Jump to content

Recommended Posts

Hi, I am also experiencing inablility of running or opening any programs.

This is my cousin's computer, Windows XP with McAfee installed through their carrier "Comcast".

She had the rogue installer "Advanced Virus Remover 2009" yesterday. This is what I have done so far:

I downloaded Malwarebytes and ran a thorough scan (found 50+ problems) some which could not be fixed until reboot. I rebooted and now the computer has multiple pop ups concerning "Bad Image". One which will not close at all:

svchost.exe-Bad Image

The application or DLL globalroot\systemroot\system32\SKYNETpuqfwoix.dll is not a valid Windows image. Please check this against your installation diskette.

I tried to follow your 8 step's on removal and can not open any programs except IE and task manager. I have tried to run/open McAfee, MWB's, downloaded but unable to open CCleaner, Combofix, Hijackthis.

Also can't add/remove programs (her kids have Frostwire which I want to remove), can't open regedit either.

Please help! I realize its a rootkit, but I can't get to it!!!

Thanks in advanced.

PS: If I can get rid of this nasty thing, I would like to update/change her anti-virus/firewall, and have lectured her children on the use of P2P, including Limewire/Frostwire.

Link to post
Share on other sites

  • Staff

Hi bloggermom and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

After that, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new HijackThis log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.