Jump to content

You Tube/Facebook virus Help?


Recommended Posts

Hi, I am new to this site. I tried to open a Sponge Bob video that was sent to me on Facebook. It wouldn't open and read that I needed an update. I fell for it, since I was using a new pc, I wasn't sure if she had the adobe/acrobat and tried to install the thing! Now, I keep getting the messages that my computer is infected, and it runs a fake scan. Any anti-virus site that I attempt is blocked by this virus. Her (my mom's) computer does not have a disk drive--I read somewhere to download Spyware removal to a disk then transfer it to her pc. Also I tried to do a reset to a date before she had the virus but, all the dates were gone except the date her pc was infected!! GRrrr. Please help me? I am not very good with computers or the lingo, so be gentle?

Thank you in advance,

Tasha

Link to post
Share on other sites

Hi Tasha And

:lol:

Please try this version of malwarebytes: Click the link here

Save it on your desktop. You'll see it will have a random name, and will look similar like this: mbamrandom.gif

Doubleclick on it, so it will extract the files and will start Malwarebytes automatically.

In case the installer (random named file) won't run either, rename it to firefox.exe or explorer.exe or iexplore.exe and try again.

When Malwarebytes opens, click the "Update" tab FIRST and select to check for updates in order to get the latest updates.

In case Malwarebytes doesn't open, search for the folder mbam-installer on your desktop, open it and doubleclick the file winlogon.exe which will be present in there. This should launch Malwarebytes.

Then perform a scan and let it remove what it found. Reboot afterwards (important).

After reboot, post the malwarebytes log.

In case you're having problems with above instructions, let me know.

Link to post
Share on other sites

Hi Kenny, and thanks for your reply. I sent you this message from my pc. It is my mothers pc that I have here with me, that is infected. I am not able to do this. I did however get to malware site and did a download from my moms pc and it says malwarebytes' anti-malware- an error occured. please report the following error code- 732(12007,0)

Hi Tasha And

:lol:

Please try this version of malwarebytes: Click the link here

Save it on your desktop. You'll see it will have a random name, and will look similar like this: mbamrandom.gif

Doubleclick on it, so it will extract the files and will start Malwarebytes automatically.

In case the installer (random named file) won't run either, rename it to firefox.exe or explorer.exe or iexplore.exe and try again.

When Malwarebytes opens, click the "Update" tab FIRST and select to check for updates in order to get the latest updates.

In case Malwarebytes doesn't open, search for the folder mbam-installer on your desktop, open it and doubleclick the file winlogon.exe which will be present in there. This should launch Malwarebytes.

Then perform a scan and let it remove what it found. Reboot afterwards (important).

After reboot, post the malwarebytes log.

In case you're having problems with above instructions, let me know.

Link to post
Share on other sites

Please try the following steps to see if they resolve your issues:

Step 1: Verify Internet Connectivity of Internet Explorer:

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from here
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • Use the default install settings but say NO to the portion that asks you to add ERUNT to the Start-Up folder. You can enable this option later if you wish.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected.

    [*]Click on OK

    [*]Then click on YES to create the folder.

Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Once you've completed backing up your Registry, please do the following:

  • Click on Start and select Run
  • In the Run box copy and paste the text in the following code box exactly as written and press Enter or click on OK:
    REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v GlobalUserOffline /t REG_DWORD /d 0 /f


  • Try updating again and if it does not work then please proceed to Step 2

Step 2: Verify Your Internet Connection Settings:

  • Open Internet Explorer
    • Note: It MUST be Internet Explorer, not Firefox, Opera, Chrome or any other internet browser

    [*]Click on Tools at the top and select Internet Options

    • Note: If you do not see Tools, press the Alt key on your keyboard and it will show up

    [*]Click on the Connections tab

    [*]Click on the LAN settings button

    [*]Under Automatic configuration make sure that the box next to Automatically detect settings is checked, if it is not, then click the box next to it to check it

    [*]Under Proxy server make sure that the box next to Use a proxy server for your LAN (These settings will not apply to dial-up or VPN connections). is not checked and if it is, click the box next to it to uncheck it

    [*]Click on the OK button to close the Local Area Network (LAN) Settings window

    [*]Click on the OK button to close the Internet Options window

    [*]Try updating Malwarebytes' Anti-Malware again to see if it now works correctly

Now try updating Malwarebytes' Anti-Malware once more.

Please let me know how it goes.

Link to post
Share on other sites

I am on http://download.cnet.com/windows/3055-8022_4-1080457.htr It seems that malwarebytes' anti-malware is running a scan (on mom's pc). So far it has scanned for 46 minutes, scanned over 60 thousand objects on a FULL scan, and no objects this far are infected.

Hi again Kenny, The scan found ( 3) KoobFace.Trace (1) Worm.KoobFace in registry Value (2) Disabled Security in Registry Data --There are Reference numbers if you need them. All of these have been sent to quarantine. I see your note not to do anything else on my own, I missed this message while still trying to run the Malware, sorry.

Link to post
Share on other sites

Lets do the below:

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.