Jump to content

Recommended Posts

I have a HP computer that was infected with all sorts os Spy/malware, I installed Ad-Aware and SpyBot S&D neither would download updates kept saying I had no internet connection. Also when I'm on the internet I could go to google or HP but not to symantec.com it would tell me that I had no internet connection. Then I installed MBAM and this thing would not let MBAM get it's updates either but I could run it and it came up with 70 infections which I deleted. Then all seemed right I could go to symantec.com. When I rebooted everything went back the way it was with one more little quick. I can't start MBAM the .exe file does nothing I tried removing it and reinstalling it but the .exe file on my jump drive to reinstall will not work. All the other .exe file on that jumpdrive work but not MBAM.

HELP

procomm

Link to post
Share on other sites

Exact same problem just hit my friend's computer. I can't fix it. MDAM has been the solution to previous versions but this one just knocked everything out. I was able to use AVG to help take out traces and I edited registry manually to take out others.

I renamed files with different extension but that didnt work.

I came across a post that mentions using "SDFix" to solve the problem. However, SDFix will NOT launch either. I even tried dragging it over "winRar" screen to see contents and clicking on everything in it. A screen or two pops up but it never extracted all contents and didnt help.

It looks like this 2009 version actually was able to knock out all previous solutions. This is a legitimate post above and I'd really love any help as well. Thanks!

Link to post
Share on other sites

  • Root Admin

Hello and Welcome to Malwarebytes.org

Please read and follow the instructions provided here as best you can. Pre- HJT Post Instructions

When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

Link to post
Share on other sites

  • 3 months later...
Exact same problem just hit my friend's computer. I can't fix it. MDAM has been the solution to previous versions but this one just knocked everything out. I was able to use AVG to help take out traces and I edited registry manually to take out others.

I renamed files with different extension but that didnt work.

I came across a post that mentions using "SDFix" to solve the problem. However, SDFix will NOT launch either. I even tried dragging it over "winRar" screen to see contents and clicking on everything in it. A screen or two pops up but it never extracted all contents and didnt help.

It looks like this 2009 version actually was able to knock out all previous solutions. This is a legitimate post above and I'd really love any help as well. Thanks!

I was infected with the autoprotect 2009 malware program last month, and malwarebytes worked without a hitch. My wife downloads a lot of things, so we got infected again. this time however, i was unable to run spysweeper, malware, hijack this, or spyhunter. I unistalled MB, and then it wouldnt even let me run the install from safemode.

My solution to this problem, though seemingly stupid, was to change the name of the setup program from mbam-setup.exe to 22mbam-setup.exe. This finally brought up the installer and installed the program. same deal again though with running the program... it still did nothing. I then went into the program files folder, and changed mbam.exe to xxxx.exe and the program opened and is now running. I think these viruses are now being coded to not to open the programs that kill them, but only by the name of the exe. try this out, I hope i can help a bit with my archaic solution. ;)

Link to post
Share on other sites

  • 3 months later...
I was infected with the autoprotect 2009 malware program last month, and malwarebytes worked without a hitch. My wife downloads a lot of things, so we got infected again. this time however, i was unable to run spysweeper, malware, hijack this, or spyhunter. I unistalled MB, and then it wouldnt even let me run the install from safemode.

My solution to this problem, though seemingly stupid, was to change the name of the setup program from mbam-setup.exe to 22mbam-setup.exe. This finally brought up the installer and installed the program. same deal again though with running the program... it still did nothing. I then went into the program files folder, and changed mbam.exe to xxxx.exe and the program opened and is now running. I think these viruses are now being coded to not to open the programs that kill them, but only by the name of the exe. try this out, I hope i can help a bit with my archaic solution. :P

Renaming mbam.exe worked for me! thanks.

Link to post
Share on other sites

  • 4 weeks later...

I caught the virus today, first off a site wanted me to install a 'HD Compatible Flash player' (I didn't), which resulted in me catching the 'google redirect' virus, then the System Security one after.

Long story short malware bytes would install but wouldn't run even if I changed the name. I ran it in compatibility mode for windows 2000 and it worked. Because the virus was blocking access to malwarebytes.org the update function wouldn't work until I changed the mirror (update location) so that it wasn't updating through malwarebytes.org

Link to post
Share on other sites

I was infected with the autoprotect 2009 malware program last month, and malwarebytes worked without a hitch. My wife downloads a lot of things, so we got infected again. this time however, i was unable to run spysweeper, malware, hijack this, or spyhunter. I unistalled MB, and then it wouldnt even let me run the install from safemode.

My solution to this problem, though seemingly stupid, was to change the name of the setup program from mbam-setup.exe to 22mbam-setup.exe. This finally brought up the installer and installed the program. same deal again though with running the program... it still did nothing. I then went into the program files folder, and changed mbam.exe to xxxx.exe and the program opened and is now running. I think these viruses are now being coded to not to open the programs that kill them, but only by the name of the exe. try this out, I hope i can help a bit with my archaic solution. ;)

[b]@ sbabster please follow these instructions:

Scan and post logs - read note at bottom in green

If you're having Malware related issues with your computer that you're unable to resolve.

  1. Please read and follow the instructions provided here: I'm infected - What do I do now?

  2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs

  3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.

  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.

  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.

  • Using these other tools often makes the cleanup task more difficult and time consuming.

  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.

  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.

  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review

  • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Link to post
Share on other sites

I caught the virus today, first off a site wanted me to install a 'HD Compatible Flash player' (I didn't), which resulted in me catching the 'google redirect' virus, then the System Security one after.

Long story short malware bytes would install but wouldn't run even if I changed the name. I ran it in compatibility mode for windows 2000 and it worked. Because the virus was blocking access to malwarebytes.org the update function wouldn't work until I changed the mirror (update location) so that it wasn't updating through malwarebytes.org

@ freeliner

Hi Please give us an update, on how your pc is now... regards...

Link to post
Share on other sites

  • 3 months later...

@ yardbird

sorry it took me so long to get back, I haven't been back here in a while, thought I'd return because I've had to sort out a few people's computers who were infected with ESQUL.

After I used Malware Bytes last time, I thought that I had got rid of the Google redirect and a few other things but a full scan with Avira revealed that there were hidden registry keys (all with the ESQUL name), but Avira couldn't fix it. Since ESQUL is hidden from Windows (*I'll get to something interesting in a minute), I tried using an XP cd's recovery console to delete them. I found and deleted them, booted into Windows but there was no change with the Avira scan and they were present with different names when I went back into the recovery console.

*Something Interesting: When I was infected I was snooping around in the non plug-and-play drivers section of the device manager (it was obvious to me this is how it's staying out of sight) and found a driver that didn't link to a file name after I opened it up. I'm not too hot on what should and shouldn't be in there but every other driver linked to a filename. This raised my suspicions, I just wish I took a scrnsht ;)

After breaking out an old hard drive, I backed up the important stuff and ran combofix. I then re-installed Windows. This is what I've had to do to a few PC's recently. I understand the problems that may come with combofix so I always make sure everything is backed up. Just to clarify: I don't charge for fixing PC's, they are all ones that I have built as presents for my family and 1 close friend (computer loner :) ).

Can you give me any info on the ESQUL please? I'm interested on it's spreading techniques and system changes but can't find any technical details, as all the antivirus companies like to name them differently...

Thanks

Freeliner

Link to post
Share on other sites

  • 4 weeks later...

I did not read all of this post, but and as well im not a computer pro....but, i was able to get mbam to run. I was having the same problem nothing would make it run (not changing names or extensions, safemodes....blah). What i did was use another computer installed the program on it and copied the new folder to a disc. you cannot run the program from the disc, but i still had the program installed on the infected computer, so when i ran the disc it used the mbam.exe from the disc, and all the files from the computer. works like it should now. i did have to do all this in Safe Mode, when i tried it in normal mode something would restart the computer before the program could finish. I hope this helps some other unlucky soles.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.