Jump to content

Malware won't let Malwarebytes run or be renamed due malware

Sam2000

By Sam2000
in Resolved Malware Removal Logs

 Share

Recommended Posts

Sam2000

Sam2000

Posted
Posted

I found some ransomware encrypting my files (adding "ofml" after the original extension of the file like "game.exe.omfl")  with a text file saying that i must pay 980$, besides other malware like ones that open chrome tabs constantly (google calendar specifically with some freeware) so i tried open malwarebytes but i can't use it, i can see it in the taskbar but it's not responding and i can't rename it either even thought i am the the main user with all the administrative permissions.

can someone help please

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hiya Sam2000 and welcome to Malwarebytes,

See if you can run the following:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status... Right click on FRST and rename FRSTEnglish
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Thank you,

Kevin
  • Like 1
Link to post
Share on other sites
Sam2000

Sam2000

Posted
  • Author
Posted

I actually saw your reply on another post with similar issue and tried to use FRST and waited for 15 but it wasn't responding, I booted the PC in safe mode and malwarebytes worked and i did a scan and deleted all detected malware files, but now the search bar on the specific User profile won't work and just loads forever and Windows settings won't responed at all.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello Sam200,

You should never follow any instructions from another users thread, definitely not recommended... See if you can do the following:

Boot your PC and let it go as far as it can, Now hold down the Shift key and re- boot your PC. Windows should open to the "Choose an Option" window....

Other options for Choose an option window at following link:

How to use the Windows 8 or 10 System Recovery Environment Command Prompt Here: http://www.howtogeek.com/126016/three-ways-to-access-the-windows-8-boot-options-menu/ to enter System Recovery Command prompt.

From that window select "Troubleshoot" from the next window select "Advance Options" from  there select  "System Restore" from there follow the prompts to run System Restore to any date prior to this issue happening..

Does that get you booting correctly..?

Thank you,

Kevin..

Link to post
Share on other sites
Sam2000

Sam2000

Posted
  • Author
Posted

ok i'll definitely try this when I can, but do you have a solution for the chrome issue, it says it is "managed by your organization"  but that makes no sense as it is a personal use pc and it won't let me download any files from chrome saying "insufficient permissions" even after i reset the browser settings and uninstalled and reinstalled it.

I might just opt for fresh install of windows 10 as a last resort.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Let me know how you get on with system restore, if that is successful run FRST as per my previous reply and post the two produced logs... For Chrome make a clean install as follows..

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

For your Passwords go here:

https://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/

Continue for a clean install:

Download Chrome installer and save to install later:

https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html

https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html

Next,

Open Chrome and sign into your account, open a new tab and type or copy paste chrome://settings hit enter...


user posted image


In the new window that opens "Turn Off" option will show, select that option.


user posted image


You will then be given notice of what will be cleared. Checkmark the box that gives an option to clear bookmarks, passwords, history etc. Confirm that action by selecting "Turn Off" tab


user posted image


Next.

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/


user posted image


If you use Google Drive, open the Google folder, right click on Drive and select "Copy" then right click on your Desktop or a folder of choice and select "Paste" to save that folder and its contents.


user posted image


When you successfully saved Google drive go back to Local folder, delete the folder named Google


user posted image


Next,

Install Google Chrome :

Next,

Import your Bookmarks... (instructions in the first step)

Import Passwords... (instructions in second step above)

Next,

Install Malwarebytes Browser Extension (Free) https://chrome.google.com/webstore/detail/malwarebytes-browser-exte/ihcjicgdanjaechkgeegckofjjedodee

Next,

Install uBlock Origin for Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

If you previously had Google Drive you will nee to download and install again: https://www.google.com/intl/en_rw/drive/download/

When that is completed transfer the contents of the save google drive folder to the new one...
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept