Jump to content

total security trojan


Recommended Posts

I was recently infected with the Generic.fakealert!ink. and 13 other trojans based on a malwarebytes scan. After running the scan 3 times the Trojan.Vundo.h and Disabled SecurityCtr still showed on the scan but the log stated they were safely removed. Prior to the scan I had lost total control of the laptop and had to run Malwarebytes from a flash drive.

I followed the "cleaning guide" I found on geekstogo as best I could. couldn't run the system restore process, said I needed .net framework. Could not run window updates. It was disabled and even the services.msc could not enable.

I went to the geekstogo website to post a thread and my log went I was infected with the Total Security Trojan. I don't believe I infected on their site. I think I was infected because my window updates are not current and I was connected to the Internet. Wireless connection.

Now with the Total Security Trojan:

I tried running MLWB from the flash drive. no luck.. it blocks it

I tried changing the name of the MLWB file. no luck... it blocks it

I tried running the Process Explorer from another flash drive. no luck ...it blocks it. I'm on my 4th flash drive...I'm afraid to put into my desktop computer after its been in the laptop. Am I paranoid or can it get infected also??? can I put into my desktop and scan with MLWB without infecting my desktop computer??

If I let the computer sit idle for about 10 minutes a blue screen appears that says a problem was detected and windows has been shut down to prevent damage. a process or thread crucial to system operation has unexpectedly exited or been terminated. blah blah remove any hardware or software, disable BIOS memory options such as caching or shadowing. use safe mode

Technical information ---------------stop --0x000000f4 (0x000000003, 0x851cada0, 0x851caf14, 0x805d297c)

beginning dump of physical memory, physical memory dump complete, contact administrator

(this is an abbreviated version)

When I try to start in Safe Mode, I get the black/white page with the scrolling drives etc then the Blue screen appears with detected problem windows shut down to prevent damage to your computer. check for viruses remove any newly installed hard drives. check your hard drive is properly configured and terminated. run chkdsk/f to check for hard drive corruption and then restart ----stop 0x00000007b (0xf7b7a524, 0xc00000034, 0x00000000, 0x00000000)

(f drive would be my flash drive --- I simply pulled out of usb port when I couldn't run MLWB. I couldn't hit eject...couldn't open the drive...

I don't think this is a legit windows message, I think it's the trojan.

In summary I can't start in "safe mode"

any suggestions??? I saw a similar problem on Generalgeeks and they had a download for a CD to boot computer and then scan. my question will the computer know to boot from this CD or do I need to do something so it doesn't boot from windows..?

Any help would be greatly appreciated... it's my son's laptop and college starts next week. I'm running Windows XP home edition with service pack 3. it's a Dell Inspiron 15. I have a windows xp disc with service pack 2 that came with the laptop if I need to reload. When I told him this was a good possiblity he looked like I just backed over his puppy with the minivan. He doesn't want to lose his 8gigs of music downloads. oh well, can't get to the music with the current state of the laptop...so it's lost either way.

Thanks in advance for any assistance you can provide

Link to post
Share on other sites

Hi. Please read this entire message and post in the HJT Forum :(

( http://www.malwarebytes.org/forums/index.php?showforum=7 )

Pay special attention to the items in green.

Scan and post logs - read note at bottom in green

If you're having Malware related issues with your computer that you're unable to resolve.

  1. Please read and follow the instructions provided here: I'm infected - What do I do now?
  2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
  3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.

  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require assistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review

  • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.