I've been smacked with this headache. Having a lot of trouble finding a solution. Vista Antivirus 2008 has taken over. Could someone help with a solution. Mcafee will not install due to "not enough memory". I've cleaned and defraged as much as I can. HELP!!!
First, please download ComboFix.
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
? Run Combo-Fix.exe and follow the prompts.
**Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later. ? Wait for the scan to be completed.
? If it requires a reboot, please do it.
? After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Do not click on the ComoboFix window, as it may cause it to stall.
Next, please download the HijackThis zip file. Save it onto a convenient place in your computer, and then unzip the file.
? Click on the button which says Main Menu, then Do a system scan and save a logfile.
? Please wait for the scan to be completed.
? After the scan has completed, a text window will pop up. Please post the contents of this window here.
This will also be located at hijackthis(.txt) in the same folder that HijackThis was originally saved.
NOTE:: Do not fix anything using HijackThis, as this may also damage legitimate components of your computer.
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed. Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing. To be or not to be; thats a dumb question.
SED "/\t.*\\nircmd\.inf$/!d; s///; s/./@pv -kfi &/" temp02 1>temp01.bat
CALL temp01.bat
DEL /Q temp0?.bat temp0?
=============================================
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CFLDR=32788R22FWJFW
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=COMPUTER-R26IN0
ComSpec=C:\WINNT\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\
KMD=CF27619.exe
LOGONSERVER=\\COMPUTER-R26IN0
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Os2LibPath=C:\WINNT\system32\os2\dll;
Path=C:\32788R22FWJFW;C:\WINNT\system32;C:\WINNT;C:\WINNT\system32\wbem;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem
PATHEXT=.cfexe;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0803
ProgramFiles=C:\Program Files
PROMPT=$
sfxcmd="C:\Documents and Settings\Administrator\Desktop\Combo-Fix(.exe).exe"
sfxname=C:\Documents and Settings\Administrator\Desktop\Combo-Fix(.exe).exe
SYSTEM=C:\WINNT\system32
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=COMPUTER-R26IN0
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINNT
=============================================
IF NOT DEFINED sfxname GOTO END
COPY swreg.exe swreg.cfexe
1 file(s) copied.
CALL sfx.cmd
IF /I "C:\32788R22FWJFW" NEQ "C:\32788R22FWJFW" GOTO Abort
IF EXIST "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\32788R22FWJFW32788R22FWJFW.log" DEL "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\32788R22FWJFW32788R22FWJFW.log"
1 file(s) copied.
1 file(s) copied.
(
SET "FileName=Combo-Fix(.exe)"
SET "FilePath=C:\Documents and Settings\Administrator\Desktop\"
)
SET FileName 1>FileName
GREP -isqx "FileName=[-[:alnum:]@.]*" FileName || (
CALL NIRCMD infobox "You cannot rename ComboFix as ~n~nPlease use another name, preferbaly made up of alphanumeric characters" ""
GOTO END
)
IF EXIST "C:\WINNT\system32\cmd.execf" MOVE /Y "C:\WINNT\system32\cmd.execf" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp"
Hmmm... Combofix had a problem. We'll run another tool.
Please download Malwarebytes Anti-Malware and install it. Follow the prompts and reboot if required.
Launch Malwarebytes either by running C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe or double-click the Malwarebytes' Anti-Malware shortcut on your Desktop.
Configuring Malwarebytes
? Click on the tab Settings.
? Make sure only these boxes are checked:
Terminate Internet Explorer
Automatically save and display logfile after removal
Always scan memory objects
Always scan registry objects
Always scan filesystem
Always scan extra and heuristics objects
Updating Malwarebytes
? Click on the tab Update.
? Press the button Check for Updates ? Wait for Malwarebytes to be fully updated.
Scanning Time
? Click on the tab Scanner.
? Check Perform full scan and click on Scan ? Wait for the scan to complete, and then click on Show Results.
? Make sure all items are checked, then click on Remove Selected.
**If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If you are asked to restart the computer, please do so immediately.
Post A Log
? A text box will pop up after the removal process is over. Post the contents of the text here. ? If no text box pops up, launch Malwarebytes, and click on the tab Logs.
? The logs will appear as mbam-log-*date-*time.txt. Select the latest one, and then click on Open.
? Post the log here.
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed. Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing. To be or not to be; thats a dumb question.
