i get error when i run command mbr.exe -f
OK copy the MBR.exe to your system32 folder and try again please
log is generated when i run mbr.exe -f
but it disables in 1 second so i dont know where is that log. i tried 3 times and it disables in 1 second
plz tell the name of log that in which name it will be generated.i mean name of that log file.
It is called mbr.txt - If you could run Combofix that will also tell me if it is cured.
i got 2 mbr.txt files from c drive.i dont know if it is rite or wrong.so u can check plz.
i got combofix.txt.check here.
i do not know wat happened to my .php files after running combo.?
my .php files converted into php_auto_file
MBR is now fixed and revealed two corrupted files, one I can fix with combofix, for the other I will need to find a replacement. Go to my site here http://cid-32d8666f4048075b.office.live.com/self.aspx/Malware%20files/sfcfiles.dll?lc=2057 and download the Sfcfiles.dll to your c drive
do not know wat happened to my .php files after running combo.?Never come across that before - I will checkmy .php files converted into php_auto_file
-
Please open Notepad
[*] Click Start , then Run[*]Type notepad .exe in the Run Box. -
Now copy/paste the entire content of the codebox below into the Notepad window:
Fcopy::
c:\windows\system32\dllcache\tcpip.sys|c:\windows\system32\drivers\tcpip.sys
c:\sfcfiles.dll|c:\windows\system32\sfcfiles.dll
-
Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
-
Save the above as CFScript.txt
-
Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
- After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
[*]Combofix.txt [*]A new OTListit log.
nothing happen when i run notepad.exe
it only opens new notepad.so i paste that code as u said n saved it.
i got only combofix.txt
didnt got other file.
may i enable avast? or not
Now that looks better - all the files are legit ;D
What problems do you have now ?
when i switch on my pc then i got msg that my automatic updates from security centre is off and firewall also is off so can i switch it on?
u have seen some logs which i posted her and some txt files so is my pc is safe from virus? does my pc have any virus?
wat was the use of mbr file and combofix?should i delete those all files which i downloaded like mbr file,combofix and other logs also.
wat to do the files which i have in chest in my avast?see this screen shot for list of virus in chest.
The files in the chest can be deleted. You need to update your system to service pack 3 and IE8 to keep secure. Turn on the updates and firewall
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Click Start > Run and copy/paste the following bolded text into the Run box and click OK:
ComboFix /Uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
[*]Click Start.
[*]Open My Computer.
[*]Select the Tools menu and click Folder Options.
[*]Select the View Tab.
[*]Under the Hidden files and folders heading select Do not show hidden files and folders.
[]Click Yes to confirm.
[]Click OK.
THEN
Download Flush Flash from Here and follow the easy to use instructions on the same page
NEXT
Download and run Puran Disc Defragmenter
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
[*]SpywareBlaster to help prevent spyware from installing in the first place.
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes. Run weekly to keep your system clean
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To keep your operating system up to date visit
[*]Microsoft Windows Update
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe
thank u
u said me that files in chest can be deleted. but i seen in avast chest that system32 is infected by virus so if i delete it then it can give any error so how i can delete it?
and also u said me to download SpywareBlaster and Malwarebytes. so how it is possible to use 3 antivirus or spyware in my pc bcoz i m using avast.
but i seen in avast chest that system32 is infected by virus so if i delete it then it can give any error so how i can delete it?If you are using Avast5 they can be deleted - if you are using Avast 4.8 then let me know what the files are
and also u said me to download SpywareBlaster and Malwarebytes. so how it is possible to use 3 antivirus or spyware in my pc bcoz i m using avast.SpywareBlaster places kill bits within your registry and is totally passive, it will interfere with nothing. Malwarebytes is purely a malware cleaner and not an antivirus, so it will not conflict
i m using avast 5 so wat i do?
can i delete chest files or not? hope the files in system32 will not deleted if u say me to delete chest files.
Avast 5 does not keep copies of the system files as 4.8 did. So give it a week and then delete them
Indeed, last versions of the 5 stream do not even import them from an earlier installation of version 4.
You must have installed an earlier 5 version.
You can delete that files.
thanks tech boy.
essexboy if i delete chest files after a week and if it deletes files from system32, then wat to do?
does my pc will give error?
essexboy when i click flushflash, then i get following things to select. which things i select? see screenshot.
The files in quarantine are not being used at all by windows - they have been rendered inoperative. They will not be deleted from system 32 but just from the quarantine chest
For flushflash select all
ok i will delete chest files after a week.
i installed puran defrag free software as u said. but i do not know why it is used and how to use?can u tell me wat to do.see screen shot.
Click over the disks you want to defrag and press the button “defrag”.
Or schedule a boot time defragmentation.
sorry i dont know wat mean of defrag?can u tell me dear.