Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! I can not escape


  • Please log in to reply
17 replies to this topic

#1 chi1ddd

chi1ddd

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 04 March 2009 - 07:26 PM

Hello All,

I was infected with the Antivirus 2009 that kept popping up every 2-3 minutes. Also, my homepage kept changing and also whenever I did a search on yahoo or google, the results that came back were just garbage.

I have tried to download a few Malware programs including Lavasofts AdAware and also Microsoft's verson and the popup and home page problem is gone. In fact the computer seems to run OK with the exception that I can not download an Anti-Virus Program. I copied one over from a memory stick(AVG) and tried to install after changing the name and it only gets to 1% very quickly and goes away. Also, if I go to certain removal site websites, Internet Explorer just shuts off.

I am afraid that I am still infected and I want to prevent future infections. What to Do!!! Help please.

DDD

BC AdBot (Login to Remove)

 


#2 Swordie

Swordie

  • Members
  • 792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Miami, Florida
  • Local time:02:05 AM

Posted 04 March 2009 - 07:31 PM

Well, we're going to begin with MalwareBytes Anti-Malware. Have you used it before?

Here is the instructions:

1. Let's get started with an Anti-Malware Software. MalwareBytes Anti-Malware *MBAM* is a very good program to do just that.
2. Go to this link: MalwareBytes Anti-Malware
3. Download and Install MalwareBytes.
4. After the Installation process, update the program. There will be an option for it.
5. Now, click "Perform a Quick Scan". It is the first option.
6. Return here with results.
Who said I couldn't have everything?

#3 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 05 March 2009 - 12:09 PM

Hello,

I attempted to install MBAM. First, I had a very difficult time downloading the file. Internet Explorer would close whenever I attempted to download the file from most sites. I found a file sharing site that finally let me. I tried to install and the install bar comes up very quickly and then it closes(I believe I see 1% install completed). I tried to rename the file both name and extension to misc.bat but that did not work either.

Is there an alternative way to install.

DDD

Edited by chi1ddd, 05 March 2009 - 12:18 PM.


#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:05 AM

Posted 05 March 2009 - 07:29 PM

Let's try a clean computer and a usb drive

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.


Install MBAM on the clean computer

Rename the installer

chi1d.com

Show Hidden Folders/Files
  • Open My Computer.
  • Go to Tools > Folder Options.
  • Select the View tab.
  • Scroll down to Hidden files and folders.
  • Select Show hidden files and folders.
  • Uncheck (untick) Hide extensions of known file types.
  • Uncheck (untick) Hide protected operating system files (Recommended).
  • Click Yes when prompted.
  • Click OK.
  • Close My Computer.

Chewy

No. Try not. Do... or do not. There is no try.

#5 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 09 March 2009 - 04:46 PM

Hello,


I downloaded Flash_Disinfector.exe by sUBs and ran as instructed. I let the computer reboot and tried to run MBAM and it still would not install. This was after I renamed the file to chi1d.com

It took me through a prompt to install or run a Dos program and then a quick flash and then nothing.

Thanks.

ddd

PS.. Do I need a USB flash drive? I have not been using one on this computer so I did not "clean". I have one but it has never been used on the PC at question. This PC is in a remote location.

Edited by chi1ddd, 09 March 2009 - 04:50 PM.


#6 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:05 AM

Posted 09 March 2009 - 04:51 PM

Try leaving the .exe
Chewy

No. Try not. Do... or do not. There is no try.

#7 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 09 March 2009 - 04:52 PM

Got a little further(I saw an install/extract screen for a split second) but it went away after I renamed to exe

#8 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:05 AM

Posted 09 March 2009 - 04:56 PM

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with Dr.Web CureIt as follows:
  • Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current version
  • Read the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.
  • When complete, click Select All, then choose Cure > Move incurable.
    (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • Now put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and UNcheck "Heuristic analysis" under the "Scanning" tab, then click Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • When the scan is complete, a message will be displayed at the bottom indicating if any viruses were found.
  • Click "Yes to all" if asked to cure or move the file(s) and select "Move incurable".
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Chewy

No. Try not. Do... or do not. There is no try.

#9 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 09 March 2009 - 09:11 PM

cpbrkpie.ocx;c:\windows;Adware.Coupons;Incurable.Moved.;
KeenValueInstall_with_track_117.exe\data002;C:\KeenValueInstall_with_track_117.exe;Trojan.KeenValAd;;
KeenValueInstall_with_track_117.exe/data003\data002;C:\KeenValueInstall_with_track_117.exe/data003;Trojan.KeenValAd;;
KeenValueInstall_with_track_117.exe/data003\data004;C:\KeenValueInstall_with_track_117.exe/data003;Trojan.KeenValAd;;
data003;C:\;Archive contains infected objects;;
KeenValueInstall_with_track_117.exe;C:\;Archive contains infected objects;Moved.;
setup_td.exe\Files/IEDRIVER.EXE;C:\setup_td.exe;Trojan.DownLoader.139;;
setup_td.exe\Files/ieupdate.exe;C:\setup_td.exe;Adware.IEDriver;;
setup_td.exe;C:\;Archive contains infected objects;Moved.;
wmedia_bbi8015.exe\data002;C:\wmedia_bbi8015.exe;Adware.BargainBuddy;;
wmedia_bbi8015.exe\data003;C:\wmedia_bbi8015.exe;Adware.BargainBuddy;;
wmedia_bbi8015.exe;C:\;Archive contains infected objects;Moved.;
SmitfraudFix.exe\SmitfraudFix\Process.exe;C:\Documents and Settings\Bright Start\Desktop\SmitfraudFix.exe;Tool.Prockill;;
SmitfraudFix.exe\SmitfraudFix\restart.exe;C:\Documents and Settings\Bright Start\Desktop\SmitfraudFix.exe;Tool.ShutDown.14;;
SmitfraudFix.exe;C:\Documents and Settings\Bright Start\Desktop;Archive contains infected objects;Moved.;
Process.exe;C:\Documents and Settings\Bright Start\Desktop\SmitfraudFix;Tool.Prockill;Incurable.Moved.;
restart.exe;C:\Documents and Settings\Bright Start\Desktop\SmitfraudFix;Tool.ShutDown.14;Incurable.Moved.;
all_files3b.exe\data002;C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe;Adware.nCase;;
all_files3b.exe/data003\data002;C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data003;Trojan.KeenValAd;;
data003;C:\Documents and Settings\Default User\My Documents\Data;Archive contains infected objects;;
all_files3b.exe/data004\data002;C:\Documents and Settings\Default User\My Documents\Data\all_files3b.exe/data004;Adware.BargainBuddy;;
data004;C:\Documents and Settings\Default User\My Documents\Data;Archive contains infected objects;;
all_files3b.exe;C:\Documents and Settings\Default User\My Documents\Data;Archive contains infected objects;Moved.;
all_files3b.exe\data002;C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe;Adware.nCase;;
all_files3b.exe/data003\data002;C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data003;Trojan.KeenValAd;;
data003;C:\Documents and Settings\Default User\My Documents\Data\Data;Archive contains infected objects;;
all_files3b.exe/data004\data002;C:\Documents and Settings\Default User\My Documents\Data\Data\all_files3b.exe/data004;Adware.BargainBuddy;;
data004;C:\Documents and Settings\Default User\My Documents\Data\Data;Archive contains infected objects;;
all_files3b.exe;C:\Documents and Settings\Default User\My Documents\Data\Data;Archive contains infected objects;Moved.;
WeatherBugInstall.exe/data017\data001;C:\Program Files\AWS\WeatherBug\WeatherBugInstall.exe/data017;Adware.MyWay;;
data017;C:\Program Files\AWS\WeatherBug;Container contains infected objects;;
WeatherBugInstall.exe;C:\Program Files\AWS\WeatherBug;Archive contains infected objects;Moved.;
WxBugAutoUpgrade605b6.05.0.15f.EXE/data013\data001;C:\Program Files\AWS\WeatherBug\WxBugAutoUpgrade605b6.05.0.15f.EXE/data013;Adware.Msearch;;
WxBugAutoUpgrade605b6.05.0.15f.EXE/data013\data005;C:\Program Files\AWS\WeatherBug\WxBugAutoUpgrade605b6.05.0.15f.EXE/data013;Adware.Msearch;;
data013;C:\Program Files\AWS\WeatherBug;Container contains infected objects;;
WxBugAutoUpgrade605b6.05.0.15f.EXE;C:\Program Files\AWS\WeatherBug;Archive contains infected objects;Moved.;
CFD.exe;C:\Program Files\BroadJump\Client Foundation;Adware.Cfd;Incurable.Moved.;
KeenValueInstall_117.exe\data002;C:\Program Files\wildmedia\KeenValueInstall_117.exe;Trojan.KeenValAd;;
KeenValueInstall_117.exe\data004;C:\Program Files\wildmedia\KeenValueInstall_117.exe;Trojan.KeenValAd;;
KeenValueInstall_117.exe\data005;C:\Program Files\wildmedia\KeenValueInstall_117.exe;Trojan.DownLoader.162;;
KeenValueInstall_117.exe;C:\Program Files\wildmedia;Archive contains infected objects;Moved.;
Process.exe;C:\RECYCLER\S-1-5-21-3066369259-3669599664-3023763743-1006\Dc52;Tool.Prockill;Incurable.Moved.;
restart.exe;C:\RECYCLER\S-1-5-21-3066369259-3669599664-3023763743-1006\Dc52;Tool.ShutDown.14;Incurable.Moved.;
A0154318.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1719;Trojan.Proxy.4002;Deleted.;
A0156880.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1733;Trojan.Packed.196;Deleted.;
A0156888.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1733;Trojan.Packed.196;Deleted.;
A0156952.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1735;Trojan.Packed.196;Deleted.;
A0157033.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1738;Trojan.Packed.196;Deleted.;
A0157058.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1738;Trojan.Packed.196;Deleted.;
A0157077.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1738;Trojan.Packed.196;Deleted.;
A0157139.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1741;Trojan.Packed.196;Deleted.;
A0161571.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1749;Trojan.Packed.196;Deleted.;
A0161601.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1750;Trojan.Packed.196;Deleted.;
A0161668.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752;Trojan.Packed.196;Deleted.;
A0161669.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752;Trojan.Packed.196;Deleted.;
A0161691.exe\data002;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752\A0161691.exe;Adware.Comet;;
A0161691.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752;Archive contains infected objects;Moved.;
A0161692.dll;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752;Adware.Comet;Incurable.Moved.;
A0161694.dll;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752;Adware.Starware.23;Incurable.Moved.;
A0161702.dll;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1752;Adware.BargainBuddy;Incurable.Moved.;
A0161738.SYS;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1753;Trojan.Fakealert.458;Deleted.;
A0161739.sys;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1753;Trojan.Fakealert.458;Deleted.;
A0161744.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1753;Trojan.Packed.196;Deleted.;
A0168873.dll;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1782;Adware.Bho.421;Incurable.Moved.;
A0171215.ocx;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Adware.Coupons;Incurable.Moved.;
A0171216.exe\data002;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171216.exe;Trojan.KeenValAd;;
A0171216.exe/data003\data002;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171216.exe/data003;Trojan.KeenValAd;;
A0171216.exe/data003\data004;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171216.exe/data003;Trojan.KeenValAd;;
data003;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;;
A0171216.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
A0171217.exe\Files/IEDRIVER.EXE;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171217.exe;Trojan.DownLoader.139;;
A0171217.exe\Files/ieupdate.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171217.exe;Adware.IEDriver;;
A0171217.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
A0171218.exe\data002;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171218.exe;Adware.BargainBuddy;;
A0171218.exe\data003;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171218.exe;Adware.BargainBuddy;;
A0171218.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
A0171219.exe\SmitfraudFix\Process.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171219.exe;Tool.Prockill;;
A0171219.exe\SmitfraudFix\restart.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171219.exe;Tool.ShutDown.14;;
A0171219.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
A0171220.exe/data017\data001;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171220.exe/data017;Adware.MyWay;;
data017;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Container contains infected objects;;
A0171220.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
A0171221.EXE/data013\data001;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171221.EXE/data013;Adware.Msearch;;
A0171221.EXE/data013\data005;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171221.EXE/data013;Adware.Msearch;;
data013;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Container contains infected objects;;
A0171221.EXE;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
A0171222.exe\data002;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171222.exe;Trojan.KeenValAd;;
A0171222.exe\data004;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171222.exe;Trojan.KeenValAd;;
A0171222.exe\data005;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789\A0171222.exe;Trojan.DownLoader.162;;
A0171222.exe;C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP1789;Archive contains infected objects;Moved.;
brastk.exe;C:\WINDOWS;Trojan.Packed.196;Deleted.;
3Planesoft_Screensaver_Manager.scr;C:\WINDOWS\SYSTEM32;Trojan.Swizzor.based;Deleted.;
Process.exe;C:\WINDOWS\SYSTEM32;Tool.Prockill;Incurable.Moved.;
wini10881.exe;C:\WINDOWS\SYSTEM32;Trojan.Proxy.4002;Deleted.;

#10 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 09 March 2009 - 09:12 PM

Still can not install anything

#11 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:05 AM

Posted 09 March 2009 - 09:20 PM

Ok let's do this please.
==============
Please click here http://ftp.kaspersky.com/devbuilds/AVPTool/

to download AVP Tool by Kaspersky.

Save it to your desktop.
Reboot your computer into SafeMode.

You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight SafeMode then hit enter.
Double click the setup file to run it.
Click Next to continue.
It will by default install it to your desktop folder.Click Next.
Hit ok at the prompt for scanning in Safe Mode.
It will then open a box There will be a tab that says Automatic scan.
Under Automatic scan make sure these are checked.


System Memory
Startup Objects
Disk Boot Sectors.
My Computer.
Also any other drives (Removable that you may have)


After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.


Then click on Scan at the to right hand Corner.
It will automatically Neutralize any objects found.
If some objects are left un-neutralized then click the button that says Neutralize all
If it says it cannot be Neutralized then chooose The delete option when prompted.
After that is done click on the reports button at the bottom and save it to file name it Kas.
Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.


Note: This tool will self uninstall when you close it so please save the log before closing it.

Don't let it uninstall

Edited by DaChew, 09 March 2009 - 09:22 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#12 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 09 March 2009 - 09:30 PM

OK, just rebooted machine and now MBAM will install. Running that now...

#13 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 11 March 2009 - 07:58 PM

Ok,

Thanks everyone for the help. I was finally able to run MBAM and also I installed AVG virusprotection.

The computer is running OK, however, I am still getting a few errors.

1) Upon startup, I get a ERROR LOADING RUNDLL message, c:\windows\system32\stlbdist.DLL
2) Upon startup, I get a FOUND NEW HARDWARD WIZARD screen that is looking for something that is unknown
3) After those two erros, I get a "setconfig applig has encounterd a problem" error message.

Any ideas on how to fix these

#14 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:03:05 AM

Posted 11 March 2009 - 08:01 PM

You quit posting logs, parts of the infection may still be active
Chewy

No. Try not. Do... or do not. There is no try.

#15 chi1ddd

chi1ddd
  • Topic Starter

  • Members
  • 71 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 12 March 2009 - 11:14 AM

What log should I post??? MBAM log. How do I do that?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users