Help
hello
I am haveing a problem with my Pc in which after a certain amount of time I am unable to open any extra windows in internet explorer and after a certain time again Internet explorer wont go from the page i am on , i am also unable to open any programes or folders , i have tried running ad aware , spybot , malwarebytes and AGV But no use , all i can do is restart .
I am running the pc on a network with one other PC (which is on windows 7 pro and not on all the time) useing a cable conection from the router .
I am useing windows xp sp3
any help gratefully appriciated
thank you in advance
Page 1 of 1
infected , not sure ?
Back to top
#2
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,805
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 12 February 2012 - 01:20 PM
Hello let try this
Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
This infection changes settings on your computer so that when you launch an executable, a file ending with .exe, it will instead launch the infection rather than the desired program. To fix this we must first download a Registry file that will fix these changes. From a clean computer, please download the following file and save it to a removable media such as a CD/DVD, external Drive, or USB flash drive.
FixNCR.reg
insert the removable device into the infected computer and open the folder the drive letter associated with it. You should now see the FixNCR.reg file that you had downloaded onto it. Double-click on the FixNCR.reg file to fix the Registry on your infected computer.
Rerun MBAM (MalwareBytes) like this:
Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
This infection changes settings on your computer so that when you launch an executable, a file ending with .exe, it will instead launch the infection rather than the desired program. To fix this we must first download a Registry file that will fix these changes. From a clean computer, please download the following file and save it to a removable media such as a CD/DVD, external Drive, or USB flash drive.
FixNCR.reg
insert the removable device into the infected computer and open the folder the drive letter associated with it. You should now see the FixNCR.reg file that you had downloaded onto it. Double-click on the FixNCR.reg file to fix the Registry on your infected computer.
Rerun MBAM (MalwareBytes) like this:
Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
#3
- New Member
-
- Group: Members
- Posts: 10
- Joined: 22-December 09
Posted 13 February 2012 - 04:46 PM
hi
thank you for your responce , i have done as instructed and here is the log from the malwarebytes , unfortunatly there is no change
thank you again
regards
Bryan
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.13.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Bryan :: BRYANWORK [administrator]
Protection: Enabled
13/02/2012 20:59:27
mbam-log-2012-02-13 (20-59-27).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 197467
Time elapsed: 13 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
thank you for your responce , i have done as instructed and here is the log from the malwarebytes , unfortunatly there is no change
thank you again
regards
Bryan
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.02.13.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Bryan :: BRYANWORK [administrator]
Protection: Enabled
13/02/2012 20:59:27
mbam-log-2012-02-13 (20-59-27).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 197467
Time elapsed: 13 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
#4
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,805
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 13 February 2012 - 07:48 PM
OK, lets do 2 things.
Reset IE and run SFC.
See To reset Internet Explorer automatically
How to reset Internet Explorer settings
SFC
Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files
NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'
You will need your operating system CD handy.
Open Windows Task Manager....by pressing CTRL+SHIFT+ESC
Then click File.. then New Task(Run)
In the box that opens type sfc /scannow ......There is a space between c and /
Click OK
Let it run and insert the CD when asked
Reset IE and run SFC.
See To reset Internet Explorer automatically
How to reset Internet Explorer settings
SFC
Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files
NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'
You will need your operating system CD handy.
Open Windows Task Manager....by pressing CTRL+SHIFT+ESC
Then click File.. then New Task(Run)
In the box that opens type sfc /scannow ......There is a space between c and /
Click OK
Let it run and insert the CD when asked
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
#5
- New Member
-
- Group: Members
- Posts: 10
- Joined: 22-December 09
Posted 14 February 2012 - 09:07 AM
hi
have done that , still the same , althought the pc now frezzes after a certain amount of time as well ??!!
hope you have more suggestions please
thank you
Bryan
have done that , still the same , althought the pc now frezzes after a certain amount of time as well ??!!
hope you have more suggestions please
thank you
Bryan
#6
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,805
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 14 February 2012 - 02:31 PM
I feel there is a protected malware,so we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.
Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.
Let me know if that went well.
Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Share this topic:
Page 1 of 1