Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected


  • Please log in to reply
13 replies to this topic

#1 Shadow-Z

Shadow-Z

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 02 July 2007 - 06:18 PM

FakeMSN8Beta

What do I do?? If you could help me, it's appreciated. It closes my Hijackthis, and Spybot tries to fix it, but it keeps coming back.

Edited by Shadow-Z, 02 July 2007 - 06:26 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:06 AM

Posted 02 July 2007 - 06:28 PM

If you are being misdirected or unable to access security programs, download Hoster from the link below. Run the program Hoster and press Restore Original Hosts, OK, and Exit Program.
http://www.funkytoad.com/download/hoster.zip


Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Shadow-Z

Shadow-Z
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 02 July 2007 - 06:39 PM

First link is not working.

#4 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:06 AM

Posted 02 July 2007 - 06:46 PM

you can download the entire program from the link below and select restore original hosts.
http://www.funkytoad.com/content/view/13/31/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Shadow-Z

Shadow-Z
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 03 July 2007 - 12:29 PM

I did the 1st one, but the going to the site, it's not letting me get there.

EDIT: It says that I need IE, but IE stopped working when I got the virus.

Edited by Shadow-Z, 03 July 2007 - 12:48 PM.


#6 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:06 AM

Posted 03 July 2007 - 01:47 PM

Try to download the Hijack This program and post it in the Hijack This Forum. Once the program is downloaded to your computer, go to the Hijack This.exe file and right click on it. Choose rename and name it something like "lastchancescan".
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Shadow-Z

Shadow-Z
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 03 July 2007 - 03:45 PM

It still closes.

#8 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:06 AM

Posted 03 July 2007 - 03:56 PM

"It Still Closes"????

Try to be a little more wordy. I have to assume too much.

Do you mean that you have Hijack This downloaded to your computer now and have changed the name?
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Shadow-Z

Shadow-Z
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 03 July 2007 - 04:23 PM

Ok, when I open the HJT, it stays open for a couple of seconds, then exists.

#10 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:06:06 AM

Posted 03 July 2007 - 04:41 PM

Have you renamed the executable (.exe), as buddy215 suggested.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#11 Shadow-Z

Shadow-Z
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 03 July 2007 - 04:54 PM

Yes, I renamed it "Lastchance.exe", and it still only last a couple of seconds. I'll start off of what I did do.
1 ) I got that Funky toad, and restored host.
2 ) I got the SuperAntiSpyware in safe mode, quarantined everything it found. I rebooted and got back into normal mode
3 ) I tried to go to the site, but it says I need IE, which I DO have, but it doesn't connect, for some reason. I have Firefox.

Edited by Shadow-Z, 03 July 2007 - 04:55 PM.


#12 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:06:06 AM

Posted 03 July 2007 - 05:10 PM

When you say, "I tried to go to the site, but it says I need IE", are you talking about http://www.bitdefender.com/scan8/ie.html?

If so, here's an option that will work, with Firefox:
HouseCall - Europe
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#13 Shadow-Z

Shadow-Z
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:06 AM

Posted 03 July 2007 - 05:17 PM

Ok, will try that, thank you.

#14 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:06:06 AM

Posted 03 July 2007 - 05:30 PM

You're welcome.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users