Over 1 million tech questions and answers.

Hijacked computer w/ virus: parasite "system security" locked computer

Q: Hijacked computer w/ virus: parasite "system security" locked computer

Hi there. I am not so computer savvy, so pls bear w me. I was on an unemployment site, went into a 2ndary site, & that is when I got nailed w a virus (computer says worms & Trojans). This "Systems Security for PCs" is hosing up my computer, & 4 $50, it claims it can clean ur computer.I looked online (I am on my phone) & read that it is a fraudulent site, & 2 download a killbot. However, I can't get my Internet up. Since I am unemployed, I just don't have the extra cash 2 pay a computer store. Can anyone please help? I know about all of the should haves, but right now my computer is toast. Thanks!EDIT: Email address removed per forum rules

Preferred Solution: Hijacked computer w/ virus: parasite "system security" locked computer

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Hijacked computer w/ virus: parasite "system security" locked computer

If you have access to another computer, you can burn this to a CD or download to a flash driveThe process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note:-- If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. Note 2:-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes. To disable these programs, please view this topic: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs---------------------------------If mbam won't install or runSome types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it. Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run.

Read other 10 answers

hello,i was referred to your site from friends you have helped.  I appreciate in advance for your assistance.  My computer is locked by a page that looks very official  "Homeland Security" with several other federal agency seals. It states I must wire $300 to a non descript site to unlock my computer. I would then enter a code given when I wired the money and my troubless would end.  It accuses me of copywrite violations, theft and child pornography which I have not done.  I fear it is trying to scare me into paying.  When I spoke with an IT person they told me it sounds like an FBI virus.  Help!  Should I just take it to my IT department?  I am embarassed to be honest. P.S. I was looking at utube videos.Edit: Moved topic from Windows 7 to the more appropriate forum.~ Animal

A:homeland security virus locked up my computer

This is a form of malware known as ransomware, and has been around for sometime.

Should I just take it to my IT department?

If this is a business machine, then yes, that would be the best course of action. 
If not, and this is a personal machine, please tell me the Operating System. 

Read other 8 answers

Hello guys.
I was referred to your site from my friends you have helped. I appreciate in advance for your assistance.
My computer is locked by "Homeland Security " virus. Please , help me to rid of it.
I have a Windows 7 operating sistem.
 Unfortunately Iam not able to burn a CD at this time. I do have access to clean PC and flashdrive.

A:homeland security virus locked up my computer

Hi there,access to a clean PC and a flashdrive is enough:On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Plug the flashdrive into the infected PC.If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.If you are using Vista or Windows 7 enter System Recovery Options.To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Select US as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.htmlTo enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your comput... Read more

Read other 7 answers

today i was browsing on my computer when this pop up kept coming up i kept clicking cancel but it installed its self .
now when i try to get on crtain website i get one of 2 messages.
the first appears in the search bos
it readsthis page is infected by a malicious advertisingcode such code can seriously affect your computer click here to protect your computer with personal antivirus

the second message appears in a big red box with a cop with a stop sign in the corner
It reads warning this website may harm your computer .This website contains malicous software program which can cause damage to your computer or perform actions without your permission your computer may be affected after visiting each website we recommend you install or activate antivirus security software i do realize that visiting these sites can cause damage to my computer ten there are 2 option boxes box 1 is continue unprotected box 2 install security systems antivirus if you pick block on it blocks that website. thease are websites like my internet banking petfinders sites i have used for years any help to remove this would be appreciated

A:My computer is infected with the security system virus

Hello and welcome to Bleeping Computer.Please subscribe to your topic so that you will be notified as soon as I post a reply, instead of you having to check the topic all of the time. This will allow you to get an email notification when I reply.To subscribe, go to your topic, and at the top right hand corner by your first post, click the Options button and then click Track this topic. The bullet the immediate notification bubble. Then press submit.Lets take a look with MalwarebytesPlease download Malwarebytes' Anti-Malware from here:MalwarebytesPlease rename the file BEFORE downloading to zztoy.exe instead of mbam-setup.exeMBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Double Click zztoy.exe to install the application.* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.* If an update is found, it will download and install the latest version.* Once the program has loaded, select "Perform Full Scan", then click Scan.* The scan may take some time to finish,so please be patient.* When the scan is complete, click OK, then Show Results to view the results.* Make sure that everything is checked, and click Remove Selected.* When disinfection is completed, a log will open in Notepad and y... Read more

Read other 1 answers


I was on the internet today and without thinking clicked on a random popup that appeared and it got me into some trouble I think.

This program called "System Security 2009" suddenly popped up and began "scanning" my computer and then things went downhill pretty fast.

I attempted to do a system restore but apparently this program disabled it so I cant click on the "next" button to begin a restore. I then tried to do a scan with my antivirus program (avira antivir) and it scanned for about half an hour and found about 70 detections before the computer suddenly restarted and a blue screen popped up. After reading the instructions I wish I had wrote down what it said, but the blue screen doesn't popup anymore. It said something about a possible hardware problem but thats about all I remember.

Now when I turn on the computer, it wont let me access any programs at all and when I try to open anything a balloon pops up and says: "Application cannot be executed. The file ... is infected. Please activate your antivirus software."

The internet is totally shut down as well.

That's about all I can think of to write about the problem. The computer is basically useless and I'm on my friends laptop posting this on the forum. I was able to do a dds scan and the text is below. Ive attached the attach.txt and the ark.txt...

If there's anything else you want to know that I didn't think of let me know. I'd really appreciate any he... Read more

A:System Security virus. Computer is trashed... Please Help!


please download this following program onto your friends computer and transfer it over via USB

be certain to rename it Before you save it.

Are you able to access 'safe mode' on the infected machine?

If so, run this program in safe mode.

Download Combofix from any of the links below. You must rename it before saving it.
Save it to your desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
If you are using Firefox, make sure that your download settings are as follows:Tools->Options->Main tab
Set to "Always ask me where to Save the files".

Link 1
Link 2
Link 3

During the download, rename Combofix to Combo-Fix as follows:

--------------------------------------------------------------------It is important you rename Combofix during the download, but not after.
Please do not rename Combofix to other names, but only to the one indicated.

-----------------------------------------------------------Double click on Combo-Fix.exe & follow the prompts.When finished, it will produce a report for you.
Please post the "C:\Combo-Fix.txt" for further review.
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Very Important!... Read more

Read other 2 answers

I recently went on a website and contracted a system security virus. It said that my computer was full of trojans, worms,adware and spyware. I must have accepted something to make the virus want to infect my computer. While I'm typing this, a pop up window will display and ask me if I want to remove these problems atleast 5 times. Naturally I say no because the system security is a virus itself. But this damn pop up window pops up every 3 or 5 minutes and makes it very hard not to dropkick my computer.
The icon on my desktop is a shield with diagonal yellow and black stripes. I cannot get rid of this program by going into add/or remove programs. It doesnt show up there.
Another strange thing that happens is when I try to go to malwarebytes.org, I get kicked out of the site immediately. I use internet explorer. I don't know if the virus is under a secret name or disgissing itself as another program. I can't seem to find the system security program anywhere.
My computer is a Windows xp home edition. Dell Dimension 4600.
I would greatly appreciate any help or advice for getting rid of system secuirty viruses.

A:Newbie who has little computer experience, needs help getting rid of system security virus

Hi and welcome to BC. I am moving this to the Am I Infected forum from Xp, because you are.Here are some trick to get MBAM to run so you can post a log.Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it. Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..***Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.***Open up command prompt, type in following commands: XP >> click the Start menu at the lower-left of your computer's desktop and select "Run". Type cmd into the Run box and click "OK".Vista >> click the Start menu at the lower-left of your computer's desktop and Type cmd in the search box.regsvr32 mbamext.dllregsvr32 ssubtmr6.dll regsvr32 vbalsgrid6.ocxregsvr32 zlib.dll ***Manually Downloading Updates: Manually download them from HERE and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.MBAM:Please do... Read more

Read other 14 answers

I have a HP mini 110-1150NR with 2gig ram and 1.60mhz processor. The OS is Xp home edition 32bit. It started when I have always had the virus protection AVG and a few weeks ago a friend told me to try Norton 360 cause it has always been good for his computers. Well I download a trial version and erased my AVG and what a mistake that was!! After my trial was over instead of it still protecting my computer it just made my computer very vulnerable and when I went to download a new virus protection (which was AVAST) I had to restart my computer for changes to be made and when I did that I was infected with a hellasious virus and I am stressed out and frustrated cause I have been trying to get help for 3 days now and have not received any help!! I have spent over 30hrs on researching the problem and I am to afraid to do anything without the professional help of someone that knows what they are doing. I cant run any malware scans, virus scans, system restores, and some of my documents. When my computer starts up I get a .dll error and when I run my system restore it says "system restore will not protect you computer and to restart and try again". I have done that in safe mode and regular and nothing happens and I get the same error message. I cant install microsoft security essentials and anyother security softwares. When I pull up my task manager all of my processes have an .exe behind them and some things are on there I have never really noticed. There are schost.exe an... Read more

Read other answers

Got the "system security" virus earlier this week. Nothing worked. Browsers did not work. Anti virus software did not work.

Was able to start computer in safe mode and run MBAM. This helped and allowed computer to run. Re-added Symantec and ran this. Also ran adware. Noticed that a file called Podmena was now in my internet firewall exceptions tab. I re-updated MBAM and ran this. It found this "podmena" thing is several files.

Currently, computer runs very slowly. Both IE and firefox are still hijacked when I run google searches, but I can paste links to browser and that seesm to work.

I have ran MBAM several times and it seems not to find anything. any suggestions?



A:Browser hijacked after system security virus

Hello and welcome... Let's see what else may be left. Please post the last infected MBAM log.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Next run ATF and SAS:Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot i... Read more

Read other 8 answers

Like my title states, my laptop has the locked computer virus and nothing I have used is detecting it. I have McAfee anti-virus that ran a clean scan as well as Malwarebytes. Neither of them have detected anything. Please help!

A:Help! My computer has the fbi locked computer virus :(

Read other 16 answers

Please help, My PC got infected with a parasite. I'm getting a popup reading;
A parasite has been found on your computer. This parasite is monotoring the URLS that you visit when you surf the web and also pop ads & frequent crashing of browsers and programs. This particular pop up ask if I would like virtual bouncer to remove it. I'm afraid to select yes. I'm getting tons of popups and my computer has slowed down. I will appreciate any help.

Thanks! :

A:Please help with computer parasite.

Read other 14 answers

If I receive a pop-up stating that my computer has a parasite, and I need to purchase their product to get rid of it, is that true. Is there any other way to get rid of the problem I am having with pop-up ads? I have spyware and a registry cleaner I have already purchased. I have my pop-up blocker on high, but recently I am having lots of pop-up ads appear on my screen.

A:Computer Parasite

What are the programs that you are using?

Read other 3 answers



bcd files,security files,software files,system files.....similar all config files

ntuser,dat.ntuser files,.....How to unlock? I trying security permissions and but restart computer after
How to unlock & keep systemlog files

Win7 Ultimate 64bit

Read other answers

Tech Support Guy System Info Utility version
OS Version: Microsoft Windows 8, 64 bit
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 6028 Mb
Graphics Card: Intel(R) HD Graphics, -1984 Mb
Hard Drives: C: 914 GB (403 GB Free); F: 931 GB (931 GB Free);
Motherboard: Acer, Aspire XC600
Antivirus: McAfee Anti-Virus and Anti-Spyware, Disabled

Currently operating out of Internet Explorer.

Use Firefox 64-bit for Windows 8.


I got a security alert in my Firefox browser as follows:

"requesting your username and password. The site says: ?Internet Security Alert: Your Computer Might Be Infected By Harmful VirusesnCall Windows Technical Support: (Toll Free) (866) 504-4999 (Toll Free)?

Although it locked my computer, I was able to close Firefox by running an analysis in CCleaner which forced it closed. Then I tried to open Firefox up again and it went straight to the security alert page, locking my computer again. So I forced it closed the same way again (and even restarted my computer by turning it off for 10 seconds) but the message came up again.

Then I tried to operate out of IE, which I still am now, to find a solution on how to get rid of it, trying malware/adware removal downloads and nothing worked. So I re-installed Firefox and when I opened it up, I was locked again! I have spent 3 hours trying to fix it before joining this forum.

The other related problem I have is that for the past... Read more

Read other answers

i have parasite!!!it make my comp slow my internet explororer dont work and hav pop up and alwaiz pop up the best offershere is my hijackthis logLogfile of HijackThis v1.99.1Scan saved at 3:49:43 PM, on 10/25/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\wdfmgr.exeC:\WINDOWS\System32\etnyxav.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Java\jre1.5.0_03\bin\jusched.exeC:\Program Files\Java&#... Read more

A:Slow Computer Parasite Help!


I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

Read other 2 answers

Today, while restarting from hibernation, my laptop (Dell N7010  running Windows 7 (64-bit)) was showing a blue screen (as in "of death") with several words shown in a large white font. I only saw it briefly then password screen appeared. The words I saw on the blue screen said "Your Computer is(?) Locked". Since I successfully used it (still am), I put the message in the back of my mind. 
Several hours later, I put my laptop into hibernation again. When it came out, the password screen said that my computer was locked (attachment: "lock.gif"). That reminded me that I saw that this morning, too. But with no problem signing in, I had ignored it. Also, I watched closely but saw no blue screen with big "Computer Locked" message after this second hibernation.
I don't know what to make of this.
In between those hibernations, I Googled "booting windows 7 i saw blue screen with 'your computer has been locked' but my computer is NOT LOCKED" .
Bleeping was near the top of the hits. But Malwarebytes wouldn't let me go to the first hit because "Malwarebytes blocked a suspected bad URL or an unwanted program." Here's the URL: https://www.pcrisk.com/download-reimage; also, see attached "mal.gif". 
So there's THAT on top of the blue screen with "Your Computer ... Locked" and twice finding "Locked" above the password box.
I'm speechless.

Clearly Malwarebytes Premium (3.1.1) is taking care of me, It's automatically kept up... Read more

A:Blue screen: "Your Computer ... Locked" during boot; computer NOT locked

I do suspect that the Malwarebytes notification is not related. You just clicked a potentially malicious link. Your issue could be malware-related, but I can't tell from your description.
Anyway, please follow these  instructions and attach the requested files by replying to this topic. You may skip the part of step three where it instructs you to create a new topic, since you already have a topic here. There's no need to create another topic.

Read other 4 answers


I?ve got a computer infected with the ?System Fix? Virus. I believe the OS is Windows XP Professional. Searching the Tech Support Forum lead me to this thread:


Since that thread is getting quite long, I figured I?d start a new one. Everything happened as ?pleasehelppleez? described. All programs shut down, and a phony repair program pops up and takes complete control. Luckily, we have a second computer on the network that works.

I first tried booting into safe mode with networking, which gave me a blank desktop, and no programs to run except for McAfee Security Center (this computer IS protected and regularly updated). I ran a scan, which showed several problems and fixed them (I forgot to save a log). After much internet research, I found several sites suggesting fixes, notably:


In safe mode, I was able to access utility files from my working computer through the network. I installed and ran Malwarebytes, which again, detected several problems and I fixed them (forgot to save a log). I rebooted into normal XP, but once the Windows desktop appeared, the ?System Fix? started up again.

Following the advice I?d seen, I ran ?Rkill.com?. After several tries, Rkill eventually closed down System Fix. I ran MBAM again, ... Read more

A:"System Fix" virus hijacked computer

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.


Please try running dds again in Safe Mode and post/attach the logs in your next reply.

Please also attach the gmer log.


Read other 19 answers

I am running into a problem with a system I just built last year. Today my computer (runs W2k) locked up while typing an email on AOL. I rebooted and the computer would always get stuck at the screen showing (Norton's) GO BACK. Even hitting the space bar to solve problems doesn't work. So, frustrated I'd Power it down and then restart and then hit the start button rapid like three times after about 4 unsuccessful bootups.
Now a power light of red is on, but the green one that blinks at boot up is not working. All that I hear running is the processor's Fan. Did I short out my power button? I am having a similar problem to the thread by mikeyworm. I connected my HD to another system, so HD is okay.
I had to reorder the same MBD in case the MBD is toast (I hope the processor is still okay). This is frustrating.



A:System locked up and now computer doesn't run

Just in case:

Pull out all power source (power cable basically)

Hold down power button releasing all internal voltage (about 20 secs)

Put power cord back in

Turn on - I hope

Read other 12 answers

A friend sent me this photo: http://1drv.ms/1kbycX7 and asked me what to do.  Their daughter (non-admin account) was logged into the computer and was on a high school homework website when this happened.  Once the message popped up, the computer was "locked up" and the user was unable to do anything, and the warning was on-screen and audible.  I am very suspicious, as I have never seen or heard of anything like this.
I was able to log in to an alternative account with no issues.  I ran MBAM and ESET online scanner.  They found nothing.  Not sure what else to do, so I am seeking advice.

A:Computer Locked by virus - Critical-virus.info - Call 855-790-8386 to fix

Tech Support Scamming using browser pop-up alerts with phony telephone numbers from "so-called Support Techs" advising your computer is infected with malware has become an increasing common and prolific scam tactic over the past several years. In some cases, the scam may be a web page which looks like a BSOD and includes a tech support phone number to call in order to fix the problem.You may want to read Your PC Is Infected Round-up by Chris Boyd at the Malwarebytes Security Blog.In the majority of these cases the scammers use social engineering to trick a victim into spending money for unnecessary technical support or to buy an application which claims to remove malware. They typically use bogus error or warning messages (web page redirects & pop-ups) to falsely indicate that your computer is infected or has critical errors. This is done as a scare tactic to goad you into calling a phony tech support phone number shown in the pop-up alert and allowing the scammer remote control access to your computer in order to fix the problem. In some cases you are instructed to download malicious software which will actually infect your system. If the victim agrees, the support usually costs hundreds of dollars and often leaves the victim's computer unchanged or intentionally infected with malware.Beware of US-based Tech Support ScamsAvoid this BSoD Tech Support ScamFTC cracks down on tech support scamsTech Support Scams Help & Resource PageThe warning alert may claim to be affi... Read more

Read other 5 answers

I think I have a big time virus. I'm on an hp laptop running Windows 7. Soon as I go online I get a pop up : "WARNING! Your computer may be highly infected! " it goes on to tell me to call a 1-800 number ruIght away. I know it's a scam. But I can't get rid of this thing! I tried running panda and malware. Deleted the explorer file in safe mode. It just recreated itself on start up. The file that is causing this mayhem is softput.xx/virus-alert. Anyone run into this? Any ideas how to neutralize it? Thanks

A:Computer locked up with a virus!!

Hello Going4joe and welcome to Seven Forums.

I'm not a security expert. Hopefully one of the Forum experts will join in with better information. In the meantime, see if you can run the free Malwarebytes Chameleon. It might be able to remove the softput files.


Read other 6 answers

I got the fbi virus i have diwnloaded a fix but cant get it to load by disk or usb. How do ifix this?

A:fbi virus locked computer

Hi, welcome to BC! You may want to look at the virus removal guides, make sure to use the correct one for your specific "FBI" malware.  There are several different versions.http://www.bleepingcomputer.com/virus-removal/ Another thing that you can try is:  -  Let the pc load and malware load.  -  Press Ctrl-Alt-Delete  -  Choose Log off  -  As soon as you see the log off process start press your windows key I have had this work well for me on several variants of similar malware.  You will know that this works if you see the malware "FBI" screen disappear and your pc comes back to the desktop.  If it works install Malwarebytes and run a full scan.  Please Download Malwarebytes AKA MBAMUpdate Malwarebytes via the update tab.Run a full scanWhen the scan finnishes please select Remove Selected and make sure all of the boxs are checkedPlease post the resultsThe log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log toinclude the top portion which shows MBAM's database version and your operating system.

Read other 2 answers

Have Windows xp pro. somehow got virus. won't let me open my removal program(malewarebytes), won't let me download any other antivirus or spyware removal programs, won't allow system restore, none of these work in safe mode either. don't know what to do. Keeps coming up with the Windows Internet Security 2010 stuff and a decent amount of popups about removal. tried installing malewarebytes off of cd drive and won't allow that either. i can't think of anything else to try. Please help!!!

Read other answers

It says
User account control
this computer has been locked
program name: install.exe
verified publisher: unknown
file origin: hard drive on this computer
to continue type administrator password then click yes
there is a box to type the pass
two buttons (get password) and (unlock)
unlock does nothing without password and get password brings me to a site for surveys
also there is no start menu the desktop is black and there are no icons
I need IMMEDIATE HELP thanks you


Create a HitmanPro kickstart USB flash drive.
You will need internet access in order for it to do a scan. It would be best if you could connect directly via Ethernet instead of wirelessly.

Read other 17 answers

My laptop will start up and load but when you move the cursor it says webpage cannot be opened...check internet connection. It won't let me do anything. Please help! It runs Windows 7 64 bit. Now it says the FBI has locked because of illegally downloaded material.

A:virus says computer locked by FBI

Read other 9 answers

can someone help me with this computer and network something is not right.
Microsoft Windows [Version 6.0.6002]
Copyright © 2006 Microsoft Corporation.  All rights reserved.
Windows IP Configuration
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::e17c:eb55:535c:e7b8%8
   IPv4 Address. . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Default Gateway . . . . . . . . . : fe80::224:1ff:fede:f9d7%8
Tunnel adapter Local Area Connection* 6:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter Local Area Connection* 7:
   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:10da:34c:3f57:ff99
   Link-local IPv6 Address . . . . . : fe80::10da:34c:3f57:ff99%9
   Default Gateway . . . . . . . . . : ::
Active Connections
  Proto  Local Address          Foreign Address        State
  TCP    12... Read more

A:computer is hijacked security is shut down

Hi gazzer77 There's nothing wrong with your system, the command line will never prompt you "NAP firewall expired; Network infected; Spyware and trojans detetcted; Red alert". It seems like someone pulled a bad joke on you. These outputs are standard outputs from commands like: ipconfig, netstat and tree. This isn't an infection at all.

Read other 5 answers

My daughter's hp dv5 laptop, running vista, has been infected by this ramsomware. I logged on in safe mode w/networking and dowloaded malwarebytes and it located 14 issues and upon restart the lockscreen was still there. I tried norton which was already on the computer and it found 9 minor issues and it's still there. I posted on the vista forum and it was recommended going to a restore point before the infection, which I'm going to try as soon as malwarebytes finishes another scan. Anyone here any successful experience with this virus?

Malwarebytes found nothing, doing restore.

A:FBI Locked computer scam virus

try hitman kickstart...

HitmanPro.Kickstart - Anti ransomware, politievirus, bundestrojaner, Reveton, BKA, GVU - SurfRight

Read other 9 answers

I'm running Windows Vista, to clear that up right away.

I know the first thing to do when you've suspected a virus is to disconnect from the internet and run your scans. My scanners won't open, my OneCare is turned off, and it won't open to turn it back on, my Firefox won't open, iTunes won't, and every internet scanner I've tried (Kapersky, Panda, and another one listed on this site) requires a download that won't open when it's done, or it won't finish downloading. I'm obviously connected to the internet, but my network icon in my System Tray says i'm disconnected and if I click "Connect to Network" the hourglass pops up and shuts off.

I can open my task manager however, and there's the "svchost.exe" which I read somewhere is a virus. There's like 9 of them. I'm afraid to try and end the processes because I don't think that will fix the problem and maybe make it worse.

I'm giving as much information as I can, but if someone can give me a step-by-step solution on how to fix it, that would make my week.


A:My Computer Locked Up. Help with Virus Remove?

The HijackThis sits at "Preparing to Install" and does not change. Which is why I don't have one posted.

Read other 1 answers

Hello. My PC with Vista Ultimate is infected with the IC3 ransomware. I initially opened in Safe Mode (with Networking) and ran Malwarebytes scan, which identified some items; removed, re-booted and the virus screen reappeared. Tried again in Safe Mode and ran Full scan; more items, after removal and re-boot, same screen. Tried Safe Mode a third time and tried to open Emisoft IExplore; after a few screen flickers, the IC3 screen block appeared again, in Safe Mode. Now everytime i try to open Safe Mode with Networking the IC3 screen block appears. Any advice at all will be greatly appreciated. Thanks!!

A:HELP, New Stronger FBI virus has locked up my computer

Hello mervelous, Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
I will be analyzing your log. I will get back to you with instructions.Do you have a USB Flash Drive you can use?

Read other 3 answers

Hey guys, so I have been infected with a virus. Lately, anytime I run Malwarebytes it always finds a rootkit regardless whether I use the PC or not. No matter when I run it, it always has a rootkit. Yesterday it got fully infected with the "Your computer has been locked". When I turn the PC on it says "please connect to internet" then after a few minutes the "your computer has been locked" screen comes up, demanding I pay to unlock the PC. I believe I had this virus before and you guys helped me get rid of it. I just don't want to go reread those posts because this might contain something else as well. Thank you for your time.  I hope you guys can help me out again. Thanks

A:Infected with a virus "Your computer has been locked"

What is your operating system?

Read other 50 answers

Hi there, around noon today I received two password reset notices. One from the place I use to register domain names and another from an online retailer (newegg.com). I immediately called the registrar and then called the retailer. I found that both accounts had been hijacked, their passwords and email addresses changed.

This is probably the most scary thing that has happened to me and I spent two weeks in a coma a few years ago. I do not want my domain names stolen, my credit ruined or my identity compromised.

The attacker seemed to have control of my email or be able to read those password reset emails by some other means.

I am posting seeking advice on how to do a thorough check of my computer. I would also like to secure my computer as completely as possible.

I will certainly appreciate any help tremendously!!

Read other answers

This is a response after my first reporting today of a problem that "boopme" of bleepingcomptr recommened. Topic referenced is here: http://www.bleepingcomputer.com/forums/t/302587/infected-by-security-antivirus-and-possibly-hijacked/ ~ OB I did the steps 6-9 to generate a DDS file. I got to running the "gmer" file when it ran into unexpected errors. I was able to save what there was of the "ark.txt" file generated.Here is my DDS file info.(I SURELY APPRECIATE THE HELP SO FAR!!!)DS (Ver_09-12-01.01) - NTFSx86 Run by D and D2 at 21:25:09.75 on Sun 03/14/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.257 [GMT -5:00]AV: Security Antivirus *On-access scanning enabled* (Updated) {ABE4115A-3BA7-44AB-8C6C-8889DA8F2325}FW: Security Antivirus *enabled* {47C839E6-8122-45C8-8618-06115AF0056A}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Cox\InstaLAN\AffinegyService.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\FolderSize\FolderSizeSvc.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS... Read more

A:"Security Antivirus" issues, hijacked computer

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 2 answers

My administrator account was locked by a virus labeled FBI. My guest account still had access. Uncle tried to install antvirus to administrator account, through guest account. This locked windows from starting and forced recovery process. Recovery process didnt work, tried system retore points. Nothing, Tried partial factory restore. Now says " windows did not complete installation. To install windows on this computer, restart the installation". Screen is black with just that message in a box and " setup is starting services" underneath. Cant get past that to click " restart " icon. Tried to shut down manually with power button. When powered back on, the same screen appears.

A:Computer locked by virus, need help with reinstall effort.

Hi and welcome to TSF see if this can help you Clean Install Windows 7 - Windows 7 Forums
if you require further help please post the make and model of your computer along with your problem

Read other 1 answers

My computer has been infected with fbi ransom virus ,my thought is to start up from a thumb drive and than scan the computer from the thumb drive with out going to the c drive. i am not sure how to do this .i'm asking for advise I need to get my computer back pleas help.

the saint007

A:help with fbi Ransom Virus computer totally locked

I'll report this topic to appropriate helpers.
Hold on....

Read other 4 answers

I was recently online surfing for research materials for my classes, and got somehow redirected to a website that I did not recognize.  So, I tried to leave, and pressed the back arrow on my browser, but the site would not let me leave, and instead a window popped up asking me if I was sure I wanted to close the page with the option to leave page, or stay on page. So, I clicked leave page, hoping to close the page altogether, but this did not happen. Instead my computer then locked up, and a page opened up covering the entire screen saying that my computer was blocked by the so called, "FBI Cybercrime Division", an organization that does not exist, and that I need to make a payment using MoneyPack to unblock my PC. I know this is a virus, because it happened to a friend I know, and I remember helping her remove the thing, but I cannot use that method, because apparently the fake cybercrime people have figured out how this was being done, and have strengthened their virus to prevent it. In order to remove this ignorant ransomware virus, you have to boot into Safe Mode with Networking, and install a program, but you cannot do this now because it will boot to Safe Mode, but as soon as the desktop loads the computer immediately logs off and shuts down again?? Is there any way that I can get to System restore, without needing to boot to Windows?? Because this stupid, fake FBI warning page pops up before you can even get to the desktop.... I am running Windows 7 Home Premium o... Read more

A:Virus has locked up computer demanding money

Hello buddy, Looks like you're having the similar problem to me at the moment (but mines the UK version) BC made a tutorial on how you can remove the software, but this is only if you know your way around a computer. Just make sure the problem looks similar (it sounds similar) - http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware

Read other 1 answers

Before we even get started: I'm brand new to this site and have never had a serious infection before, so I'm a little weirded out. So, for the wonderful folks who check this out, THANK YOU!Initially a window that looked like a security center kept opening up telling me I had security issues, my firewall was open, and they could fix it for $59.95. Since I hadn't asked for a scan from anyone, I was skeptical. I couldn't open a single program, from minesweeper to internet explorer without this window popping back open and shutting me down. Opened task manager and started killing it at application level, once reported, it would clear long enough for me to get access to one site - each time. I also found a vyv.exe in the process tab that took the symbols (shields) off the task bar and allowed me to work a little. Since I've been trying to clear this since Saturday, I'd really appreciate some help. I thought perhaps it was the fault of my antivirus, but even the newer one I downloaded had problems. It did, however, tell me it was a root kit issue. Since I'd never heard of that, imagine the frustration of trying to research it when you only get one or two pages before your "visitor" comes back to haunt you, shutting down programs, downloads and internet connections willy-nilly. It even "ate" malwarebytes downloads 3 times before I gave up. I've tried spy doctor and it wouldn't even run. Of course, I'm n... Read more

A:xp security 2012 has hijacked my computer and is holding it hostage

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 25 answers

Dear All,
I got the cryptowall 3.0 virus infected and then with malware and eset software i removed all virus. Thereafter, i found all my files were locked and i could not open any of them. can anyone give the best guidance in this case. Has there come any new solutions. I have already attached files to Nathan stol but no response.
plz show me the way.

A:my computer has been removed from cryptowall 3.0 virus but the files are locked

See comments by quietman 7 at CryptoWall Canned - http://www.bleepingcomputer.com/forums/t/565279/hit-with-cyptowall-please-help/?p=3614936 .
This topic is closed.

Read other 2 answers

Hi, this virus has locked my laptop. I am able to get onto the internet by disabling it at start up. I have tried quite a few solutions i found online but so far the virus remains and it has 2 processes that i can see on task manager that linger and when i try to end them it says 'This is a critical process, task manager can't delete'

So far i have run full scans with both malwarebytes and AVG in safe mode which deleted several trojans but the 'Your computer is locked' message remains.

Any help with this is greatly appreciated. thanks

A:Can't get rid of 'Your computer is locked by metropolitan police' ukash virus

Boot into safemode with networkingDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

Read other 18 answers

Hi, 1st post here. I had Internet Security 2010 virus on my computer. I was successful at ridding of main virus but I had "redirecting" issues in firefox and google, especially in search engines, where I would be sent to sites different from where I clicked to. I have done numerous types of scans and it looks like the computer is fairly clean. However to make sure, I post my log from Trend Micro Hijack to ensure all is in order. Thanks in advance, MQ=================================================Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:09:09 PM, on 1/19/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\brsvc01a.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\System32\Ati2evxx.exeC:\Program Files\Bonjour\mDNSResponder.exeC:�... Read more

A:Hijacked computer- IE and Firefox- Internet Security 2010 viris

Hi,My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay of response. If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems when running the tools or unable to produce a report for any reason, just let me know in your next reply.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-RootRepeal logs-Description of any remaining problems you may still have.Thanks again and we apologize for the delay.With Regards,Extremeboy

Read other 3 answers

combo fix log attached. i don't have a choice. it is gtetting harder to type post, get on the web, period. please help! my windows logon was even hijacked and i was locked out. it created a user logon for unknown user w/ blank user name and password text fields. it opens IE and any other windows it can until the system locks up. it is like having a ghost at the computer. it types in the text fields of anything. i almost always have to do a system restore to get back on if i get logged off or once the virus takes hold of the keyboard. right now it is letting me type. and this is an edit. everything below was posted earlier excpet the combo fix log. it started out hijacking my touch pad, changed the setting, etc. it terminates my security software. interferes w/ process guard. the longer i am connected to the internet the crazier it gets8khgo8kh8kh8khtHere is my hijackthis log. It is getting harder and harder to get back on the computer and to type, so PLEASE help if you can asap! It started w/ an erratic touchpad & cursor. Then my computer started auto writing in text fields "8k88k" it is trying ... i ca8kh'8kht keep8kh can't keep 8k typ8khnLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:39:25 PM, on 1/21/2010Platform: Windows Vista (WinNT 6.00.1904)MSIE: Unable to get Internet Explorer version!Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System... Read more

A:hijacked computer keys, win logon, security softwar having8kh

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 34 answers

Hi techguys, I believe i have a virus which avg isn't detecting. I ran avg in safe mode with no success. Computer is slow, avg won't update, google search results are redirected to advertising, e.g. sky high finance, insurance etc, and security related sites seem blocked.

Any help appreciated.

A:Browsers hijacked, security sites blocked, computer slowed

mmm...approx 1 week, approx 50 views...approx 0.0 help. Any help appreciated. Any. Low level...whatever you guys might be able to muster...

Read other 1 answers

Hi all, as the title says computer is locked up and is very frustrating...i have to access this site in safemode with networking, as i dont have another computer. my computer skills are fairly limited, but i have manually removed other virus problems, and run several of the programs you guys use here such as HJT, TDSSKiller, among others, so i am comfortable with this process. my work schedule has just switched to days for th enext two weeks (hopefully it doesnt take that long to clear this mess up) at any rate, any instructions i get wont be received until after 5pm, and depending on how long the programs take to run,logs likely wont be posted until the following day. Currently i have not run any programs other then a complete avira system scan to try and find the problem...avira came up clean...on a side note, i have used avira for several years, i downloaded the update free version last week and for some reason avira was removed from my computer, hence it being reinstalled the other day. i really look forward to your guys help and patience while resolving this problem. i should also add this is an older computer. P4 think it is only a 2.1ghz running Win XP hard drives are 250g and 30g i believe...i am sure your first couple reports will tell you what else you need to know about this dinosaur...on a side note once this PC is fixed and i can access my business files again i will be buying a MAC. thanks again.

A:computer locked up with police cybercrime investigations department virus please help

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Looks like you may be able to restart the computer normally using one of these pages. From what you are saying the second link may be what you are looking for.If at any time you need help to continue the cleanup please ask.Remove the FBI MoneyPak Ransomware or the Reveton Trojanhttp://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomwareRemove the Win32/Reveton or Police Central e-crime Unit Ransomwarehttp://www.bleepingcomputer.com/virus-removal/remove-police-central-e-crime-unit-reveton-ransomwareIs successful please post a fresh DDS log and will take it from there.

Read other 20 answers

Thank you and hello for reading my post. A few days ago my computer got infected by system tools and I've been trying all the steps listed on various sites. I have run Malawarebytes on multiple occasions and it doesnt find it then I tried looking up manual removal tips (listed here http://www.techjaws.com/how-to-remove-security-tool-virus/) but nothing has worked. I cant find any of the host files that are listed and nothing is showing under the c/program data files. When I tried doing HiJack this logfile a popup saying it could not log host files for some reason came up but this is what did show.

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:45 AM, on 8/9/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670}... Read more

Read other answers

My system is infected with Antivirus system pro. My friend tols me to download HighJackThis and post the log report. I scaned it now how do I post that here? I tried to copy and paste it but the notepad window that has my log only pops up for a second. I'm scared. What do I do?Here is the log,Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:45:55 AM, on 11/6/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18319)Boot mode: NormalRunning processes:C:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Program FilesNorton 360Engine3.5.2.11ccSvcHst.exeC:Windowssystem32taskeng.exeC:Program FilesSynapticsSynTPSynTPEnh.exeC:WindowsSystem32WLTRAY.EXEC:Windowssttray.exeC:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exeC:Program FilesATI TechnologiesATI.ACECLI.EXEC:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exeC:Program FilesCommon FilesLogiShrdLComMgrCommunications_Helper.exeC:Program FilesCommon FilesResearch In MotionAuto UpdateRIMAutoUpdate.exeC:Program FilesCommon FilesRealUpdate_OBrealsched.exeC:Program FilesCommon FilesCorelCorel PhotoDownloaderCorel Photo Downloader.exeC:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exeC:Program FilesDell Support Centerbinsprtcmd.exeC:Program FilesWindows Media Playerwmpnscfg.exeC:UsersJasonAppDataLocalekyrhrubvgsysguard.exeC:Program FilesDigital Line DetectDLG.exeC:Program FilesKodakKodak EasyShare softwarebinEasyShare.exeC:Program FilesDellQuickSetquickset.exeC:Program Fil... Read more

A:Help! Antivirus System Pro has hijacked my computer!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

Read other 2 answers

My computer downloaded Windows Police Pro virus that seemed to have come with Comcast Internet Service. I thought I got rid of it by searching and deleting. It locked my system restore as well as add/remove programs in the Control Panel. But it was operable a little. Within a week's time, my electricity was off for about a week and a half and when it was restored, I turned on the computer, went to internet. Security Tool totally took over the computer and I could not click anything. So I again went in safe mode and starting deleting. I finally got McAfee to do a scan and the files it found to be corrupted gave me an option of deleting or ignoring and I think I deleted an important system file. Now I get error messages c:\WINDOWS\system 32\Restore\rstrui.exe is not a valid WIN 32 application and same for back up c:\WINDOWS\system 32\nt backup.exe is not a valid WIN 32 application.

Bottom line, the virus is now in my internet files so when I go on the internet Windows Police Pro takes over unless I am in safe mode with networking. I am now on the internet as Administrator and not my personal user logon in safe mode with networking.

So please help because I am ignorant of what to do next.


A:Virus Hijacked My Computer

Try http://www.bleepingcomputer.com/virus-remo...dows-police-pro

Read other 2 answers

Okay, well this is going to sound extremely incoherent, but this is the way I remember all the issues with my computer.

Oflate, I've been noticing that whenever I insert a memory device, (whether its my pendrive, or a cell phone, or my ipod touch), and I explore their files....everytime I enter a folder - I get a new folder inside that folder with that folder's name on it.

EVERY FOLDER in the pendrive has this issue.

I've been meaning to put in an antivirus for ages now - and I decided to download AVAST today.

I downloaded it, installed it, and then restarted my PC.

Uptil I get to the point where you enter your password (the user menu) - I enter my admin password, and desktop starts to load.

However, it doesn't load completely.

I'm greeted with a LOT of error windows all saying the same thing.

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

and the files for which I get this message are...

Other.exe (located in C:\Windows\inf\)
Win.exe (located in C:\Windows\system32\config\)
WinSit.exe (located in C:\Windows\system32\)
Moreover, NO exe file is running on my pc.

NONE of them.

Be it Firefox, internet explorer, control panel (control.exe) - nothing.

I thought maybe something wrong with the .exe file I got from my download which somehow corrupted my system's files - but hell...even system restore won't start).

I read around - and I figured we&#... Read more

A:Computer's been hijacked by some stupid virus.

Read other 7 answers

A pop up keeps on coming up now saying that my computer has been hijacked by a trojan virus. I got it when i was using google, and the only thing that i can see that it's causing my computer to do is allowing this popup to continually come up when i am trying to use my interent. I can't even begin clicking or typing and then this pop up comes up and i'll click exit and then 2 seconds later it comes up again and then when i go to google, some weird porn type google web page comes up. Like i can get to the main google page, but when i type something in to search for and click enter, the same google searches comes up with all spyware and trojan dleteing software and stuff like that. ALso, along with that, there is a youtube video site in the middle with a picture of sexual acts. Please help me

A:HELP- my computer says it has been hijacked by trojan virus

Please follow MicroBell's 5 Step process outlined here:


After running through all the steps, please post the requested logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers

Thank you to anyone who can help resolve the issues with my computer! I have tried different programs but none of them seem to be able to locate any issues with my computer...everytime I google or yahoo anything, and click on the results, it takes me to random locations and pages. I have even restored everything to the initial date I first had my computer new..and while it reverts everything to look like it did when it was "factory new", when I open explorer and search I still have the same issues...please help! I was using spyware doctor as my antivirus program, but it didnt seem to block whatever I have and it wont find anything...I have restored my computer again and have not downloaded any antivirus tool and I will wait to see what you recommend...the mcafee file it shows in my hardware scan is just what came on the computer and so it does show its inactive...thank you for your time and knowledge!!


Tech Support Guy System Info Utility version
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz, x86 Family 6 Model 28 Stepping 2
Processor Count: 2
RAM: 1014 Mb
Graphics Card: Mobile Intel(R) 945 Express Chipset Family, 128 Mb
Hard Drives: C: Total - 72749 MB, Free - 67050 MB; D: Total - 73726 MB, Free - 73286 MB;
Motherboard: SAMSUNG ELECTRONICS CO., LTD., NC10 , Not Applicable, 123490EN400015
Antivirus: McAfee VirusScan, Updated: No, On-Demand Scanner: Enabled

Logfile o... Read more

A:hijacked computer, virus, malware...please help!

Update: I downloaded kaspersky and the full system scan turned up a virus named....MEM:Rootkit.win32.TDSS.fa....however, when it reboots to disinfect the file, its still there when it boots back up and I still have the same issues with search engines and get the Generic Win32 Process errors...thanks

Read other 1 answers