Computers and More
For all your computer needs
HomeAbout UsContact UsServicesRegistrationBlogForumLIVE FEEDFeedback
Windows XP
virus malware spyware problems
August, 2010
September, 2010
Blog
RSS
General instruction to remove most hard to remove viruses and spyware.
9/13/2010 1:11:00 PM
General instruction to remove most hard to remove viruses and spyware.  Follow these instructions and you will be able to clean most viruses yourself. Remember before you start to back up all important files in case of failure. I have included all instruction. If you need assistance copy and paste log files as instructed.
 
*These are powerful tools. Do not use them unless you understand and accept the risk.
 
Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
    • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
 
Download ComboFix here :

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

    Click me

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
 
Go to Kaspersky website and perform an online antivirus scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
    • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
When all your logs are clean you need to remove the tools.


Follow these steps to uninstall Combofix and tools used in the removal of malware

Uninstall ComboFix

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.



  • Open OTL
  • Under the Custom Scans/Fixes box at the bottom, paste the following:
:Commands
[clearallrestorepoints]
 
  • Click the Run Fix button at the top
    • It might ask you to reboot, if so click YES
Remember to reactivate your virus protection that we deactivated earlier to run the tools!!!!!!!
 
In addition I suggest a good registry cleaner. There are many available. Ccleaner  or Wise Registry Cleaner Free 5.54 (recommended) are free. There are many other very good paid registry cleaners available also.
 
 
Fix internet explorer after virus
8/19/2010 11:54:57 AM
Fix internet explorer after virus.
 
After cleaning your computer and removing viruses and spyware, many times internet explorer still will not work.
To fix this take these steps.
Open internet explorer
Click tools, internet options
Click on the connection tab
At the bottom you will see “LAN settings” click on it.
There should be a check in “automatically detect settings”
                If anything else is checked or filled in and uncheck it and check “automatically detect settings”
Click ok
Click the advanced tab
Now click on “reset” and then reset again
Now click on ok until all boxes are closed.
Close internet explorer.
And reopen explorer. Web page should open normally.
Best malware/spyware removal free software
8/16/2010 5:12:21 PM
Best malware removal free software I have found available is malwarebytes . It is through and very easy to install and use. I have found it will identify and remove most malware/spyware.
 
If you believe you are infected with malware, download and install malwarebytes . Sometimes the virus/malware will not allow installation. If this is the case restart your computer in safe mode with networking and install and run malwarebytes. Once it runs and removes everything in safe mode restart your computer and run malwarebytes in normal mode to catch everything.  
 Malwarebytes is complete enough it is used by professionals and simple enough to be uses by anyone.
Get an extra 30 grace period to activate Windows XP
8/15/2010 12:52:13 AM
If you have let Windows XP activation grace period expire without activating or you reinstalled Windows XP and now you need to get into windows and don’t want to or cant activate using the wizard on start up.
 
Simple  fix to give you an extra 30 grace period to activate Windows xp.
 
Start the computer in safe mode… not safe mode with networking – networking will not allow you to log on due to not being activated but plain safe mode will.
Click start, run in the run command line type this in exactly   
rundll32.exe syssetup,SetupOobebnk
Note the comma and capitalization have to be included.
If it gives you an error you typed it in wrong. RETRY
If it does not give you an error you got it right.
This will give you a new 30 day activation grace period.
Now restart the computer start windows normally.
Windows XP will not activate after repair install – Activation Wizard will not run
8/5/2010 1:17:53 PM
Windows XP will not activate after repair install – Activation Wizard will not run
 
Here is the situation- I had a computer crash due to virus infection. After all viruses were completely cleaned out I did a repair install of windows XP Pro.  This was originally an SP2 machine that had been updated to SP3 so to do a repair install of XP I slipstreamed SP3 in to a the original Windows XP and burned it to disk. This is a method I have used many times without trouble but mostly on Dell systems which this computer was not.

I stated the repair install and all went just as usual until it finished the installation and started windows. Here I got the windows screen with “please wait” this was taking a long time and it was late so I left it running over night and figured that  it would be good to go when I returned the next morning…. I was wrong. It was still hung on the “please wait” screen. At this point I manually restarted. The log on screen pulled up but after logging on it said that windows most be activated. Again this is not unusual with a repair install. But when I choose to activate  it hangs up and/or gives an error about improper parameters.  I was not able to get in to windows and if I tried to activate I just got computer freezing up and error.
 
 please wait screen
 
This is caused by the activation wizard in SP3 must have at least  internet explorer 8 to run …. The original XP Pro SP2 disk has IE6.
 
This simple fix.
 
Start the computer in safe mode… not safe mode with networking – networking will not allow you to log on due to not being activated but plain safe mode will.
Click start, run in the run command line type this in exactly   
rundll32.exe syssetup,SetupOobebnk
Note the comma and capitalization have to be included.

*** Added Note**
It has been reported that to get this part to work you may have to enter this with the “b” capitalized in SetupOobeBnk
This was not the case for the ones I did but windows may have this file different in some copies. Try it both ways  rundll32.exe syssetup,SetupOobebnk 
and rundll32.exe syssetup,SetupOobeBnk
I think this will solve the problems that any of you are having getting this part to work..

This will give you a new 30 day activation grace period.
Now restart the computer start windows normally.
Now you are able to uses windows but it still will not activate. To fix this you must download IE8.
Note IE7 will work but you might as well go ahead and update all the way to IE8 to make sure there are no further issues.
Once IE8 is installed you will be able to activate windows as normal.
If for some reason you do not see the activation icon – it is located Start-all programs-accessories-system tools
If you do not see it there type this into the run command
oobe/msoobe /a
 
I spent way too much time trying to figure out what was going on here. I originally thought  it might be some hard drive damage or some part of the virus that I had missed, but as it turns out it was simple fix. I just hope that by posting this I save others the headache .
5 items total

Computer recycling is now available. Don’t let your old computer end up in the land field. Recycle it with us.