PDA

View Full Version : Computer completley disabled by virus



kuli.ann
2010-06-02, 20:39
Hi,

My computer has been seriously infected with something. I am posting from my laptop.

It was attacked yesterday evening. Whilst online a pop up called "Doctor Malware" appeared saying there were 500+ infections. We disconected from the internet immediatley.

The computer has Mcafee SecurityCentre which said it had blocked a trojan. After this we ran a Malwarebytes Anti-malware scan which found approx 28 infected files, some of which were successfully removed.

We have run the Malwarebytes scan several times and it removed items each time. The scans have been taking longer and longer.

After the last scan Malwarebytes rebooted the computer. It has now frozen and doesn't respond to the mouse or keyboard.

There is the following error message in the middle of the screen in a windows style box called RUNDLL:

Error loading pobmgido.dll

The specified module could not be found.

This message has appeared before, but on previous occasions it has been possible to close the window and continue. This time the only thing you can do from here is to turn the computer off.

I have no logs to post as I cannot use the computer at all - Sorry.

Thank you for your help

Best wishes

kuli.ann

Blade81
2010-06-08, 20:44
Hi,

Let's see if we can get some info from the machine. You'll need empty CD, burning CD/DVD drive and removable USB flash drive.

Copy the bolded text into notepad and save it to your flash drive. Name it OTLscript.

netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90

After that,

Download OTLPE from either location and save it to your desktop:

mirror1 (http://oldtimer.geekstogo.com/OTLPEStd.exe)
mirror2 (http://ottools.noahdfear.net/OTLPEStd.exe)


Double click the OTLPENet icon on your desktop
Do you want to burn the CD? choose Yes
ImgBurn will automatically extract and load the OTLPE Iso to be burned to CD
Place a blank CD in your CD-Rom
Click http://i232.photobucket.com/albums/ee245/dlsdo/imgbrn.png to start the burn process
You will see a dialog Operation successfully completed
Boot the non-working computer using the boot CD you just created
In order to do so, the computer must be set to boot from the CD first

Note : For information click here (http://www.hiren.info/pages/bios-boot-cdrom)


Your system should now display a REATOGO-X-PE desktop.
Double-click on the OTLPE icon.
When asked Do you wish to load remote user profile(s) for scanning, select Yes
Ensure the box Automatically Load All Remaining Users is checked and press OK
OTL should now start
Plug in your flash drive
Under the Custom Scan box copy and paste the contents of the OTLscript you saved to your flash drive
Push http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/runscanbutton.png
When finished, the file will be saved in drive C:\OTL.txt
Copy this file to your USB drive.
Please post the contents of the C:\OTL.txt file in your next reply.

tashi
2010-06-14, 17:29
This thread has been closed due to inactivity.