Another 8 step problem & win32/heur virus

By manu060475 · 11 replies
Apr 28, 2009
  1. I need help.

    I tried to do the 8 step, but I'm not able to do anti-malware and SuperAntiSpyware.
    I followed the first step, mentioned for misterzacho. I run combofix.exe.

    I hope I deleted my P2P correctly, if not, it's not intenially (?). I'm just not sure.

    try to attach those information and hope someone can help.

    Problems I have, include restore point not working, my cd/dvd drive not working, web address bar changes, sometimes I'm not able to go to my pages, or error - link is broken.

    just try to push my post up.
    Can anyone help?

    ok, just tried Anti-malware and superAntiSpyware and it worked
    Logs are attached.
  2. touch

    touch TS Rookie Posts: 978

    Hello manu060475

    Update malwarebyte, run a complete scan. Have it to fix what it find

    Please attach fresh hijackthis log, along with new malwarebyte log

    NB. If you haven´t removed Bittorrent, do it now, before posting the log´s ;)
  3. manu060475

    manu060475 TS Rookie Topic Starter

    Thanks touch, finally someone answers.

    I did remove bittorrent, but it still comes up in my lists. I'm no longer able to use it, it's just an empty icon on my programm lists.
    I tried to remove AVG as well, just to get maybe Avira, it doesn't let me.

    I just bought an external harddrive today, hoped to transfer my fotos and some very important files, but it comes up with a message saying: Windows - No disk, Exception Processing Message x00000013 Parameters 75b6bf7c 4 75b6bf7c 75b6bf7c. No idea what that means either. It starts to annoy me, as it keeps coming up every single minute. Can't do something without closing it and it still comes up.

    I'm not able to save that malwarebytes log, but it says:
    Malwarebytes' Anti-Malware 1.36
    Database version: 1945
    Windows 5.1.2600 Service Pack 3

    29/04/2009 6:56:02 PM
    mbam-log-2009-04-29 (18-56-02).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 149597
    Time elapsed: 30 minute(s), 30 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    Do I actually fix anything on that hijackthis program?
  4. touch

    touch TS Rookie Posts: 978

    We´ll leave AVG for now, as you have some infections you´ll have to get rid of.

    Please download Combofix:
    And save to the desktop.

    Open notepad and copy/paste the text in the quotebox below into it:
    Name the file as CFScript
    and Save it on the desktop

    Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
  5. manu060475

    manu060475 TS Rookie Topic Starter

    ok, done all this. file is attached.

    what do I have to do now? Touch are you here? Can you help?
  6. touch

    touch TS Rookie Posts: 978

    I´m here.

    The log looks clean. Tell how things are running, and ready to replace AVG ?
  7. manu060475

    manu060475 TS Rookie Topic Starter

    got my avg running. should I better change to Avira?

    clean logs? Does that mean I'm save to use internet with my logins? Banking as well?

    Thank you so much.
  8. touch

    touch TS Rookie Posts: 978

    Avira or Avast. Because AVG Free does not contain Anti-Rootkit protection - you decide ;)

    It should be safe to use the internet.
  9. manu060475

    manu060475 TS Rookie Topic Starter

    thanks again,
  10. touch

    touch TS Rookie Posts: 978

    My pleasure :)

    You should Create a New Restore Point to prevent possible reinfection from an old one.
    The easiest and safest way to do this is:
    Go to Start > All Programs > Accessories > System Tools > System Restore
    Select Create a restore point, and Ok it.
    Next, go to Start > Run and type in cleanmgr
    Select the More options tab
    Choose the option to clean up system restore and OK it.

    This will remove all restore points except the new one you just created.

    Please download OTCleanIt
    Save it to desktop.
    This will remove all the tools we used to clean your computer.
    Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
    When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
    Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

    To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
    How did I get infected in the first place
  11. manu060475

    manu060475 TS Rookie Topic Starter

    I've done those 2 steps as well.

    everything seems to be fine, except my nero express and nero burning rom, they're not existing anymore. Can't find my disc to re-install. I've found a roxio dvd burning software. Is that as good? Do you know?
  12. touch

    touch TS Rookie Posts: 978

    It used to be good, And still get good reviews
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...