5 replies to this topic

[HMPLZ]

Hello, everyone. Upon what seems to be a recent wake of rogue malware spreading across the Internet, I seem to have found myself in an equally unfavorable situation as well.

I am not sure but my computer seems to be showing nearly the same symptoms as the AntiVirus 2009 rogue - though not exactly.

Symptoms I have noted:
* Unable to install known anti-malware programs - their install processes do not pop up or just stay idle when they do.
* Unable to run some anti-malware programs and some have had their update functionalities blocked.
* I receive a "connection interrupted" message when attempting to access websites of known anti-malware manufacturers - including Malwarebytes. (I am here through a web proxy. I am also on the problem computer.)

MBAM was suggested to me by my friend as well as various Internet forums I have stumbled upon. Through the web proxy, I have been able to successfully download the installer. I followed the install instructions - everything went on smoothly until the installer seemingly froze in the "finalizing install" stage. After about 10 minutes of waiting, the installer came up with the "finish" prompt (I left the update and launch boxes checked). After I clicked "finish", the install window disappeared and nothing happened - the Setup button still appeared on the taskbar and its process is still running but idly on task manager. I also noticed the actual executable of the program (MBAM.exe) fired up - but it was also idle. After waiting several more minutes, the Setup executable died off on its own and sooner followed by the actual program executable. Now I am here posting about this problem...

I am on a Windows XP SP3 computer. Eset's Nod32 is my current anti-virus. Ad-Aware 2008 and Spybot S&D (this one has stopped functioning) are my anti-malware programs prior to getting MBAM. I was able to eliminate a few threats previously including a TDSS.rtk trojan and a few so-called "low-threat" malware.

It is my first time to post in a help forum as I have been an "independent" troubleshooter in the past - this malware infecting my computer, I'm not even sure what exactly is it and its the first time none of my known solutions worked. I will gladly give thanks to any help.

[HMPLZ]

I apologize for double-posting as I cannot seem to edit my earlier post.

I am not sure if these issues are linked, but I also cannot access my ipconfig through Start--->Run. Window's disc error checking utility also keeps telling my it is unable to scan any of my drives. I forgot to mention as well that an autorun.BB worm was detected and deleted a few days earlier - some of our external storage drives still get autorun.BB warnings but not on the same drives after they are deleted.

[AdvancedSetup]

Does the Internet work? Are you in Normal mode? Does Safe Mode work?

[HMPLZ]

Greetings and thank you for the response. The Internet is currently working without problems but some websites, particularly the websites of anti-malware and anti-virus companies are not loading. (According to what I read elsewhere, the malware edits my hosts file to block such websites. I believe it is also the file Spybot edits to block unscrupulous websites.)

I have tried installing MBAM in safe mode but the same things happen - the installer freezes here and there and the actual application never starts (its process is visible for several minutes however).

I am currently in Normal mode and is willing take any instruction.

[HMPLZ]

I apologize again for the double post -

I followed this guide here you had: http://www.malwarebytes.org/forums/index.p...amp;#entry35969

I must say it totally worked. MBAM is now working nicely and has just detected several infections. I guess I just should have looked around a little more. I think you very much regardless, AS, for your response, the guide, and thanks to the team for this very great piece of software.

[AdvancedSetup]

Thank you. I encourage you to still open a new post in the HJT forum to obtain assistance with removing this Malware.

This Malware is often updated and has variants that might still leave pieces on your system.