New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Running Windows (or anything else) on your Mac Discussion of Classic or running Windows, Linux and other OSes on the Mac.

Security Suite Virus


Post Reply New Thread Subscribe

 
Thread Tools
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
So, I have a virus on my HP desktop, it's the "Security Suite" virus. Essentially it pops up as if it is an Anti-Virus software and it claims your computer is infected and doesn't allow you to open anything. Most of the threads online say to boot your computer in safe mode with networking and then run Malwarebytes Anti-Malware software, but guess what, it doesn't work, somehow the virus has it set up to where it just won't run like that, with networking, or just in safe mode in general. I really don't want to have to save and reinstall everything, so I'm wondering if anyone has any ideas or if they have dealt with this.

I already have Malwarebytes on my computer from a previous time I had something like this happen, this virus just seems to be a little bit more tough.

Any help is greatly appreciated. Thanks, Adrian
QUOTE Thanks
bobtomay

 
bobtomay's Avatar
 
Member Since: Dec 22, 2006
Location: Texas, where else?
Posts: 25,043
bobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond repute
Mac Specs: 15" MBP 2.33 C2D 256 4GB, MBA 13" i7 1.8, MB 2.0 2GB, Nano 4th, 3GS, iPad 1

bobtomay is offline
One of our office computers has one of those things on it.

None of the following have been able to get rid of it.
McAfee Corporate
Spybot
Malwarebytes
SuperAntiSpyware

Put up a post on bleepingcomputers several days ago and no response.
Time to blow it away and reinstall.

I cannot be held responsible for the things that come out of my mouth.
In the Windows world, most everything folks don't understand is called a virus.
QUOTE Thanks
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
****! So did you every get these programs to run? Did they just not find the infected files?

If I could get the darn programs to open in the first place it would put me a step forward.
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,575
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Haven't run across one of these yet that couldn't be nuked by Malwarebytes (malwarebytes.org).

Just be sure to download it to a flash drive first, then boot the machine in safe mode and install from the flash drive. Update the product once it's installed, then run the FULL scan and not the quick scan.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
bobtomay

 
bobtomay's Avatar
 
Member Since: Dec 22, 2006
Location: Texas, where else?
Posts: 25,043
bobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond repute
Mac Specs: 15" MBP 2.33 C2D 256 4GB, MBA 13" i7 1.8, MB 2.0 2GB, Nano 4th, 3GS, iPad 1

bobtomay is offline
Already had McAfee and Spybot on the machine. Had to boot into Safe Mode to install and run most of them.

Forgot, also ran MSE - it will not install or uninstall in safe mode, but you can scan from safe mode. It found 8 trojans that neither McAfee nor Malwarebytes found. I was impressed with it.

The one that's left, allows us to use the machine partially. At least I think there's only one left. You just can't click on a google search return without it re-directing you somewhere else. It does work if you copy and paste the link. The fake scan only pops up about once a week and it runs under svchost. It doesn't run all the time, but once it starts it hogs 99% of the CPU. I'm so far behind it's going to be another week before I can work on a reinstall on that one.

I cannot be held responsible for the things that come out of my mouth.
In the Windows world, most everything folks don't understand is called a virus.
QUOTE Thanks
harryb2448

 
harryb2448's Avatar
 
Member Since: Nov 28, 2007
Location: Nambucca Heads Australia
Posts: 17,745
harryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond repute
Mac Specs: iMac i5 2.7GHz, 16GB memory, OS X.10

harryb2448 is offline
Microsoft Security Essentials for me on my Dell Latitude. It is not a resource hog, easy (and fast) to update, provides all security precautions, anitvirus, spyware, malware etc and is simply a great price - FREE!
QUOTE Thanks
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
My main issue is that I can't get into safe mode for some reason, after I select run windows in safe mode with networking it flashes a black screen then restarts and only lets me select start windows normally. So then I'm back at square one, so If i can get it into safe mode I might be able to do something
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,575
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by ace.13unibody View Post
My main issue is that I can't get into safe mode for some reason, after I select run windows in safe mode with networking it flashes a black screen then restarts and only lets me select start windows normally. So then I'm back at square one, so If i can get it into safe mode I might be able to do something
That's unfortunate. Another option might be to build a Windows PE/BartPE boot disc or Flash Drive to boot the machine from. Then, run Malware Bytes from a Flash drive.

A word of advice.... run a browser with an Ad Blocker. These things are distributed via animations that appear to be a legit virus scanner. The user installs the malware by authorizing the supposed removal tool to install.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
Nethfel

 
Member Since: Feb 25, 2009
Posts: 2,109
Nethfel is a glorious beacon of lightNethfel is a glorious beacon of lightNethfel is a glorious beacon of lightNethfel is a glorious beacon of lightNethfel is a glorious beacon of lightNethfel is a glorious beacon of light
Mac Specs: Late 2013 rMBP, i7, 750m gpu, OSX versions 10.9.3, 10.10

Nethfel is offline
Yeah, Along with cwa on this - you really need a clean OS to check the drive, certain infections will happily hide or block detection from other programs (including many times block their updating).

Another option if you don't want to build your own PE boot disc/drive is to get Hiren's BootCD which comes with a lightweight Windows XP with various tools on it to help you clean your system.

My Macs: Late 2013 rMBP w/ 750m; Mac mini G4, 1.25 GHz, 512m ram (server); Late 2011 11" MBA, 1.8GHz i7, 4Gig Ram, 256Gig SSD, HD3000; Powerbook 12" G4 1.33GHz running Debian as a server; Apple TV (1080p version)
QUOTE Thanks
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
Uh Oh!!!! I just restarted my computer and tried to start it in safe mode and I got the message:

Windows could not start because the following file is missing or corrupt: <Windows root>/system32/hal.dll. Please reinstall a copy of the above file
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,575
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by ace.13unibody View Post
Uh Oh!!!! I just restarted my computer and tried to start it in safe mode and I got the message:

Windows could not start because the following file is missing or corrupt: <Windows root>/system32/hal.dll. Please reinstall a copy of the above file
Your OS is toast. HAL.dll is the Hardware Abstraction Layer, one of the fundamental components of Windows.

You've got two options to recover your data - remove the drive and hook it up to another machine externally, or boot the machine using a recovery disc of some sort.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
The good thing is that I have a majority of my "important" things on my mac, and just pictures and music on this, but I have the music on a disk, and most of the pictures on Facebook, so I'll probably just reinstall windows
QUOTE Thanks
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
Well more issues now, I inserted a HP restore disk i made a couple years ago and hit "F" for full recovery, deleting everything, now it's on the HP recovery page but nothing is coming up, its just a blue screen. Is this the "blue screen of death"? I still have a pointer but nothing else is showing up

Update: I ejected the disk while it was on the page and now it's saying "Formatting hard disk partition" and now it's doing something, so i dont know what that was all about

Update again: It's not working, haha. I think when I ejected the disk it went into regular system recovery, but that didn't work and I had to restart, now i'm back at the blue screen
QUOTE Thanks
ace.13unibody

 
Member Since: Sep 03, 2009
Posts: 117
ace.13unibody is on a distinguished road
Mac Specs: 13" Unibody Macbook Pro, Iphone 4 16G

ace.13unibody is offline
So I finally just gave up myself and sent it to a guy I know and he is going to install windows 7 onto it for $20, deal!!! Too bad all my old files are gone
QUOTE Thanks
cwa107

 
cwa107's Avatar
 
Member Since: Dec 20, 2006
Location: Middletown, Pennsylvania
Posts: 26,575
cwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond reputecwa107 has a reputation beyond repute
Mac Specs: 15" MBP, Core i7/2GHz, 8GB RAM, 480GB Crucial M500 SSD

cwa107 is offline
Quote:
Originally Posted by ace.13unibody View Post
So I finally just gave up myself and sent it to a guy I know and he is going to install windows 7 onto it for $20, deal!!! Too bad all my old files are gone
Sounds like a pirated copy to me. Look out for Product Activation issues.

I know a lot of IT people think that the Enterprise version of Windows 7 doesn't require activation, but they're wrong. Since Vista, a local Activation Server is required.

Liquid and computers don't mix. It might seem simple, but we see an incredible amount of people post here about spills. Keep drinks and other liquids away from your expensive electronics!
QUOTE Thanks

Post Reply New Thread Subscribe


« speed wrt to reading from ext3 partitions | Problem booting boot camp or any startup disk »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Security suite recommendation briloop Running Windows (or anything else) on your Mac 0 09-04-2009 04:03 PM
Internet Security Suite Newbie OS X - Apps and Games 1 09-11-2008 05:14 PM
Windows Tweaks and Security PowerBookG4 Running Windows (or anything else) on your Mac 5 07-07-2006 12:31 AM
VPN Troubles shane440 OS X - Apps and Games 0 10-04-2005 11:08 AM
Severe Flash Security Flaw schweb Apple Rumors and Reports 1 03-04-2003 01:03 PM

All times are GMT -4. The time now is 12:36 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?