Antivir/Antispyware.net Hijacker/Virus

  • Thread starter Thread starter NiCandCo
  • Start date Start date
N

NiCandCo

Hi everyone,

I'm wondering if anyone can point me in the right direction to get rid
of this thing off my computer.

I'm not 100% sure how it got on my pc but I'm 99.9% certain it's my
own fault for not putting the right protectionon my machine.

At this moment I'm getting ready to boot into safemode and then I'm
going to follow some directions I've gotten from a site called
removingvirusguide.com though I'm concerned that this site isn't
legit.

I've running windows 7 and have got AVG installed which is all up to
date. I've got a program called Malwarebytes also installed but the
virus won't let me run either of these things. I've tried opening the
registry and it won't let me open that either. It's hijacked IE, which
I don't use but my kids do, and I'm getting porn sites randomly
opening now.

I'm happy to do what needs to be done but I'm just not sure what
exactly that is. If anyone is out there and can offer any advice I'd
be much appreciated.

Thanks.

Nikki.
 
NiCandCo said:
Hi everyone,

I'm wondering if anyone can point me in the right direction to get rid
of this thing off my computer.

I'm not 100% sure how it got on my pc but I'm 99.9% certain it's my
own fault for not putting the right protectionon my machine.

At this moment I'm getting ready to boot into safemode and then I'm
going to follow some directions I've gotten from a site called
removingvirusguide.com though I'm concerned that this site isn't
legit.

I've running windows 7 and have got AVG installed which is all up to
date. I've got a program called Malwarebytes also installed but the
virus won't let me run either of these things. I've tried opening the
registry and it won't let me open that either. It's hijacked IE, which
I don't use but my kids do, and I'm getting porn sites randomly
opening now.

I'm happy to do what needs to be done but I'm just not sure what
exactly that is. If anyone is out there and can offer any advice I'd
be much appreciated.

Thanks.

Nikki.
Click to expand...

Try renaming mbam.exe to something different such as cand.exe or
cand.com or another .exe or .com and see if it will run?
Mbam.exe is the malwarebytes program executable which can be found in the
Malwarebytes' Anti-malware folder under Program Files or similar.
Buffalo
 
Try renaming mbam.exe to something different such as cand.exe or
cand.com or another .exe or .com and see if it will run?
Mbam.exe is the malwarebytes program executable which can be found in the
Malwarebytes' Anti-malware folder under Program Files or similar.
Buffalo
Click to expand...


Poor and essentially useless advice. Thanks for playing, now move along.


Disable System Restore. Boot into safe mode. Install Malwarebytes from a thumb
drive and scan your system. Problem solved.

Yes, it works just fine. I had to clean a person's Windows installation of that
same malware last week.
 
NiCandCo said:
Hi everyone,

I'm wondering if anyone can point me in the right direction to get rid
of this thing off my computer.
====>
Right

I'm not 100% sure how it got on my pc but I'm 99.9% certain it's my
own fault for not putting the right protectionon my machine.

At this moment I'm getting ready to boot into safemode and then I'm
going to follow some directions I've gotten from a site called
removingvirusguide.com though I'm concerned that this site isn't
legit.
Click to expand...

It probably is, but I usually recommend the "Bleepingcomputer.com" site.
They have been keeping up with all of these new versions quite well in
the past.
I've running windows 7 and have got AVG installed which is all up to
date. I've got a program called Malwarebytes also installed but the
virus won't let me run either of these things.
Click to expand...

You have to stop the process that is doing that interference.
I've tried opening the
registry and it won't let me open that either. It's hijacked IE, which
I don't use but my kids do, and I'm getting porn sites randomly
opening now.
Click to expand...

Active malware is protecting itself.
I'm happy to do what needs to be done but I'm just not sure what
exactly that is. If anyone is out there and can offer any advice I'd
be much appreciated.
Click to expand...

Run Malwarebytes' Anti-Malware in safe mode (if the malware will let
you). Then again in normal mode.
 
From: "NiCandCo" <[email protected]>

| Hi everyone,

| I'm wondering if anyone can point me in the right direction to get rid
| of this thing off my computer.

| I'm not 100% sure how it got on my pc but I'm 99.9% certain it's my
| own fault for not putting the right protectionon my machine.

| At this moment I'm getting ready to boot into safemode and then I'm
| going to follow some directions I've gotten from a site called
| removingvirusguide.com though I'm concerned that this site isn't
| legit.

| I've running windows 7 and have got AVG installed which is all up to
| date. I've got a program called Malwarebytes also installed but the
| virus won't let me run either of these things. I've tried opening the
| registry and it won't let me open that either. It's hijacked IE, which
| I don't use but my kids do, and I'm getting porn sites randomly
| opening now.

| I'm happy to do what needs to be done but I'm just not sure what
| exactly that is. If anyone is out there and can offer any advice I'd
| be much appreciated.

| Thanks.

| Nikki.

Buffalo's advice was very good execept do NOT rename, copy to a new file name.

Go to; C:\Program Files\Malwarebytes' Anti-Malware

COPY; MBAM.EXE to somethining like; NIKKI.COM

Then double-click on NIKKI.COM


BTW: Don't assume it is a "virus". It surely is malware but not neccessarily a virus.
All viruses are malware but not all malware are viruses.
 
NiCandCo said:
I've running windows 7 and have got AVG installed which is all up to
date. I've got a program called Malwarebytes also installed but the
virus won't let me run either of these things. I've tried opening the
registry and it won't let me open that either. It's hijacked IE, which
I don't use but my kids do, and I'm getting porn sites randomly
opening now.
Click to expand...

You might try holding Ctrl and Alt then pressing Delete to get to the menu
where the task manager is. Click on the task manager and on the first tab
there is an area where you can start a program, called New Task. It's in the
lower right corner. Then go through the file directory until you find the
file you want to start. You can often start programs this way when nothing
else works.
 
Buffalo said:
Try renaming mbam.exe to something different such as cand.exe or
cand.com or another .exe or .com and see if it will run?
Mbam.exe is the malwarebytes program executable which can be found in the
Malwarebytes' Anti-malware folder under Program Files or similar.
Buffalo
Click to expand...

In my experience that doesn't often work. If the malware is excluding that
program then it's usually via some other mechanism such as file size, not the
file name. But usually the entire EXE extension is redirected, so few things
will work anyway. The EXE file association must usually be reset (best in
safe mode).
 
Back
Top