"Defender" malware has taken over my computer

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by kacieap, Jul 7, 2011.

  1. kacieap

    kacieap Private E-2

    Last night my computer was taken over by a proported Security program called "defender malware protection". At this point I can not open any programs including my Microsoft security program. When I try to open any program I get an error saying that the program can't run because my computer is infected with a virus and i must activate the defender security program.
    I also can not uninstall the program or any other program. All I can do is view files, I can also copy and paste the (thank goodness) to a flash drive. I disconnected the computer from the internet but i can not perform any of your malware removal tips because i can not uninstall programs or run an ant
    i virus program.
    Does anyone know what I can do to remove this?
     
    kacieap, Jul 7, 2011
    #1
  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Welcome to MajorGeeks!

    Please reconnect your pc's to the internet and re-boot your machine into "Safe Mode with Networking".

    *Detailed instructions are found here: http://www.computerhope.com/issues/chsafe.htm

    Now download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 8 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click and choose Run as Administrator


    You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
    1. Rkill.exe
    2. Rkill.com
    3. Rkill.scr
    4. Rkill.pif
    If you are having problems running Rkill, try downloading one of these renamed copies of RKill.com
    Once you've gotten one of them to run then try to immediately run the following.

    Now download and Run exeHelper from Raktor
    • Please download exeHelper to your desktop.
    • Double-click on exeHelper.com to run the fix.
    • A black window should pop up, press any key to close once the fix is completed.
    • A log file named log.txt will be created in the directory where you ran exeHelper.com
    • Attach the log.txt file to your next message.
    Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

    If you already have them installed, be sure to update Malwarebytes and SUPERAntiSpyware before the scan!

    Now run this: Using Malwarebytes Anti-Malware

    Then run this: SUPERAntiSpyware - running & getting a log

    Next run this: Using MGtools

    Now you need to attach (See: HOW TO: Attach Items To Your Post ) the below logs created while running the above scans
    • exeHelper log
    • Malwarebytes Anti-Malware log
    • SUPERAntiSpyware log
    • MGlogs.zip - normally it is C:\MGlogs.zip - only attach this log from MGtools.exe DO NOT attach any logs seen in the MGtools folder.
     
    Last edited: Jul 8, 2011
    dr.moriarty, Jul 7, 2011
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds