Infected with Security Protection (ROGUE) - Can't start in Safe Mode

[cloudy]

Hello,

I am new here.

Was searching from google to get solution to remove - Security Protection and found this forum.

I am really in need of quick solution.. If anyone can help me here?

I found this link -
http://malwaretips.com/Thread-How-to-remove-Security-Protection-Malware-Protection-and-Spyware-Protection-Guide

Tried to run pc on "Safe Mode" but it's showing me few c drive paths and stops there every time. Could any one please help me how can I start with "Safe Mode"

Really in need of quick help,

Thank you.
MS

 

[eXPerience]

RE: Just Join this forum and finding some help..

Hi,

Windows 7
Turn the computer on or Restart the computer
Start tapping the F8 key. The Windows Advanced Boot Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected, not Repair Your Computer
Press Enter. The computer then begins to start in Safe mode.
When you are finished with troubleshooting, close all programs and restart the computer as you normally would

Windows Vista

Windows Vista is similar to Windows XP for starting in Safe Mode.
Turn the computer on or Restart the computer
Start tapping the F8 key. The Windows Advanced Boot Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected (the top option)
Press Enter. The computer then begins to start in Safe mode.
When you are finished with troubleshooting, close all programs and restart the computer as you normally would.

Windows XP
If Windows XP is the only operating system installed on your computer, booting into Safe Mode with these instructions.
If the computer is running, shut down Windows, and then turn off the power
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
When you are finished with all troubleshooting, close all programs and restart the computer as you normally would.

thanks to = http://www.pchell.com/support/safemode.shtml

hope this helps you a bit. If you want I can assist you during the malwareremoval proces on this forum.

best regards,
eXp

 

[Jack]

RE: Just Join this forum and finding some help..

Hello,

I am new here.

Was searching from google to get solution to remove - Security Protection and found this forum.

I am really in need of quick solution.. If anyone can help me here?

Hello and welcome ! :welcomewave:

Found a simple and quick solution : You can use the bellow code (SL55J-T54YHJ61-YHG88) and any email to register the rogue application in order to stop the fake security alerts.

 Registration E-mail - any@email.com
Registration key : SL55J-T54YHJ61-YHG88

[attachment=727]

Once this is done, you are free to install anti-malware software and remove the rogue anti-virus program from your computer properly , even in normal mode........Not a very professional solution but it should get the job done quickly.If it doesn't work report back and we will help you.

• Malwarebytes' Anti-Malware
• Hitman Pro 3.5
• Microsoft Safety Scanner
• Dr.Web CureIt!
• ESET Online Scanner

 

[cloudy]

RE: Just Join this forum and finding some help..

Thank You so much for your help. In fact I am not getting "keyboard error".

After I choose " Safe Mode with Internet Connection" I got long list of "Driver paths" and those list just "stick" there.. If want to see that I can upload image for you? Thanks.

Thank you again.

Hi,

Windows 7
Turn the computer on or Restart the computer
Start tapping the F8 key. The Windows Advanced Boot Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected, not Repair Your Computer
Press Enter. The computer then begins to start in Safe mode.
When you are finished with troubleshooting, close all programs and restart the computer as you normally would

Windows Vista

Windows Vista is similar to Windows XP for starting in Safe Mode.
Turn the computer on or Restart the computer
Start tapping the F8 key. The Windows Advanced Boot Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected (the top option)
Press Enter. The computer then begins to start in Safe mode.
When you are finished with troubleshooting, close all programs and restart the computer as you normally would.

Windows XP
If Windows XP is the only operating system installed on your computer, booting into Safe Mode with these instructions.
If the computer is running, shut down Windows, and then turn off the power
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
When you are finished with all troubleshooting, close all programs and restart the computer as you normally would.

thanks to = http://www.pchell.com/support/safemode.shtml

hope this helps you a bit. If you want I can assist you during the malwareremoval proces on this forum.

best regards,
eXp

---

Hello,

I am new here.

Was searching from google to get solution to remove - Security Protection and found this forum.

I am really in need of quick solution.. If anyone can help me here?

Hello and welcome ! :welcomewave:

Found a simple and quick solution : You can use the bellow code (SL55J-T54YHJ61-YHG88) and any email to register the rogue application in order to stop the fake security alerts.

 Registration E-mail - any@email.com
Registration key : SL55J-T54YHJ61-YHG88

Once this is done, you are free to install anti-malware software and remove the rogue anti-virus program from your computer properly , even in normal mode........Not a very professional solution but it should get the job done quickly.If it doesn't work report back and we will help you.

• Malwarebytes' Anti-Malware
• Hitman Pro 3.5
• Microsoft Safety Scanner
• Dr.Web CureIt!
• ESET Online Scanner

hello,

Thank you so much for your help, Yes I did that. now I am not getting continuous errors.. Though May I know if I should install that "Anti-Malware software" in safe mode or in normal window?

I am not able to run "Safe mode" right now.. After I choose " Safe Mode with Internet option" I got long list of "Drive Paths" all time and PC "hang or stop there" with the same screen.

Could you please help me out with this if possible?

Thanks again. Really Helpful forum. God Bless you all.

Kind Regards.

 

[Jack]

RE: Just Join this forum and finding some help..

Because you've used the code to register the rogue you should now be able to download and run : TDSSKiller and then Malwarebytes even in Normal Mode ...

Please follow this two steps :

1. Download and run TDSSKiller.

• Download TDSSKiller.exe and save it on your desktop
• Before you can run TDSSKiller, you first need to rename it so that you can get it to run. To do this, right-click on the TDSSKiller.exe icon that should now be on your Desktop and select Rename. You can now edit the name of the file and should name it a random name with the .com extension. For example, azdt.com or qwerty.com.
• Once the file is renamed, double-click on it to launch it.
• TDSSKiller will now start and display the welcome screen as shown below.
  
  
• TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.
  
  
• To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.
• A reboot might require after disinfection.

2.Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
• When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidently close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

 

[cloudy]

RE: Just Join this forum and finding some help..

Thank You.

Doing in Normal mode.

Done with step 1.

I am afraid for step 2, It only allow me to Install , Download or Update after I "Pushed" my Kaspersky Protection.

I Hope it's fine and Safe?

 

[Jack]

RE: Just Join this forum and finding some help..

Thank You.

Doing in Normal mode.

Done with step 1.

I am afraid for step 2, It only allow me to Install , Download or Update after I "Pushed" my Kaspersky Protection.

I Hope it's fine and Safe?

I don't know what "Pushed" means but everything I give you it's safe.
What did TDSS Killer found?
Did you manage to run the Malwarebytes scan?







Now IF by any chance you can't download or run the Malwarebytes.Please download and run rKill and then try again..
Here are the full steps :


1.Download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3

• Save it to your Desktop.
• Double click the RKill desktop icon.
• It will quickly run and launch a log. If it does not launch a log, try another download link until it does.

(This tools will kill the rogue's process temporarily. As a result, act quickly and move on to the next step.
Do not reboot your computer after running RKill as the malware programs will start again. )

2. Download Malwarebytes' Anti-Malware to your desktop.

• Rename the file to firefox.exe BEFORE downloading
• Double-click firefox.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
  
  
  
  
  
  
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
  
  
  
  
  
  
  
• Be sure that everything is Checked (ticked) and click on Remove Selected.
• Reboot your computer if prompted.

 

[cloudy]

RE: Just Join this forum and finding some help..

Fine ..Sorry I just asked as I was not allowed to install, Download or Run "Malwarebytes' Anti-Malware" without "Switching Off" "Kaspersky".

Yes I finally done with "Malwarebytes' Anti-Malware" .. Scanning PC.. Found 5 infected files.. and still it's running. I will update more when done.

Thank you very much for you all help

 

[Jack]

RE: Just Join this forum and finding some help..

Great.....Don't forget to copy/paste the log here, after the scan will complete.

 

[cloudy]

RE: Just Join this forum and finding some help..

Sure.. I will. Thanks so much

---

Btw, I forgot to add that I did not found any infected files while scanning with - TDSSKiller ..

 

[jamescv7]

RE: Just Join this forum and finding some help..

Hope your problem will be solve soon by the way Welcome to MalwareTips. Since the thread was in New Member Introductions.

 

[cloudy]

RE: Just Join this forum and finding some help..

Thank you so much Jamescv7 , Yes Problem almost solved I am New here but You guys really help me out so well. I really appreciate it. :angel:

Hope your problem will be solve soon by the way Welcome to MalwareTips. Since the thread was in New Member Introductions.

 

[cloudy]

RE: Just Join this forum and finding some help..

Hello Jack,

Done with the step 2 of Final scanning.. and files are removed successfully. Saved Log file.

Anything else I need to do?

You really Help me out from this.. Thank you very much.. :angel:

God Bless You.

Great.....Don't forget to copy/paste the log here, after the scan will complete.

 

[Deleted member 178]

RE: Just Join this forum and finding some help..

If you want to improved your security and technical knowledge, just stick with us

 

[cloudy]

RE: Just Join this forum and finding some help..

Sure

If you want to improved your security and technical knowledge, just stick with us

 

[Jack]

RE: Just Join this forum and finding some help..

Anything else I need to do?

First off all , please copy/paste the Malwarebytes log in your next post
How does your system work now? Any problems with the web redirects?

Now ,lets just do some additional on-demand scanns to make sure everything is ok.

Step 1. Download and run a scan with Hitman Pro 3.5.

1. This Hitman Pro doesn't need to be updated so you just have to install it and then click on the "Next" button,a computer scan will start.
   [attachment=728]
2. At the end of the scan , If Hitman Pro has found any infection , activate your trail and remove them.A computer restart may be required.

Ste 2.Download and run a scan with Microsoft Safety Scanner

1. Microsoft Safety Scanner doesn't need to be updated so you just have to install it and then select "Quick Scan" and click on the "Next" button.
   [attachment=729]
2. At the end of the scan , If Microsoft Safety Scanner has found any infection , please remove them.A computer restart may be required.

Note : The above programs are free downloadable security tools that provide on-demand scanning and helps remove viruses, spyware, and other malicious software. They work with your existing antivirus software.
This on-demand scanners are not a replacement for using an antivirus software program that provides ongoing protection.


Please follow the two steps from above and then we can proceed to the next steps in order to make sure your system is 100% clean.

 

[cloudy]

RE: Just Join this forum and finding some help..

System working fine now. Though My Firfox was giving me error that my net connection was configured to proxy server but I managed to do that.

Will share my Log info through PM to Jack
-------------

Thanks for two more scanning softwares, Will do scanning soon.

 

[cloudy]

RE: Just Join this forum and finding some help..

Done with Hitman Pro 3.5 , Microsoft Safety Scanner Quick Scanning.. Nothing found seriously infected.

Thanks so much.

 

[Deleted member 178]

RE: Just Join this forum and finding some help..

lol for the Adobe photoshop CS5 keygen

you are caught

 

[win7holic]

RE: Just Join this forum and finding some help..

Done with Hitman Pro 3.5 , Microsoft Safety Scanner Quick Scanning.. Nothing found seriously infected.

Thanks so much.

then, you already successful to remove all malware on your system.
good job. you do step by step.