Author Topic: win32 malware gen  (Read 32102 times)

0 Members and 1 Guest are viewing this topic.

Memphis.T

  • Guest
Re: win32 malware gen
« Reply #15 on: July 19, 2010, 12:41:28 AM »
Hello again
ran Malwarebytes, see posted log, amazed at what its picked some of it I've obviously unwittingly invited in!

Could not get Update for MBAM due to error message; Updating 12007,0,winhttp send request
« Last Edit: July 19, 2010, 12:49:50 AM by Memphis.T »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: win32 malware gen
« Reply #16 on: July 19, 2010, 08:52:56 PM »
Some of them have been on your system for a while

Try this and then let me know if MBAM still gives the error

Go to Control Panel and select Internet Options
Select the Connections TAB
Select LAN settings button
Ensure there is no tick in the Proxy Server box
Select OK and restart Internet explorer


And for Firefox there are instructions on this page and you want the setting to be no proxy

Memphis.T

  • Guest
Re: win32 malware gen
« Reply #17 on: July 19, 2010, 10:23:33 PM »
Hi

only box checked is auto select, tried to update again but got the same error message.

Im trying to see why I have no sound anymore also. I've made the normal checks, systems are enabled and shows drivers installed but as yet can't see why pc's gone silent. If my memory serves me right I lost it about the time I tried what turned out to be a bogus registry cleaner.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: win32 malware gen
« Reply #18 on: July 19, 2010, 10:56:23 PM »
Lets reset your internet settings
Quote
@ECHO OFF
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyOverride /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable  /t REG_DWORD /d 0 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v GlobalUserOffline /t REG_DWORD /d 0 /f
netsh int ip reset resetlog.txt
Next you will need to create the batch fix to do that copy and paste ALL of the above in the quote box to a notepad file. 
Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
Then in the FILE NAME box type fix.bat

This will create a batch file

Then run fix.bat by double clicking you may see a black box appear this is normal

Once done retry MBAM - if that should fail uninstall your current copy and re-download a fresh copy.  If you still get a failure

 Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.


Quote
Im trying to see why I have no sound anymore also. I've made the normal checks, systems are enabled and shows drivers installed but as yet can't see why pc's gone silent. If my memory serves me right I lost it about the time I tried what turned out to be a bogus registry cleaner.
Ouch that could have taken anything out

Memphis.T

  • Guest
Re: win32 malware gen
« Reply #19 on: July 25, 2010, 06:22:37 PM »
Hi
I was hoping that we had this thing sorted but not so, pc has been running ok for about a week now then Thursday evening while on the net bloked a virus then Friday after avirus scan and restart I get the message on a blue screen that `A problem is detected and Windows has been shut down to prevent damage`.
Tech info;  Stop 0x0000007E (0xc0000005, 0x8A86C963, 0xF78D68B4,0xF78D65B0)

Is this Virus related or do I have another problem. Tried restart in safe mode but does not work.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89640
  • No support PMs thanks
Re: win32 malware gen
« Reply #20 on: July 25, 2010, 06:39:06 PM »
Stop errors are difficult to determine and aren't always related to malware.
http://www.google.com/search?q=Stop+0x0000007E This is a general search on the main stop error, you could try being a little more detailed by inputting the next group of characters and see if that is more specific.

First hit on google search http://support.microsoft.com/kb/330182, though this related to upgrading to XP which you would have done long ago (or not if it came pre-installed), so check out some of the others.

When this happened, e.g. what were you doing at the time and what program was windows going to stop ?
Then try searching on the bsod based on what you were doing.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free  24.8.6127 (build 24.8.9372.870) UI 1.0.818/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34047
  • malware fighter
Re: win32 malware gen
« Reply #21 on: July 25, 2010, 07:24:20 PM »
Hi MemphisT,

There could be compatibility problems when trying to update and you should read here: http://support.microsoft.com/kb/330182 and http://www.microsoft.com/whdc/hcl/default.mspx

Is there enough disk space to perform this, if the above info/tests do not deliver a solution, there could be hardware related problems on the horizon, sometimes MS that comes with stop error all sorts to announce an oncoming hardware disaster,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: win32 malware gen
« Reply #22 on: July 25, 2010, 10:53:57 PM »
i runned a full scan with avast 5,it detected this virus,i chosed move to chest,then i made a "Scan" with CCleaner,and i runned my pc in safe mode runned  a scan,it's gone
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Memphis.T

  • Guest
Re: win32 malware gen
« Reply #23 on: July 25, 2010, 11:01:25 PM »
Hi all

David R.    I have listed all diplayed there is no more info shown.

Polonus.   I can't get into the the system to effect any change.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34047
  • malware fighter
Re: win32 malware gen
« Reply #24 on: July 25, 2010, 11:03:08 PM »
Hi MemphisT,

Time to try in SafeMode, do that...


polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Memphis.T

  • Guest
Re: win32 malware gen
« Reply #25 on: July 25, 2010, 11:05:18 PM »
Polonus

This is what I mean I can't get that far, I can't access safe mode!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34047
  • malware fighter
Re: win32 malware gen
« Reply #26 on: July 25, 2010, 11:22:15 PM »
Hi you Memhis.T,

    * Or type or paste the following command in the Start - Run box then press Enter.

%systemroot%\system32\restore\rstrui.exe

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Memphis.T

  • Guest
Re: win32 malware gen
« Reply #27 on: July 25, 2010, 11:31:49 PM »
Polonus

please be aware I am talking to you through my lap top, it is my pc that is ill! how can I access control over it when I can't even effect any type of start up.

Dch48

  • Guest
Re: win32 malware gen
« Reply #28 on: July 26, 2010, 01:45:53 AM »
I know you don't want to hear this but it appears that a full recovery is in order. That meaning a wipe and reformat.

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: win32 malware gen
« Reply #29 on: July 26, 2010, 02:54:58 AM »
@ Memphis T
here is a different way to access Safe Mode (if havent tried this already)

Go to Start->Run and type 'msconfig' (without quotations).  System Configuration Utility opens.
- select boot.ini and put check in the box for /SAFEBOOT
- then choose the mode you want (MINIMAL or NETWORK) and click OK

You will be asked whether you want to Restart now. Select Restart.
From here on until you opt to change the settings, the computer will boot into Safe Mode by default.

(when prompted about msconfig when computer boots into Safe Mode, just put a check in the box for the prompt not to appear again, and click OK to make it go away).

To return computer to boot  into Normal Mode - Run msconfig and undo changes you made in boot.ini tab
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.