Author Topic: flices.biz/gate.php  (Read 23187 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: flices.biz/gate.php
« Reply #30 on: August 18, 2012, 11:07:30 PM »
This is the definition of a file infector virus: http://www.virusbtn.com/resources/glossary/file_infector_virus.xml
It is a family of malware viruses that will (re-)infect particular files or make certain files can no longer be used (are crippled beyond use)
There is a wide array of file infectors that can be easily cleansed, but there are also those that lead to a so-called  "total recall" operation,
see: http://www.ehow.com/how_4899970_reformat-after-computer-virus.html
Do not panick this is only if the virus was able to cripple the computer beyond rescue and repair, and I think you are far from that point.
So stay with essexboy and let him guide you further  through these cleansing routines,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

burnside

  • Guest
Re: flices.biz/gate.php
« Reply #31 on: August 18, 2012, 11:49:36 PM »
Thanks, polonus, it is reassuring to know that I need not panic....as yet.

essexboy - do you mean the windows installation CD?  If so, the answer is no.  Everthing came installed on the laptop - though I do have a recovery CD.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: flices.biz/gate.php
« Reply #32 on: August 19, 2012, 12:37:35 AM »
They are on your C drive and RogueKiller has determined that there is a problem with those files.  Now whether it is the MD5 or an als attached I do not know, but it is an indicator.   The lack of detection concerns me as it may be an unknown infection

Is Avast reporting any of them ?

And the symptoms you are seeing would suggest that it is something new


If you do not have a windows CD could you let me know the make and model of the computer so that I can locate the recovery partition. 

I personally would not trust that system with anything

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: flices.biz/gate.php
« Reply #33 on: August 19, 2012, 12:55:01 AM »
Hi burnside and essexboy,

The clue in the logs "Acer tatooed MBR Code" led me to suggest a scan with the FarBar recovery scan tool. Of course this is up to essexboy to decide,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

burnside

  • Guest
Re: flices.biz/gate.php
« Reply #34 on: August 19, 2012, 11:53:37 AM »
Hi

"MD5 or an als attached" I have no idea what that means.  Feel so stupid!

No, Avast is not reporting anything.

I was hoping that it was something new and not something lying dormant awaiting activation. 

Acer 3053WXMi

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: flices.biz/gate.php
« Reply #35 on: August 19, 2012, 12:22:34 PM »
An alternative is to see if windows can replace the files

Download  Windows Repair (all in one)  from this site

Install the programme then run



Go to step 3 and allow it to run SFC



burnside

  • Guest
Re: flices.biz/gate.php
« Reply #36 on: August 19, 2012, 05:43:11 PM »
Many thanks, essex boy.  I will download Windows repair as soon as I have some quiet time and can concentrate on the issue.

Do you know if SFC is going to ask for responses?  Concerned that it may ask me if I want to repair something and that I won't have a clue!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: flices.biz/gate.php
« Reply #37 on: August 19, 2012, 05:51:39 PM »
Yes it may ask for the windows disc..  as a fair few files may need to be replaced

burnside

  • Guest
Re: flices.biz/gate.php
« Reply #38 on: August 19, 2012, 06:42:49 PM »
Ok, but I do not have the windows installation disk.  I will not be able to replace the files.

Having watched the Windows Repair video it would seem that I will need the installation CD.  As mentioned previously, all I have are the 7 Acer eRecovery disks.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: flices.biz/gate.php
« Reply #39 on: August 19, 2012, 11:00:55 PM »
Do you have an i386 folder on the root C drive ?  i.e. C:\i386 ?

burnside

  • Guest
Re: flices.biz/gate.php
« Reply #40 on: August 19, 2012, 11:20:55 PM »
Yes.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: flices.biz/gate.php
« Reply #41 on: August 19, 2012, 11:23:23 PM »
OK when SFC requires the disc there should also be a browse option if there is then point it to the i386 folder...  If there is no browse option then a small registry change will need to be made

Quote
Click on the Start button, type REGEDIT in the Run dialog box off the Start Menu, click OK, and then navigate to the following key in the left pane of the Regedit window:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\

When you click on the last subkey (Setup), you will see in the right pane a value called SourcePath, which will point to your CD-ROM drive. Assuming that you have made the copy of the I386 folder to the root of your C: drive, then all you have to do is double click on this value and change it to point to C: instead.

burnside

  • Guest
Re: flices.biz/gate.php
« Reply #42 on: August 19, 2012, 11:32:44 PM »
Okay, many thanks!  I will wait until the morning and start with a fresh head.  Is there any chance it could all go wrong???    Am I correct in thinking that Windows Repair will fix/repair and replace with uncorrupted files from i386?  Is there any chance that the files on i386 could be corrupted in someway? 

I am extrememly grateful for the on going assistance. 
« Last Edit: August 19, 2012, 11:40:38 PM by burnside »

burnside

  • Guest
Re: flices.biz/gate.php
« Reply #43 on: August 20, 2012, 12:07:32 PM »
Sorry to be a nusiance but, last night, I asked if there is any chance that the files on i386 could be corrupted in someway?  I am about to download Windows Repair and proceed but am worried that i386 may not work.

Thank you


Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: flices.biz/gate.php
« Reply #44 on: August 20, 2012, 03:59:18 PM »
i386 is protected so there should be no corrupt files there