Fucking Virus!!!

[EATTHEDEAD]

Just a few minutes ago I got a warning while playing a game offline. Some bullshit program called "Security Tool" decided to download itself and make itself at home. Now I can't run my anti-virus or my Malware Bytes and I'm getting little pop ups in the taskbar telling me that both my anti-virus AND malware bytes are infected. I know this is bullshit. It won't allow me to start in safe mode and everything on my desktop has vanished, just a black screen. Has anyone had to deal with this? If so, would someone please help me to eradicate this shit from my PC?

[RORER-714]

http://housecall.trendmicro.com/

[EATTHEDEAD]

It won't let me run the application Rorer. I can't download anything and run it. I need a manual way to get rid of this thing. Goddamn thing won't let me run my registry edit either. I can't even get the task manager to open. Well, it opens, for about 1.3 seconds and then this virus tells me it's infected and shuts it down. It is telling me everything is infected, even the program I dwnlded from your link.

[Curdled_Pus]

I read what you said.
You cannot Download this? http://download.bleepingcomputer.com/grinler/rkill.com
If so I will be waiting here. I have to restart Fx so will be right. This is a nasty one. Is this what it looks like?
And just to confirm. You can't start in Safe mode right.

[EATTHEDEAD]

I haven't visited your link yet, but yeah it won't let me into safe mode.
Going to your link now. Hope this works.

[EATTHEDEAD]

Nope. it says rkill.com is infected too. The virus is known as "Lsas.Blaster.Keylogger. Your pic above is accurate.

[Curdled_Pus]

It appears that it is associated with vundo which has always been a real nasty one.

I am going by this guide but will look further & see what I can find as all the actions I would suggest are disabled for now http://www.bleepingcomputer.com/viru...-security-tool
I would HIGHLY suggest you open a new tab & make an account at http://www.bleepingcomputer.com/foru...ct=Reg&CODE=00
and post there & keep this tab opened & refresh it as someone may be experienced with this booger. You need professional help with this one. In the subject I would the name of the infection & give the link above.
I would like to follow the thread there if you would be so inclined.

EDIT:By a wild chance in the brief moment the task manager opens if you can right click real quick & find & kill this nasty. It's wild I know

[Gogo]

EATTHEDEAD, I got that one too...the only solution was to lose everything and reinstall my entire system to factory condition.
Was a pain in the ass, but I tried everything else...
Best of luck.

[Curdled_Pus]

Do you have another PC that has net access to? If no in your house what about a neighbors? I've had to do that one myself when I thought I had a key-logger.
Before answering can you open & play a CD?? I found a possible workaround with tools I have pushed here before

[Curdled_Pus]

Quote:

Originally Posted by Gogo

EATTHEDEAD, I got that one too...the only solution was to lose everything and reinstall my entire system to factory condition.
Was a pain in the ass, but I tried everything else...
Best of luck.

Yeah, that's a last resort & that is if he has recent backups. If he has a key-logger or a real nasty Trojan buried in the bios real deep after reformatting it may still be there.

EDIT: ETD On a side note, what anti-virus are you using?

[Curdled_Pus]

We need access to your task manager. If we can get in there it's licked

[Curdled_Pus]

Do you have HijackThis installed on your PC? http://free.antivirus.com/hijackthis/
If by chance wild can you run it?

EDIT: Or killbox? http://www.killbox.net/

We want to somehow download & install Process Explorer http://www.filehippo.com/download_process_explorer/
If so you need to rename procexp.exe to explorer.exe then you should be able to open this tool.
If you find a way Process Explorer is immune to this infection as log as it is renamed.

ETD has logged off so can add here.

Right clicked the icon for total security, open the properties, and look at where the .exe file is located. It probably has a numbered file folder "xxxxxxx". Look inside the folder & find the Icon with a xxxxx.exe file. Chang the last number in the folder and exe file. Reboot your PC. The PC might/should come up to where you can run Malwarebytes.

[EATTHEDEAD]

I registered at Bleeping Computer and am waiting for a response to my queries. I am going to try what you suggested C_P and will get back to you. Thank you for all of your help. I WILL beat this motherfucker into submission! BTW, using AVG free, latest version. It also tells me that Windows Media Player is infected and won't let it open.

[Curdled_Pus]

What, you so stressed out you need to listen to some relaxing music? Lol

[EATTHEDEAD]

Quote:

Originally Posted by Curdled_Pus

What, you so stressed out you need to listen to some relaxing music? Lol

If the PC would allow it LOL. I'm going through the hoops to get into an online college and the last thing I need right now is a computer that is retarded.