Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Crime and intellectual property section


  • This topic is locked This topic is locked
11 replies to this topic

#1 pixelvoxel

pixelvoxel

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 15 May 2013 - 03:42 PM

Hi there, my computer was infected today with the virus, and I don't really know how to remove it. Other sites didn't help as much. Any advice or help?


Edited by hamluis, 15 May 2013 - 04:06 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:47 AM

Posted 15 May 2013 - 08:31 PM

Welcome aboard p22002758.gif

 

Is the computer bootable in any mode?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 pixelvoxel

pixelvoxel
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 17 May 2013 - 02:16 PM

Safe mode does not work at all, Safe with networking just does the same thing, safe with command prompt just starts it but then restarts the computer within a half second or so. Leaving it alone, of course, goes back to the virus screen.



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:47 AM

Posted 17 May 2013 - 03:10 PM

I'll report this topic to appropriate helpers.

Hold on there....


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 pixelvoxel

pixelvoxel
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 18 May 2013 - 07:10 PM

Ok, thanks



#6 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 19 May 2013 - 05:47 AM

Hi pixelvoxel,

My name is etavares and I'll be helping you with this issue.

 

Let's take the standard approach first.  Please follow the instructions here:

http://www.bleepingcomputer.com/virus-removal/remove-computer-crime-intellectual-property-section

 

Let me know how that goes.  If not, we'll bring out some more advanced tools.  There is also a chance your files are encrypted after that, but I can help restore access to them.

 

I'm also moving this to the Virus Removal Forum.

 

-etavares



If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#7 pixelvoxel

pixelvoxel
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 19 May 2013 - 07:52 AM

Uh.... something weird happened.

Last night, my dad somehow got into the desktop, and did a system restore. But now, when we boot it up, it just shows a black screen with command prompt. I'm pretty sure something happened with the virus, or it is gone, because after a while, an Itunes update reminder shows up (the updater usually shows up when the computer is normal). However, it's only the black screen and the command prompt, nothing else. I'm not sure what to do now...



#8 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 19 May 2013 - 01:24 PM

Hi pixelvoxel,

 

That's expected with this malware.  We'll fix it here.

 

  1. At that prompt, type explorer.exe and press Enter.
  2. You should see your desktop load.  It may take a few seconds.
  3. Download shell.reg from the link:  shell.reg Download Link
  4. Save shell.reg to your desktop.  Double-click to run it.

  5. It will ask you if you want to merge the file into the registry.  Allow it to do so.

  6. Reboot...your desktop should load.

If not, stop here and let me know.  If it loads, then please follow Step 6 (Download and Run DDS) in the link below (just that one step).  In your reply, please copy/paste the two logs directly into your reply.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

 

 

 

-etavares



If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#9 pixelvoxel

pixelvoxel
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 20 May 2013 - 05:59 PM

The method worked successfully! My desktop worked within the bootup, and everything worked as normal. Thank you so much for you help, I greatly appreciate it! 



#10 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 21 May 2013 - 07:45 AM

Hi pixelvoxel,

Great news!  We do not yet know your computer is 100% clean of the virus.  I suggest you follow these instructions and post the logs in a reply to this thread.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

 

-etavares



If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#11 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 24 May 2013 - 04:11 PM

Hi, still there?



If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#12 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:47 AM

Posted 02 June 2013 - 01:42 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users