Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Aggravating Problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Aggravating Problem

Unread postby mccauslind » August 21st, 2009, 7:07 pm

I am working on a friend's PC that is infected with God knows what. When I got it, it would not allow any .bat, .com or .exe files to run. I took the drive out, slaved it to my PC and ran MalwareBytes and AVG on it. It cleaned many (157) various infections from back-door trojans to virtumonde.
I put the drive back in their PC, used the reg fixes from Kelly's Corner to fix file associations. I thought it was back up and running properly.
Five days later, they call and it is messed up again. I did the same procedure, cleaned lots of baddies off, and it is up and running again.
However... There is still a hijacker in there somewhere, as it will not go to any security sites. I tried to run HijackThis!, it will not run. I tried to go to Microsoft Windows OneCare, but it goes to ad sites instead. I tried to load MalwareBytes on that drive to run locally, it will not run. I tried to "trick" it like the folks from mbam suggest, by changing the install's name, then changing the exe name. Still will not run.
AVG will start, but as soon as the scan is requested, it blanks out.
I loaded Spybot, but as soon as I tried to start a scan, it closed.

When I try to run MalwareBytes, SpyBot S&D, or AVG, I get a message that says
"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."


This is a Dell Dimension E510. My friend said that it never came with a Windows XP restore CD, and they never made one (tsk! tsk!).
At this point, I am ready to trash it all.

Any ideas? A huge thanks in advance!

Dave
mccauslind
Active Member
 
Posts: 1
Joined: August 21st, 2009, 6:59 pm
Advertisement
Register to Remove

Re: Aggravating Problem

Unread postby NonSuch » August 21st, 2009, 11:35 pm

We understand that you are having difficulty running certain programs, including both HijackThis and Malwarebytes. However, in order for us to help you it is necessary that you provide us with a HijackThis log, and it is possible you may be able to trick the malware into letting you do this. If you tried renaming the setup file or the exe after placing it on the infected computer, that won't work. The renaming must be done prior to placing the file on the infected computer. First, download HijackThis to a clean computer, then rename it from HijackThis.exe to any other name you want, using an .exe extension, for example... YourLastName.exe. Once you have done that, burn it to a CD (preferable to using a flash drive that may easily become infected) then transfer the renamed file to the infected computer and run a scan, then start a new topic and include your HijackThis log.

Please follow the guideline at the link below to start a new topic and post your HijackThis log. If you are unable to create and post a HijackThis log, then your only option may be to reformat the computer and reinstall the operating system.

You said the owner states that no disk came with the computer, however, depending on the age of the Dell E510, it may have a recovery partition. If so, you can use that to do a restore to factory state. Use Ctrl + F11 at boot up. If a recovery partition exists, that should access it. If there is no recovery partition, then a disk can be purchased from Dell. I don't know the cost, but it's usually a lot less than purchasing retail.

This topic is now closed. If able, please start a new topic by following the HijackThis Guideline posted here, just be certain to rename HijackThis: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27301
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: M2Judy and 57 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware