Jump to content

Malware/Rogue Won't Let Me Install/Run MBAM or other tools


Recommended Posts

My wife's computer is infected with a very aggressive virus (possibly a new TDSS variant...) that has defeated the original McAfee virus protection and all system guards. All of the security tools have been disabled now, as well as Internet Explorer.

Per the instructions in the "I'm Infected" forum posting-

I tried installing and using Malwarebytes Anti-Malware MBAM tools, and also installing and running Avira Anti Virus. The infection is blocking the installation of MBAM (also posts a ballon), but I had been successful with loading Avira AV- but then it was quickly blocked and can't be accessed again. The saved log from Avira has dissappeared. I'm not sure if it helps but I was watching the Avira scan progress closely (in hopes it would be successful) and noted some of the detections it registered:

HTML/Malicious.PDF.gen

TR/Dldr.Fraud.Lo.sxm

ADSPY/AltnetB.4

This may be an ignorant question, but does Avira not quarantine or remove the malware it detects? Maybe I missed something on the program interface, but couldn't find that option, which is dissapointing since it was so difficult getting it to run because of the infection.

I had also had some Eldycow files show up when I ran Yahoo CA Anti-Spy- one of the few programs I was able to run before being totally blocked. They should have been quarantined and removed if Anti-Spy worked.

I haven't had any luck opening or running any removal tools, can't get HiJackThis to open and install, and now cannot even open Internet Explorer (all associated shortcuts that use IE now show as an unexecutable file type).

A rogue program calling itself "Protection System" is continually posting pop-up or fake security balloon messages that bog down the system while trying to work with the computer.

I posted this problem on the BartPE forum [http://www.nu2.nu/pebuilder/ ] and asked if there was any way to run the removal tools from a boot disk or command prompt, hoping I could beat the virus without running Windows. I'm not a tech expert but have a basic knowledge, and can catch on fairly quick- I'm just a little lost on how to begin. I want to make a BartPE (or other utility) CD-Rom that will allow me to install and run MBAM and removal tools, but I have a problem-

I am not sure where the Windows XP disk for my wife's computer is, and my laptop uses Vista so I don't know how to proceed.

I'm sure the windows installation files are somewhere on my wife's computer- I just don't know the exact file path, and the infection makes it hard to work in Windows without pop-ups and blocked access by the virus program.

How can I build a clean Boot CD, or PE CD that will allow me to install and run the Malware removal tools in a PE environment or some other work-around?

Thanks,

Rob

Link to post
Share on other sites

Sorry if that was a forum no-no,

I was under the impression that a different sorts of moderator/advisors worked different parts of the forum, hence the multiple posts in different areas. My intent was to get as broad a spectrum as possible for reviewing and input on the overall problem I'm having.

Since I can even install and run HJT in order to post a log in that section, I thought I should post the problem here.

This is one bear of an infection that has basically rendered my wife's computer into a useless box that sucks electricity.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.