Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help, worse infection I have ever had


  • Please log in to reply
10 replies to this topic

#1 Teach2reach

Teach2reach

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 03 September 2009 - 10:47 AM

Hey everyone.. you have always been fantastic in the past and helping me to fix my pc. I am in way over my head on this one though, and do not know what to do.

I woke up this morning to find a big black and red message on my screen that said :

Your System Is Infected!!!

I knew right away it was some kind of Malware, and it kept directing me to install it. I know better and tried to right click it off, but it did not work, more and more bubbles and pop ups came up. It disabled my System Restore and my Firewall, and I get error codes when I try to go online through Firefox. I did get one AVG scan in, and it found 36 items and said it healed them all, but upon reboot, this monster is still here.

It will not allow me to run MalwareBytes or AVG now, it sends me error codes.

I am seriously lost now..I am a teacher and also a student who just started this semester's online classes...please help me asap. I am usually very good at working with you all. I have even gotten good at helping myself, but this is a bad one, I am afraid.

I will be anxiously waiting for a reply..thanks so much.

BC AdBot (Login to Remove)

 


#2 Teach2reach

Teach2reach
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 03 September 2009 - 10:49 AM

To add.. I cannot access the internet at all on it now. It redirects to fastbrowser search and says nothing can be found, etc. I am on my fiances pc which is in the same room if that helps.

#3 Teach2reach

Teach2reach
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 03 September 2009 - 03:21 PM

I was hoping someone could suggest something. At this point I have tried renaming Malware Bytes to get it to run, and it will not let me. I cant access the internet at all thrugh Firefox to download any fixes. I just keep getting the popup:
Red X your computer is infected, Windows has detected a spyware infection, etc, and the big black with red writing notice on the main screen.

Please help direct me as to what I should do next?? I am dependent on this pc for school, and if it is necessary for me to take it somewhere, I will do it, but want to try to fix it on my own..but time is a huge factor here. Thanks so much.

#4 pablo49

pablo49

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern california
  • Local time:11:15 PM

Posted 03 September 2009 - 04:36 PM

Have you tried running both MBAM and AVG in Safe Mode?

#5 Teach2reach

Teach2reach
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 03 September 2009 - 06:36 PM

Hi Pablo, yes, I have tried doing everything from safemode, and it still will not allow me to activate either Avg or Malwarebytes. Is it possible to download Malwarebytes to my flashdrive from this pc and then install on the infected one? Or even install all the fixes from a flash drive? Anything anyone can suggest would be great..Thanks so much.

#6 pablo49

pablo49

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern california
  • Local time:11:15 PM

Posted 03 September 2009 - 07:43 PM

Download a fresh copy of MBAM to a flash drive. Re-name the executable "Teach.scr" (w/o quotation marks). Copy this file to the Desktop of the infected computer and double click to launch. Post back with the results.
Thanks
Paul

#7 Teach2reach

Teach2reach
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 03 September 2009 - 09:41 PM

Thank you, Paul, I will do that now and get the log to you asap. I really appreciate your help, you have no idea how much.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,964 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:15 AM

Posted 03 September 2009 - 09:45 PM

MBAM uses Inno Setup instead of the Windows Installer Service to install the program. If installation fails in normal mode, try installing and scanning in safe mode. Doing this is usually not advised as MBAM is designed to be at full power when running in normal mode and loses some effectiveness for detection & removal when used in safe mode. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM. Therefore, after completing a scan it is recommended to uninstall MBAM, then reinstall it in normal mode and perform another Quick Scan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 pablo49

pablo49

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern california
  • Local time:11:15 PM

Posted 03 September 2009 - 10:05 PM

Hello Teach..
See the follow up post from Quietman7 -- thank you Quietman. As mentioned you should try running MBAM in normal mode first. There are a couple other steps I should have mentioned designed to conceal from the malware that you are installing an AV product. After you have double clicked on the re-named MBAM desktop file, hopefully it will start to install. If so, you will be presented with a screen with two check boxes: One to launch the signature update and the other to run MBAM immediately after install. Clear both of these check boxes - we do not want to update or run the program just yet. After the program (again hopefully) installs navigate to C:\Program Files\Malwarebyes' Anti-Malware. Rename the file "mbam.exe" to "teach.exe". Double click on teach.exe file and ....pray!
Good luck,
Paul

#10 Teach2reach

Teach2reach
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:02:15 AM

Posted 04 September 2009 - 02:13 PM

Hi everyone,
Well I downloaded a fresh copy of MB as requested. When I fired up the pc, and tried to access the other drives to open the flash, it would not let me go anywhere other than the C drive, and it went right to the open drive. I checked my documents, music and pic files, and opening them took me right to the C drive contents again. :thumbsup:

I think this is beyond my scope, so I am taking it to a local shop now for repair. I appreciate everything you all have suggested, and really wish I could have fixed it myself, but I am afraid if I wait too much longer, I am going to lose everything on there. I am praying they can restore some of the documents or all of my Masters thesis work is gone. :flowers: I know, should have backed things up..this is a tough lesson learned for this teacher, believe me.

#11 pablo49

pablo49

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern california
  • Local time:11:15 PM

Posted 04 September 2009 - 03:15 PM

Understood, let us know how it goes.
Highly likely that all your files and documents are intact and recoverable. I haven't heard of a file-eating virus in a long time, though I imagine they are out there.
Good Luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users