I'm infected!!!!! I need urgent help!!!

  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

I managed to get a serious virus on my computer. I can't install anything, can't use task manager... anything.

Some Antispyware Soft sh!t. Please help me out, I don't know what to do.

I can't install HiJack This. Every time I try to install hijack this or open taskmanager it tells me that the file could be infected and just blocks it. It sends me to antispyware-scan.net.

I'm lost. Any help? This laptop came without the installation CD. Is the laptop trash?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Alright, I've been able to make some headway with this. I turned off wireless, restarted the laptop and while the programs were turning on, I turned on taskmanager (It worked since that virus hasn't loaded yet). and as soon as unfamiliar stuff loaded, I immediately terminated them.

As it turns out the virus is:

wawbjhqtssd.exe
vdbady1.dll

I was able to delete wawbjhqtssd.exe but I can't manage to delete vdbady1.dll. Every time I try it tells me that I don't have permission to it, and when I checked to property, it gave access to Everyone and was shared. Obviously someone was connecting to it.

I quickly removed access to everyone, but I still can't remove it. It has some permissions inherited from some parent program which I assume was wawbjhqtssd.exe.

Any help so I can finish this out?
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Looks like this virus is active.

vdbady1.dll was replaced by lprelwiz.dll

I can't delete lprelwiz.dll but vdbady1.dll was removed. Very annoying. Unlocker Assistant can't unlock it either. Any help?

[EDIT] I also only have 16 processes running (At least that is what Task Manager says under the "Processes" tab), but it tells me in that same tab that there are 54 processes running. Is that how it should be?
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Download ComboFix to another computer and save it to a flash drive or burn it to CD. Only download it from one of the two download links here: http://www.bleepingcomputer.com/combofi ... e-combofix

When you save it, save it as Combo-Fix.exe

Copy it to the desktop of the infected computer. Make sure you have an internet connection and run it.

The virus program might pop up a couple bogus warnings but don't worry about them. Pay attention to the messages that ComboFix gives you and follow the step by step instructions. You'll know the ComboFix messages because they "bleep" at you.

ComboFix will need to check for an update, and if you don't already have it installed, it will download and install Recovery Console from Microsoft. It's OK to install that.

Let it run it's course. Most likely it will require rebooting your machine. After you've logged back in, do not do anything until it produces and displays the log file in notepad.

Afterwards, before doing anything else, go to c:\Windows\system32 and navigate to and run MRT.exe That is Microsofts Malicious Software Removal tool that is updated and runs when you do Windows updates. You can run it as a standalone. Run a Full Scan. It will scan for known rootkits and remove them if ComboFix missed them.

That should take care of the bulk of the problem, however, after doing this, I still usually run Malwarebytes and Spybot Search & Destroy, and Hijack This
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

I managed to run the System Recovery service and returned my laptop to original factory condition.

I'm kind of impatient and it seemed like that thing was a key logger. The hacker had access to my laptop through that dll.
  • kevinyam168
  • Born
  • Born
  • kevinyam168
  • Posts: 1

Post 3+ Months Ago

hello everyone..i need help too..
i am a bachelor degree student which is very noob in this computer thingy..lately..i had been infected with a trojan horse generic2_c

the next thing i know is my task manager is gone!!
please guys help me!!
i need to rush for my assignments..
its not bugging me..but my AVG always notify me on the threat..
please any advise? besides reformatting..

thank you in advance..
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

And have you tried the program I recommended in this post? ComboFix? I have come to use it before anything else, as it tends to fix all these problems.

Post Information

  • Total Posts in this topic: 8 posts
  • Users browsing this forum: No registered users and 45 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.