Jump to content

Infected by Windows Antivirus Pro and Pc Antispyware2010


Recommended Posts

I have tried to run malwarebytes with an security message stating that it is infected and is impossible to run. I the looked up and saw about process explorer which I was able to download but again won't let me run the program with a same type of message. There are constant "scans" being run and then pop ups of buying the anti-spyware. My homepage has been rewritten. Please help.

Followed intial directions but malwarebytes and hijackthis won't run. Not only won't run but I no longer get an error/ security message. Also Internet Explorer or Google Chrome won't open.

 

Link to post
Share on other sites

Hello FNIrishBull,

a) This is your thread. Do NOT make any other posts elsewhere (like you have already done). Make your replies here please. Do not use advice given to others as something for you to do.

b- Regarding the rogue (fake) message windows: Use the ALT+F4 method to close those.

Press and HOLD the ALT-key, and then press F4 key. Repeat as needed to close those windows. Do not use any other method, like pressing/clicking the X button.

Do NOT do any web-surfing nor run online games. Do not go to any websites other than this forum or those I guide you to for downloads.

You will want to print out or copy these instructions to Notepad for offline reference!

eusa_hand.gif

If you are a casual viewer, do NOT try this on your system!

If you are not FNIrishBull and have a similar problem, do NOT post here; start your own topic

Do not run or start any other programs while these utilities and tools are in use!

icon_arrow.gif Do NOT run any other tools on your own or do any fixes other than what is listed here.

If you have questions, please ask before you do something on your own.

But it is important that you get going on these following steps.

=

Close any of your open programs while you run these tools.

Please start with the following. We need to see some logs to get some idea of what the malware issues might be.

Download to your Desktop FixPolicies.exe, by Bill Castner, MS-MVP, a self-extracting ZIP archive from

>>> here <<<

  • Double-click FixPolicies.exe.
  • Click the "Install" button on the bottom toolbar of the box that will open.
  • The program will create a new Folder called FixPolicies.
  • Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
  • A black box will briefly appear and then close.
  • This fix may prove temporary. Active malware may revert these changes at your next startup. You can safely run the utility again.

If you have Windows XP or Vista:

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

=

next:

1. Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

=

Download DDS and save it to your desktop from http://www.techsupportforum.com/sectools/sUBs/dds here or http://download.bleepingcomputer.com/sUBs/dds.scr or

http://www.forospyware.com/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

Then double click dds.scr to run the tool.

When done, DDS.txt will open.

Click Yes at the next prompt for Optional Scan.

  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt

    [*]Save both reports to your desktop.

=

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

eusa_hand.gifIf one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

Please include the following logs in your next reply:

DDS.txt

Attach.txt

checkup.txt

Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

Link to post
Share on other sites

Download and save to your Dekstop: PrevX CSI: http://www.prevx.com/freescan.asp

Run Prevx CSI.

If it wants to reboot when finished, do so.

=

Next, Please see this article http://www.bleepingcomputer.com/virus-remo...s-antivirus-pro

and do the steps listed under Automated Removal Instructions for Windows Antivirus Pro using Malwarebytes' Anti-Malware:

=

Do you mean 7 GB of free space on disk drive? or 7 GB of RAM memory?

But more important, tell me which specific version of Windows this has: XP or Vista or ??

Proceed forward and do the other steps I listed before, and get and run DDS so we can get some sort of log,

along with the MBAM scan log from above.

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.