PDA

View Full Version : Help!!! PLEASE!



xkirs10x
2010-12-12, 02:45
I am using another computer to post this message, not the one that is infected. The infected computer is a Gateway Laptop with Vista Home Premium 64 bit. Ok. So the other day, something popped up on my screen and started to "scan" my computer for viruses. It was call "Action Antivirus". It was popping up porn sites and wouldn't let me use any programs. I ran the computer in safe mode with networking and ran malwarebytes and thought i got rid of the problem. This morning, my computer shuts off by itself. I turn it back on and now its doing basically the same thing (-the porn sites) and its something called "System Tool Warning" and keeps scanning and won't let me access any programs or anything and it says they are all infected. So, i restarted in safe mode with networking and ran malwarebytes. It said that it found one infected item and i removed it and thought that was the end of that. When i restarted in normal mode... "System Tool Warning" was still bringing on its evil. So I again restarted in Safe mode with networking and ran malwarebytes again and it found nothing. I tried to scan with Microsoft Security Essentials and everytime I do that, the computer just shuts off. I tried to post this using the infected computer in safe mode but halfway through the post, the computer shut off. I don't understand why malwarebytes isn't finding anything and the problem isn't going away! Please help me! I don't have the money to take this thing in.

ken545
2010-12-16, 01:14
:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.



Please download rkill (Courtesy of Bleepingcomputer.com).
There are 5 different versions of this tool. If one of them will not run, please try the next one in the list.
Note: Vista and Windows 7 Users must right click and select "Run as Administrator" to run the tool.
Note: You only need to get one of the tools to run, not all of them.




1. rkill.exe (http://download.bleepingcomputer.com/grinler/rkill.exe)
2. rkill.com (http://download.bleepingcomputer.com/grinler/rkill.com)
3. rkill.scr (http://download.bleepingcomputer.com/grinler/rkill.scr)
4. WiNlOgOn.exe (http://download.bleepingcomputer.com/grinler/WiNlOgOn.exe)
5. uSeRiNiT.exe (http://download.bleepingcomputer.com/grinler/uSeRiNiT.exe)


Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message.

Run rkill repeatedly until it's able to do it's job. This may take a few tries.

You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.





Then run Malwarebytes again


Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please

ken545
2010-12-21, 14:05
Still with us ?

xkirs10x
2010-12-21, 15:59
I'm still here, but I broke down and took my computer into the shop. :(
Hopefully I don't get ripped off. Thank you for your time and support. I hope the shop can fix my computer... without charging me a million dollars. Thank you for your time though.

K

ken545
2010-12-21, 19:10
Thanks for letting us know. Good luck with your computer.

Ken