Just got a call from friend and went to look his pc.
Message was to activate Malware protection , pc on the start goes into scanning with this malvare program and shows infections of w32.wormblast and on the end says you have to activate Malvare protection and submit email address and password.
I could not start anything:windows task manager, command prompt etc. all was disabled including his antivirus program.
I went home and downloaded the tool to remove it from Symantec.
I disconnected modem.
Started pc in safe mode and managed to start the removal file from cd.
Pc turned off after probably 8 minutes.Could not log any more in the safe mode.If i log normally windows would start but off course you couldn't use it.
Any suggestions.Sorry if you need more info i might look into it with more details tomorrow.Let me know what info you need.
I tried to run the file from cd in safe mode but that switched of the pc too.
I would use a LiveCD to get important files off the disks, scan the saved files on a separate machine to make sure they aren't infected. Wipe the disks and clean install.
The "fix it" game get's old quick, imo. Too much hassle.
A live CD (Non-Windows) should let you deal with it. I personally just slave the drive.....no boot, no game? ;):)
Otherwise you might try going into BIOS and Windows and turning off all screensavers and power saving. Then try safe mode, or get into control panel real quick.
You didn't say what version of Windows......................?????, or if you have CD/DVD, USB, floppy.
A HijackThis log is frequently useful with these problems, as you don't say what the particular form of scareware is.
A method I have used is to just give it a fake plausible e-mail and password......... chances are they are so greedy they won't pass the opportunity because you are not on the internet?...........that might buy you the time.
Thanks for a prompt replies.
Sorry Nihill was just posting details too quickly and forgot to add version of windows etc.
Done the clean install.
Funny things is that Pc was switching off as it was overheating.Picked up straightaway but didnt pay enough attention.Cleaned the fans and pc went from 86c to 43.:)
All good now.
Download our SAFE CD: http://www.pandasecurity.com/resourc...andaSafeCD.iso , burn to disk. Boot up the machine, let it get an IP via DHCP or give it a static one. Choose official signature file (it will begin downloading it) and then scan for you.
This is all out of a windows environment and works best for things like Sality which is a file infector and can only be cleaned outside of a windows OS.
PM me if you need more help or you can adopt the lazy strat :P:P:P and jsut backup and format ... but where is this fun in this?
Seems I was wrong again :D
You might look at this:
You have to launch it each session, but it tries to read your MoBo and HDD sensors. I don't let it try to manage fan speeds...... I am an old fart ;)
Just mouseover the icon in your system tray and you will see the critical temps.
86C !!!!! :fpissed:.............................:firedevil
Hell man! why didn't you tell me..............you could have fried my breakfast for me :D
Give this new puppy a try:
Microsoft Standalone System Sweeper Beta
A recovery tool that can help you start an infected PC and perform an offline scan to help identify and remove rootkits and other advanced malware.
AVG has a boot disk too - you're going to need a boot disc that detects that ish
That Microsoft Standalone System Sweeper Beta looks cool. WIll give it a crack with a USB.
The MS scanner seems to be pretty good but takes HOURS to scan. For example - it scans each mail inside Outlook Express's dbx files...