Jump to content

Katusha.a virus

JayhawkJohn
 Share

Recommended Posts

negster22

negster22

Posted
Posted

Hi and Welcome to the Malwarebytes' Forum,

Download TFC to your desktop:

Close any open windows.

Double click the TFC icon to run the program

TFC will close all open programs itself in order to run,

Click the Start button to begin the process.

Allow TFC to run uninterrupted.

The program should not take long to finish it's job

Once its finished it should automatically reboot your machine,

if it doesn't, manually reboot to ensure a complete clean

Please Run ComboFix by following the steps provided in exactly this sequence:

Here is a tutorial that describes how to download, install and run Combofix. Please thoroughly review it before proceeding:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Note: The above tutorial does not tell you to rename Combofix as I am about to instruct you to do in the following instructions, so make sure you complete the renaming step before launching Combofix as described below.

Very Important! BEFORE downloading Combofix, temporarily disable your antivirus and antimalware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix and even remove onboard components so it is rendered ineffective. Follow the directions that apply to your version of AVG in the following topic:

http://www.bleepingcomputer.com/forums/topic114351.html

Using ComboFix ->

Please download Combofix from one of these locations:

HERE or HERE

I want you to rename Combofix.exe as you download it to iexplore.exe

Notes:

  • It is very important that save the newly renamed EXE file to your desktop.
  • You must rename Combofix.exe as you download it and not after it is on your computer.
    You may have to modify your browser settings if you use Firefox, so you can rename Combofix.exe as you download it. To do that:
    • Open Firefox
    • Click Tools -> Options -> Main
    • Under the downloads section check the button that says "Always ask me where to save files".
    • Click OK

    [*]For Internet Explorer:

    • Choose to save, not open the file
    • When prompted - save the file to your desktop, and rename it iexplore.exe.

Running Combofix

In the event you already have Combofix, please delete it as this is a new version.

  • Close any open browsers and programs.
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.
  • If Combofix asks to update, please allow it to do so. If it renames itself back to Combofix.exe - this is normal!!
  • If You are running Windows XP, and Combofix asks to install the Recovery Console, please allow it to do so or it WILL NOT perform it's normal malware removal capabilities. This is for your safety !!

1. To Launch Combofix

Click Start --> Run, and enter (copy/paste)this command exactly as shown:

"%userprofile%\desktop\iexplore.exe" /killall

2. When finished, it will produce a logfile located at C:\ComboFix.txt

3. Post the contents of that log in your next reply.

Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

Please post C:\ComboFix.txt in your next reply.

If You have problems running Combofix then try running it in "Safe Mode with Networking" as follows:

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading normally, the Advanced Options Menu should appear;
  • Select the option, to run Windows in "Safe Mode with Networking", then press Enter.
  • Choose your usual account, and launch Combofix as directed above.

=============

NOTE: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Link to post
Share on other sites
JayhawkJohn

JayhawkJohn

Posted
  • Author
Posted

After I ran Combofix, I was unable to access the internet.

I tried to run ipconfig, but the dialog box didnt come up...I could run cmd and then ipconfig..but when i run ipconfig it shows "an internal error occured: the request is not supported" and "Additional information:unable to query host name"

let me know if you have any ideas on how i can get back on the internet

thanks

J

Link to post
Share on other sites
negster22

negster22

Posted
Posted

Hi JayhawkJoh,

You attached C:\Combofix.txt but the log I want to see is this one so I can tell what Combofix deleted:

C:\QooBox\ComboFix-quarantined-files.txt

I noticed that you have a Proxy set in your internet connections settings. Unless you have intentionally configured your LAN to connect through a Proxy Server do the following:

Remove Proxy Server & Configure LAN settings to automatically detect network settings:

In Internet Explorer (all versions):

1) Under “Tools” (or the Gear Icon in IE9) in the browser tool bar select “Internet Options”.

2) In the “Internet Options” window that pops up, click the “Connections” tab at the top.

3) Click “LAN Settings” near the bottom of the “Connections” section.

4) Place a checkmark in the "Automatically Detect Settings" checkbox to select it.

5) UNCHECK "Use a Proxy Server for your LAN" and remove the proxy settings

5) Click “OK” to close the “Local Area Network (LAN) Settings” window.

6) Click “OK” to close the “Internet Options” window.

In Firefox:

  1. Click on Tools --> Options for Windows
  2. Click on Advanced, then the Network tab
  3. Click Settings
  4. Select the "No Proxy" radiobutton
  5. Click “OK” to close the “Connection Settings” window.

Try repairing your internet connectivity issues by running the following Microsoft "Fix-its"

Fix It to Repair the TCP/IP Stack

http://support.microsoft.com/kb/299357

Fix it to Repair Winsock Settings:

http://support.microsoft.com/kb/811259#FixItForMeAlways

Create the following batch file to run relevant IPConfig commands

Open Notepad

Copy/paste the bolded text (below) into Notepad:

IPCONFIG /release

IPCONFIG /renew

IPCONFIG /flushdns

IPCONFIG /registerdns

On the Notepad Menu, Click File -> Save As

in the "Save as type" Box: Use the pull down menu set the "Save as type" to "All Files (*.*)"

In the File Name box type: dns-reset.bat

Then, save dns-reset.bat to your Desktop

Next, run dns-reset.bat by double-clicking the dns-reset.bat icon on your desktop & allow it to run

Please let me know if any of the above solutions rectified your inability to access the Internet. Thanks!

Link to post
Share on other sites
  • 2 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.