Spyware, Viruses, & Security forum

General discussion

Virus infection

by fain83 / November 28, 2009 9:35 AM PST

hello all. i am normally decent at getting rid of problems on my computer but i have a virus on my other computer that i can not seam to fix.

the virus will load a anti virus program and say my computer is infected it then wants me to pay money to remove the problems.

the virus also locks all of my programs. any time i try and load anything games, firefox, anti spy where... it gives me an error message it gives me the address of the program and then states "this application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem."

i have tried safe mode and i run into the same problem. if i tell safe mode to load system restore on launch it loads. the program launches and i can pick a safe point but when i click next to start the restore nothing happens. it wont start the restore process.

i have also tried to load anti spy where on my flash drive and install it from there but i get the same message.

I?m not sure what else i can do. if anyone has some suggestions i would be open to them. i really want to stay away from frying my hard drive.

thanks!

Discussion is locked
You are posting a reply to: Virus infection
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Virus infection
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
What Does This Rogue A/V Prog.
by tobeach / November 28, 2009 1:49 PM PST
In reply to: Virus infection

call itself? i.e what A/V program does it say you need to pay for to get rid of the infection? The "exact" name is important so we can give exact answer for the specific one involved. A/V2009? Win Anti-Virus 2010, or one of several hundred others?

Can you call up Task Mgr (ctrl/alt/delete together) and check for any unusual items running as applications or processes that can be manually stopped there) ?

See Marianna's post # 4 of 117 in the following link about both TDSS serv fix (definitely have a look for this bug) & how to successfully download,
re-name & install & run the re-named Malwarebytes program (including renaming the .exe inside the installed folder & activating from there.

You'll need access to a clean computer & (ideally) burn to CD to transfer to your machine (the idea is to fool infector into thinking this is an unknown, harmless program so it won't stop it.

http://forums.cnet.com/5208-6132_102-0.html?threadID=320206&tag=forum-w;forums06

Please post back w/ results for other ideas as needed. Good Luck! Happy

Collapse -
One More Possible Help Program
by tobeach / November 28, 2009 2:14 PM PST

might be Stinger which is run as application & needs no installing.

Again, on clean comp, download, renaming the program to whatever (I like
beehive.exe )and burn to CD (so infection can't spread to your USB thumb drive) and place in CD/DVD drive, navigate to the drive & double click the .exe to start.
Despite what appears, the current one includes defs up to Nov.23/09
http://vil.nai.com/vil/stinger/

ALL I've suggested are free for home user. Fingers crossed. Grin

Collapse -
You also could try....
by Marianna Schmudlach / November 28, 2009 2:09 PM PST
In reply to: Virus infection

Please download and run the following tool to help allow other programs to run. (courtesy of Grinler at BleepingComputer.com)
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.

Rkill.exe http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill.com http://download.bleepingcomputer.com/grinler/rkill.com
Rkill.scr http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill.pif http://download.bleepingcomputer.com/grinler/rkill.pif


The tool should run on all 32bit versions of current Windows (XP, Vista, Windows 7).


Pls. do NOT reboot your computer after running the above tool.

But:

Please download Malwarebytes Anti-Malware (v1.33) and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.

* Make sure you are connected to the Internet.
* Double-click on mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

* If an update is found, the program will automatically update itself.
* Press the OK button to close that box and continue.
* If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.

On the Scanner tab:

* Make sure the "Perform Quick Scan" option is selected.
* Then click on the Scan button.
* If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
* When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
* Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

* Click on the Show Results button to see a list of any malware that was found.
* Make sure that everything is checked, and click Remove Selected.
* When removal is completed, a log report will open in Notepad.
* The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
* Copy and paste the contents of that report in your next reply and exit MBAM.

Notes: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes. Click this link to see a list of programs that should be disabled.



Good Luck !

Popular Forums
icon
Computer Help 51,912 discussions
icon
Computer Newbies 10,498 discussions
icon
Laptops 20,411 discussions
icon
Security 30,882 discussions
icon
TVs & Home Theaters 21,253 discussions
icon
Windows 10 1,672 discussions
icon
Phones 16,494 discussions
icon
Windows 7 7,855 discussions
icon
Networking & Wireless 15,504 discussions

REVIEW

Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.