Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Personal Security Virus


  • Please log in to reply

#1
oczkom

oczkom

    New Member

  • Member
  • Pip
  • 6 posts
My computer has recently been invaded by a program called "Personal Security" that does not identify its manufacturer and has effectively disabled my computer with endless pop-ups, warnings and demands to purchase their software. Meanwhile my Avast protection assures me that my firewall and anti-virus systems are on and running. I have tried several Malware "cleaners" but they abort and will not download and it appears that as a punishment for even attempting this maneuvre my desktop is cleared off and I am forced to re-boot. I'm a musician, not a computer "geek" and am helpless to proceed. Any suggestions??? Thanks for your assistance.
  • 0

Advertisements


#2
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
Hi,

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    ws2_32.dll
    proquota.exe
    imm32.dll
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    /md5stop

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

  • 0

#3
oczkom

oczkom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi Chamber,

Tried this but can't get by the first step - I can't install OTL !! Thanks for your effort, if you have any other ideas Please let me know. Michael
  • 0

#4
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

Download ComboFix from here:

Link 1

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link HERE

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

  • 0

#5
oczkom

oczkom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hello again,

I downloaded exe.Helper and double clicked it. A black screen flashed on the screen for half a second and disappeared. I re-opened the download record and tried again. Same thing. Meanwhile as soon as I began these attempts all of my desktop icons vanished and a "Personal Security" alert appeared. Any clues? Thanks, Michael
  • 0

#6
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
Try this,

Please download Rkill by Grinler from one of these links:

Rkill.exe
Rkill.com
Rkill.scr
Rkill.pif

Save Rkill to your Desktop.
Double-click on Rkill to run it.

Note: If the first one does not run successfully, download and try the other copies (with a different file extensions) and see if one of them will run.

Once Rkill has successfully run, run ComboFix immediately.
  • 0

#7
oczkom

oczkom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I tried this following instructions from Blooper... and again now - no luck - again a flash of a black screen and no more. This is getting really frustrating. Can this be solved in DOS? Thanks again. M.
  • 0

#8
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
Did you try ComboFix?
  • 0

#9
oczkom

oczkom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
EUREKA!
I have been working on this since your previous message - what I came up with is a hybrid but it worked for me and I am Free at Last!

Right click on My Computer and then on Properties, here click on the System Restore Tab then on the Turn off system Restore check box - then OK. Reboot the computer while constantly holding down F8. This brought up the famous black screen with the Windows Avanced Options Menu. I selected Safe Mode with Networking. I waited patiently until nothing further happened and then entered Combo Fix. It did all the rest with prompts as to how to finish. Hurray!

Thanks for all your help. Michael
  • 0

#10
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
Care to post the ComboFix log?
  • 0

#11
oczkom

oczkom

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Gladly, if it will be of any use to someone, and as soon as I know where that is and how to do it. Trust me, I'm a real acolyte in all of this. Cheers, M.
  • 0

#12
chamber

chamber

    Face Burnin' Malware Fighter

  • Visiting Consultant
  • 2,712 posts
c:\ComboFix.txt
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP