Click.GiftLoad problem
- Thread starter alizaidi
- Start date
- Status
Blottedisk
Emeritus- Malware Team
Hi ali,
What happens when you try to run them? Do you receive any type of message?
What happens when you try to run them? Do you receive any type of message?
Yes I get a window that pops up and it says:
"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."
I've also noticed an Antimalware Doctor (virus) that now runs when I put my machine on.
Kind Regards,
Ali
"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."
I've also noticed an Antimalware Doctor (virus) that now runs when I put my machine on.
Kind Regards,
Ali
Blottedisk
Emeritus- Malware Team
Hi Ali,
Then let's proceed this way:
Step 1 | Please download RKill by Grinler from Link #1 below and save it to your desktop.
Link #1
Link #2
Link #3
Link #4
Link #5
Link #6
--------------------------------------------------------------------
Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.
Step 2 | Please download Malwarebytes' Anti-Malware to your desktop.
Then let's proceed this way:
Step 1 | Please download RKill by Grinler from Link #1 below and save it to your desktop.
Link #1
Link #2
Link #3
Link #4
Link #5
Link #6
--------------------------------------------------------------------
- Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
- Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
- A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
- If this does not occur please delete that application and download Link #2.
- Continue process until the tool runs.
- If the tool does not run from any of the links go to step 2 and let me know in your next reply
Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.
Step 2 | Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
- When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Blottedisk
Emeritus- Malware Team
Hi Ali,
Yes please, start the process with LINK #2.
Yes please, start the process with LINK #2.
Hi Bottledisk,
I get an error saying that it is not a valid win32 application.
The symptoms have got a lot worse now. All my icons from quick launch bar and desktop have dissapeared.
I can't access any of my programmes or files on the computer. I managed to run firefox by typing the Run "firefox.exe".
It feels like, it might have got to that stage where format of the computer is probably the best option.
What do you think?
Kind Regards,
Ali
I get an error saying that it is not a valid win32 application.
The symptoms have got a lot worse now. All my icons from quick launch bar and desktop have dissapeared.
I can't access any of my programmes or files on the computer. I managed to run firefox by typing the Run "firefox.exe".
It feels like, it might have got to that stage where format of the computer is probably the best option.
What do you think?
Kind Regards,
Ali
Blottedisk
Emeritus- Malware Team
Hi Ali,
In my opinion the reformat has always been the best option. Things are getting even worse and we can't really make any improvements. The reformat will cut the problem from the root.
If you feel to continue and try to disinfect, please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet.
In my opinion the reformat has always been the best option. Things are getting even worse and we can't really make any improvements. The reformat will cut the problem from the root.
If you feel to continue and try to disinfect, please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet.
- Double-click on drweb-cureit.exe to start the program.
- If it won't run, then please go to Start/Run and paste the following code in the box (including the quotes):
"C:\Documents and Settings\Ali\desktop\drweb-cureit.exe" - An Express Scan of your PC notice will appear.
- Under Start the Express Scan Now, Click OK to start the scan.
- This is a short scan that will scan the files currently running in memory.
- If something is found, click the Yes button when it asks you if you want to cure it.
- Once the short scan has finished, Click Options > Change settings
- Choose the Scan tab and UNcheck Heuristic analysis
- Back at the main window, click Custom Scan, then Select drives (a red dot will show which drives have been chosen).
- Then click the Start/Stop Scanning button (green arrow on the right, and the scan will start.
- When finished, a message will be displayed at the bottom advising if any viruses were found.
- Click Yes to all if it asks if you want to cure/move the file.
- When the scan has finished, look if you can see the icon next to the files found.
- If so, click it, then click the next icon right below and select Move incurable.
- (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
- Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
- Save the DrWeb.csv report to your Desktop.
- Exit Dr.Web Cureit when you have finished.
- Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
- After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
Hi Bottledisk,
I've tried running by double clicking and through run. I get the same error as I did previously for the other file.
I think i might have just done something stupid.
When I noticed I couldn't access my documents. I wondered if my external hard drive that was connected to my computer with my backed up data might also have become infected. So I connected it to my wife's computer and have started to run AVG on it. And it has currently found thousands of infected html files with something it calls VBS/Generic.
Now what concerns me is that by connecting the hard hard drive to my wife's computer have I inadvertantly infected her computer?
Kind Regards,
Ali
I've tried running by double clicking and through run. I get the same error as I did previously for the other file.
I think i might have just done something stupid.
When I noticed I couldn't access my documents. I wondered if my external hard drive that was connected to my computer with my backed up data might also have become infected. So I connected it to my wife's computer and have started to run AVG on it. And it has currently found thousands of infected html files with something it calls VBS/Generic.
Now what concerns me is that by connecting the hard hard drive to my wife's computer have I inadvertantly infected her computer?
Kind Regards,
Ali
Blottedisk
Emeritus- Malware Team
Hi Ali,
Yes, by connecting the hard drive you have probably infected her, although her computer may have been infected from before.
Ok, we are gonna stick with DrWeb. Please follow these steps:
Step 1 | Please download exe_fix and save it to your desktop
Step 2 | Please download exeHelper to your desktop.
Step 3 | Please try to run DrWeb with my previous instructions.
Yes, by connecting the hard drive you have probably infected her, although her computer may have been infected from before.
Ok, we are gonna stick with DrWeb. Please follow these steps:
Step 1 | Please download exe_fix and save it to your desktop
- Double click on exe_fix.com to run it.
- Type the number 1 at the prompt and allow the tool to run.
Step 2 | Please download exeHelper to your desktop.
- Double-click on exeHelper.com to run the fix.
- A black window should pop up, press any key to close once the fix is completed.
- Post the contents of log.txt ( Will be created in the directory where you ran exeHelper.com )
- Note : If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
Step 3 | Please try to run DrWeb with my previous instructions.
Blottedisk
Emeritus- Malware Team
Blottedisk
Emeritus- Malware Team
Hi Ali,
Can you please try DrWeb in safe mode?
Is this message still showing in safe mode?
Can you please try DrWeb in safe mode?
Is this message still showing in safe mode?
Blottedisk
Emeritus- Malware Team
Hi Ali,
Ok, I think it's time to try a system restore.
Ok, I think it's time to try a system restore.
- Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.
- On the Welcome screen, click Restore my computer to an earlier time, and then click Next.
- On the Select a Restore Point page, select the date from the calendar that shows the point you'd like to restore to, and then click Next. I'd suggest you restoring the machine to a point around the 27 th March, that was when these heavy issues appeared.
Blottedisk
Emeritus- Malware Team
Hi Ali,
This infection has gone too far. I think it's time to get terminate with this from the root. What do you think?
This infection has gone too far. I think it's time to get terminate with this from the root. What do you think?
Blottedisk
Emeritus- Malware Team
Hi Ali,
You're welcome, and I'm sorry we couldn't defeat the infection :sad:
My last advice would be... please take time to read the following article in order to avoid future infections:
So how did I get infected in the first place?
Thank you for your patience, and performing all of the procedures requested. I shall close this topic now.
Best Regards.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter. Everyone else please read the guidelines to request assistance and begin a New Topic.
You're welcome, and I'm sorry we couldn't defeat the infection :sad:
My last advice would be... please take time to read the following article in order to avoid future infections:
So how did I get infected in the first place?
Thank you for your patience, and performing all of the procedures requested. I shall close this topic now.
Best Regards.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter. Everyone else please read the guidelines to request assistance and begin a New Topic.
- Status