Jump to content

Home Antivirus 2010


Recommended Posts

First off thanks for this forum to allow us to get help with these sorts of things...

So I seem to have acquired "Home Antivirus 2010"

I tired running my registered version of malwarebytes... the basic scan begins and after 10-15 seconds, it closes out and nothing...

when i try to open malwarebytes again it gives me an error and wont open.

I have tried uninstalling malwarebytes, reinstalling and pretty much go through the same thing as described above.

I have tried running hijackthis... once again this program will not run...

I have tried foloowing the instructions to do rootrepeal... this software will not run properly either?!?!

I am not any kind of computer wizard but I can follow instructions... Any guidance would be greatly appreciated.

thank you again ;) ,

Drew

Link to post
Share on other sites

Hi Drew, welcome to Malwarebytes :)

Download RootRepeal:

http://rootrepeal.googlepages.com/RootRepeal.zip

  • Extract the archive to a folder you create such as C:\RootRepeal
  • Double-click RootRepeal.exe to launch the program (Vista users should right-click and select "Run as Administrator).
  • Click the "File" tab (located at the bottom of the RootRepeal screen)
  • Click the "Scan" button
  • In the popup dialog, check the drives to be scanned - making sure to check your primary operating system drive - normally C:
  • Click OK and the file scan will begin
  • When the scan is done, there will be files listed, but most if not all of them will be legitimate
  • Click the "Save Report" Button
  • Save the log file to your Documents folder
  • Post the content of the RootRepeal file scan log in your next reply.
Link to post
Share on other sites

ok boys, please dont pirate my thread! :)

ok so i was able to run rootrepeal...

heres the report... seems kinda short right?

again thank you for any help with my issue

Big up :):):) SpySentinel for taking an interest in this!!!

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2009/08/04 23:03

Program Version: Version 1.3.3.0

Windows Version: Windows XP Media Center Edition SP3

==================================================

Hidden/Locked Files

-------------------

Path: C:\hiberfil.sys

Status: Locked to the Windows API!

Path: C:\WINDOWS\system32\netlogon.dll

Status: Locked to the Windows API!

Path: c:\windows\temp\mcmsc_0ycvelyjwpi040l

Status: Allocation size mismatch (API: 4096, Raw: 0)

Path: c:\windows\temp\mcafee_gnamfdyizzme7xm

Status: Allocation size mismatch (API: 4096, Raw: 0)

Link to post
Share on other sites

Everyone else please start a new topic.

Hi drewberkeley,

You're welcome.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the "C:\Combo-Fix.txt" for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

I tried running the Combo-Fix...

It would open, and run... a small graphic showed up with green bars filling up and once it was full it would stall a bit, then nothing...

i am still able to use firefox, internet explorer with some success, itunes, etc... its just blocking any of my spyware protection... at this point i am exceeding my understanding/capabilities of what my machine is doing and what im gonna need to fix it...

Last night i wiped the C and reinstalled XP... fortunately no data was lost.

Again, many many thanks to SpySentinel this place is truly a wonderful resource and thank you for sharing your time and expertise in helping others!!!

And last but not least, I want to thank my faithful followers jhosk and Allchaos et all, this would not have been possible without you...

please do not forget your dreams, as i may not have succeeded in fighting this g.. d... virus, that does not mean you cannot attain success!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.