Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stuck on DEFOGGER! Little guidance please?


  • This topic is locked This topic is locked
4 replies to this topic

#1 dawnzig

dawnzig

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny Florida
  • Local time:04:29 AM

Posted 09 March 2010 - 12:36 AM

Yep, ridiculous as it sounds, I couldn't get past the Defogger directions.... (sure hope I'm posting in the correct place, too!)

Instructions state:

"5.When the program has completed you will see a Finished! message. Click on the OK button to exit the program.


6.If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button."

Neither of these occured (however it did make the Synaptics mouse driver crash). Other than that, nothing--just the initial application window with the "Disable" and "ReEnable" buttons was still there and those buttons then became active, not greyed-out as they were when it was running.

Am I just supposed to reboot anyway? What about re-enabling CD Emulators... only when done with all the debugging, correct?

Btw, this is a Compaq Presario V5000 Laptop XP SP3 running IE8 (since FF keeps shooting past 100%) and I've gotten something called "Computer Security" scanner, popping up twice, that hasn't shown up in any s/w scans yet.... so I headed over here tonight for help. :thumbsup:

Thanks all,

dawn(zig)

Edited by Orange Blossom, 09 March 2010 - 01:05 AM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:29 AM

Posted 09 March 2010 - 02:14 PM

If nothing is found, just exit DeFogger. When run again the buttons should no longer be greyed out.

What exactly are you trying to do? Are you following the instructions in the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help?

If so, do you know what a CD emulation program is?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 dawnzig

dawnzig
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sunny Florida
  • Local time:04:29 AM

Posted 09 March 2010 - 05:22 PM

Hi quietman7,

I was "following the instructions in the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help" when I ran across this 'problem'.

No, I don't exactly understand what a CD emulation program is--something about images and info being stored on HD from games or something like that... but I don't think I have any programs like it (of course, not knowing/understanding, exactly, I can't be sure). I just follow bleepingcomputer instructions like the good little drone I am, lol! :flowers:

Ohhhhhh, so what the defogger actions mean is that I DON'T have any CD emulation programs! Doh! :-o Now I get it... :trumpet: Guess I'll carry on w/ the removal & help req!

Thanks quietman. :thumbsup:

dawn(zig)

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,386 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:29 AM

Posted 09 March 2010 - 08:21 PM

CD Emulators are programs like Daemon Tools, Alchohol 120%, Astroburn, and AnyDVD. They all use hidden drivers with rootkit-like techniques to hide from other applications and to circumvent copy protections schemes. When dealing with a malware infection, CD Emulators can interfere with investigative or anti-rootkit (ARK) tools. This interference can produce misleading or inaccurate scan results, false detection of legitimate file, cause unexpected crashes, BSODs, and general 'dross' which often makes it hard to differentiate between malicious rootkits and the legitimate drivers used by CM Emulators. In some cases, the drivers related to such tools can cause crashes or system hanging when attempting to boot into safe mode.

Since CD Emulators use a hidden driver which can be seen as a rootkit and can interfere with investigative tools or cause other problems, it is recommended that they be removed or disabled until disinfection is completed. As such we have you disable them as part of the Prep Guide so you can run the tools and post the logs. If you receive an error message while running DeFogger, a log will appear on your desktop. Since you did not receive an error message, then it sounds like the program run properly.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,942 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:29 AM

Posted 09 March 2010 - 11:22 PM

Hello,

The reason you couldn't add the attachments is because you posted the topic in the Am I Infected forum instead of the log forum. I have moved your topic to the proper forum for you.

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/301582/rogue-virus-unnamed-unfound-scanner/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users