Page 4 of 8 FirstFirst 12345678 LastLast
Results 31 to 40 of 80

Thread: Numerous Issues Found, Can't Run Spybot or Install Latest HijackThis

  1. #31
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Run File Lister in normal windows please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  2. #32
    Member
    Join Date
    Apr 2010
    Posts
    45

    Default

    OK, ran FileLister in normal windows. C:\Files.txt has nothing in it. Also, the Files.txt that FileLister opens up while running had nothing in it.

  3. #33
    Member
    Join Date
    Apr 2010
    Posts
    45

    Default

    Hi again,

    I was poking around, and noticed that both Malwarebytes and SUPERAntiSpyware were out of date, and allowed both to update. (Not sure how badly out of date their malware detection information was, I did install Malwarebytes last weekend.)

    I ran a quick scan with Malwarebytes, and it found nothing. However, SUPERAntiSpyware's scan found the following:

    -Adware.TrackingCookie [ 14 items ]
    -Adware.Vundo/Variant-EC [ 1 items ]
    -Adware.Vundo/Variant-Senorita [ 1 items ]
    -Adware.Vundo/Variant-Variant-Yx [ 3 items ]

    The scan is still open, I haven't told it to remove anything, because I didn't want to do anything that might interfere with your next recommendation.

    Also, one last thing. I tested Internet Explorer, and it is still redirecting. (Firefox is still working fine.) I should have tested it before, but like I mentioned, I rarely use it, and don't really trust it even when I'm not infected.

    Thanks!

  4. #34
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    We need to try and run GMER again, cant give you a clean bill of health until I see the report. This time we are going to disable the CD drivers and you also have to disable your Anti Virus

    Disable Antivirus Software Info
    Link


    Drag GMER to the trash and we are going to start over



    GMER with Defogger

    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK

    IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

    Do not re-enable these drivers until otherwise instructed.





    Next:

    Download the GMER Rootkit Scanner. Unzip it to your Desktop.

    Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
    • Double click GMER.exe.
    • If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
    • In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)

        Click the image to enlarge it
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
    • Save the log where you can easily find it, such as your desktop.
    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

    Please copy and paste the report into your Post.



    To re-enable your Emulation drivers, double click DeFogger to run the tool.
    • The application window will appear
    • Click the Re-enable button to re-enable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger will now ask to reboot the machine - click OK

    IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

    Your Emulation drivers are now re-enabled.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #35
    Member
    Join Date
    Apr 2010
    Posts
    45

    Default

    Quick question. I'm trying to disable Spybot's TeaTimer per the linked instructions, but I can't find the TeaTimer entry in the System Startup section... Can I disable it via msconfig or something (provided I can find it)?

  6. #36
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    No problem, disable the TeaTimer this way


    Disable the TeaTimer, leave it disabled, do not turn it back on until we're done or it will prevent fixes from taking

    • Run Spybot-S&D in Advanced Mode.
    • If it is not already set to do this Go to the Mode menu select "Advanced Mode"
    • On the left hand side, Click on Tools
    • Then click on the Resident Icon in the List
    • Uncheck "Resident TeaTimer" and OK any prompts.
    • Restart your computer.<--You need to do this for it to take effect
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #37
    Member
    Join Date
    Apr 2010
    Posts
    45

    Default

    Uh oh... GMER didn't crash, but my PC rebooted abruptly... Is it supposed to do that? I didn't touch anything...

  8. #38
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Look for the log on your desktop
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #39
    Member
    Join Date
    Apr 2010
    Posts
    45

    Default

    Unfortunately, I don't see any log!

    The only thing I see is the defogger_disable log, and that was only requested if an error occurred running defogger. I did notice that defogger did NOT reboot as described when it finished running... Perhaps a lengthy delay in doing so? Man, and GMER was running just fine too. (I need a banging-head-against-wall emoticon.)

    Should I try running GMER again, or do I need to go through the defogger process? Or?

  10. #40
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Let's try gmer again, if it won't run we can try something else
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •