Jump to content

help, this bug is driving me crazy


Recommended Posts

I got a nasty bug here, it started yesterday when i noticed Google's search results with a different font, didn't mind at the time, thought it was some css error or something like that.

Today when i booted the computer, it booted then shutdown alone..., ok disconnected the network cable, booted.

Try to install hijackthis i had on a pen (latest version), doesn't install... try to download latest malwerebytes from site, browser doesn't work (although for google and other pages it works).

Boot on safe mode, ask a friend to download latest malwerebytes and give me a pen with it, install malwerebytes ok, try to run...nothing, open task manager, see process is killed once it starts, hijackthis is also killed, and all this on safe mode !!

Also on safe mode i get errors when i try to run/install SUPERAntiSpyware.exe SmitfraudFix.exe (an error has occurred you must close your application...)

I had nod32 2.6 on this machine, it caught some bugs the fist time i run a scan, but when i rebooted i doesn't show the icon anymore, but the process is still there.

Any ideas here?

Link to post
Share on other sites

Find mbam.exe (normally in "C:\Program Files\Malwarebytes' Anti-Malware\"), and try renaming it to something random. If you are having trouble finding it, remember that Windows XP and Windows Vista hide file extensions by default, so it's probably just named mbam. Anyway, here's a screenshot of what it looks like on my Vista machine:

post-1983-1226624988_thumb.png

Once you have it renamed, just double-click (or right-click and run as Admin if in Vista), and Malwarebytes' Anti-Malware should run normally.

Let me know if that doesn't work.

post-1983-1226624988_thumb.png

Link to post
Share on other sites

Thanks for the tip!, after renaming the file (named it vtrjgiotrh.exe) the prog started and run normally, it found several bugs on the registry and a bugged .dll

The bugs are really targeting this software and maybe others, both on the installer and the prog .exe

what it found:

spyware.banker

trojan.agent

According to Malwarebytes they're cleaned, any other advice? are they really gone?

Link to post
Share on other sites

update:

as soon as connected to the network and booted on normal mode, problems again, no iternet, slow, blocks malwarebytes, no AV, impossible to work. Reebot safe mode with network, run malwarebytes (with a different name) again (can't update) trojan.agent appears again on the scan...

Link to post
Share on other sites

update:

as soon as connected to the network and booted on normal mode, problems again, no iternet, slow, blocks malwarebytes, no AV, impossible to work. Reebot safe mode with network, run malwarebytes (with a different name) again (can't update) trojan.agent appears again on the scan...

You can download a manual database update here. You can put it on a flash drive or a CD. Note that the installer does not contain the latest database, and is only updated about once daily.

Also, I would suggest not running MBAM in Safe Mode. It's advanced drivers do not work in Safe Mode, which can cripple it's detection and removal capabilities.

Link to post
Share on other sites

Hello refrig and welcome to Malwarebytes. Please delete Smitfraud fix from you desktop, never use tools like this without supervision, from someone who knows how they work and what to do with them. Please follow these instructions here and begin your own topic in that forum.

Link to post
Share on other sites

Hello refrig and welcome to Malwarebytes. Please delete Smitfraud fix from you desktop, never use tools like this without supervision, from someone who knows how they work and what to do with them. Please follow these instructions here and begin your own topic in that forum.

Yea, Jean will get you the help you need. I'm just trying to get you to the point that you can browse to the sites you need to.

BTW: You may want to check your HOSTS file. It could be blocking sites.

Look in C:\WINDOWS\System32\Drivers\etc and there should be a file called HOSTS (no extension, just the word HOSTS). Let me know what's in it. If it's empty, then I will let Jean take it from here.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.