453 Posted Topics
 | [QUOTE=shallowskills;963530]I have to exact same problem![/QUOTE] Please start your own thread. Thanks :)  |
| | [QUOTE=Computer Gannon;981948] The same type of thing happens when i try to do anything like extract files, open up controll panel, user accounts anything. Please help me! It's been this way for about 4 days and i've been searching but i still can't find a way to fix it.[/QUOTE] Please … |
| | Don't forget to delete the malware in addition to fixing with HJT. I'm not sure any of the scanners will remove those, so you probably need to rip them out manually. PP :)  |
| | [QUOTE=jp2code;980865]I got this same exact virus, the only one I've had in over 10 years, only after visiting Daniweb's site. Coincidence?[/QUOTE] What "virus" might that be? It would probably be a good idea to bring that to the attention of site administration...... BTW - Are you using a cracked/pirated copy … |
| | If you are still having trouble, navigate to your C:\Program Files\MamwareBytes Folder. Then, Rename mbam.exe to [B]zappa.com[/B] See if it will run. If so, please have it remove all that it finds and post the log for us. If it does not run, you can try the following, but it … |
| | [QUOTE=mohitume;980843] It is only solution of the above problem and i am proud that i am the first to post it. better than experts here[/QUOTE] Actually, it is not. And, by the way, it is incomplete. If it worked for you, great! :) Did you clean your infected pen drive[s]? … |
| | Re: Help appreciated [B][COLOR="Red"]EDIT:[/COLOR][/B] Sorry crunchie - didn't see you. Let me get a look at this log and then I'll get out of your way. PP :) [B]@rexassassin [/B] Have a try with my post below before doing what crunchie requested Please download [URL="http://forum.networktechs.com/attachment.php?attachmentid=1893&d=1251931475"][B]FindIt.zip[/B][/URL] and Extract the FindIt folder to your desktop. …  |
| | [QUOTE=jonknisely;963932] I have tried to run hijack this, sd fix, as well as Malwarebytes' Anti-Malware 1.40, but all to no avail.[/QUOTE] What happens when you try to run the tools? PP :) |
| | Hi Dave, Please run MBA-M as per this linky and then post the log: [url]http://www.daniweb.com/forums/thread134865.html[/url] PP:) |
| | What is your OS? -- Rename mbam.exe to [B]Zappa.com[/B] and try to run it. Any luck? PP :) |
| | If you like, this is an old tool that I wrote some time ago and if you can get it to run, may give us a better picture of what is going on. This is a strictly "[COLOR="Red"]Run at your own risk[/COLOR]" proposition: Download [URL="http://forum.networktechs.com/attachment.php?attachmentid=1888&d=1251700148"][B]PKBOO.zip[/B][/URL] and EXTRACT the PKBOO Folder … |
| | [QUOTE=Patrick321;962454]Also does anyone know why im getting those "your windows is not genuine" messages? . . . . But my vista business is genuine! I got it pre installed when I bought my toshiba satellite pro A200! I have that little sticker on the bottom that sais its genuine[/QUOTE] -- … |
| | [QUOTE=Atecks;962707]Is this like reformating where it deletes all the files, or is it a settings change, and how do I go about doing it?[/QUOTE] That is the "Last Resort," and certainly not called for at this time. You will lose any data that is not backed up...... -- Are you … |
| | I am not sure that you have the same infection as the others. Sounds like you have a bigger mess going on.... If you are able to install MBA-M, try this: First, Rename mbam.exe to [B]zappa.com[/B] See if it will run. If so, please have it remove all that it … |
| | [QUOTE=Gilgabob;963759]Renaming it in that way had no effect for me. Same problem - I get the Open With box. Anyone else have ideas? I'm desperate.[/QUOTE] First, Rename mbam.exe to [B]zappa.com[/B] See if it will run. If so, please have it remove all that it finds and post the log for … |
| | You might try a bootable option similar to RecoveryConsole to gain access. Check these out: [URL="http://trinityhome.org/Home/index.php?wpid=1&front_id=12"][COLOR="Green"]Trinity Rescue Kit[/COLOR][/URL] [URL="http://www.free-av.de/en/tools/12/avira_antivir_rescue_system.html"][COLOR="Green"]Avira Rescue System[/COLOR][/URL] The Trinity Kit should give you a number of cleaning options. Best Luck :) PP |
| | [QUOTE=KylesMomisaB;953117]I really appreciate all this help, I couldn't find help in any other site. Anyways, the virus still doesn't let me run the program regardless of the name. I have a feeling starting from scratch might be my only option.[/QUOTE] My $.02: Sallybarrett makes two good suggestions - System Restore … |
| | Re: flashy.exe [QUOTE=ivy15;917596] I really want to get free removal tool to rid of that flashy virus. [/QUOTE] Have you tried removing it via[B] MBA-M[/B]? I suggest you try the steps outlined in the linky below and then post the requested scanlogs. Hopefully one of the more regular volunteers will be able … |
| | This could be an issue with IE8. Maybe uninstall it and try 6 or 7? Better yet, Opera or Firefox.... Try installing one of those and see if problem persists. [QUOTE=priestholmes09;959473] also whenever i shut down my computer it restarts the only way for me to turn my comp off … |
| | [QUOTE=Pogasu;929866]I did the online scan and after booting, the connection was gone. [/QUOTE] I didn't see if crunchie already asked this, but do you have a logfile of what was removed by Kaspersky? Do you have any [I]old[/I] scanlogs from before you posted to this forum? If so, please post … |
| | I have to agree with Judy regarding MBA-M and Safe mode. She is correct in stating that if at all possible it should be run in Normal Windows boot. Of course, working in Safe Mode does offer advantages for other tools as well as for manual removal..... [QUOTE=kaninelupus;929864]Sorry, but experience … |
| | I suggest you use [URL="http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25"][COLOR="Green"][B]ATF-Cleaner by Atribune[/B][/COLOR][/URL] Cheers :) PP |
| | [QUOTE=Fourier12;926516]If I scan someones IP address with a port scanner and find an open port (Lets say they opened the port so it's not restricted by any protocol rules), are you then able to access their computer's command prompt? Can you upload or download files to / from their computer? … |
| | Are you able to scan the drive with MBA-M and HJT as per the linky below? [url]http://www.daniweb.com/forums/thread134865.html[/url] Give that a go, if possible. Post the logs and I'm sure someone will be happy to assist you further - bear in mind the holiday weekend here in the States...... --- It … |
| | You do have some malware showing in that HJT Log. [B] --- Please update your MBA-M and run it again ( FULL SCAN). Have it remove what it finds. Then, submit the MBA-M scanlog along with a fresh HJT. [/B] I am not around much, but I am sure one … |
| | [QUOTE=cartman714;894093]need to go to best buy to be cleaned pronto[/QUOTE] What is the point of this post? Not helpful at all. [QUOTE=jimfive] Is there any way to run the Anti-Malware, and have it check my F: drive? It seems that it just wants to check C:\.[/QUOTE] Hi Jim, -- Did … |
| | Looks like you submitted the same MBA-M log as before. You need to post the new run as Judy directed. Cheers :) PP |
| | Re: Mr andy [QUOTE=andy\sr;886382]Can i get help pl , error loading c:\PROGRA~1\MYWEBSz1\bar\1.bin\M3PLUGIN.DLL New to all this and thx[/QUOTE] Hi andy\sr, The easiest thing to do would be to go into Add/Remove programs and Uninstall [B]MyWebSearch[/B]. I would also suggest running [B]MBA-M[/B] as directed in the linky below and posting the resulting scanlog: [url]http://www.daniweb.com/forums/thread134865.html[/url] … |
| | Looks like a few baddies . . . [B]Please run MBA-M and ESET scans as per the linky below and post the logs.[/B] [url]http://www.daniweb.com/forums/thread134865.html[/url] I am not around much, but I'm sure crunchie or Judy will be able to advise you further as needed. Best Luck :) PP |
| | In all honesty, it would probably be best (and easier) to reformat your machine in this case. This baddie is difficult to recover from and even then things may still not work properly..... You might want to wait for crunchie or Judy to weigh in with an opinion, but I … |
| | Yup - you have a baddie. Please run MBA-M as per the linky below and post back the requested logs. I am not around much these days due to work, but Judy and crunchie would probably be happy to help you out: [url]http://www.daniweb.com/forums/thread134865.html[/url] Best Luck :) PP |
| | I doubt Crunchie will mind if you go ahead and do the following: Please download [url=http://www.besttechie.net/tools/mbam-setup.exe][color=blue][b]Malwarebytes' Anti-Malware (MBA-M)[/b][/color][/url] to your Desktop. [list][*]DoubleClick [b]mbam-setup.exe[/b] and follow the prompts to install MBA-M. [*]Be sure a checkmark is placed next to [b]Update Malwarebytes' Anti-Malware[/b] and [b]Launch Malwarebytes' Anti-Malware[/b], then click [b]Finish[/b]. [*]If an … |
| | An up-to-date resident Anti-Virus program ought to be able to clean this. If you need a "Stand-Alone" tool, use this one: [url]http://www.trendmicro.com/download/dcs.asp[/url] Full instructions are avaialbe in the linked READ ME on that page. Cheers :) PP |
| | [QUOTE=ghrantt;840989] when i went to run this hijackthis check it said i could not enter some host files[/QUOTE] Off the top of my head, it sounds as though you are being blocked from accessing some sites by Hosts File entries. Navigate to [B]C:\Windows\System32\Drivers\etc\hosts[/B] and open the Hosts file with notepad … |
| | [QUOTE=rockfloyd;835507]i'm sure most of you must have heard of the registry entry mountpoints2 is there some way that you can get rid of it.[/QUOTE] There is nothing inherently wrong with those registry keys - outside of perhaps Autorun issues involving infected USB drives. They will come back the next time … |
| | Hi Ichinisan23, [B]A few steps for you:[/B] -- It looks like you are running multiple AV programs (McAfee & Norton). You need to completely Uninstall one of them to avoid problems. -- Go and Update your Java here ---> [b] [url]http://www.java.com/en[/url][/b] [B]-->[/B] Please note that, before updating your Sun Java, … |
| | Hi Judy, Got your message - suggest you run [b] AboutBuster [/b] and see if it will remove those hidden streams. [B] [url]http://www.malwarebytes.org/aboutbuster.php[/url] [/B] Let me know if you have any problems after that. I'll be doing storm cleanup all weekend, but will try to have a peek as time … |
| | Probably the easiest thing to do would be a System Restore to the last Restore Point saved before you had problems. Then, we can have a look and see if there was a malware cause. Are you able to access System Restore? PP :) |
| | Hey Guys, The first HJT log shows the following baddie: F2 - REG:system.ini: Shell=Explorer.exe [B]regsvr.exe[/B] O4 - HKCU\..\Run: [Msn Messsenger] C:\WINDOWS\system32\regsvr.exe This is probably responsible for the initial issues and may well be stealthed and still active.... Just a "heads up" in case you didn't look back that far. -- … |
| | [QUOTE=20NickC11;666514]Well, I don't have anymore scan logs. I just scaned with rpograms like AVG and Spyware Doctor. Most of them were found in System32 files. I'm sorry, I don't really know much about computers.[/QUOTE] Please run [B]MBA-M and DSS[/B] as per the linky below and post those logs for us … |
| | [sarcasm] Gotta Love Malware [/sarcasm] [B] [url]http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/[/url][/B] Seriously, though, it is an interesting read. Especially if you are a novice and are not familiar with the ways malware can hook you...... PP :) |
| | [QUOTE=caperjack;680780]just uncheck the 04's releated to each program, in hijackthis to disable them at start up .no need for another program[/QUOTE] This is solid advice and probably the easiest way to manage unwanted startups without manually hacking the registry. My first approach would be to uninstall any unwanted programs. Then, … |
| | [QUOTE=ironhippo;679464] AVG needed to be uninstalled to prevent the computer from freezing in regular windows or in safe mode about ten seconds after it booted up. Now it usually only freezes when I try to run or download antivirus programs. [/QUOTE] You've got a few baddies showing there. -- Looks … |
| | Re: ppxcs.exe [B]Everybody with this problem needs to start their own thread. Please run the steps listed in the linky below and submit the requested scanlogs:[/b] [B][URL="http://www.daniweb.com/forums/thread134865.html"][COLOR="Green"] Read me before posting a request for assistance[/COLOR][/URL][/B] [list][*] Please post the DSS [i]extra.txt[/i] as an [i]attachment[/i] to your post using the “Manage Attachments” button … |
| | [QUOTE=damalloy;677143] How do I solve thid problem? I was told this was a virus. I ran a virus scan program but it was no help[/QUOTE] Yup - you have a worm on your Flash drive. [url]http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FVB%2EAL&VSect=T[/url] You might try this handy tool by sUBs: [url]http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe[/url] I would also suggest that … |
 | [QUOTE=AtomicProGS9;304598]so what software should you really have, which one is better as well as packages and such. or is there another virus protection program that you can buy that is better than these two?[/QUOTE] To quote from my linky below: Two of the best AV products I have found are … |
| | Hi katz123, Please stay in one thread! Multiple threads confuse us volunteers... Are you able to do any of the steps I posted in your other thread ---> [url]http://www.daniweb.com/forums/thread141630.html[/url] -- What about in Safe Mode? Please post back in this thread. Cyber Punk, Judy, crunchie or I will be happy … |
| | Re: Runtime error [QUOTE=katz123;675238]I continue to have two error boxes that continue to pop up on my computer the message is " Runtime error 21 at 020149D2" And everytime i click "ok" or "X" out of the boxes my screen goes blank and then reappears and the boxes are back again please help[/QUOTE] … |
| | [QUOTE=normanallen;671660] After all this, can someone suggest what might have happened? (Hopefully it won't ever happen again, but it never hurts to be prepared).[/QUOTE] Hi Norman, As you noted, all we can offer is mere conjecture at this point, so here goes: -- Could be due to [B]SP3[/B]. Many people … |
| | Re: please translate Hi Diana, Judy is away being a grandparent for a while ;) -- Your last combofix log looks ok to me. Are you still having any problems? -- You should Uninstall [B]Viewpoint[/B] via Add/Remove Programs. It is "foistware" and not needed. -- Also, you can delete C:\Documents and Settings\diana\Application Data\[B]LimeWire[/B] … |
The End.