Jump to content

MABM won't run even when re-named, HijackThis won't install


Tifa

Recommended Posts

My computer's been infected with Antivirus Pro. I'm not a tech expert but usually I'm computer literate enough to read guides, but this time it seems that it won't work without actually asking for help. I've read many guides and I found Malwarebytes through one. Installed it. Nothing happening after that when I try to open it. Says it's no longer in that location. Renaming the file as I read in one place didn't work either. When I download HijackThis, and try to install it, once the download completes and I click run it just disappears. The only thing that's helped even slightly is that I installed a program called rkill and it seems to have subdued the nasty popups long enough to try to get things done. IE won't work as a browser, I get that I need to upgrade my Antivirus Pro ect ect. My saving grace is that I had AOhell still installed on this computer and an account and it seems that the browser is so unused that the malware decided not to even bother with AOL, so it still works so I'm able to type here.

Does anyone have any ideas? worst comes to worst I'm going to back up my most important files, and create a recovery disc, but I'd like to avoid doing that if possible.

Any suggestions are greatly appreciated. Thank you!

Link to post
Share on other sites

Hello Tifa

Welcome to Malwarebytes. :blink:

=====================

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Under Custom scan's and fixes section paste in the below in bold

    netsvcs

    %SYSTEMDRIVE%\*.exe

    /md5start

    eventlog.dll

    scecli.dll

    netlogon.dll

    cngaudit.dll

    sceclt.dll

    ntelogon.dll

    logevent.dll

    iaStor.sys

    nvstor.sys

    atapi.sys

    IdeChnDr.sys

    viasraid.sys

    AGP440.sys

    vaxscsi.sys

    nvatabus.sys

    viamraid.sys

    nvata.sys

    nvgts.sys

    iastorv.sys

    ViPrt.sys

    eNetHook.dll

    /md5stop

    CREATERESTOREPOINT


  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

====================

===========

Download This file. Note its name and save it to your root folder, such as C:\.

  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "Yes" to begin the scan.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Link to post
Share on other sites

  • 3 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.