pilvlp
join:2006-03-21
Mishawaka, IN | reply to LoPhatPhuud
Re: google redirect striking search systems and famous search I suppose I'll wait a bit. It's not THAT bad. I'm mostly worried about my personal data which is uncharacteristic of me. |
|
pilvlp
join:2006-03-21
Mishawaka, IN | reply to LoPhatPhuud
In regards to MBAM having the first solution; should I anticipate it being an update or will I have to check their forums? |
|
 LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 | reply to pilvlp
The forums would alert you to the possibilty of an update. First step is getting a copy of the installer, then they can build the fix. |
|
pilvlp
join:2006-03-21
Mishawaka, IN | I'm sorry, installer? |
|
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 | reply to pilvlp
Installer == the downloaded program that installs the actual malware files.
Just the same as you would download a game and install it. |
|
pilvlp
join:2006-03-21
Mishawaka, IN | I have no idea how I got the malware. My daughter got on my computer and somehow managed to download it. I was able to delete the fake antivirus program but I'm stuck on this redirect stuff now. |
|
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 Reviews:
 ·Comcast
| reply to pilvlp
Re: google redirect striking search systems and famous searchDownload ComboFix from one of these locations:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.infospyware.net/antimalware/combofix/
* IMPORTANT !!! Save ComboFix.exe to your Desktop
[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
[*]Double click on ComboFix.exe & follow the prompts.
[*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it at least 20-30 minutes to finish if needed.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum |
|
 lilhurricaneCrunchin' For CuresPremium,Mod
join:2003-01-11
Purple Zone
kudos:51 | @LPP: Noting for reference:
»forums.malwarebytes.org/index.ph···ic=99556 |
|
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23
1 edit | Thankee -- this is starting to show in a lot of places.
Since this is now posted at MBAM this thread is locked. |
|
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 Reviews:
·Comcast
| reply to pilvlp
From your PM earlier today...
This malware or virus screwed me over big time. I can not even boot windows now. It will not boot in safe mode or normal. I've tried a system restore with no avail. Any ideas?
windows 7 x64
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum |
|
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 Reviews:
·Comcast
| reply to pilvlp
At this point, based on prior issues, plus the new ones, you're facing a reformat. Even if we were able to get the computer to boot, the issue of stability and a compromsied OS deictates reformatting.
If you have a Windows CD/DVD, then boot from it. This will allow you to backup any needed data.
Here is info on compromised computers;
»Security Cleanup FAQ »Noteworthy Comments About Compromised Computers
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum |
|
pilvlp
join:2006-03-21
Mishawaka, IN | I wrote that real quick out of frustration. I attempted to "fix" the problem by reading another forum with a similar problem. It was required to remove/alter some registry keys and I think that is what caused my current boot problem. If worse comes to worst, I will reformat but for now I'd like to try to rollback the registry somehow.
Also, I really sorry to be taking up all your time and bugging you about this. I'm sure you can understand how frustrating an uncooperative computer can be. |
|
pilvlp
join:2006-03-21
Mishawaka, IN | some additional info:
*c0000135 the program can't start because %hs is missing.
*Can't boot into safe mode. It gets stuck on classpnp.sys
*System restore isn't reverted back to the time that is available
*No luck with an extended chkdsk scan through cmd
*System repair has not worked
I have yet to try a windows repair through a disk bootup, but I'm going to try later today and update on that. |
|
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 Reviews:
·Comcast
| reply to pilvlp
Your only recourse now is to reformat and reinstall. Take it as a lesson learned. Your impatience only added to your problems and now your computer is unbootable.
Just because two computers have the same symptoms, does not mean the fix is the same. Mucking around in the registry is the last thing you want to do without training.
Even if we could get your computer booting, there is no way to tell who damaged the OS is. The article I linked in my past post pretty well says it all.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum |
|
