Jump to content

Search the Community

Showing results for tags 'WinNT'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. HELP I have some kind of WinNT DOS IME Rootkit (Boot) Virus?? Not sure exactly but it switches RightToLeft and embedds everything on my computer into binary, stores it then uploads it when it does get online. Which is not often. It spreads like wildfire and took out the computer at the local repair shop in less than a minute. I have 5 computers all useless from this. Also I'm missing 25 gigs from my 500 gig hard drivewhich used to be 496 or something...now when reformatting it the maxium amount of space is 465gigs?? What it does (after a complete wipe/reformat/reinstall of Vista from the original CD) is slowly takes over my computer to the point of just being useless. Starts with something small like no right click or notepad will have no application associated with it. My fonts start getting smaller, my drivers will be replaced by generic ones. The keyboard will get assigned a different character set making it impossible to type. The mouse will become inverted sometimes left moves right & top moves bottom. There are unexpected screen flashes, sudden power and fan surges, reboots, denied access to folders, missing folders, mismatched fonts/buttons/colors on programs & desktop. It kills the screen resolution, sound, drivers, other programs, and just basicly disables everything, After about 5 hours (after a complete reformat/reinstall) the computer will barely work at all **UNLESS IT IS ONLINE~~ Then the harddrive is SCREAMING and I presume uploading my files like crazy..meanwhile my mouse keyboard and desktop barely function All(5) computers are toast. I have tried **SEVERAL** Antivirus programs. And always get the same result. It work for just for a little bit, then the trouble comes right back. It seems to replicate thousands of hidden random .dll .inf .ini .jtp .fx .pif .sfx .ocx files and anything with "32" in the name that KINDA seem important. I can only delete a few of them and they pop right back in seconds. There seems to be a large amount of protected folders too like "JINTLGNT" "CINTLGNT" "IMEJP10" "imjptk" "Unicode" The C:\System Volume Information contains HIDDEN PARTITIONS, devices, folders,restore pionts so the virus just returns. ALso I keep noticing (only from the CMD window) that a lot of folders now have either one or two extra dots "." or a \ before or after the name...maybe this is normal?? I used "Peek" to inspect a file and noticed this... "December November October September August July June April March February January" - the months of the year in reverse -and each letter was double spaced -but MAY was missing?? HUH??? I have used (not at the same time of course) the following Anti-virus Programs: Nortons, Avast, Malwarebytes/mbar/chameleon/regassassin, Sophos, Fileassassin, TDSS-RootKitKiller, FSS.exe/Aut2Exe, RKill.com, Emsisoft, Windows Defender, SilverLight, MrT, ComboFix, Secunia PSI, PandaCloud/Panda USB, DIY DataRecovery MBRtool, Webroot SafeCore, IOBitMalware, KasperskyLabs, Along with several MBR/Boot pgms: PowerQuestBOOT32,PARTINNT, KillDiskSuite, Raxco REGISTRY CLEANER, File Scavenger, CWShredder, AShampooCoreTuner, Core Tuner, IOLO System Mechanic, NCXpress, PrivacyGuardian, PeerBlock, PerfectDisk. And regularly use a few general purpose cleaners: Wise Disk Cleaner, Piniform CCsetup, ZoneAlarm, RegistryNuke, DriverDetective, PSIAlog and Peek to look at stuff...not to mention ANY Dell/HP/Compaq/Gateway programs from the install CD's. Always get the same outcome they find lots of problems then suddenly freeze or reboot. When it is really bad some of the CD's even refuse to spin or eject!! I always have to do a total reformat and reinstall just to get gack up and running. I have Windows XP SP3 (32bit), and Vista SP2 (64bit) with all the updates (but I doubt that they really installed correctly.) Nothing seems to work more than once. the programs SEEM to remove something during the repair. After a reboot ...the program fails as it loads, or when you run it.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.