - 10:10 PM

Please wait as I have asked someone to look here.
Do not do any thing until they reply ,thank you.

Edited by boopme, 18 June 2011 - 10:11 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:43 AM

Posted 20 June 2011 - 04:05 PM

Sounds like you still have the infection running. Have you rebooted into safe mode with networking, start mbam, updated the program first, and then performed a scan?

If not, do that and then download unhide and execute that from your desktop:

http://download.bleepingcomputer.com/grinler/unhide.exe

#5 tvarnell

tvarnell
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 21 June 2011 - 08:55 AM

Thank you for responding. I ran mbam which removed most of the infections. I'm guessing the McAffe spoof infections were still present, as I still could not download Rkill, Iexplore, or any other infection fighting programs (mcaffee kept killing them). What's worse is: somewhere along the way I lost my internet connection, and available diagnostics/remedies have not been successful. Also, cannot run system restore, program list is hidden (except for programs downloaded since infection), some desktop icons still have not reappeared, and files are still flagged as hidden. Thank you, again, for your assistance.

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,504 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:43 AM

Posted 21 June 2011 - 09:41 AM

Well mcafee is probably doing a false positive on them. I will see what I can do about clearing it up.

Try running the following and seeing if that fixes your missing start meun:

http://download.bleepingcomputer.com/grinler/beta/unhide.exe

#7 tvarnell

tvarnell
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 21 June 2011 - 03:57 PM

thanks again for all your help. I was able to execute unhide.exe (by loading onto flash drive from uninfected computer) - thanks!. I was (finally) able to run iexplore.exe successfully (same process - flash drive, and after disabling Mcaffe), and had internet temporarily. Internet Explorer is down again. I transferred TDSSKiller via flashdrive and tried to run (unzipped, renamed) but it wouldn't start. Ran GMER, but (I'm guessing) it didn't detect any issues, as I did not receive any warning messages or prompts to resolve any issues. Please advise. Thank you so much for your valuable time!

#8 tvarnell

tvarnell
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 22 June 2011 - 07:53 AM

Any additional direction that you could provide would be greatly appreciated!

#9 invision

invision

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:05:43 AM

Posted 22 June 2011 - 08:02 AM

tvarnell please follow these steps

http://www.bleepingcomputer.com/virus-removal/remove-windows-xp-recovery




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users