Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HANCITOR MALSPAM infection on 5/31/2017


  • This topic is locked This topic is locked
64 replies to this topic

#61 clemente2

clemente2
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:35 AM

Posted 03 July 2017 - 09:05 PM

I know exactly what these partitions contain and I purposely partitioned the hard drive this way over 20 years ago.

 

Given the same task today, I would create a single C: partition containing all physical sectors on the hard drive.



BC AdBot (Login to Remove)

 


#62 polskamachina

polskamachina

  • Malware Study Hall Senior
  • 3,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 04 July 2017 - 01:40 PM

Hi clemente2 :)
 
Since you're using a 20 year old system, it's probably a good idea to begin with a disk check.

  • Click on Start
  • Click on Run...
  • Type cmd
  • This will open a command prompt
  • Type chkdsk /r at the prompt and hit Enter
  • You will be asked if you want chkdsk to run next time your computer is restarted
  • Reply with Y and hit Enter
  • Close all your open windows and restart the computer
  • The scan will begin and it make take a while so be patient :)

After the scan completes and your computer has returned to the desktop, please retrieve the chkdsk log:

  • Click the Start button
  • Click Run...
  • Type eventvwr and press the Enter key
  • The Event Viewer window will open.
  • In the left pane, expand Windows Logs and then click on Application
  • In the right pane, at the top, click TWO times on the column header Source so the header arrow points downward
  • The W's will now be at the top of the list
  • Look for an entry that says Winlogon with the most recent date
  • Double-click that entry to open it
  • Single left-click inside the Description box
  • Press Ctrl-A to highlight all the text
  • Press Ctrl-C to copy all the text
  • Paste the text into your next reply to me

Next:

 

I noticed you're running a very old version of Internet Explorer, which is IE6. Even if you update to IE8, you'll still be outdated but it might help your program crashing situation.

  • Enable your internet connection
  • Download and install IE8
  • Restart your system when prompted to do so
  • When and the installation has completed, open the internet options from the control panel
  • Click on the Security tab,  then click on, Reset all zones to default level
  • Click Ok
  • Try to run MBAM again and follow the directions previously posted

Whether or not MBAM successfully ran, proceed with the following:

  • Download Mozilla Firefox and install it.
  • Make Firefox your default browser. IE8 is neither safe nor able to display websites accurately especially where online transactions or banking is done. I would strongly advise that you do not use IE again.

Finally:
 
ESET Online Scanner:

Note: Use your newly installed Firefox browser to do the following:

  • Please go here, download the ESET Smart Installer, and save it to your desktop.
  • Double-click on the esetimage.png you just downloaded.
  • Place a checkmark next to "YES, I accept the Terms of Use" and click the shieldstart.png button.
  • Click "Yes" to the UAC (User Account Control) warning, then ESET will download its components, register itself, and start itself.
  • In the new window that opens, tick the radio button next to Enable detection of potentially unwanted applications.
  • Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Now click on: start.png
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection
  • When completed the Online Scan will begin automatically. ...The scan may appear to be finished sometimes...if there is a progress bar visible, it is still scanning!
  • When the scan completes, click List Found Threats (only if anything is found)
  • Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply
  • Click back, then click finish to exit ESET Online Scanner
  • Disable your internet connection

 In summary I will need from you (if your computer was able to run the programs)

  • Chkdsk log from the event viewer
  • Whether or not Internet Explorer was able to update
  • MBAM logs
  • ESET log of found threats if applicable
  • How is your computer performing now?

Let me know if you have any questions.

 

polskamachina

 


Member of the Bleeping Computer A.I.I. early response team!

#63 polskamachina

polskamachina

  • Malware Study Hall Senior
  • 3,537 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 07 July 2017 - 04:21 PM

Hi clemente2 :)
 
It's been a while since you've checked in. Did you need any more help with this? If not, this topic will be closed in 48 hours.
 
Please let me know if you have any questions.
 
polskamachina


Member of the Bleeping Computer A.I.I. early response team!

#64 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,141 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:35 PM

Posted 10 July 2017 - 12:24 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#65 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,141 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:35 PM

Posted 10 July 2017 - 12:24 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users