Показано с 1 по 8 из 8.

please help me fix my sister's computer

  1. #1
    Junior Member Репутация
    Регистрация
    21.02.2009
    Адрес
    I'm a Texas baby!
    Сообщений
    9
    Вес репутации
    33

    please help me fix my sister's computer

    Dear friends, While visiting my sister, she asked me to take a look at her computer that's been running slow. Yikes!! What a mess of virus's. I tried some online scanners but keep getting different answers. So as always I'm turning to you guys ( my secret weapon). l hope the log files are as requested. Any advice or cures would be appreciated. Please help make me a hero, guys. Thank you in advance. Judi Mattes. P.S. something called windows installer is trying to install itself. Also eztracks. I noticed sp3 waiting in the wings but didn't install it yet untill i speak with you. thanks.
    Вложения Вложения

  2. #2
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3001
    Цитата Сообщение от becausewesayso Посмотреть сообщение
    :I noticed sp3 waiting in the wings but didn't install it yet untill i speak with you.
    SP3 must be installed. And it's not all: just after issuing of SP3 a couple of patches were published. They must be installed too

    Switch off/Disable:
    - Antivirus and and, if you have - Firewall.
    - System Restore

    -Fix with Hijackthis
    Код:
    O4 - HKLM\..\Run: [requester] "C:\WINDOWS\system32\requester.11.exe"
    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     QuarantineFile('C:\WINDOWS\system32\requester.11.exe','');
     DeleteFile('C:\WINDOWS\system32\requester.11.exe');
    BC_ImportAll;
    ExecuteSysClean;
    SetAVZPMStatus(True);
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot execute following script
    Код:
    begin
    CreateQurantineArchive('C:\quarantine.zip');
    end.
    - Clean Temp-Maps, Cache of Browsers, Recycler. Use Windows service tool cleanmgr or CCleaner or ClearProg
    - Close all the programs and start only Internet Explorer!!!
    - Repeat 3 log files.
    - Switch Antivirus and, if you have - Firewall, on.
    - Go On-Line
    - Upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.
    - Attach 3 logs to your new post..

  3. #3
    Junior Member Репутация
    Регистрация
    21.02.2009
    Адрес
    I'm a Texas baby!
    Сообщений
    9
    Вес репутации
    33

    eztracks keeps trying to install with every mouse click

    trying to install itself when I open a new window and will not delete, only cancel after repeated mouse clicks. What a pain!! Says it's searching for an msi. installer pkg. Also, seperately on last reboot,something tried to install unknown hardware too, but I haven't installed any new hardware. weird? installed sp3, IE8, all updates per Mocrosoft's update web page.Downloaded, installed, and ran ccleaner. Executed scripts, uploaded quarantined files, and log files attached. thanks in advance. you guys are the best.
    Вложения Вложения

  4. #4
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3001
    - Execute following script
    Код:
    begin
    SearchRootkit(true, true);
    SetAVZGuardStatus(True);
     DelBHO('{3023AF97-870E-476A-B30E-3923DF2B84BD}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9F1C11AA-197B-4942-BA54-47A8489BB47F}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{41F17733-B041-4099-A042-B518BB6A408C}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-9980-0010-8000-00AA00389B71}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}');
     RegKeyDel('HKLM','SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0335A685-ED24-4F7B-A08E-3BD15D84E668}');
     DeleteFile('C:\PROGRA~1\MYWEBS~1\bar\8.bin\M3PLUGIN.DLL');
     DeleteFile('C:\Program Files\EZTRACKS\eztracks_ieplug.dll');
    BC_ImportAll;
    ExecuteSysClean;
    BC_Activate;
    RebootWindows(true);
    end.
    After reboot
    - Repeat 3 log files.

  5. #5
    Junior Member Репутация
    Регистрация
    21.02.2009
    Адрес
    I'm a Texas baby!
    Сообщений
    9
    Вес репутации
    33

    eztracks gone!!

    i managed to get rid of eztracks before i took my nap. I saw you had it in this last script. Maybe between the two of us it's finally gone! i ran the scans as requested. They took no time at all. Boy have you done it again, I'm feeling my hero status coming on strong now.This is soooooo cool. Rene, YOU ROCK!!
    Вложения Вложения

  6. #6
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    3001
    I found nothing suspicious in your logs.
    Pls. install the last version of Adobe Reader (9.2) or uninstall it completely.
    Pls. check, if all Windows-Updates are installed (www.windowsupdate.com).

  7. #7
    Junior Member Репутация
    Регистрация
    21.02.2009
    Адрес
    I'm a Texas baby!
    Сообщений
    9
    Вес репутации
    33
    Thanks I'll get right on it I'll let you know.

  8. #8
    Junior Member Репутация
    Регистрация
    21.02.2009
    Адрес
    I'm a Texas baby!
    Сообщений
    9
    Вес репутации
    33

    My Sister's Hero

    Thank you so much Rene!!Now We are truly my sister's heroes.I took the time to blow the dust bunnies out. Seems like it's humming now. Thanks again!! 'till next time, Cheers! J Mattes

Похожие темы

  1. Ответов: 1
    Последнее сообщение: 15.01.2011, 03:00
  2. Ответов: 10
    Последнее сообщение: 22.02.2009, 07:16
  3. Ответов: 6
    Последнее сообщение: 22.02.2009, 06:14
  4. Ответов: 9
    Последнее сообщение: 01.07.2008, 17:35
  5. Help me! my computer slow down. a turtle must be faster then my computer.
    От baris в разделе Malware Removal Service
    Ответов: 4
    Последнее сообщение: 09.05.2008, 09:41

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.00275 seconds with 17 queries