Never seen something like that before!! help please

Discussion in 'Malware Help (A Specialist Will Reply)' started by caligal, Sep 29, 2008.

  1. caligal

    caligal Private E-2

    Hi folks. I am urgently in need of help getting rid of some malware on my computer. I tried everything rangin from hd format to all kinds of antivirus. I am aware that once infected the antivirus wont work properly. I did a low level format and rewrote the MBR and the Boot sector, but the virus just keeps coming back. After a low level format and a fresh windows xp install, malwarebytes anti-malware gets a adware.web.search. The virus blocks me from installing any kind of antivirus, antispyware or whatever after some time after the fresh SO install. It keeps changing my hosts files and creating lots of weird files (dlls). It also creates account users, and it just simply migrates some files from an old installation even though I used Dban to format it. It is been awhile since my pc started acting weird.After trying everything i could I just cant think of anything else but getting your help. I do believe that initially this virus was transferred to me through Msn messenger, coz a friend of mine was sending me some pics of her newborn babygirl and when I opened the file it looked to me as there was a program installing itself as the picture was being opened. After a little while my panda internet security started giving me warnings about Dos Atacks to my network. One day out of the blue I just couldnt access internet. After trying to repair my connection I discovered that there were some kind of problems on winsock. So I repaired it and internet was back on. From that day on antivirus stopped updating and so did windows update. My other pc is also infected so it is now on quarantine (lol). I am really desperate so I would appreciate any help. Please give me some clue on how to deal with that!!!! Thanks y'all!!!!:)
     
    caligal, Sep 29, 2008
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.


    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    Notes:

    1. If you run into problems trying to run theREAD & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.



    If you formatted and reinstalled Windows then its likely that the malware could have hit before you updated Windows to a newer Service Pack or installed Security software before connecting to the internet, so advisable to download the network install versions of Windows Service Packs ( we host a few of them here ) and also have the downloaded installer for antivirus, firewall etc ready to install before connecting pc to the net after an install.

    BUT continue with the above on the onfected PC and attach the logs to your next post in this thread and out malware experts will be able to assist you.
     
    DavidGP, Sep 30, 2008
    #2
  3. caligal

    caligal Private E-2

    Hi halo! Thanks for replying so fast. Well,as you said I could have gotten infected as soon as my computer connected to the Internet, but antivirus, antimalware and firewall were installed prior web surfing. Also windows so service pack 3. The softwares were all downloaded on other of not currently infected, or so I believe. As for now I can't even connect to the Internet, nor install any programs, nor use anything related to Internet security or malware protection. As I tried to log into my pc, I couldn't see the login user names, nor the task bar. Sorry for being so noob. Thanks for your kindness. :)
     
    caligal, Oct 4, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you formatted as stated then it is unlikely that the malware is still there. It is more likely that you are reinfecting the PC either from something you are installing that is infected or from another networked PC, or from the internet somehow.

    You need to follow the instructions given and run the scans of the READ & RUN ME and attach the requested logs. Try all steps! As stated, do not assume all steps will not work just because one does not work.

    Without logs, we cannot begin to help you and would just have to tell you the below:
    • to reinstall and DO NOT connect the PC to the internet or to any other PCs. Just reinstall Windows and nothing else.
    • Does it stay uninfected?
    • If yes, then remain disconnected from any networks and the internet and install your protection software.
    • Does it stay uninfected?
    • If yes, not connect to your network and internet. Does it stay uninfected?
     
    chaslang, Oct 6, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds