| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 114726 | 2010-12-15 01:56:00 | Virus infection | WayneMiddy (14028) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1161717 | 2010-12-15 01:56:00 | This computor comes up with a program called System Tool runs a scan unlessed its stopped, changes the desk top to a message "Warning Your'e In Danger Your Computor ..........etc Have removed HDD scanned with Malwarebytes and Bullguard full scan with both programs nothing found. Many thanks Wayne |
WayneMiddy (14028) | ||
| 1161718 | 2010-12-15 02:02:00 | Disable system restore then try again. Do a full not quick scan | Speedy Gonzales (78) | ||
| 1161719 | 2010-12-15 02:02:00 | I have found a few trojans and malware only can be found when the machine is running and you are logged in | nedkelly (9059) | ||
| 1161720 | 2010-12-15 02:15:00 | Wouldn't allow me to install Malwarebytes or Ccleaner so i plugged HDD into encloser and into USB port do i still need to disable system restore when the OS is not being used? Thanks Wayne |
WayneMiddy (14028) | ||
| 1161721 | 2010-12-15 02:31:00 | Go here (www.bleepingcomputer.com) - download Rkill, Boot into safe mode & save it to a the infected PC. You MUST boot into safe mode with networking and do ALL the following in safe mode.-- Run the Rkill tool -- then install Malwarebytes and ccleaner - update Malwarebytes, run ccleaner, disable system restore - then scan with malwarebytes while still in safe mode. Once finished, run Spybot S&D, as well as Super antispyware. Once finished THEN reboot normally - rerun the scans to make sure. |
wainuitech (129) | ||
| 1161722 | 2010-12-15 02:38:00 | Go here (www.bleepingcomputer.com) - download Rkill, Boot into safe mode & save it to a the infected PC. You MUST boot into safe mode with networking and do ALL the following in safe mode.-- Run the Rkill tool -- then install Malwarebytes and ccleaner - update Malwarebytes, run ccleaner, disable system restore - then scan with malwarebytes while still in safe mode. Once finished, run Spybot S&D, as well as Super antispyware. Once finished THEN reboot normally - rerun the scans to make sure. That sounds rather serious Wai! |
Cicero (40) | ||
| 1161723 | 2010-12-15 03:25:00 | I got the same one a couple of days ago. Did a system restore and it has gone. Wonder what is still lurking below the surface? |
tut (12033) | ||
| 1161724 | 2010-12-15 03:41:00 | That sounds rather serious Wai! Not really -- the infection simply flags any exe as a threat . By starting in safe mode it "half" stops the infection - running Rkill, then actually stops its process - you cant open Task Manager to stop it, as it blocks that as well . Once the bugger has been stopped, then it can be cleaned out . Safe mode with networking only allows you to download the latest definitions within Malwarebytes and other programs . Done 4 of them in the 1st few weeks . Three were the Security Tools, and one other that I cant remember its name, but the same process worked on them all (all the same symptoms) . BTW -- Slaving the drive and scanning didn't work, I found that out the first time :illogical mumble mumble |
wainuitech (129) | ||
| 1161725 | 2010-12-15 04:36:00 | Not really -- the infection simply flags any exe as a threat . By starting in safe mode it "half" stops the infection - running Rkill, then actually stops its process - you cant open Task Manager to stop it, as it blocks that as well . Once the bugger has been stopped, then it can be cleaned out . Safe mode with networking only allows you to download the latest definitions within Malwarebytes and other programs . Done 4 of them in the 1st few weeks . Three were the Security Tools, and one other that I cant remember its name, but the same process worked on them all (all the same symptoms) . BTW -- Slaving the drive and scanning didn't work, I found that out the first time :illogical mumble mumble Like I said, that sounds serious . :wub |
Cicero (40) | ||
| 1161726 | 2010-12-15 05:06:00 | Go here (www.bleepingcomputer.com) - download Rkill, Boot into safe mode & save it to a the infected PC. You MUST boot into safe mode with networking and do ALL the following in safe mode.-- Run the Rkill tool -- then install Malwarebytes and ccleaner - update Malwarebytes, run ccleaner, disable system restore - then scan with malwarebytes while still in safe mode. Once finished, run Spybot S&D, as well as Super antispyware. Once finished THEN reboot normally - rerun the scans to make sure. wt - Does that Rkill tool run similar to the task kill process from command prompt? like as described in the how to geek process. (www.howtogeek.com) Curious, thanks. |
kahawai chaser (3545) | ||
| 1 2 | |||||