Jump to content


Photo

Systen Security 2009 Issues


  • This topic is locked This topic is locked
4 replies to this topic

#1 Kurtisinnocent

Kurtisinnocent

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 27 June 2009 - 02:54 PM

As a note, the first thing I'd like to say as that on my labtop, which is infected, I am now unable to download anything from internet explorer, nor will this bastard allow me to open anything like Firefox or Opera. Because of this, I am unable to download the combofix or HiJackThis. It has also prevented me from running safe mode and dafe mode with networking, which I've never had a problem opening before. The laptop is now just over a year old and as a college student and part time graphic designer, I'm freaking out about the possibility of my laptop becoming a brick. I'll gladly supply any information that is needed, I just really need some help. Thank You.

#2 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,325 posts

Posted 28 June 2009 - 08:21 PM

Hi Kurtisinnocent, and Welcome to SWI

I suggest printing out each set of instructions and reading the entire post before proceeding. It will make following them easier. Please follow the directions in the order listed.

You would not want to connect to the Internet in Safe mode with Networking as its possible to become even more infected, and you should not ComboFix except under the direction of a trained Helper as it's a powerful utility that in the wrong hands could leave you with an unbootable system.

Since you can't download anything yourself, for now you will need to have someone download the next two programs for you and burn them to CD/DVD for you. Do NOT use a USB flash drive as it's possible to transfer many infections that way.
Download the HijackThis installer from http://www.trendsecu...p?page=download
Download Malwarebytes' Anti-Malware from http://www.malwareby...am-download.php.

Burn the two programs to CD and transfer them to your system, copying them to the Desktop.

Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Click the "Delete Cookies" button
  • Next to it, Click the "Delete Files" button
  • When prompted, place a check in: "Delete all offline content", click OK
Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu on the left side of the Options window.
  • Click the Clear button located to the right of each option (History, Cookies, Private Data).
  • Click OK to close the Options window
    Alternatively, you can clear all information stored while browsing by clicking Clear All.
    A confirmation dialog box will be shown before clearing the information.
Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
Double-click on HJTInstall.exe and install HijackThis to it's default location.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • If it can't download an update, just continue with the instructions.
  • If the program won't start, go to C:\Program Files\Malwarebytes' Anti-Malware and rename mbam.exe to myprogram.exe, and double-click on the fiel to run the program.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply along with a fresh HijackThis log.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


If you can't connect to the Internet to upload the needed logs, burn them to CD and upload them from another system (but I think you will be able to do that from your system).

Please post a new HijackThis log, the log from MBAM, and note any errors encountered.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#3 Kurtisinnocent

Kurtisinnocent

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 30 June 2009 - 12:39 PM

I've installed HiJackThis and Malware Bytes, but after renaming the program, I still cannot open it. What should I do now?

#4 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,325 posts

Posted 30 June 2009 - 08:18 PM

Have you tried running them in Safe mode?

Reboot to Safe Mode - Restart your computer and begin tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter.
To return to normal mode just restart your computer as you normally would.

Now see if you can run MBAM, and then HijackThis (MBAM may want to restart to finish cleaning, so allow it, and if after that you still can't run HijackThis, reboot back to Safe mode and see if you can run it then.

If that doesn't work, download this program. You may have to do the same thing, and download on another system and burn to CD.

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Posted Image


Posted Image
--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a HijackThis log if you can now run it, and note any errors encountered.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#5 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,325 posts

Posted 27 July 2009 - 09:45 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button