Boy do I need some help!

16 years ago

I don't remember what I was doing on the computer,but all of a sudden a security tool web page popped up. I cannot remove it. It is NOt on all programs. I cannot open help and support to do a "go back". When I click the X on the program, my whole screen is blue and all my icons are missing. I restarted my computer and it is still the same thing There are two icons on my tool bar than I cannot open when left clicking and I cannot exit them. What in the world is going on. They want me to buy this program and there is nothing I can do that I know of to get this mess off my computer. Please help me as I am a novice when it comes to things like this. Regards, Patricia K.

Sort by:Oldest

Comments (22)

owbist
16 years ago
last modified: 11 years ago
OK Patricia let's start with what you have not old us.
What operating system?
What anti virus, and is it working now?
What firewall and is it working now?
What anti malware programs do you use, when were any of them last updated and the last scan done?

Probably the anti virus and firewall have been disabled by the Trojans or whatever has taken control of your computer. Do you have a thumb drive or other external type storage? If so you might use a different computer and download the free Avast and Malwarebytes. Be sure to stay on the free links. Then go here and download the latest Malwarebytes definitions.

Install both programs and update Malwarebytes and run them.

Hopefully you have most of your personal data backed up.
azinoh
16 years ago
last modified: 11 years ago
One thing you could try is to use another computer (not the infected one) to download an antivirus program that would be burned onto a CD. You would then boot from this CD, not the infected computer's hard drive. Hopefully, you could then clean the infection. You would have to download a .iso file (an image), and you'd then need software that will "burn the image", not just copy file, onto a CD. Then when you boot the infected machine, bring up the boot menu before it goes into Windows (usually by pressing F12), insert the CD and tell it to boot the CD instead of the hard drive. Then, follow instructions.

The site below is only one suggestion and I have used only one of the programs listed, which is the Antivir Rescue CD from Avira. I have Avira running on two machines and so far it has found and cleaned every virus it encountered. You could probably search and find other similar sites. If this method doesn't work for you, the alternatives I know of would be to either remove the hard drive and install it as a slave in another machine to clean it, or format the infected hard drive and reinstall Windows. Be advised my knowledge is limited, and I expect others will have useful suggestions. Good luck.

Here is a link that might be useful: Free Antivirus and Rescue CDs
Related Discussions
Boy do I need help with a garden bed overhaul please!
Q
Comments (19)
the year I had my prettiest gardens, was the year I took graph paper, sketched out the borders of the beds (front of house, wrapped around side), and then just did curved lines on the graph paper to section it off...not huge sections, some bigger, some smaller. when I planted, I put all of one variety in a bigger spot, and elsewhere in the border another spot. some areas might take three coneflowers, another section might have seven of the same thing. my beds are anywhere from hmmm, three feet deep, up to 8 foot deep in some areas, some full sun, part sun, almost deep shade, depending on where it's at in the garden. it was gorgeous all season, my only hopes is that I can recreate it now that i've got to start from scratch again. some of what I had in there are as follows: coneflower, both white and purple shasta daisies, very easy to grow here, TOOOO easy...LOL irises, several varieties sunflowers daylilies hostas dames rocket black eyed susans blanket flower coreopsis, several kinds carnations, LOVE those, so had a LOT dusty miller alyssum for edging almost the whole thing candytuff phlox red hot poker hollyhock some kind of a mallow, i think, love it, hope i can find it again, since i'm not sure what it is...LOL, have ONE poor little guy out by my garage that self sowed, so crossing my fingers I can get seeds from it this year :D dianthus forget me nots oh wow, soooo many different plants, everyone said it was gorgeous, but too many varieties....LOL, but that is what I like, keeps the eye going. I didn't put all tall in the back, short in the front either, there were areas that had all tall clean to edge, it's what I felt like putting there...LOL. keeping a minimum of three unless it was an eyecatching specimen that I really wanted single. some things that would be great with your area are also peonies...think maybe lilacs would be a good choice for you for shrubs too? my area is just a tad to hot and humid in summer, not cold enough in winter to grow lilacs well, only Miss Kim will do anything around here. don't forget the hardscape too, like bird baths, gazing balls, small things. maybe a small trellis to bring in the height too. if you can curve parts of the edges of the bed, that will really make a difference versus a straight line as well. not sure if this helps, but it worked for me that year. Like you, i'm into a complete overhaul this year, due to MS rearing it's ugly head for me, as well as major neck issues, and the garden just went to you know where over the last several years. LOL, last summer, had a energetic moment, and we did get most of it cleared out, including some four foot tall "weed trees". If that tells you how bad it was, for a tree to get that tall in there, Hmmm. Good luck!!! Sally
...See More
Boy do I have some stubborn lil chickadees!!
Q
Comments (4)
I put the box about 5' away from where they want to nest. I even put peanuts on top of the box (LOL) to get them to nest in it...but they are still trying to make a nest in the tops of the posts. They have gone to every post to try and dig out a nest. I just keep plugging up the holes they dig out. It's really breaking my heart.
...See More
Oh boy do I need some help here!
Q
Comments (19)
Thanks to all...so much! I didn't want to bring this up but it isn't only homework...it's really ANYTHING. Example: He took a bath on Monday...Tuesday night I told him it was time for a bath. My bad though...it was late and he fell asleep within minutes. No biggie. On Wednesday at 4:00 I told him again after homework was complete to take a bath...He asked "Now?" I said "Yes, now...so that you don't accidentally fall asleep later..." I was still working until 5:00. I left my office at 5:00 and went to fix dinner...had to do it quickly because SD14's gymnastic lessons are at 6:00. Dinner was complete by 5:30 and SS came into the kitchen. Still had the same clothes on. NO bath. I take SD to gymnastics, go by the grocery store with the other 4, pick SD up and come back home...and again say "Go take a bath right now." He says ok and leaves the room...comes out with his clean clothes and heads towards the bathroom. I go to comfort the hubby who discovered that the company he works for is closing next week. When I go in to check on the kids I notice SS9 is asleep and has the same clothes on. The clean clothes are on the floor. NO BATH. Same thing on Thursday. But this time I say "take a bath today or you WILL be grounded for a day." I have to work again until 5:00...come out and go to fix dinner. NO BATH and since it's Thursday, it's guitar lessons for 2 of my other sons at 7:00. AGAIN tell him to take a bath as soon as we get home from taking the boys to lessons. He gets his clothes and goes to the bathroom. Guess what? Yes...NO STINKING BATH. I even stood outside the door and told him I wasn't leaving until I heard the water running. He apparently just hung out in the bathroom long enough to make it look like he was going to take a bath and then left the room. Friday was "drive 3 hours to visit with Mom for the weekend" day so there was no time to take a bath then because we leave for the long drive as soon as the kids get home from school. This child listens to NOTHING at all and does NOTHING that he doesn't want to do. I'm sure not going to bathe the kid myself...but he will NOT listen to me at all. I have 4 other kids, a big house to clean and a full time business...it is getting VERY frustrating having one kid who refuses to do anything...from homework, to bathing. yes, of course, the other kids sometimes have to be told twice or maybe even three times...but honestly and truly this kid will do NOTHING. I'm obviously VERY frustrated right now.
...See More
I need some help with a project I'm doing.
Q
Comments (7)
Roobear .. thanks for offering to do a PS visual for me, that's super nice of you! I've been contemplating removing the chair rail, the only thing that's stopping me is I know they were not only nailed, but liquid nailed to the wall. I think the damage that would occur would warrant new sheetrock in the room. I wish it wasn't put up so zealously. *LOL* Suero .. I agree the frames should be kept brown to go with the sepia pictures. Newhomebuilder .. Thanks for posting the pic, I did get it to work. Your bookcases look great, I like how they are trimmed on the top and above the mantel .. very pretty! On a positive note .. it looks like we can pick up 500 board foot of beadboard on Monday!! :D I'm really happy about this. It means that ceiling will get redone with beadboard, the living room ceiling will get redone and we can build the new bookcases to abut the mantel in the family room. While I was out this after noon I stopped by my favorite consignment shop and found two great end tables for this room and she was willing to let the set go for $75. Next on the list I need to figure out what to use as a center light for the room and whether I want to put sconces above the fireplace.
...See More
grandms
16 years ago
last modified: 11 years ago
pkspigs, I would suggest you not use this computer until after you have tried owbist's suggestions. For a novice, which you said you are, I'm afraid azinoh's instructions may be somewhat difficult (no criticism intended, azinoh). If, after you have done what owbist suggested, the problem is still here, wait until either ravencajun or zep get on here, and one or the other of them can give you instructions for going to a help site where they can help you clean up your computer. Don't panic! Help will be coming.
azinoh
16 years ago
last modified: 11 years ago
No criticism taken, grandms. However, if the OP is going to fix the problem she's going to be less of a novice at the end. That requires some learning, and there's no time like the present. In fact, I agree with the suggestions made by owbist and I was only suggesting one possible alternative. It would be helpful to have the use of another computer to fix this problem. If she can get Avast and Malwarebytes installed (might be difficult if the machine is already infected), she should run them in safe mode.

If any other novices read this, this is a perfect example of why you should have a plan in place that you know how to use to recover from this type of trouble. This is especially true if you don't have easy access to another computer. It's a lot easier to fix a problem if you already have some tools at hand, instead of having to go out and look for help with a machine that is already compromised.
ravencajun Zone 8b TX
16 years ago
last modified: 11 years ago
this unfortunately sounds like one of the dreaded fake antivirus variants, which can be extremely invasive and difficult, lets see what we can get accomplished, hopefully it can be cleaned and not require a re-format.
please do try to get malwarebytes loaded updated and run if you can and please post the log of what it finds so we know what exactly it is we are dealing with. This should help you with how to install and use malwarebytes
How to download and install Malwarebytes' Anti-Malware application for Windows computers
follow the links on that page to the rest of the tutorial. Be sure you run the FULL scan rather than the quick scan!

If you can not do this then go to this link and post at the other forum I am at and we can try to help you step by step there. You will need to register there and then post a thread in the area I will link you to. If you need me to start the thread for you I will be happy to just let me know.
Analysis and Malware Removal

If you are able to get malwarebytes to run please post that info over at LzD in your thread.

Here are the regular directions for malwarebytes
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
* Please post contents of that file in your next reply.
pkspigs
Original Author
16 years ago
last modified: 11 years ago
Thanks for all the tips. I started the computer in "safe-mode", I then got all the icons up on the screen. I could not open malwarebytes, so I reinstalled it. I then ran malawarebytes full scan. I then had the infected files put away and then did a restart, since I could not do a go-back. everyting was normal when i did a restart. thanks again, Patricia K, in La.
ravencajun Zone 8b TX
16 years ago
last modified: 11 years ago
what do you mean you had malwarebytes put them away did you tell it to remove them like in the directions?
I need to see the log from your malwarebytes please get the log as per the directions and post it here. I am quite sure that you are not fully clean so there is more yet to do.
azinoh
16 years ago
last modified: 11 years ago
I am very glad to hear that Malwarebytes was helpful to you. It would still be a good idea to make sure your antivirus software is up-to-date and use it in safe-mode to run a complete scan. Try to get in the habit of making sure your antivirus and anti-malware programs are up-to-date. Do it manually at least once a week if you can. Weekly scans is not a bad idea either.
owbist
16 years ago
last modified: 11 years ago
Besides Azinoh's suggestion of running a full anti virus scan in safe mode you should also re-run Malwarebytes but NOT in safe mode. Malwarebytes is designed to run with the computer in normal mode.

Hopefully then you wil be free of all pests
pkspigs
Original Author
16 years ago
last modified: 11 years ago
Raven, I told Malawarebytes to remove the thing. I don't know how to post the log here, regards, P.K.
azinoh
16 years ago
last modified: 11 years ago
Owbist, I am interested in knowing why Malwarebytes should not be run in safe mode. I have done so several times and have not encountered any problems doing so. Why is this so?
padd_y
16 years ago
last modified: 11 years ago
Patricia K. I suspect youre not fully clean.. Please do what RC has suggested..
Head over to LS. forum we can walk you through the Log-File posting instructions.

I canÂt make you go there its always a users choice as to what they do so itÂs up to you how you proceed.

Paddy..
owbist
16 years ago
last modified: 11 years ago
Azinoh, here is a thread at the Malwarebytes forum. The first reply is from the Malwarebytes team.

They do not suggest you will encounter any problem, however the best benefit is using it with Windows running normally.

Strangely there are no such recommendations either on their web site or installed with the program itself. Not even a FAQ, seems odd
pkspigs
Original Author
16 years ago
last modified: 11 years ago
I still do not understand what you all want me to do, as I said I am a complete novice with computers. Please explain what the LS forum is and how to post the latest log on malawarebytes. P.K.
owbist
16 years ago
last modified: 11 years ago
Patricia, you and many others are in need of help occasionally. That is why those who offer help do so, to aid you in becoming more comfortable around your own computer. The entire concept of Gardenweb is so that those who know can help those who wish to know. Help can only be good if the person with the problems gives full details initially then takes the time to answer any questions asked or to note what happened after following any advice offered.

In my reply to your request early Thursday for help I asked 4 questions and deliberately placed each question on a separate line so each was very visible. There was a reason for this, myself and/or others might well assess the amount of damage done on your computer using the answers you have not provided.

After you reported doing a scan Friday afternoon Azinoh came back with a very valid suggestion, there has been no reply saying this has been completed successfully or otherwise.

This post is in no way intended to be harsh or to give you a bad time. It is however written to point out things you have failed to do in your quest to get the computer fixed.

As regards going to another site, that is your choice entirely.

I would suggest you see these computer problems as serious enough to back up any data you do not wish to lose. If there is a next time you may not be so lucky and may ave to wipe the drive losing everything.
pkspigs
Original Author
16 years ago
last modified: 11 years ago
Owbist: Let me see if I can answer most of your questions. Belive me, I DO appreciate your help. I am running windows Xp. I have Avast and Malwarebytes installed. I run windows firewall. I do have an external backup. I have not run into any problems since I ran it in safe mode and deleted everything with malware bytes. i don't know what else to do. Pregards, P.K.
owbist
16 years ago
last modified: 11 years ago
OK. Brilliant, now we know where you are.

When you do not need the computer for a while it would be good to run a full scan of both Avast and Malwarebytes just to set your mind at ease. Be aware the Avast scan may take a long time to do.

You might consider changing away from the Windows firewall because it is only a one way firewall in XP. It stops unwanted incoming problems but anything that piggybacks in on genuine downloads can report back to it's owners and you have no control over that. Zonealarm is the most popular free one, there are others and probably just as good.

If you go for a firewall watch carefully as you install because these days so many of them carry extras like toolbars you probably do not need. It is just a case of removing a check mark to avoid having these things installed. With Zonealarm they also suggest you load some scanner, I always refuse that personally. That is because I have never tried to understand it, my current safety net seems adequate.
ravencajun Zone 8b TX
16 years ago
last modified: 11 years ago
malwarebytes keeps a log that is what we need to see so we can tell what infection you had, even though it seems to you to be clean it is very likely still carrying parts of the infection, the type you described is hard to get rid of totally. To know what needs to be done next we need to see your malwarebytes log. Follow my directions and copy and paste the log here into your reply box.

Open your malwarebytes program along the top you will see some tabs one is called logs click that tab, there you will see the various logs that were created, click on the one from the date you ran it and cleaned the infection, click open on the bar at the bottom that will open that log in a new window, hilight every thing in that window and right click on it and choose copy then come here and in your reply box right click and choose paste that will put your log here in your reply, it is very simple to do. Another way to do it once you have the log open is to go to edit at the top of that new box and choose select all that will hilight the content of the log then right click on the blue highlighted area and choose copy, come here and right click and paste into the reply box.
pkspigs
Original Author
16 years ago
last modified: 11 years ago
Malwarebytes' Anti-Malware 1.41
Database version: 3082
Windows 5.1.2600 Service Pack 3 (Safe Mode)

11/26/2009 3:50:48 AM
mbam-log-2009-11-26 (03-50-48).txt

Scan type: Quick Scan
Objects scanned: 106513
Time elapsed: 18 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\(c9c5deaf-0a1f-4660-8279-9edfad6fefe1) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\(e4e3e0f8-cd30-4380-8ce9-b96904bdefca) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\(fe8a736f-4124-4d9c-b4b1-3b12381efabe) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\(df780f87-ff2b-4df8-92d0-73db16a1543a) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\(df780f87-ff2b-4df8-92d0-73db16a1543a) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\(df780f87-ff2b-4df8-92d0-73db16a1543a) (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\10331715 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\13636423 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\38017019 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\37743428 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\06495327 (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\54769940 (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Application Data\10331715 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\All Users\Application Data\10331715\10331715.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\User\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.Thanks Raven, I hope this is what you need, PK, in S. La.
owbist
16 years ago
last modified: 11 years ago
The scan looks clean. However you only did a quick scan rather than the full one and you did it in safe mode rather than normal mode.
pkspigs
Original Author
16 years ago
last modified: 11 years ago
I did one last night in full scan and normal mode,not safe mode and all it picked up was the Active X thing. thanks for all the help. I am a complete idiot for not knowing how to do the paste thing. Thanks for everything, PK
owbist
16 years ago
last modified: 11 years ago
Aww, brilliant news. Thanks for reporting back.

Boy do I need some help!

Comments (22)

owbist

azinoh

Related Discussions

grandms

azinoh

ravencajun Zone 8b TX

pkspigs
Original Author

ravencajun Zone 8b TX

azinoh

owbist

pkspigs
Original Author

azinoh

padd_y

owbist

pkspigs
Original Author

owbist

pkspigs
Original Author

owbist

ravencajun Zone 8b TX

pkspigs
Original Author

owbist

pkspigs
Original Author

owbist

COMPANY

BUSINESS SERVICES

GET HELP

CONNECT WITH US

Boy do I need some help!

Comments (22)

Related Discussions

pkspigsOriginal Author

pkspigsOriginal Author

pkspigsOriginal Author

pkspigsOriginal Author

pkspigsOriginal Author

pkspigsOriginal Author

COMPANY

BUSINESS SERVICES

GET HELP

CONNECT WITH US

pkspigs
Original Author

pkspigs
Original Author

pkspigs
Original Author

pkspigs
Original Author

pkspigs
Original Author

pkspigs
Original Author