PDA

View Full Version : Virus/Malware Quaratine Files



Clod
23-06-2011, 11:18 PM
I've picked up one of those fake virus alerts. It wont let me run any programs, every time I try it says program cant be activated due to suspect virus activity and moved to quarantine.Please activate antivirus to clean application. Any clues?

Speedy Gonzales
23-06-2011, 11:28 PM
Run rkill http://download.bleepingcomputer.com/grinler/rkill.exe

It will kill any running malware. Then scan with malwarebytes

Clod
23-06-2011, 11:52 PM
Hi Speedy, it wont let me access the internet I put rkill on a flashdrive but it keeps saying about its in quaratine when I try to access it.

Speedy Gonzales
23-06-2011, 11:57 PM
Try it under another name then

http://download.bleepingcomputer.com/grinler/iExplore.exe

It may not recognise this

Or this http://download.bleepingcomputer.com/grinler/eXplorer.exe

Clod
24-06-2011, 12:10 AM
No luck. Gotta go to bed now work early in morning. Do you think A virus scan in safe mode would work- malware bytes and pc cillin? Now dont laugh but if that might work could you give pretty basic instructions how to access the programs once I'm in safe mode [never tried it before]. I'll check back tommorrow.

Speedy Gonzales
24-06-2011, 12:12 AM
If you want get teamviewer, boot into safe mode / networking. And I can check it out tomorrow. Send the ID and pw (teamviewer gives you), to me in a PM. Things will probably work in safe mode, since whatever you've got has entries in startup (which wont run in safe mode). Use ccleaner and delete the entries (they may have strange names in startup). And / Or maybe running from documents and settings, or the temp folder

Whats the name of this program?

sarbuland
24-06-2011, 06:54 PM
dude i have the same prob tried safe mode but it wont let me run anything there either i dont have the cd for xp so i tried reinstalling my system its not even letting me reinstall

Speedy Gonzales
24-06-2011, 07:06 PM
So how are you installing it then, without the CD? Does it have a restore partition?

Digby
24-06-2011, 07:36 PM
All of this just goes to show that everyone should install AntiMalwareBytes now, before they have any problems.
Some trojans will disable you from your accessing browser, so that you cannot access the internet to get any help.

wainuitech
24-06-2011, 09:19 PM
To remove the active infection, sometimes these days depending on the infection, they will still run in safe mode.

Sometimes you can run the PC/Laptop from a bootable CD thats designed to clean without the system actually running. Personally I use the Bootable rescue CD that nod32 can make.

Works similar to removing the drive attaching to another PC and scanning as a second drive.

Speedy Gonzales
25-06-2011, 12:55 AM
Some people either remove the hdd then scan it.

Or what I've done before is, enable the guest acct, and log in then run rkill as admin (if its Vista or Win7). Then update and scan with malwarebytes. Which has usually fixed things like this

Clod
26-06-2011, 12:54 PM
Sorry about so long in getting back. I've chickened out and passed the problem to a guy I know whose a lot more computer savvy than me. I let you know what happens.

supergran
26-06-2011, 01:48 PM
I had that problem awhile ago, and it was 'ms removal tool virus' and I googled, and got rid of it by following directions I found there.