Help with Malware!

gameboy1998 · Feb 7, 2014

Hi,

I have recently (tried) to install CamStudio and while the installation didn't ask me whether it wanted to install some other toolbars (Or shit like that) it installed something called as
sweet-page.

The malware changed default homepage on all my browsers(Firefox, Opera, Chrome) to the same.

I googled around and found out how to fix it and did so (Atleast I thought so). But just to be sure I purchased SpyHunter 4 and ran a scan and found out there are still plenty of malware hidden in my PC but however I cannot remove them accuse the SpyHunter program just stops responding.

I also cannot open task manager, Sign out, Turn off or Restart my computer even through command prompt, Its sad but I have to pull the plug every time I want to switch it off for troubleshooting.

I tried booting into safe mode but to no avail, The screen just turns black and stays there. I'm in a mess now! My desktop is my main machine for productivity and my whole workflow has been stalled because of the malware.

Do I have to do a fresh installation of Windows? Can I recover my files if I do so? Why didn't Avast Pro (For which I paid) didn't detect the malware and gave me a warning?

Please help me as soon as possible! Please!

ubercake · Feb 7, 2014

That's messed up. Have you tried malwarebytes?

This says a lot about CamStudio, too. Did you contact them about this junk?

rgd1101 · Feb 7, 2014

very bad review
http://sourceforge.net/projects/camstudio/

ahnilated · Feb 7, 2014

You could scan the computer from another computer or put the hard drive into another computer to scan it. Some antivirus programs also have a CD that you can use to scan the computer by booting from the CD. Just make sure you have a good AV program on the one you are using to scan the other one. You can also do online scans, there are sites out there that will do a free virus scan on your computer.

gameboy1998 · Feb 7, 2014

I tried installing Malwarebytes but couldn't do so. The setup just won't open.

I have not tried contacting CamStudio. I don't think it will be helpful - Its a open source software but I downloaded from their official website. Should I contact them?

HEXiT · Feb 7, 2014

go to emsisoft site on a different pc and get there emergency removal kit its free. put it on a bootable usb and use that to run a malware scan from the dos prompt outside windows... do it from a cold boot (turn the pc off completley for a couple of mins and let the residual current drain), not a warmstart/reboot.
emsisoft antimalware is as good as malware bytes for cleaning up this kind of thing...(most of the time, sometimes better sometimes not so much) so its well worth trying.
and dont worry, yes its free but it doesnt ask for anything like installing toolbars or anything like that. you dont even install the apps just run them off the usb stick.
(you dodnt even have to run it off a usb stick it will burn to disk also, so dont panic if your system doesnt allow booting from usb.

http://www.emsisoft.de/en/software/eek/

ubercake · Feb 7, 2014

gameboy1998 :

Definitely contact them. They probably won't do anything to help you, but they need to know someone doesn't appreciate what they have going on.

gameboy1998 · Feb 7, 2014

I will try the above suggestions and report back. Thanks guys!

gameboy1998 · Feb 7, 2014

UPDATE: I decided to try out HEXiT 's method first.

After downloading the software (which took two hours) I extracted it on my laptop and also updated it. I managed to boot into Safe mode with networking on Windows 8.1 and currently running a deep scan with Emsisoft Emergency Kit.

I will report back as the scan completes. Thank you guys!

gameboy1998 · Feb 8, 2014

UPDATE: After running the scan twice with Emsissoft Emergency Kit and booting into Windows 8.1 (Normal Mode) the symptoms remained the same. I still cannot open programs and shut down the computer.

BTW: Removed some 20 Malware with Emsisoft though.

HEXiT · Feb 8, 2014

sounds like you have been slammed by a malicious download.
not just a drive by seachbar installer.
if you can open programs in safe mode open ccleaner if you have it and remove any startup entries that refer to the toolbars as well as just deleting the search bar directorys dont uninstal, just delete them then run ccleaners reg cleaner. because you deleted them and didnt uninstall there reg entries should show up to be removed by the reg cleaner.
if all else fails. try combofix but be aware it has as much chance of fixing your system as crashing it so it should only be a last resort.

gameboy1998 · Feb 8, 2014

Is installing a program in safemode safe? Because I don't currently have CCleaner installed on my system.

I'm planning to do a full OS re-install. Would the virus have spread out of my boot portion into other partitions?

HEXiT · Feb 8, 2014

its possible. but if you do a fresh install from a cold start (ie power off the pc completely not from a reset or restart from windows) and then boot directly from the dvd it wont be able to infect the pc again as long as you dont run any infected programs off the other drives/partitions...
make sure you delete the primary partition and create a new 1, this wont afect other existing partitions on the drive so it should be safe to do it. 1s done install windows and install your antivirus straight after.

gameboy1998 · Feb 8, 2014

I was planning to run a live linux CD and delete the C partition and then install Windows from USB as installing from USB is faster then CD.

What antivirus do you recommend? I have had bad experience with avast this time around.

HEXiT · Feb 8, 2014

i use a payed version of malware bytes and avira... although avira has slipped in the rankings its still 1 of the best free antivirus apps but does need the backup of malware bytes... (i have used this combo for the last 3 years with zero hassle. before that i used avira with emsisoft antimalware payed version...
if your willing to pay then bitdefender or kaspersky will do the trick very well.
thing is the biggest security threat to your pc is the user. they often allow infections onto the machines even when there av pops up and yells at em. in your case im surprised it didnt as avast is normally pretty decent.

gameboy1998 · Feb 9, 2014

I'm the only user of this computer. I'm planning to get Windows 7 Professional (Downgrading from Windows 8.1 Professional) and maybe have 100$ for Antivirus.

How is BitDefender or Kaspersky with resources? Do they manage them well?

HEXiT · Feb 9, 2014

yes both are better than avast for using resources. my mate runs kaspersky on an 6000+x2 athlon with pretty much zero impact on performance.
bit-defender is just as good if not a little better.
if you plump for kaspersky then get the pure or KIS (kaspersky internet security) version they cost no more than the basic payed version if you look about.

gameboy1998 · Feb 9, 2014

I will try both the AVs with trial period and decide later on. I will however get a paid version of Malwarebytes.

HEXiT · Feb 9, 2014

i would say if you get bitdefender then you can forget about malware bytes payed version and use the free. the only difference between the 2 is the real time scanning and bit defender will cover that part of the equation

gameboy1998 · Feb 10, 2014

Plan on installing Windows 7 when I get home today. I will keep you guys updated.

davcon · Feb 10, 2014

Malwarebytes Chameleon works when regular version won't load on infected pc.
http://www.malwarebytes.org/chameleon/

gameboy1998 · Feb 10, 2014

davcon :

My PC won't even open calculator so I highly doubt it will install.

UPDATE: I unfortunately couldn't do the windows install today but I will sure as hell do it tomorrow.

Dark Lord of Tech · Feb 10, 2014

BitDefender < #1 Antivirus Engine.

ubercake · Feb 11, 2014

gameboy1998 :

In the past, I dealt with a virus which required me to disable my internet connection before I could even deal with it. I couldn't even use the PC otherwise.

Have you tried booting to safe mode with no network connection and then putting the malwarebytes chameleon on there and running it?

gameboy1998 · Feb 11, 2014

ubercake :

I tried to do the same with Emisoft Malware Emergence Kit but even though it removed about twenty malwares it when I booted into normal mode again I still couldn't open anything (even chrome or calculator)

Help with Malware!

Honorable

Splendid

Don't

Splendid

Honorable

Champion

Splendid

Honorable

Honorable

Honorable

Champion

Honorable

Champion

Honorable

Champion

Honorable

Champion

Honorable

Champion

Honorable

Judicious

Honorable

Retired Moderator

Splendid

Honorable

Share this page