SpyWare BeWare! ASAP
July 20, 2017, 11:26:40 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
   Home   Help Search Calendar Donations Login Register Chat  

Google It!
Pages: [1]   Go Down
Author Topic: test  (Read 911 times)
0 Members and 1 Guest are viewing this topic.
ASAP Members
Hero Member
Offline Offline

Gender: Male
Date Registered:June 06, 2004, 05:50:23 PM
Posts: 6663


« on: June 19, 2010, 07:54:39 AM »

This tutorial will help you rid your computer of most fake/rogue anti-virus programs.

[blockquote]Vista and Windows 7 users:
 These tools MUST be run from the executable. (.exe) every time you run them
 With Admin Rights (Right click, choose "Run as Administrator")[/blockquote]The first thing we want to do we want to run is Malwarebytes' Anti-malware and here's how to do that:

Reboot your computer into Safe Mode with Networking using the instructions for your version of Windows found HERE

You may not be able to connect to the internet, here's how to fix that:
  • Open up Internet Explorer, and when the program is open, click on the Tools menu and then select Internet Options.
  • Now click on the Connections
  • Now click on the Lan Settings
  • Under the Proxy Server section, please uncheck the checkbox labeled Use a proxy server for your LAN. Then press the OK button to close this screen. Then press the OK button to close the Internet Options screen.
  • Now that you have disabled the proxy server you will be able to browse the web again with Internet Explorer.
Now we have to stop the malware from running:

The malware is preventing you from downloading any programs, running any files such as .exe (executable) and even preventing you from using safe mode or connecting to the internet. We will attempt to terminate the malware that's running on your computer and restore some of the functions by using rkill or exehelper, they both do a good job at it, it's just a matter of finding out which one will run on your computer.
If needed you can download them to a usb flash drive and then transfer them to the sick computer.
There's 3 versions of exehelper and 5 versions of rkill.[/b]

Download and run one of these: ( rkill or exeHelper)
You only have to run one of these, it's just a matter of which one you get to run.

rkill.exe  rkill.com  rkill.scr
 WiNlOgOn.exe  uSeRiNiT.exe <-----these are rkill with different file names
exeHelper.com  exehelper.scr
explorer.exe<----exehelper with a different file name

When you find a version that does run, immediately download and run MBAM:

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediatly.

Note: Some infections will prevent MBAM from running. If MBAM won't run, try renaming the file mbam-setup.exe to a random name, and then try again.


At this point the infection should be gone but I suggest you post on the forum and let use take a look for any other malware on the system.

Post the report from MBAM and a HiJackThis log in your post.

You can download the HJT installer HERE:

Doubleclick HJTInstall.exe to install it. By default it will install to C:\Program Files\Trend Micro\HijackThis . Click on Install. It will create a HijackThis icon on the desktop. Once installed, it will launch Hijackthis. Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad. Save the log to a convenient location.
Copy and paste it into your post.

If you are not a registered member...please register  HERE,
then.....Start a in the Malware Removal forum.


My help is always free here but if you would like to show your appreciation, it will be much appreciated.
Thanks MrC
Pages: [1]   Go Up
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!