I got a nasty bug here, it started yesterday when i noticed Google's search results with a different font, didn't mind at the time, thought it was some css error or something like that.

Today when i booted the computer, it booted then shutdown alone..., ok disconnected the network cable, booted.
Try to install hijackthis i had on a pen (latest version), doesn't install... try to download latest malwerebytes from site, browser doesn't work (although for google and other pages it works).

Boot on safe mode, ask a friend to download latest malwerebytes and give me a pen with it, install malwerebytes ok, try to run...nothing, open task manager, see process is killed once it starts, hijackthis is also killed, and all this on safe mode !!

Also on safe mode i get errors when i try to run/install SUPERAntiSpyware.exe SmitfraudFix.exe (an error has occurred you must close your application...)

I had nod32 2.6 on this machine, it caught some bugs the fist time i run a scan, but when i rebooted i doesn't show the icon anymore, but the process is still there.


Any ideas here?

Find mbam.exe (normally in "C:\Program Files\Malwarebytes' Anti-Malware\"), and try renaming it to something random. If you are having trouble finding it, remember that Windows XP and Windows Vista hide file extensions by default, so it's probably just named mbam. Anyway, here's a screenshot of what it looks like on my Vista machine:

Click to view attachment


Once you have it renamed, just double-click (or right-click and run as Admin if in Vista), and Malwarebytes' Anti-Malware should run normally.

Let me know if that doesn't work.

Thanks for the tip!, after renaming the file (named it vtrjgiotrh.exe) the prog started and run normally, it found several bugs on the registry and a bugged .dll
The bugs are really targeting this software and maybe others, both on the installer and the prog .exe

what it found:

spyware.banker
trojan.agent

According to Malwarebytes they're cleaned, any other advice? are they really gone?

update:

as soon as connected to the network and booted on normal mode, problems again, no iternet, slow, blocks malwarebytes, no AV, impossible to work. Reebot safe mode with network, run malwarebytes (with a different name) again (can't update) trojan.agent appears again on the scan...

You can download a manual database update here. You can put it on a flash drive or a CD. Note that the installer does not contain the latest database, and is only updated about once daily.

Also, I would suggest not running MBAM in Safe Mode. It's advanced drivers do not work in Safe Mode, which can cripple it's detection and removal capabilities.

Hello refrig and welcome to Malwarebytes. Please delete Smitfraud fix from you desktop, never use tools like this without supervision, from someone who knows how they work and what to do with them. Please follow these instructions here and begin your own topic in that forum.

Yea, Jean will get you the help you need. I'm just trying to get you to the point that you can browse to the sites you need to.

BTW: You may want to check your HOSTS file. It could be blocking sites.

Look in C:\WINDOWS\System32\Drivers\etc and there should be a file called HOSTS (no extension, just the word HOSTS). Let me know what's in it. If it's empty, then I will let Jean take it from here.