Jump to content

Malware Armageddon?!?!?!

steve123
 Share

Recommended Posts

steve123

steve123

Posted
Posted

I cannot open malwarebytes and my system is infected.

It started when I stupidly downloaded what i thought was a plugin to watch a video and then got infected with something i could not remove. I kept getting redirected from google search results and seeing vimax adverts everywhere.

Then my comp stopped working properly and wouldnt even load windows so i did a system restore, meaning my antivirus bullguard was no longer installed. Then i got dr guard somehow and here i am.

Id like to completely sort my pc out but dont know where to start :P :P :P

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello steve123! Welcome to MalwareBytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install any software or hardware, while work on.

Your system is seriously infected!

Have you ever tried to follow those instructions?

http://forums.malwarebytes.org/index.php?showtopic=42074

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to Combo-Fix.exe please.

Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.

Note: During this process, it would help a great deal and be very much appreciated if you would refrain from installing any new software or hardware on this machine, unless absolutely necessary, until the clean up process is finished as it makes our job more tedious, with additional new files that may have to be researched, which is very time consuming.

Also, please do not run any security programs or fixes on your own as doing so may compromise what we will be doing. It is important that you wait for instructions.

Link to post
Share on other sites
steve123

steve123

Posted
  • Author
Posted

broken link?

might be worth noting when i was searching for malwarebytes wont open in google i kept getting broken links from the sites i visted.

Tried maybe 6 sites in total that all had those meta keywords, bleeping computer was one of those sites i tried to visit.

Could you post the original help post here for me to view at all?

P.s i know this is probably a thankless job but you dont know how much i appreciated this help as it has been like this for a while now so ye, thanks

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Let's change instructions:

Please download ComboFix from here (Special link for you) to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the "C:\Combo-Fix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

If you still cannot get this to run, try booting into Safe Mode, and run it there.

To boot into Safe Mode, tap F8 after BIOS, and just before the Windows logo appears. A list of options will appear, select "Safe Mode."

Link to post
Share on other sites
steve123

steve123

Posted
  • Author
Posted

ok well im on my dads laptop now because now my computer wont load...

I did as you said, downloaded the program renamed it as you said to the desktop and let it run, it then said it had to reboot but to write the following down as it may be needed:

c:\windows\system32\drivers\_VOIDjypyrjomlv.sys

c:\windows\system32\_VOIDqhrmlakowk.dll

c:\windows\system32\VOIDmcyxmycvvu.dat

c:\windows\system32\VOIDktqsnnvpix.dll

c:\windows\system32\VOIDdpypxnguil.dll

I load to my desktop and no icons appear with a load of errors about msl55l

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept