lapdanzer4u
Posts: 21 +0
hi my name is michele i have abebot and trojandownloader.xs infection on my computer and need help getting rid of it i have mcafee and spyware doctor i think the problem is in my registry but need help thank you
Abebot
- Thread starter lapdanzer4u
- Start date
- Status
kritius
Posts: 2,077 +0
Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
Download and Run ComboFix
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
- When completed, a log will open in Notepad. please attach the log into your next reply.
- If you accidently close it, the log file is saved here and will be named like this: C:\Documents and Settings\<your username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Download and Run ComboFix
- Download this file to your desktop from either of the two below listed places :
HERE or HERE
- Then double click combofix.exe & follow the prompts.
- When finished, it shall produce a log for you. Attach that log in your next reply
lapdanzer4u
Posts: 21 +0
hi thank you for helping me i am new at this so far i have i completed malware but i don't know how to attach the log for you also i can't download combo fix i the spy doctor is blocking it all help would be appreciated thank you
lapdanzer4u
Posts: 21 +0
hi kritius ok did malware and did combofix but i can't find the logs to attach i have tried everything sorry to be a pain please help thank you
lapdanzer4u
Posts: 21 +0
hi me again if i try to do everything over again will i damage my computer?
lapdanzer4u
Posts: 21 +0
hi i found my malware log every time i try to attach it it keeps saying invalid file since i did malware and combo fix my virus seems to be gone please help thank you
lapdanzer4u
Posts: 21 +0
Here is one of my logs I don't know where to fing combofix log is
lapdanzer4u
Posts: 21 +0
hi here is combo fix log
kritius
Posts: 2,077 +0
Highjackthis Instructions
Do not add anything to the ignore list.
Don't use the AnalyseThis button, its findings are dangerous if misinterpreted.
- Make sure you have the LATEST version of HJT (currently v2.0.2) it can be downloaded from HERE
- Run the HijackThis Installer and it will automatically place HJT in its own folder, usually C:\Program Files\Trend Micro\HijackThis. Please don't change the directory as it is necessary to create backups.
- After installing, the program launches automatically, select Scan now and save a log
- After the scan is complete copy and paste the contents into your reply.
Do not add anything to the ignore list.
Don't use the AnalyseThis button, its findings are dangerous if misinterpreted.
lapdanzer4u
Posts: 21 +0
hi kritius i just tried to install hijack this but i can't i get a message that says
C:\Documents and Settings\Michele\Local Settings\Temporary Internet Files\Content.IE5\ZVRDNIP1\HJTInstall[1].exe is not a valid win 32 application.
please reply thank you
michele
C:\Documents and Settings\Michele\Local Settings\Temporary Internet Files\Content.IE5\ZVRDNIP1\HJTInstall[1].exe is not a valid win 32 application.
please reply thank you
michele
lapdanzer4u
Posts: 21 +0
hi here is my hijack this log please reply
thank you
thank you
lapdanzer4u
Posts: 21 +0
hi did you have a chance to look at hijack this log please let me know what to do next
thank you
thank you
kritius
Posts: 2,077 +0
Open your C:\ drive and create a new folder called HJT then put HijackThis.exe into it,
Fix entries using HiJackThis
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - (no file)
O3 - Toolbar: Multi_Media - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll<=======This is optional
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O21 - SSODL: RunOnceRam - {93b36616-fa3c-4b53-a150-9aa225ebf1f8} - (no file)
This is the reason for the optional fix
Reboot into safe mode.
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
PowerReg Scheduler V3
Please note any other programs that you don't recognize in that list in your next response.
Do a search and delete the following,
PowerReg Scheduler V3.exe
After that, Reboot, and post a new HijackThis log here in a reply as well as describing how your computer is running at the minute.
Fix entries using HiJackThis
- Launch HiJackThis
- Click the Do a system scan only button
- Put a check next to the entries listed below
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - (no file)
O3 - Toolbar: Multi_Media - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll<=======This is optional
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O21 - SSODL: RunOnceRam - {93b36616-fa3c-4b53-a150-9aa225ebf1f8} - (no file)
- IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
- Click the Fix checked button and close HiJackThis
- Reboot HijackThis if necessary
This is the reason for the optional fix
Reboot into safe mode.
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
PowerReg Scheduler V3
Please note any other programs that you don't recognize in that list in your next response.
Do a search and delete the following,
PowerReg Scheduler V3.exe
After that, Reboot, and post a new HijackThis log here in a reply as well as describing how your computer is running at the minute.
lapdanzer4u
Posts: 21 +0
hi could you please tell me how to do this
open your C:\drive and create a new folder called HJT then put HijackThis.exe into it
i tried but can't seem to do it sorry to be a pain
thank you
open your C:\drive and create a new folder called HJT then put HijackThis.exe into it
i tried but can't seem to do it sorry to be a pain
thank you
lapdanzer4u
Posts: 21 +0
hi kritius i did everything my computer seems to be running fine the only question is i don't have a new hijack this log do i need to do another scan and save log after i've fixed everthing ? and can i remove malwarebytes? thanks for the help
michele
michele
lapdanzer4u
Posts: 21 +0
o k here is the log please reply
- Status
Latest posts
-
EA wants to place ads in full-price games, again- Uncle Al replied
