Jump to content
Sign in to follow this  
PAN3KILL3R

CANNOT REMOVE CERTAIN MALWARE FROM MY COMPUTER

Recommended Posts

EDIT: A quick preface in case u do not want to read all my ramblings and want the quick facts because you're that damn good {;)JK...But anyways I noticed that many people have read my post but have not put in there two cents about my problem so I did an update that mentions some more of how my computer acts when I turn it on regularly. plus I bolded the main points of the entire post so you can skim through and get the bullet points without reading the bullcrap (like this so to speak lol) please post and help me out. I realize that I posted my problem late but I have a problem with time constraints coming up in the next week that will seriously limit my ability to work on said problem with my DELL desktop. problem is I Work around 1 o clock and will be worKing doubles most of the week and weekend so I probably will not have the time or energy much longer after tonight.so all your timely help within the confines of today (sooner the better but I reealize beggars cant be choosers lol) will greatly help my family (this being the primary computer my sister uses for her schoolwork and the like) I am a really good listener and know how to find my way around the windows OS with good directions so I will not be a waste of your typing energy (in other words I may be green on the computer front but I am not a lost cause lol). THANKS AGAIN AHEAD OF TIME!!!!!!!!!!!

back to the article at hand...

hello fellow forumites. I am having a problem with my computer and cannot remove a virus my computer recently contracted from an unknown source (at least to me). in the past my computer has gotten virus's and I have always been able to remove them using a combination of malwarebytes and SAS but the solution to this one eludes me. i am contacting you through use of my mac because currently when I do not run my PC through safe mode it cannot open nearly any of my programs. it says that theres an error of some sort and then basically turns my dell into a giant paperweight :( ... I am not too computer savvy but can follow directions well (my uncle taught me about these two programs SAS and MALWAREbytes for these problems when I originally had issues with my computer awhile ago). I will be posting momentarily what my computer says is the problem every time i boot it up in safe mode and run SAS following this paragraph.I have run SAS several times and regardless of how many I must note that I htimes I run it (even if I do not restart the computer normally and go into safe mode) I will get at least the same 4 viruses over and over again showing up (way more pop up if I do not safe mode start and let it boot normally connected to the internet). the following post will be of the base malwares popping up without going into normal mode after running SAS and or malware bytes and instead directing it back to safe mode.

Malware.Trace [2 items]

registry keys

HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

System.BrokenFileAssociation [1 items]

registry keys

HKCR\.exe

thank you so much ahead of time and please be patient with my responses because I am technically a computer noob and really might not understand what you are asking me to do unless broken down into literally slow people language. and I am am not a quick typer lol so i'll try and respond asap.

Update: let it run overnight doing another complete scan (again) on SAS in safe mode b4 I went to bed and removed all the malicious items and rebooted for the first time normally in over 2 days. The new updates are as follows

-I am getting a new pop up (I believe its new dont remember over the last week if its the same as what it said before) in the corner of the taskbar (in a classic windows beige info textbox that looks like its talking to you) and it says in a matter of short words that my computer has been compromised and that I should click on it to get protected.

-b4 I can even click on the box (which I havent because I dont trust it) a windows security software scan pops up and says that I have many adware viruses and one that popped up first that stuck out among he rest was called w32/blaster.worm it then asks me if I want to buy the software to clean up this mess. I just X'd it out

-as I was trying to open up my task manager I noticed another text box pop up that says that this w32/blaster.worm virus is stopping my system from working properly. I also promptly X'd out that window as well.

-I am not sure If I had previously mentioned this but I am running a standard WINDOWS VISTA HOME EDITION on this dell desktop.

-OKAY GUYS THANKS AGAIN!!!!

Share this post


Link to post
Share on other sites

1) Disable System Restore, but remember to turn it back on after the infections are removed.

2) Run the SAS .exe fix: https://www.superantispyware.com/downloads/SAS_FixEXEfile.com

3) Make sure SAS is fully updated by right clicking the SAS icon in the Notification Area and choosing "Check For Updates".

4) Boot into Safe Mode and run a Quick Scan. If HKCR\.exe is listed in the scan results, then "Allow/Trust" it. If anything else is listed, make sure it's all selected and proceed with the removal.

If the problem still exists following the above, then post the scan log from step 4.

Share this post


Link to post
Share on other sites

1) Disable System Restore, but remember to turn it back on after the infections are removed.

2) Run the SAS .exe fix: https://www.superantispyware.com/downloads/SAS_FixEXEfile.com

3) Make sure SAS is fully updated by right clicking the SAS icon in the Notification Area and choosing "Check For Updates".

4) Boot into Safe Mode and run a Quick Scan. If HKCR\.exe is listed in the scan results, then "Allow/Trust" it. If anything else is listed, make sure it's all selected and proceed with the removal.

If the problem still exists following the above, then post the scan log from step 4.

I will try this all immediately seth. thank u immensely!! I will update with the results soon. check back please!

Share this post


Link to post
Share on other sites

Today I had actually gotten my first sick day In over an entire year due to fact that my sister was taken out of school because she was having panic attacks and I had to take her to the hospital. so now she is sedated and i'm stuck in this room with my mac so all i can do is wait until later to do this (ironically). sorry i needed to vent lol...not really funny though :( I took me forever to do it but i had finally just got my computers system restore turned off and computer to become supposedly virus free. then i go that dreadful phone call and it tore me apart from my work... so Seth please be patient with me I will hopefully have her out of this frickin place soon and will have my mind in the right place to fix this computer. I just want to let u know that I still havent completed it yet and not o give up on my problem yet.

EDIT: geez I wrote this reply as good as a fifth grader lol. thats not like me at all... that just shows you how shot my nerves are...

Share this post


Link to post
Share on other sites

Im home now going to fix this thang buddy!

OKAY SETH I followed your directions to a tee (outside of figuring out I needed to disable my startup programs to allow me enough time to do all the things you asked me to do in normal mode... that took me along time to figure out lol but I figured it all out on my own and thats an accomplishment for me!) I disabled the system restore, updated my SAS software, ran the SAS .exe fix (even though it confused me because I thought there would be more to it than a little box that just proclaims that my exe. problem has been fixed! like a download or something so I had proceeded to click the link several times b4 figuring that out) and rebooted into safe mode... I currently am running SAS FULL SCAN contrary to you're advice to run it quick scan because I have a little bit of extra time this morning and wanted to be safe. so far SAS has not detected the aforementioned System.BrokenFileAssociation and instead has begun locating the REAL threats that have been perverting my DELL this entire time... 6 trojan. agents and 1 adware agent 22 mins into the scan. my hope is hat my next post will be thanking you once and for all for fixing my PC. good job bro.

Share this post


Link to post
Share on other sites

SETH! You fixed my computer! thanks to your extensive wealth of computer knowledge and savviness "KIT" is fully operational again! and it didnt cost me a dime to come to this resolution! I do not know how to thank you enough (and my sister is going to be ecstatic when she wakes up rest assured!). I am on an extremely tight budget and it was looking like my computer was starting to be a lost cause but thanks to u I dont have to worry about that. have a wonderful day buddy!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×