Jump to content


Photo

Fake Scan Malware Locking System Up


  • Please log in to reply
5 replies to this topic

#1 quo_status

quo_status

    Member

  • Members
  • 213 posts

Posted 29 October 2010 - 04:57 PM

I'm somewhat locked out of my computer right now due to some kinda fake Disk Cleaner/Defragmenter/Virus Scanner combo ninja. I just caught an unsuspecting intruder last night and been trying to get around it. It self installs itself into the task bar and does an auto 'scan' saying your harddrive is missing or malfunctioning, ram memory is full, etc. It locks you out, from accessing most things in the computer. I did CCleaner, but couldnt access other programs. I could do Ctrl+Alt+Del (I am using Win7 by the way), but the option for opening Task Manager dissappeared, im guessing it locked that out too. Even tried going for a systsm restore point but it locks all of that out. I cannot really get to the thing directly on my own computer so I am posting on another for emergency. What steps do I need to take to safely remove this intruder???

#2 Tx Redneck

Tx Redneck

    Tx Redneck- The Spam Hunter

  • Anti-Spyware Brigade
  • 5,283 posts
  • Gender:Male
  • Location:On the straight and narrow,stumbling at best, only by Gods grace.



Posted 29 October 2010 - 09:12 PM

Try this

Boot your computer into Safemode
* Go to Start> Shut Off your Computer> Restart
* As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly.
* This will bring up a menu.
* Use the Up and Down Arrow Keys to scroll up to Safemode
* Then press the Enter on your Keyboard
Tutorial if you need it
<a href="http://www.bleepingc...utorial61.html" target="_blank">http://www.bleepingc...rial61.html</a>
How to start Windows in Safe Mode

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.

Edited by Tx Redneck, 29 October 2010 - 09:15 PM.

God will not save you from that which he will perfect you through. Dr Voddie Baucham
If more people would get a divorce from themselves, they might learn how to live happily with someone else.

 


#3 quo_status

quo_status

    Member

  • Members
  • 213 posts

Posted 29 October 2010 - 09:43 PM

Just tried that, also installed MV Regclean which found many things, removed them...still in the system! I looked again and it calls itself simply "System Defragmenter" and even looks perfectly like a windows 7 default program application with the icons and tabs.

#4 AI_inc

AI_inc

    Member

  • Members
  • 207 posts
  • Gender:Male



Posted 29 October 2010 - 11:31 PM

Sounds like you may need to download and run "Hijack this", and get help from a trusted "Hijack this" adviser!

i7 980X ~ Rampage III Formula ~ Prolimatech
GTX480 ~ DDR3-2000 ~ 5-VRaptors (Raid-0)
SilverStone 1.5Kw


#5 quo_status

quo_status

    Member

  • Members
  • 213 posts

Posted 30 October 2010 - 12:01 AM

I have it on my computer so I will do that and post next under that forum, thanks!

#6 georgieporgie

georgieporgie

    New Member

  • Members
  • 1 posts

Posted 16 June 2011 - 04:51 PM

The way out of the fake restore/defrag etc virus is start up in safe mode and in safe mode, do a restore to a point in time before the bug appeared. If the restore does not work, repeat the process using different restore points until you get a complete restore. That should get you functioning enough to download something like MALWAREBYTES which worked for me to remove the bug.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users