My PC can't read the memory

Z

zaizaivic29

New Member
I was using the internet then somehow it automaticly restart then they popup some sign which is the 3 picture down there.
When I restart then somehow all the program was automaticly gone. I am use window vista.
I have an anti virus program call avast virus, it was somehow warning that some virus has been detected. I don't remember what was the name but i remember that it start with MAL, I did some research and here the list of virus start with MAL
Malage
Malaise
Malign
Malmsey Habitat vv3.b
Malmsey2
Malmsey
Maltese Amoeba
Malware Defense.
Please help me, it would be great.
Thanks
 

Attachments

  • Picture 004.jpg
    Picture 004.jpg
    48.3 KB · Views: 124
  • Picture 001.jpg
    Picture 001.jpg
    66 KB · Views: 122
  • Picture 002.jpg
    Picture 002.jpg
    63.3 KB · Views: 116
  • Picture 003.jpg
    Picture 003.jpg
    67.7 KB · Views: 117
johnb35

johnb35

Administrator
Staff member
You are infected with a rogue program, please do the following. You will need to run the rkill program listed in my instructions first before running malwarebytes. You may also find out its easier to do this in safe mode with networking.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
Z

zaizaivic29

New Member
johnb35 said:
You are infected with a rogue program, please do the following. You will need to run the rkill program listed in my instructions first before running malwarebytes. You may also find out its easier to do this in safe mode with networking.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
Click to expand...

Hey thank for helping me. But my PC is currently unable to do anything. It can't. Go on the Internet so I think it won't be able to download te program. Is there some other way that I could put the program into my pc
Thanks
 
johnb35

johnb35

Administrator
Staff member
Yes.

Either try safemode with networking or use a usb flash drive to download, on a different uninfected computer, the rkill program in my post to kill the active infection and then run malwarebytes. Once rkill has been ran you can't reboot the sytem or the infection will be become active again.
 
Jamebonds1

Jamebonds1

Active Member
To remark. You also can use Avast! antivirus program to boot-time scan which is better than just scan in-windows. I already met this virus and i hate it.
 
Z

zaizaivic29

New Member
Hey guy so I just open my computer today and the avast told me to restart the pc so they could scan. It currently scan and it take very long. Somehow my yahoo still working I went on and check email then it connect me to firefox. So should I cancel the avast scan and do johnb35 method or I continued scanning with avast .
Thanks
 
johnb35

johnb35

Administrator
Staff member
You also most likely have the zero access rootkit as well. When you run rkill program you will also need to run this as well.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

infection-found.jpg


To remove the infection simply click on the Continue button and TDSSKiller will attempt to clean the infection.

When it has finished cleaning the infection you will see a report stating whether or not it was successful as shown below.

scan-completed.jpg


If the log says will be cured after reboot, please reboot the system by pressing the reboot now button.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it. Please open the log and copy and paste it back here.

Don't worry about avast right now, just follow the procedure I posted.
 
johnb35

johnb35

Administrator
Staff member
If you are still having issues and you are able to download programs, then its possible I can assist you by remotely taking control of your pc by downloading a program called teamviewer.
 
You must log in or register to reply here.
Top