I just worked on an infected computer of my user. The virus/trojans are kinda scary. They blocked the malwarebytes.org. Therefore, you cannot go to the web site to download the software. I managed to get the file downloaded on a different computer and move it over. Once I got the setup file over, I cannot install it. It seemed like the trojan knows the name of the setup file. I renamed the setup file and I was able to get it to install. After installation, I cannot get it to run! I figured it’s the same thing that trojan prevents the application to run. So, I changed the application’s name and I was able to invoke the application. After the application was running, it failed to update the definition. However, I was able to run the Anti-Malware and scan the computer.
You might think this is typical behaviours of trojans. What’s so special about it? They are special because even in safe mode, the restrictions imposed by trojans still persist. That means the trojans authors have figured out some ways to circumvene Windows safe mode.
Anyway, none of these would happen if you use the computer as a regular user. Remember NOT to use an admin account for any internet activities EVER.
This post may contain affiliated links. When you click on the link and purchase a product, we receive a small commision to keep us running. Thanks.
I am having the same problem… I will try that. I cannot run any anti-malware like hijackthis, smitfraudfix, malwarebyte, etc. I cannot even open many of the websites that discuss how to fix it! This is a nasty virus/trojan… why do people do this? Is it the antivirus companies trying to make us buy their software?
Use linux for internet and email application, linux don` t need antivirus Cugus!
Best way for those machines that are infected and you can’t install anything there are two options:
1. Re-install OS …. or ….
2. I have found that if you Remove the hard drive from the infected computer….and use another “dummy” desktop or laptop, hook up the infected hard drive to it as an external drive…..install Malwarebytes or other software on the “dummy” machine, scan the external drive….it usually finds a lot of the virus and you can remove it, then once the scans are done….put the infected hard drive back into the system, and it will let you install malwarbytes and other software now…..now you can re-run a FULL scan on the system and it should pick up more and you should be able to completely clean the device. You may want to find some registery cleaners as well as use malwarebytes….it will just help in the cleaning and get you back to tolerating/operational conditions. IDE/SATA To USB converters are out there cheap to allow you to remove the hard drive and hook it up to any other pc as an external…..oh by the way…..I say use a “Dummy” machine to do this because it will get infected too……..unless it has updated AV and it should catch it…..but just in case, never can be too safe.