Jump to content

Recommended Posts

Posted

Apparently this is a nasty piece of malware.

Have done searches but cant find a way to remove it successfully, any ideas ?

Tried some programs but it still remains !!!!........

recommendations please ?

Posted (edited)

What have you tried already (antimalware programs)?

When I have to get rid of very nasty pieces of malware (usually from my friends' computers), I either use Hiren's Boot CD (which allows you to boot on another operating system and contains many antimalware tools among other utilities) or I put their hard disk in an external enclosure and then run several antimalware programs from one of my own computers with the external enclosure connected to it. The goal is to not boot on the infected operating system (nasty malware tend to replicate themselves at startup).

For more information about Hiren's Boot CD:

http://en.wikipedia.org/wiki/Hiren%27s_BootCD

http://www.hiren.info/pages/bootcd

http://www.hirensbootcd.org/download/

Edited by GuyL
  • Like 1
Posted

Malwarebytes plus a others wont even install ? Gives runtime error

tried Avg 2015, doesnt see it for removal, but throws warnings its trying to connect to the internet.

Avast, doesnt see it.

IObit wont remove it.

Any other suggestions ? No drive to use dvd or cd solutions.

Posted (edited)

Malwarebytes plus a others wont even install ? Gives runtime error

tried Avg 2015, doesnt see it for removal, but throws warnings its trying to connect to the internet.

Avast, doesnt see it.

IObit wont remove it.

Any other suggestions ? No drive to use dvd or cd solutions.

Maybe try to launch the Hiren's Boot CD tools from a USB flash drive then: http://www.hirensbootcd.org/usb-booting/

You still have the external enclosure solution (mentioned in my previous post, it's a few hundred bahts investment if you don't have one yet) if you can use another computer to scan your current HDD.

Edited by GuyL
  • Like 1
Posted

Found some files in the system32 folder, they wont delete, file handle error!

Stubborn s.o.b !

Seems its creators have covered many angles to stop removal.

If you follow my previous suggestions, it should not be a problem to delete them.

Posted

Whilst on this subject, my friends keep getting a message from my email address, especially after FB use, giving details of a New Year sale at 'Ohwit' - this has been going on for 3 years on & off. I've scanned with Malawarebytes/Avast etc in vain. I've changed my email password but the problem persists. Any advice would be appreciated; please bear in mind that I'm not very computer literate.

Posted (edited)

Whilst on this subject, my friends keep getting a message from my email address, especially after FB use, giving details of a New Year sale at 'Ohwit' - this has been going on for 3 years on & off. I've scanned with Malawarebytes/Avast etc in vain. I've changed my email password but the problem persists. Any advice would be appreciated; please bear in mind that I'm not very computer literate.

Could be a malware, but also, email spoofing: http://en.wikipedia.org/wiki/Email_spoofing

In the case you are infected by a malware, there are numerous free tools that may help you: http://www.techsupportalert.com/best-free-spyware-and-adware-remover.htm

I would start with free versions of Malwarebytes antimalware and SuperAntiSpyware, and of course, by running a full scan of your computer with your current antivirus software (if you haven't one yet, free versions of Avast, Avira or AVG are decent solutions), but if it doesn't work, you might have to do what I have suggested previously too with a bootable CD or USB flash drive or external enclosure and another computer for not launching your current operating system before the scan.

Check first with your friends that it is not just email spoofing now (as much as they can and this may help them: http://www.askdavetaylor.com/how_to_tell_if_email_is_spoofed_or_legit/).

Edited by GuyL
Posted (edited)

Thanks for replies so far.....

The problem with running the various anti virus tools etc is they just dont see the problem, its not recognised as a threat.

The folder and files are all somehow protected from detection/deletion, any attempt to remove them results in a "handling error".

I found the folder and files from searching the net and knowing what to look for as they are renamed from the onvious, I got the source of the issue, just need to remove it.

So anti-virus tools dont see it, any ideas or suggestions on how to remove these files "manually" ?

Edited by MichaelJackson
Posted (edited)

Thanks for replies so far.....

The problem with running the various anti virus tools etc is they just dont see the problem, its not recognised as a threat.

The folder and files are all somehow protected from detection/deletion, any attempt to remove them results in a "handling error".

I found the folder and files from searching the net and knowing what to look for as they are renamed from the onvious, I got the source of the issue, just need to remove it.

So anti-virus tools dont see it, any ideas or suggestions on how to remove these files "manually" ?

READ POST #2 !!! Hiren's boot CD, will boot into a clean environment and thus you can remove those files

I will paste that post here for you to read

<snip>

When I have to get rid of very nasty pieces of malware (usually from my friends' computers), I either use Hiren's Boot CD (which allows you to boot on another operating system and contains many antimalware tools among other utilities) or I put their hard disk in an external enclosure and then run several antimalware programs from one of my own computers with the external enclosure connected to it. The goal is to not boot on the infected operating system (nasty malware tend to replicate themselves at startup).

For more information about Hiren's Boot CD:

http://en.wikipedia.org/wiki/Hiren's_BootCD

http://www.hiren.info/pages/bootcd

http://www.hirensbootcd.org/download/

Edited by MJCM
  • Like 1
Posted

Thanks for replies so far.....

The problem with running the various anti virus tools etc is they just dont see the problem, its not recognised as a threat.

The folder and files are all somehow protected from detection/deletion, any attempt to remove them results in a "handling error".

I found the folder and files from searching the net and knowing what to look for as they are renamed from the onvious, I got the source of the issue, just need to remove it.

So anti-virus tools dont see it, any ideas or suggestions on how to remove these files "manually" ?

READ POST #2 !!! Hiren's boot CD, will boot into a clean environment and thus you can remove those files

I will paste that post here for you to read

<snip>

When I have to get rid of very nasty pieces of malware (usually from my friends' computers), I either use Hiren's Boot CD (which allows you to boot on another operating system and contains many antimalware tools among other utilities) or I put their hard disk in an external enclosure and then run several antimalware programs from one of my own computers with the external enclosure connected to it. The goal is to not boot on the infected operating system (nasty malware tend to replicate themselves at startup).

For more information about Hiren's Boot CD:

http://en.wikipedia.org/wiki/Hiren's_BootCD

http://www.hiren.info/pages/bootcd

http://www.hirensbootcd.org/download/

Thank you, MJCM!

I also previously explained that Hiren's Boot CD tools may be also launched from a USB flash drive: http://www.hirensboo...rg/usb-booting/

  • Like 1
Posted

Thanks for replies so far.....

The problem with running the various anti virus tools etc is they just dont see the problem, its not recognised as a threat.

The folder and files are all somehow protected from detection/deletion, any attempt to remove them results in a "handling error".

I found the folder and files from searching the net and knowing what to look for as they are renamed from the onvious, I got the source of the issue, just need to remove it.

So anti-virus tools dont see it, any ideas or suggestions on how to remove these files "manually" ?

In the post before yours I said:

You need to boot into a clean environment

Do you understand what that means?

Posted (edited)

Dont have any form of cd disc drive, dont know how to do from usb.

The instructions state copy files from cd to usb, I CANT DO THAT , no cd drive.

Edited by MichaelJackson
Posted (edited)

Dont have any form of cd disc drive, dont know how to do from usb.

The instructions state copy files from cd to usb, I CANT DO THAT , no cd drive.

Oke Fair enough, What about a Friends Computer, Internet Cafe, Computer Repair Shop etc ?

Edited by MJCM
Posted (edited)

I changed my post after you CHANGED YOURS.

So read my Changed post

Dont have any form of cd disc drive, dont know how to do from usb.

The instructions state copy files from cd to usb, I CANT DO THAT , no cd drive.

Oke Fair enough, What about a Friends Computer, Internet Cafe, Computer Repair Shop etc ?

Edited by MJCM
Posted (edited)

Dont have any form of cd disc drive, dont know how to do from usb.

The instructions state copy files from cd to usb, I CANT DO THAT , no cd drive.

You can extract the files locally (Hiren's Boot CD is stored in a zip file at the download location that I have mentioned earlier), for instance with 7-zip (it's free and it allows you to extract .iso files too).

http://www.7-zip.org/download.html

Edited by GuyL
  • Like 1
Posted

Think I will just take off what I want to keep and throw the HDD out!

Less hassle, easier and less time consuming to replace the HDD than try and repair this problem.

If it's too difficult for you and are planning to go to Udon Thani or Nong Khai one of these days, send me a private message. Or maybe other people in your area could help you too.

Posted

Think I will just take off what I want to keep and throw the HDD out!

Less hassle, easier and less time consuming to replace the HDD than try and repair this problem.

Don't give up. !!!

It's quite easy.

Just download 2 things

Hiren Boot CD (from Post #2) and

7 Zip.

After you download both, and installed 7 Zip you can extract the contents of the CD on your Hard Disk and create the USB stick.

If you do it and you succeed, you will be "On Top of the World" thumbsup.gifbiggrin.png

And please remember if you run into difficulties there are a lot of TV members here to help !!

Good Luck

Posted

Think I will just take off what I want to keep and format the HDD, start again from fresh.

never hurts.

Just make sure you get fresh copies of your favourite programs.

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...