Computer completley disabled by virus

[kuli.ann]

Hi,

My computer has been seriously infected with something. I am posting from my laptop.

It was attacked yesterday evening. Whilst online a pop up called "Doctor Malware" appeared saying there were 500+ infections. We disconected from the internet immediatley.

The computer has Mcafee SecurityCentre which said it had blocked a trojan. After this we ran a Malwarebytes Anti-malware scan which found approx 28 infected files, some of which were successfully removed.

We have run the Malwarebytes scan several times and it removed items each time. The scans have been taking longer and longer.

After the last scan Malwarebytes rebooted the computer. It has now frozen and doesn't respond to the mouse or keyboard.

There is the following error message in the middle of the screen in a windows style box called RUNDLL:

Error loading pobmgido.dll

The specified module could not be found.

This message has appeared before, but on previous occasions it has been possible to close the window and continue. This time the only thing you can do from here is to turn the computer off.

I have no logs to post as I cannot use the computer at all - Sorry.

Thank you for your help

Best wishes

kuli.ann

 

[Blade81]

Hi,

Let's see if we can get some info from the machine. You'll need empty CD, burning CD/DVD drive and removable USB flash drive.

Copy the bolded text into notepad and save it to your flash drive. Name it OTLscript.

netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90

After that,

• Download OTLPE from either location and save it to your desktop:
  
  mirror1
  mirror2
  
  
• Double click the OTLPENet icon on your desktop
• Do you want to burn the CD? choose Yes
• ImgBurn will automatically extract and load the OTLPE Iso to be burned to CD
• Place a blank CD in your CD-Rom
• Click
  
  to start the burn process
• You will see a dialog Operation successfully completed
• Boot the non-working computer using the boot CD you just created
• In order to do so, the computer must be set to boot from the CD first
  
  Note : For information click here
  
  
• Your system should now display a REATOGO-X-PE desktop.
• Double-click on the OTLPE icon.
• When asked Do you wish to load remote user profile(s) for scanning, select Yes
• Ensure the box Automatically Load All Remaining Users is checked and press OK
• OTL should now start
• Plug in your flash drive
• Under the Custom Scan box copy and paste the contents of the OTLscript you saved to your flash drive
• Push
  
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive.
• Please post the contents of the C:\OTL.txt file in your next reply.

 

[tashi]

This thread has been closed due to inactivity.