Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AntiMaleware Doctor.


  • Please log in to reply
3 replies to this topic

#1 thechillinhippy

thechillinhippy

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 18 August 2010 - 08:04 PM

So heres the deal. Was looking up reaper episodes a day after my kaspersky antivirus expired. clicked on one friggin link and viola. now anything i click on pops up a message that the program quit and is infected plus a lot of pop ups from the anti doctor. Ive got a dell desktop running service pack 3 xp. i also have a very old 7gb laptop that i am using to post this and to transfer programs over to the desktop and to make backups (with what little room it has). Anyway. So first thing i ran advanced system care by io.bit. didnt help a bit. pretty much everything it tried to do gets shut down in process. Then i tried system restore as i dont have money yet for external back up and didnt partition like an idiot. Come to find out im even dumber then that cause the only system restore point it shows is from after the infection. which is odd cause i run advanced system care every few weeks and it makes restore points. system restore finishes but b4 restarting the computer hangs for about 20 min so i force shutdown and reboot. shows first 2 screens and then black screen b4 windows xp loading screen. doesnt go anywhere. boot to disc. and ran customized diagnostics for computer wont boot to OS. passed all hardware test there. so thats cool. not that i thought it was hardware. then i tried safe mode. got stuck showing the processes it was loading on black screen. rebooted and tried last known good configuration. worked. got to desktop. still viruses. or maleware or w/e. happened to have an old copy of combo fix (this was b4 i read ur site and see not to run it until told to do so) tried running it. didnt work. booted into safe mode. ran combofix. it was an old copy so it ran the reduced version. said it deleted 3 files. otherwise nothing. at that point i finally got the laptop on and got on here. found your auto removal guide for the antimaleware doctor. downloaded the rkill.exe. and the malewarebytes. ran the rkill.exe. wouldnt let me. managed to get task manager up and i am quite familiar with my processes so i killed all the unusual ones. then tried rkill.exe. it worked. it came up with a log of the things it did in notepad. nothing else was happening and it said in the notepad that it was done. so i closed out of notepad. i went to a screen with no icons and no access to menu bar even with the windows key. it came up with a warning saying that a system32 process was quit and that the computer needed to restart in 60 sec. then it froze after 60 sec. force restart. same message on login screen. 60 seconds went away. logged in. got to desktop then it restarted. restarted 2 more times then got to desktop fine. tried running rkill.exe. wont let me even without making any interaction with the error menu. tired multiple times. tried taskmgr. wont let me. tried copying and renaming rkill.exe. wont let me. screen comes up and i recognize the real windows protection center window which shows whether you have firewall, antivirus, etc turned on. i had just turned these on this morning and they are all off now. a pop up says that the computer is trying to send private information out and asking whether to allow access to the port. computer almost frozen with popups. slightly worried so i unplug internet and force reboot into safe mode with networking. attempting rkill.exe again here. worked. message came up as if it was restarting into safe mode asking yes if i want safe mode and no if i want system restore. yes back to safe mode. ran malewarebytes. updated and opened malewarebytes. started full scan. in progress. just thought that i would post this as i go along for any suggestions or points that might be important where i should be doing this differently. Also to share my experience with others if this works. I have used this site before with great luck and am a huge fan of the malewarebytes program. Figured i owed it to actually make and post this time. So thanks for helping in the past and thanks for any help i recieve during this trouble.

BC AdBot (Login to Remove)

 


#2 thechillinhippy

thechillinhippy
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 18 August 2010 - 10:27 PM

i dont know why this was moved to security as it is a maleware issue just like the topic board i posted in. but whatever. so i got malewarebytes to run in safe mode with networking. then i rebooted to normal mode. ran it again. everything is fine except one thing.
i have no internet. well to be exact. im being blocked from the internet. i know this because it says i have internet, i have a valid IP, it is not a self assigned ip, i can get to any bookmark that is a site where i log into something and can then get into the site. such as gmail. and i even get new messages. and finally, i can log onto warcraft 3 battle.net and play games. that definitely requires an internet connection. trust me ive tried without one.
So. i ran malewarebytes again. nothing. now i am running advanced system care by io.bit. just for the hell of it.
Otherwise i dont know what to do.

#3 parisoe

parisoe

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:08 PM

Posted 07 September 2010 - 06:15 PM

I have the same thing and cant get rid of it either. HELP!!!!

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:04:08 PM

Posted 07 September 2010 - 07:47 PM

http://www.bleepingcomputer.com/virus-remo...alware-tutorial

Check this guide and make sure a proxy server has not been set by the malware

Under the Proxy Server section, please uncheck the checkbox labeled Use a proxy server for your LAN. Then press the OK button to close this screen. Then press the OK button to close the Internet Options screen. Now that you have disabled the proxy server you will be able to browse the web again with Internet Explorer.


Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users