Virus wont let me run any programs
Solved/Closed
Related:
- What is the risk of turning off messages about virus protection
- Goose virus - Download - Other
- Ntuser.dat virus - Guide
- How to turn off location in viber messages - Guide
- Can jpg have virus - Guide
- K9 web protection - Download - Networks
5 responses
Hello
Here is how to get rid of this scam rogue virus designed to get to your credit card account and it is a good thing you did not fall for it.
Please follow the following procedure carefully and to the letter.
You have a rogue virus Trojan Horse which is self protective, thus it will prevent any antivirus from fonctionning.
You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.
To kill the processes:
Boot in safe mode with networking.
1. Download to your desktop and run Rogue Kill:
https://download.bleepingcomputer.com/grinler/rkill.com
2. You should now see a window that shows all of your desktop icons, including the rkill.com program.
3. Double-click on the rkill.com in order to automatically attempt to stop any processes associated with the Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.
If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the Horse when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the processes . So, please try running Rkill until malware is no longer running.
As a matter of a fact, if you get messages, it is a sign that the virus is agonizing with excrutiating pain, so you can just grin while it is suffering!:)))
Please, DO NOT REBOOT your computer or the processes will come back to haunt you!
Download to your desktop Malwarebyte.
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Once on your desktop, we must still outwit the virus.
Right click on the MBAM icon and click on rename. Rename it kioskea.exe.
Install Malwarebyte and launch it. From the second tab, update it.
Pretty please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.
It is very important that you let Malwarebyte run for as long as it takes, in some cases the creators of Malwarebyte suggest that you go do something like watch a rerun of "Gone with the Wind" or read Tolstoy's "War and Peace".
Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.
This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.
(Malwarebyte may reboot your computer, don't be alarmed. Should it happened, relaunch Malwarebyte to complete the FULL scan)
Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with other antivirus applications.
Please let us know about the results or I may throw a curse on your system which will cause to bark all the time.:)))
Hello if you still cant get to your internet please do this to get it back on as the Rouge Trojan may turned it on to stop you getting access to the internet to download anything from it.....
Removing proxy settings will allow you to properly connect to the Notre Dame network which does not require a proxy.
1. Open Internet Explorer
2. Click on the "Tools" menu at the top of the screen and select "Internet Options".
3. Click on the "Connections" tab and then the "LAN Settings" button near the bottom.
1.
4. In the next window, uncheck the box labled "Use a proxy server for your..." Local Area Network and then click "OK".
# Under the Safari menu go to Preferences.
# Click on the Advanced tab.
# Click the Change Settings button.
# In the Select a Proxy Server to Configure box make sure that all boxes are UNCHECKED.
# Click the red circle in the Network box to close it.
# Click the red circle in the Preferences box to closeit.
This should disable proxy settings in Safari. If you have any questions please contact us on here for more help.
as I had this one but under a different name is was called AV security suit 2010
Best regards,
Here is how to get rid of this scam rogue virus designed to get to your credit card account and it is a good thing you did not fall for it.
Please follow the following procedure carefully and to the letter.
You have a rogue virus Trojan Horse which is self protective, thus it will prevent any antivirus from fonctionning.
You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.
To kill the processes:
Boot in safe mode with networking.
1. Download to your desktop and run Rogue Kill:
https://download.bleepingcomputer.com/grinler/rkill.com
2. You should now see a window that shows all of your desktop icons, including the rkill.com program.
3. Double-click on the rkill.com in order to automatically attempt to stop any processes associated with the Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.
If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the Horse when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the processes . So, please try running Rkill until malware is no longer running.
As a matter of a fact, if you get messages, it is a sign that the virus is agonizing with excrutiating pain, so you can just grin while it is suffering!:)))
Please, DO NOT REBOOT your computer or the processes will come back to haunt you!
Download to your desktop Malwarebyte.
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Once on your desktop, we must still outwit the virus.
Right click on the MBAM icon and click on rename. Rename it kioskea.exe.
Install Malwarebyte and launch it. From the second tab, update it.
Pretty please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.
It is very important that you let Malwarebyte run for as long as it takes, in some cases the creators of Malwarebyte suggest that you go do something like watch a rerun of "Gone with the Wind" or read Tolstoy's "War and Peace".
Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.
This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.
(Malwarebyte may reboot your computer, don't be alarmed. Should it happened, relaunch Malwarebyte to complete the FULL scan)
Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with other antivirus applications.
Please let us know about the results or I may throw a curse on your system which will cause to bark all the time.:)))
Hello if you still cant get to your internet please do this to get it back on as the Rouge Trojan may turned it on to stop you getting access to the internet to download anything from it.....
Removing proxy settings will allow you to properly connect to the Notre Dame network which does not require a proxy.
1. Open Internet Explorer
2. Click on the "Tools" menu at the top of the screen and select "Internet Options".
3. Click on the "Connections" tab and then the "LAN Settings" button near the bottom.
1.
4. In the next window, uncheck the box labled "Use a proxy server for your..." Local Area Network and then click "OK".
# Under the Safari menu go to Preferences.
# Click on the Advanced tab.
# Click the Change Settings button.
# In the Select a Proxy Server to Configure box make sure that all boxes are UNCHECKED.
# Click the red circle in the Network box to close it.
# Click the red circle in the Preferences box to closeit.
This should disable proxy settings in Safari. If you have any questions please contact us on here for more help.
as I had this one but under a different name is was called AV security suit 2010
Best regards,
kristain
Posts
69
Registration date
Friday March 12, 2010
Status
Member
Last seen
May 30, 2011
20
Jul 6, 2010 at 06:29 AM
Jul 6, 2010 at 06:29 AM
* Download and install Malwarebytes' Anti-malware.
http://www.iyogi.ca/virus-removal-support/ad-aware-support.html
* Restart your computer and press "F8" repeatedly before you see the Windows logo. This will bring you to the Windows Advanced Options Menu.
* Scroll down the menu and select "Safe Mode" to log into Windows Safe Mode.
* Launch your antivirus program. Perform a full system scan and delete all malicious files.
* Launch Malwarebytes' anti-malware and click the "Perform quick scan" radio button. Click "Scan." Malwarebytes will scan the system for malicious malware.
* Click "OK" when the scan is complete, then click "Show scan results." Place a check on all the detected malware and click "Remove selected." Malwarebyte's will remove all detected malware.
* Restart your computer normally to complete the process.
http://www.iyogi.ca/virus-removal-support/ad-aware-support.html
* Restart your computer and press "F8" repeatedly before you see the Windows logo. This will bring you to the Windows Advanced Options Menu.
* Scroll down the menu and select "Safe Mode" to log into Windows Safe Mode.
* Launch your antivirus program. Perform a full system scan and delete all malicious files.
* Launch Malwarebytes' anti-malware and click the "Perform quick scan" radio button. Click "Scan." Malwarebytes will scan the system for malicious malware.
* Click "OK" when the scan is complete, then click "Show scan results." Place a check on all the detected malware and click "Remove selected." Malwarebyte's will remove all detected malware.
* Restart your computer normally to complete the process.
Gervarod
Posts
306
Registration date
Saturday March 27, 2010
Status
Member
Last seen
June 8, 2014
21
Jul 6, 2010 at 12:37 PM
Jul 6, 2010 at 12:37 PM
hello ginghung is your problem been fixed if not pleas reply back for help on this forum just click on Add comment and you will get a reply back from one of use.
Regards, Gervarod
Regards, Gervarod
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Jul 22, 2010 at 06:56 AM
Jul 22, 2010 at 06:56 AM
Gervarod! Bravo! You must now have writer's cramps after all this typing you did! :))) Thank you!
Gervarod
Posts
306
Registration date
Saturday March 27, 2010
Status
Member
Last seen
June 8, 2014
21
Jul 25, 2010 at 09:59 AM
Jul 25, 2010 at 09:59 AM
well maybe try to get another computer or laptop and download the files from there to then burn them to a CD and then install them on your infected computer
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Aug 7, 2010 at 05:21 AM
Aug 7, 2010 at 05:21 AM
Hello Iceman alias Jarhead,
1. Restart your computer. As your computer restarts but before Windows launches, tap "F8" key constantly. Use the arrow keys to highlight the "Safe Mode with Networking" option
2. Open Internet Explorer. Click on the Tools menu and then select internet options.
3. In the the Internet Options window click on the Connections tab. Then click on the LAN settings button.
4. Now you will see Local Area Network (LAN) settings window. Uncheck the checkbox labeled Use a proxy server for your LAN under the Proxy Server section and press OK.
Now you should be able to download and run RKill and follow the remainder of Gervarod's solution.
Good luck
1. Restart your computer. As your computer restarts but before Windows launches, tap "F8" key constantly. Use the arrow keys to highlight the "Safe Mode with Networking" option
2. Open Internet Explorer. Click on the Tools menu and then select internet options.
3. In the the Internet Options window click on the Connections tab. Then click on the LAN settings button.
4. Now you will see Local Area Network (LAN) settings window. Uncheck the checkbox labeled Use a proxy server for your LAN under the Proxy Server section and press OK.
Now you should be able to download and run RKill and follow the remainder of Gervarod's solution.
Good luck
Didn't find the answer you are looking for?
Ask a question
Goto Start menu-Run.And then type in Cmd.exe incase ya don't know the first procedure.
Then type c:
then cd\
and dir/a:h "to check for the hiden files" or dir/a/s
then the appeared files, incase they are under "filename.exe"
then type "type filename.exe"
if return code is staring with following "MZE" then it is a virus......
So, destruction now__________
1."attrib filename.exe -s -r -h -a /s"
2.erase /q/s/f filename.exe
3. Okay find out the rest, but the best on the table.
Then type c:
then cd\
and dir/a:h "to check for the hiden files" or dir/a/s
then the appeared files, incase they are under "filename.exe"
then type "type filename.exe"
if return code is staring with following "MZE" then it is a virus......
So, destruction now__________
1."attrib filename.exe -s -r -h -a /s"
2.erase /q/s/f filename.exe
3. Okay find out the rest, but the best on the table.
Jul 21, 2010 at 06:09 PM
Jul 21, 2010 at 09:04 PM
Aug 2, 2010 at 01:13 PM
Aug 2, 2010 at 03:53 PM
Gervarod is little genius disguised in a Koala skin.
Just pay to the next
Aug 3, 2010 at 10:06 AM