Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Torrent malware from media player codec [Closed]


  • This topic is locked This topic is locked

#1
11JHrakeeb

11JHrakeeb

    New Member

  • Member
  • Pip
  • 1 posts
I was downloading the movie "The Internship" from the following: http://torrspace.in/...ad097d.torrent. This torrent had three files in it, namely:
i.The Internship 2013 (English) [DVDRip].x264.avi 750 MB
ii.The Internship 2013 (English) [DVDRip].x264.nfo 47B
iii.x264 Video Codecs XP-Win7.exe 7.12 MB
On finishing the download, I tried to see the movie, but there was an error in the media player claiming that the file could not be played, so thats when I installed the codec. On installing the codec everything seemed normal, but the installation failed. After that I was prompted to install the codec manually, where I was redirected to sourceforge.net, where they had a codec extension called MPC-HC which again redirected me to mpc-hc.org. Here, the site prompted me to download the codec file, which I did, during the final moments of the download, the download failed. The reason for the failure of the download was that the link was not secure.
After this, the malware had spread. My google chrome browser could not load any web page that had the https extension, as the certificate was tampered with. This is when I turned to the firefox browser, which at that time was running very smoothly. But moments after, ads just started popping up from everywhere. The one that surprised me was the one that was in facebook. The facebook ad was scary as the ads were everywhere in the page, even on the image viewer popup where ads were labeled as ads not from facebook.
The malware is altering my anti-virus software avast, and also not letting me download any files from the internet, as the files get deleted on finish. That is the reason why I could not run a quick scan from the OLT Software. Please do help, will be very thankful.
  • 0

Advertisements


#2
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Hi! My name is Jasmyne and Welcome to Geeks to Go!

I'm sorry you are having issues with your computer but I will do my best to resolve them as quickly as possible. I know having an infected computer is frustrating because I was once where you are now!

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

  • You may want to print out these instructions, or copy them to a text file so that will have a copy in case you loose your connection to the internet during a removal process.
  • Please make sure to carefully read any instruction that I give you and in perform them in the order they are posted. If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask! Never be afraid to ask questions! :)
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please note that there is no "Quick & Easy Fix" to most malware infections and we may need to use several different tools to get your system clean.
  • Please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.
  • Please reply within 3 days. Topics with no reply in 4 days are closed!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Please do not post links to torrent sites, it is a violation of Geeks to Go Terms of Use:

p. The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.


P2P Warning!

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

Cyber Education Letter
File sharing infects 500,000 computers
USAToday

I would recommend that you uninstall any P2P Programs, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you decide to keep the program in spite of the risks involved, do not use it until I have finished cleaning your computer and have given you the all clear.

----------------------------
Now that's out of the way, lets get started :)


Do you have another computer that you can access in order to download OTL to a USB and transfer it to the infected computer?

If so, please run this custom scan, if not post back let me know.

Download OTL to your USB and transfer it to the desktop of your infected computer.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please check the box next to Scan All Users.
  • Make sure Use SafeList is selected under Extra Registry.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    dir C:\ /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP