AV Securiy suite, Fake Windows Security, "File is Infected" etc.HELP!...

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by milmat1, Jun 12, 2010.

  1. milmat1

    milmat1 Private E-2

    The infected laptop will not connect to internet so i'm struggling here to get you the data.

    I have AV Security Suite in the taskbar, Also have "Windows Security" Warnings (fakes) and when I open anything I get the "File is infected " etc.

    Task mngr will not open unless I start it right at boot time. Otherwise it will open for a millisecond and close right back down..


    Super antiSpyware finds the AV SECURITY SUITE and says it is removing it, As soon as I reboot It's back.

    Symantac AV Finds nothing on a full scan. (Suprising!)

    I have ran CC cleaner, HJthis, SuperAntiSpyware, and Symantec AV..

    I have a log from superantiSpyware and HJ this. I'm trying to post.
    I can't download anything to the infected PC because even though I have a valid connection, and I CAN ping wbsites. When I open I.E It just says it cannot display website.

    XP Professional and I.E. 8 On infected pc..

    Please bear with me here, Some of the Instruction list I see posted here look like chinese Math problems to me...


    I really need this laptop to be able to troubleshoot a PLC tomorrow....Hopefully !
     

    Attached Files:

    milmat1, Jun 12, 2010
    #1
  2. milmat1

    milmat1 Private E-2

    Screen shot after reboot..
     

    Attached Files:

    milmat1, Jun 12, 2010
    #2
  3. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hi and welcome. :)

    Well you are using another PC now to communicate here, so what I would advise is that you transfer ALL of the necessary tools that you will need to run our procedures from here onto the sick computer.

    The version of SUPERantispyware that you are using is very out of date, so:

    Important Notice: A new version of SUPERAntiSpyware is available.
    • Please uninstall your current version (this is necessary).
    • Then download this SUPERAntiSpyware
    • Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.
    • After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.
    • Now run a new full scan of your system. And attach this log later.

    Let's have you try this:

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click and choose Run as Administrator

    You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
    1. Rkill.exe
    2. Rkill.com
    3. Rkill.scr
    4. Rkill.pif
    Once you've gotten one of them to run then try to immediately run the following.

    Now download and Run exeHelper from Raktor
    • Please download exeHelper to your desktop.
    • Double-click on exeHelper.com to run the fix.
    • A black window should pop up, press any key to close once the fix is completed.
    • A log file named log.txt will be created in the directory where you ran exeHelper.com
    • Attach the log.txt file to your next message.
    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

    Now run this: Using Malwarebytes Anti-Malware

    Now run this: Using MGtools


    Now you need to attach (See: HOW TO: Attach Items To Your Post ) the below logs created while running the above scans
    • exeHelper log
    • Malwarebytes Anti-Malware log
    • MGlogs.zip - normally it is C:\MGlogs.zip - only attach this log from MGtools.exe DO NOT attach any logs seen in the MGtools folder.
     
    Kestrel13!, Jun 12, 2010
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds