Disk Doctor malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by momofgray07, Dec 2, 2010.

  1. momofgray07

    momofgray07 Private E-2

    A malware has attacked my system, its called disk doctor. It says i have 11 errors detected defragmentation is required and when you run the defrag it says half the errors where fixed and i have to purchase something called defrag hdd repair to fix the others. then i keep getting error messages that my hard drive is not found, i have no hard drive space, no ram memory.
    error report states damaged hard drive space, bad sectors on hard drive, hard drive clusters less than 500 ms gives different errors over and over and if i restart it just repeats. found the file name and deleted it in regedit but it keeps coming back. if i try to delete it in the file location it says i cant delete it because its a disk control. I tried the read me first thread and did all the steps. will include the logs. i have windows 7 and its a 64bit so i couldn't do all the steps. Please Help!
     

    Attached Files:

    momofgray07, Dec 2, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hi there and welcome. I am currently reviewing your logs and will get back to you with a set of instructions in the next post I make to you.
     
    Kestrel13!, Dec 3, 2010
    #2
  3. momofgray07

    momofgray07 Private E-2

    Thank you very much i appreciate your help.
     
    momofgray07, Dec 3, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Did you try a system restore to before you got this?
     
    TimW, Dec 3, 2010
    #4
  5. momofgray07

    momofgray07 Private E-2

    i was going to but i was afraid it would infect my system restores.
     
    momofgray07, Dec 3, 2010
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    No it will not infect them. At least I doubt it. Do a restore to before this happened and then re-run both SAS and MBAM and attach those logs. Tell us if you are still having issues.
     
    TimW, Dec 3, 2010
    #6
  7. momofgray07

    momofgray07 Private E-2

    alright will do. thanks
     
    momofgray07, Dec 3, 2010
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Just let me know the results. :)
     
    TimW, Dec 3, 2010
    #8
  9. momofgray07

    momofgray07 Private E-2

    went to do a system restore but i have no restore points before yesterday when i got the virus. Apparently it has already infected system restore and wiped all my restore points.
     
    momofgray07, Dec 3, 2010
    #9
  10. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Well, it was worth a shot.

    Download The Avenger by Swandog469, and save it to your Desktop.

    * Extract+ avenger.exe from the Zip file and save it to your desktop

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now copy just the bold text below to notepad (Do not include any space above the word REGEDIT). Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    * Run avenger.exe by double-clicking on it.
    * -Do not change any check box options!!
    * Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

    * Now click the Execute button.
    * Click Yes to the prompt to confirm you want to execute.
    * Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    * Your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Now run Ccleaner to clean out only temp files and nothing else!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\Avenger.txt
    * C:\MGlogs.zip

    Make sure you tell me how things are working now!
     
    TimW, Dec 3, 2010
    #10
  11. momofgray07

    momofgray07 Private E-2

    I do believe that worked, you are awesome. thank you very much. i did not find a log for avenger one did not pop up when i rebooted and there is not one my C file. but disk doctor is gone...fingers crossed. also there is no mgtoolszip file. but everything seemed to work. thanks!!!
     
    momofgray07, Dec 3, 2010
    #11
  12. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Check again for C:\MGlogs.zip as well as C:\Avenger.txt.
     
    Last edited by a moderator: Dec 4, 2010
    Kestrel13!, Dec 3, 2010
    #12

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds