Sign In
Create Account
1
Anyhow, I tried running various adware/virus scans, but i am unable to. if i try and run malwarebytes,mcafee,norton,hijack this, avp, etc this trojan will stop the program from running, then make its directory read only prevent it from being run again. this also happens in safe mode.... I tried renaming the directories and executable files, but it didnt help any. I tried the web base virus scans, but the computer froze whenever i did. i tried combing through the registry, but couldnt find anything of note.
I tried following the instructions posted by prariedog
Quote
Our program, Malwarebytes' Anti-Malware can detect and remove most Malware with no further actions required for free.
Please download Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad and if required the program will ask you to reboot to remove locked files.
Please download Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad and if required the program will ask you to reboot to remove locked files.
i was unable to do this in either normal or safe mode. When i run malwarebytes, it is immediately shut down, and its file and directory are made read only, which prevents me from running it again. i tried re-installing and renaming the file and directory, but that didnt help, so i was unable to run the scan.
Quote
If you're still experiencing issues after running the above procedures then please follow the instructions below.
* Scan and Log ProceduresPlease download this program Trend Micro HijackThis to your desktop.
* Double-click on it to run and install it.
* Then launch the program and click on Do a system scan and save a logfile. This log file will open in Notepad.
* Please start a Newtopic here and post the most recent Malwarebytes' Anti-Malware log file and HijackThis log file using Copy/Paste.
* The Malwarebytes' Anti-Malware log file is located in the Logs tab of the program.
Someone will analyze the logs and give you further instructions.
Prompt responses to instructions and performing the required fixes as soon as possible is always best.
During this scan and cleanup process you should not install any other software unless requested to do so.
* Scan and Log ProceduresPlease download this program Trend Micro HijackThis to your desktop.
* Double-click on it to run and install it.
* Then launch the program and click on Do a system scan and save a logfile. This log file will open in Notepad.
* Please start a Newtopic here and post the most recent Malwarebytes' Anti-Malware log file and HijackThis log file using Copy/Paste.
* The Malwarebytes' Anti-Malware log file is located in the Logs tab of the program.
Someone will analyze the logs and give you further instructions.
Prompt responses to instructions and performing the required fixes as soon as possible is always best.
During this scan and cleanup process you should not install any other software unless requested to do so.
same issue with hijack this, i run it, it closes, its made read only and i can not run it again after that. same issue with mcafee, norton, and all the other stuff. running in safe mode yields the same results....
I saw another thread here with a file to check the master boot record. i ran it based on the instructions and here was the result:
C:\WINDOWS>mbr.exe -t
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net
device: opened successfully
user: error reading MBR
called modules: ntoskrnl.exe >>UNKNOWN [0x8A62AC92]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x8a6bab80
Warning: possible MBR rootkit infection !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.
C:\WINDOWS>mbr .exe -f
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
not sure if that helps any, but running the mbr,.exe -f command didnt help.
Back to top
