Jump to content

extremeboy

Experts
  • Posts

    1,088
  • Joined

  • Last visited

Everything posted by extremeboy

  1. Hello. Please run Combofix. Download and Run ComboFix Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop. Link 1 Link 2 Link 3 Refer to the page below for further instructions on running ComboFix. This includes installing the Recovery Console. Note that you do not need your Windows XP disk to install it. http://www.bleepingcomputer.com/combofix/how-to-use-combofix Double click on Combo-Fix.exe & follow the prompts. When finished, it will produce a open a report for you. Post back with it. It is at C:\ComboFix.txt. Do not mouseclick the ComboFix window while it's running. That may cause it to stall. Post back with the Combofix log in your next reply. Let me know how it goes. With Regards, Extremeboy
  2. Hello. Safe Mode does not screw up your computer. It's another boot mode that can be used. As long as you use safe mode using the F8 method you are fine. I would like you to run 2 scans for me please. If you do not make a reply in 5 days, we will need to close your topic. Please take note of some guidelines for this fix: Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken. Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself. Please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here. Download and Run ATFCleaner Please download ATF Cleaner by Atribune. This program will clear out temporary files and settings. You will likely be logged out of the forum where you are recieving help. This program is for XP and Windows 2000 only. Double-click ATF-Cleaner.exe to run the program. Under Main Select Files to Delete choose: Select All. Click the Empty Selected button. If you use Firefox browser also... Click Firefox at the top and choose: Select AllClick the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser also... Click Opera at the top and choose: Select AllClick the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Download and Run OTScanIt Download OTScanIt by OldTimer to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop. Open the OTScanIt folder and double-click on OTScanIt.exe to start the program. If you are running on Vista then right-click the program and choose Run as Administrator.Check the Scan all users box at the top left. Change the Rootkit Scan setting from "No" to Yes. Click the Extras button under "Additional Scans". Now click the Run Scan button on the toolbar. When the scan is complete Notepad will open with the report file loaded in it. Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it. Close Notepad (saving the change if necessary). Use the Add Reply button in the forum and Attach the scan back here (do not copy/paste it as it will be too big to fit into the post). It will be located in the OTScanIt folder and named OTScanIt.txt. Download and Run Scan with GMER We will use GMER to scan for rootkits. Download gmer.zip and save to your desktop. Alternate Download Site 1Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here. When you have done this, disconnect from the Internet and close all running programs. There is a small chance this application may crash your computer so save any work you have open. Double-click on Gmer.exe to start the program. Allow the gmer.sys driver to load if asked. If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Click the >>> Click on Settings, then check the first five settings:System Protection and Tracing Processes Save created processes to the log Drivers Save loaded drivers to the log [*]You will be prompted to restart your computer. Please do so. After the reboot, run Gmer again and click on the Rootkit tab.Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for Show All. Click on the Scan and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. You will know that the scan is done when the Stop buttons turns back to Scan. When completed, click on the Copy button and right-click on your Desktop, choose New>Text document. Once the file is created, open it and right-click again and choose Paste. Save the file as gmer.txt and copy the information in your next reply. If GMER doesn't work in Normal Mode try running it in Safe Mode Important!:Please do not select the Show all checkbox during the scan.. Please post back with: -OTScanIT log -GMER Scan log -What Problems do you still have? With Regards, Extremeboy
  3. If you do not want to format/reinstall, then go ahead and follow GT500 instructions. With Regards, Extremeboy
  4. Hello. It is indeed a file related to the nasty Virut file infector infection. Most experts suggest a format/reinstall. Take a read below. Virut File Infector Warning Your system is infected with a polymorphic file infector called Virut. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr) and also web pages (.html and .htm). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. As of now, security experts suggest that a clean reformat is the only way to clean the infection and it is the only way to return the machine to its normal working state. Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr) or any web pages (*.html or *.htm). It attempts to infect any accessed .exe or .scr or .html/.htm files by appending itself to the executable. Also, try to avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too. With Regards, Extremeboy
  5. Hello. I couldn't edit my topic so here's another link regarding 64bit machines: http://www.malwarebytes.org/forums/index.php?showtopic=9344 Hope that helps. With Regards, Extremeboy
  6. Hello. This topic was also discussed over here: http://www.malwarebytes.org/forums/index.p...amp;mode=linear Real-time protection doesn't work, but the normal and standerd free version works on 64bit machines. With Regards, Extremeboy
  7. Hello. I had the same problem yesterday as described by exile360. However, I do not get the error 1783 to 1784 update error and did not have that problem yesterday either. With Regards, Extremeboy
  8. Hello. what do you mean the "getting started menu"? Does the Malwarebytes anti-malware main page doesn't show up once you double click it? Could you describe that with some more details. A screenshot would help us understand what the getting started menu is. Thanks. With Regards, Extremeboy
  9. Hello. If you installed Malwarebytes to it's default location which is \Program Files\Malwarebytes' Anti-Malware\ then you can double click on mbam.exe to launch Malwarebytes Anti-Malware. Then once you launched it you can view your log. Back at the main Scanner screen, click on the the Logs tab in MBAM. There you should see all the log files when you run MBAM unless you deleted some. High-light the log you wish to open and select Open and you will be able to view the contents Good luck. With Regards, Extremeboy
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.