Can't get rid of malware

Solved/Closed
j_winn - Jun 24, 2010 at 01:16 PM
 JazzBass - Jun 7, 2011 at 10:25 PM
Hello,

My lap top's system is windows XP. I have some sort of anti-virus malware that won't allow me to get any access to my computer, although I didn't catch the name of the malware. When I log in using the regular boot-up a fake internet porn ad pops up that I can't get rid of, and then in the task bar a pop up says the computer is infected and needs to be cleaned. I've tried logging into "last good configuration" and safe mode. None of these have worked - when I log into the computer normally, everything I try to click, including Start and Task Manager, says it's been disabled or infected. In safe mode nothing pops up except the black screen with the four "safe modes" in each corner, and the fake internet ad. My computer already has malwarebytes installed, but since I can't access anything it's really not helping me. This whole thing started while I was watching tv shows online. If anyone has any idea how to regain access to my computer I would be soo thankful.

Thanks

2 responses

mrrigga Posts 196 Registration date Wednesday May 5, 2010 Status Contributor Last seen July 14, 2010 119
Jun 24, 2010 at 03:42 PM
Give this article a try in http://www.malwarehelp.org/cannot-boot-into-safe-mode-2010.html
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,166
Jun 24, 2010 at 04:23 PM
Greetings mrrigga,

Permit me to introduce myself into this thread.

After carefully have read j_winn's account, I came to the conclusion that a rogue trojan horse has infected the system.

If you agree, I suggest the following solution which has proven itself to be successful in removing all rogue trojan horses.

Please follow the following procedure carefully and to the letter.

You have a rogue virus Trojan Horse which is self protective, thus it will prevent any antivirus from fonctionning.

You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.

To kill the processes:

1. Download to your desktop and run Rogue Kill:

https://download.bleepingcomputer.com/grinler/rkill.com

2. You should now see a window that shows all of your desktop icons, including the rkill.com program.

3. Double-click on the rkill.com in order to automatically attempt to stop any processes associated with the Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.

If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the Horse when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the processes . So, please try running Rkill until malware is no longer running.

As a matter of a fact, if you get messages, it is a sign that the virus is agonizing with excrutiating pain, so you can just grin while it is suffering!:)))

Please, DO NOT REBOOT your computer or the processes will come back to haunt you!

Download to your desktop Malwarebyte.

https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/

Once on your desktop, we must still outwit the virus.

Right click on the MBAM icon and click on rename. Rename it kioskea.exe.

Install Malwarebyte and launch it. From the second tab, update it.

Pretty please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.

Best regards
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 11,166
Jun 24, 2010 at 04:32 PM
Addendum to my message:

It is very important that you let Malwarebyte run for as long as it takes, in some cases the creators of Malwarebyte suggest that you go do something like watch a rerun of "Gone with the Wind" or read Tolstoy's "War and Peace".

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.

(Malwarebyte may reboot your computer, don't be alarmed. Should it happened, relaunch Malwarebyte to complete the FULL scan)

Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with other antivirus applications.

Please let us know about the results or I may throw a curse on your system which will cause to bark all the time.:)))

Best regards
0
mrrigga Posts 196 Registration date Wednesday May 5, 2010 Status Contributor Last seen July 14, 2010 119
Jun 25, 2010 at 03:17 PM
Dont upset Ambucias because he bites too.
If anyone knows how to remove viruses this man does. So follow his instructions and I am sure he will have the cure.
Good Luck
0
Thank You oh Great One. First time I have ever gotten rid of a malware virus without having to restore my system. Greatly appreciated. Thanks
0