Wildman0420
2010-03-13, 20:12
Hey guys, need some of your ninja like skills to help me out here. The problem lies here with my 80 year old grandfathers computer. He's pretty internet savvy for an old man, but seems to have gotten his pc pretty screwed up, dispite running AVGFree and Spybot S&D.
The first sign of any problems was when searching, he would be redirected to another page, and forced to research to get to the page he was searching for. Thas was annoying, but didn't stop him all together. However, last night a fake antivirus popped up called "Security Tool". He was smart enough to know that this wasn't his antivirus so he tried to run AVG scan to find that everyhing was locked out on him. When I got here to look at it I found that even taskmgr and regedit were blocked. This fake AV kept calling all .exe's viruses. Safe mode when I attempted it, just going into a reboot loop. Luckily after a short while, AVG seems to have noticed that this malicious program was running, and has stopped it from running. However I belive there is still something wrong here, as the web redirects still happen, and the fake AV is still listed in my start menu. I await your skilled advice guru's, please help a grandson help his grandpa!
HJT Log attached
The first sign of any problems was when searching, he would be redirected to another page, and forced to research to get to the page he was searching for. Thas was annoying, but didn't stop him all together. However, last night a fake antivirus popped up called "Security Tool". He was smart enough to know that this wasn't his antivirus so he tried to run AVG scan to find that everyhing was locked out on him. When I got here to look at it I found that even taskmgr and regedit were blocked. This fake AV kept calling all .exe's viruses. Safe mode when I attempted it, just going into a reboot loop. Luckily after a short while, AVG seems to have noticed that this malicious program was running, and has stopped it from running. However I belive there is still something wrong here, as the web redirects still happen, and the fake AV is still listed in my start menu. I await your skilled advice guru's, please help a grandson help his grandpa!
HJT Log attached