Jump to content

Backdoor virus phishing everything in my laptop, Please help me, Malwarebytes don't work


Recommended Posts

I have literally try a bunch of anti-viruses ad spent over $180 dollars in buying them :) . After i run the "rkill" finally malwarebytes found a backdoor virus (Backdoor.Celofot /registry value) and everytime i run it even tho i remove the virus after the scan is complete, the malewarebytes finds it over and over again..

For example when i'm trying to go online to Craigslist instead of opening the website it goes directly to the login page and no matter what link i click on the page won't change and sure enough next day i have received in my email inbox 9 new craigslist post confirmations. So i freaked out and change the craiglist password from a different computer, my email password and everything and i'm still in "fights" with two different ebay members to continue the transactions i have bid on(that i have no ideea about it.

Anyways, my business is all going on craigslist and since i can't use it i'm stuck :)

Please help me, please! I have bought the kaspersky, the spybox, the avast and the norton anti-virus and none of them found nothing wrong with my laptop. Malwarebytes found this bacdoor virus but i have read some of the topics about it and they say is a FALSE POSITIVE and is nothing to worry about. I don't know and if that's so, then what's wrong with my laptop and how come everytime im logging in somewhere -somebody else know my passwords? And please help with the craigslist thing...

By the way, all the anti-viruses including this one i have bought them brand new in box from bestbuy geeksquad or circuit city but no downloads. I also tryied to run all of them including the malewarebytes in safe-mode with networking as well as normal mode. The backdoor celofot won't go away from my laptop. HELP ME PLEASE!

Many thank's guys!

Link to post
Share on other sites

Hi Alex Rey And Welcome to Malwarebytes!

Sounds like your pc is in a mess.

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Delete rkill and run one of these:

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 6 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Admin

You only need to get one of them to run, not all of them.

  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. rkill.pif
  5. WiNlOgOn.exe
  6. uSeRiNiT.exe

Once you've gotten one of them to run then try to immediately run the following:

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.