Author Topic: avast having problen  (Read 17162 times)

0 Members and 1 Guest are viewing this topic.

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #15 on: June 06, 2010, 05:21:50 PM »
i m not able to run gmer.exe

it makes my pc hang.

i tried 2 times.
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #16 on: June 06, 2010, 05:29:50 PM »
Continue with OTL then please

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #17 on: June 06, 2010, 06:09:23 PM »
ok i  slowely installed both as u said. i rebboted my pc 4 times for this txt file.check this files plz.

the file is large so i m uploading files in 2 posts. bcoz i got error like below


Your file is too large. The maximum attachment size allowed is 192 KB.
« Last Edit: June 06, 2010, 06:11:09 PM by krypton »
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #18 on: June 06, 2010, 06:13:56 PM »
this is other txt.
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #19 on: June 06, 2010, 06:20:23 PM »
Did you disable system restore ?

Download MBR.exe

Place the file in your root C: drive

Click Start > Run

Type in mbr.exe -f <- Note the space between mbr.exe and -f

Then click OK.

There should be a log generated - post that back here


THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #20 on: June 06, 2010, 09:52:03 PM »
i get error when i run command mbr.exe -f

LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #21 on: June 06, 2010, 10:06:24 PM »
OK copy the MBR.exe to your system32 folder and try again please

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #22 on: June 07, 2010, 12:03:36 PM »
log is generated when i run mbr.exe -f


but it disables in 1 second so i dont know where is that log. i tried 3 times and it disables in 1 second

plz tell the name of log  that in which name it will be generated.i mean name of that log file.
« Last Edit: June 07, 2010, 12:08:00 PM by krypton »
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #23 on: June 07, 2010, 09:16:48 PM »
It is called mbr.txt - If you could run Combofix that will also tell me if it is cured.

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #24 on: June 08, 2010, 04:56:56 PM »
i got 2 mbr.txt files from  c drive.i dont know if it is rite or wrong.so u can check plz.

i got combofix.txt.check here.


i do not know wat happened to my .php files after running combo.?

my .php files converted into php_auto_file


« Last Edit: June 08, 2010, 06:55:32 PM by krypton »
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #25 on: June 08, 2010, 09:01:10 PM »
MBR is now fixed and revealed two corrupted files, one I can fix with combofix, for the other I will need to find a replacement.  Go to my site here   http://cid-32d8666f4048075b.office.live.com/self.aspx/Malware%20files/sfcfiles.dll?lc=2057 and download the Sfcfiles.dll to your c drive

 
Quote
do not know wat happened to my .php files after running combo.?

my .php files converted into php_auto_file
Never come across that before - I will check

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.
2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code: [Select]
Fcopy::
c:\windows\system32\dllcache\tcpip.sys|c:\windows\system32\drivers\tcpip.sys
c:\sfcfiles.dll|c:\windows\system32\sfcfiles.dll

3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below.  This will start ComboFix again.




6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new OTListit log.

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #26 on: June 08, 2010, 11:03:29 PM »
nothing happen when i run  notepad.exe

it only opens new notepad.so i paste that code as u said n saved it.

i got only combofix.txt

didnt got other file.


may i enable avast? or not

« Last Edit: June 08, 2010, 11:09:24 PM by krypton »
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #27 on: June 08, 2010, 11:52:58 PM »
Now that looks better - all the files are legit  ;D

What problems do you have now ?

Offline krypton

  • Poster
  • *
  • Posts: 429
Re: avast having problen
« Reply #28 on: June 09, 2010, 07:28:45 AM »
when i switch on my pc then i got msg that my automatic updates from security centre is off and firewall also is off so can i switch it on?

u have seen some logs which i posted her and some txt files so is my pc is safe from virus? does my pc have any virus?

wat was the use of mbr file and combofix?should i delete those all files which i downloaded like mbr file,combofix and other logs also.

wat to do the files which i have in chest in my avast?see this screen shot for list of virus in chest.

« Last Edit: June 09, 2010, 07:46:39 AM by krypton »
LAPTOP: LENOVO G50, 4 GB RAM, 500 GB HARD DISK, AVAST PREMIUM SECURITY 2020, WINDOWS 8.1

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: avast having problen
« Reply #29 on: June 09, 2010, 08:37:37 PM »
The files in the chest can be deleted.  You need to update your system to service pack 3 and IE8 to keep secure.  Turn on the updates and firewall
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems

 Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset  System Restore points:

Click Start > Run  and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

Run OTL and hit the cleanup button.  It will remove all the programmes we have used plus itself.  MBAM can be uninstalled via control panel add/remove along with ERUNT.  But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

THEN

Download Flush Flash from Here and follow the easy to use instructions on the same page

NEXT

Download and run Puran Disc Defragmenter

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit To learn more about how to protect yourself while on the internet read our little guide  How did I get infected in the first place ?
Keep safe  :wave: