Double whammy - Malware Doctor + Microsoft Security Essentials hijacker

View previous topic View next topic Go down

Double whammy - Malware Doctor + Microsoft Security Essentials hijacker

Post by neilmck on 7th September 2010, 7:44 am

Hi there,
I see to have been attacked by 2 different pieces of malware, and I'm finding it very difficult to solve. I have the rogue Malware Doctor which keeps popping up constantly, and I also get messages from "Microsoft Security Essentials Alert". I have tried installing the Malwarebytes Anti-Malware program and Rkill, but am unable to run them (even in Safe Mode).

I'd really appreciate any help you can offer !

Thanks in advance,
Neil

Edit: Just to add - I've used Rkill and this is the log that was generated
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Neil on 07/09/2010 at 9:54:43.


Services Stopped:


Processes terminated by Rkill or while it was running:


C:\Documents and Settings\Neil\Local Settings\Application Data\bteisahxb\egoeboouqiw.exe
C:\Documents and Settings\Neil\Application Data\7F3099A7C862C9F8C60CB5DCD36D59F1\mediafix70700en02.exe
C:\Documents and Settings\Neil\Local Settings\Application Data\bteisahxb\egoeboouqiw.exe
C:\Documents and Settings\Neil\Desktop\rkill.com


Rkill completed on 07/09/2010 at 9:54:45.

neilmck
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2010-09-07
OS OS : XP
Points Points : 22833
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Double whammy - Malware Doctor + Microsoft Security Essentials hijacker

Post by Kenny94 on 7th September 2010, 12:53 pm

Hi neilmck and Welcome to GeekPolice!

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.
---------------------------------------------------------------------------------------------
Run rkill.exe then try to immediately run the following:


  1. Download ComboFix from below:

    [You must be registered and logged in to see this link.]


    * IMPORTANT !!! Place combofix.exe on your Desktop

  2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.


    You can get help on disabling your protection programs [You must be registered and logged in to see this link.]

  3. Double click on combofix.exe & follow the prompts.

  4. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

    Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





    The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.

    With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.

    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.

    ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:

    The Recovery Console was successfully installed.



    Click on Yes, to continue scanning for malware.

  5. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

  6. When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------

  7. Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------



Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum