hijacked?

Discussion in 'Malware Help (A Specialist Will Reply)' started by Yumiyahachiman, Jul 13, 2012.

  1. Yumiyahachiman

    Yumiyahachiman Private E-2

    While surfing the web i stumbled upon a virus.

    From the moment i connect to the internet, i get a screen filled with a warning that i've been doing some illegal downloading or something (it's in french so i'm not totally sure) and on the side is an option to transfer cash..

    Can anybody tell me how to solve this problem. Should i just follow the malware removal guide? Cause i cant do any updates with the removal tools.
     
    Yumiyahachiman, Jul 13, 2012
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes.

    The only update needed can be performed manually as stated in the instructions for MBAM.
     
    chaslang, Jul 13, 2012
    #2
  3. Yumiyahachiman

    Yumiyahachiman Private E-2

    Okay,

    I've followed the guide (while not connected to the internet)
    I've attached my results.
    I stopped at step 4 as requisted as my problem still remains:
    Task managers closes automatically when you open it and as soon as i connect to the internet, my screen gets filled with a warning that i have been doing illegal stuff and have to pay up (it's in french) and i am not able to do anything else.

    Thank you in advance for looking into my problem.
     

    Attached Files:

    Yumiyahachiman, Jul 14, 2012
    #3
  4. Yumiyahachiman

    Yumiyahachiman Private E-2

    *Insert cursewords*

    I forgot to do the manual update for the malwarebyte removal.

    Should i still do this now, or do i have to start all over?
     
    Yumiyahachiman, Jul 14, 2012
    #4
  5. Yumiyahachiman

    Yumiyahachiman Private E-2

    Just to be sure that I've done it already once this gets read, i've done the update of the malwarebytes software and ran it again (no infections again)
     

    Attached Files:

    Yumiyahachiman, Jul 14, 2012
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Now download The Avenger by Swandog46, and save it to your Desktop.
    See the download links under this icon http://www.majorgeeks.com/images/dll.gif
    • Extract avenger.exe from the Zip file and save it to your desktop
    • Run avenger.exe by double-clicking on it.
    • Do not change any check box options!!
    • Copy everything in the Quote box below, and paste it into the Input script here: part of the window:
    • Now click the Execute button.
    • Click Yes to the prompt to confirm you want to execute.
    • Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    • Your PC should reboot, if not, reboot it yourself.
    • A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.
    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • C:\avenger.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Jul 15, 2012
    #6
  7. Yumiyahachiman

    Yumiyahachiman Private E-2

    Okay,

    done and done.
    I'm able to open taskmanager now...
    When i plug in the internetcord... nothing happens
    I think i'm good to go.

    Logs are attached, I'll check in later to see if you advise any additional actions before continueing with step 5 of the guide.
     

    Attached Files:

    Yumiyahachiman, Jul 15, 2012
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Your logs are clean.



    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    8. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    9. After doing the above, you should work thru the below link:
     
    chaslang, Jul 15, 2012
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds