"an unauthorized change was made to windows..." after removi Malwarebytes removed all the Malware but now Windows doesn't work
Posted 15 April 2010 - 12:52 AM
Posted 18 April 2010 - 10:58 PM
and post the logs? (Copy and paste - do not attach)
Posted 20 April 2010 - 11:02 PM
Posted 21 April 2010 - 08:50 AM
Supposedly (haven't tested it myself) there is a Vista recovery disk you can download. It won't reinstall your Vista but should let you run basic fixes.
If you can get it to work then follow the steps in
but instead of Command Prompt choose Startup Repair.
Posted 22 April 2010 - 02:40 PM
Posted 22 April 2010 - 06:02 PM
* Be sure that everything is checked, and click Remove Selected.
If you can, run Combofix as follows:
Download but do not yet run ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:
:!: It must be saved to your desktop, do not run it :!:
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html
Download and Rename this file -- (call it george.exe ) to your Desktop -- from either of these two sources:
Right click on george and Run As Administrator to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Re-activate your protection programs at this time :!:
If you can get a log from either program or from OTL that would be useful.
Posted 22 April 2010 - 11:17 PM
The bad news is that when I click on the George icon I get an error box that says:
!!ALERT!! It is NOT SAFE to continue!
The contents of the ComboFix package has been compromised. Please download a fresh copy from:
Note: You may be infected with a file patching virus "Virut"
I've tried downloading a fresh copy but keep getting the same message.
Is reformatting my only option?
Posted 22 April 2010 - 11:27 PM
Posted 22 April 2010 - 11:42 PM
Downloaded ComboFix saving it as george2.exe and got the same error message twice.
Posted 22 April 2010 - 11:53 PM
Posted 23 April 2010 - 08:55 AM
Posted 23 April 2010 - 10:51 AM
If you can burn a CD on another PC you can create a bootable cd which will tell you if it sees virut.
This is an .iso file which is used to create a bootable disk. Obviously you know how to do that now.
Once you boot on it, have it run an antivirus scan. If it tells you that you have virut then we have to throw in the towel and wipe the drive and reload.
Posted 24 April 2010 - 09:56 AM
Posted 24 April 2010 - 01:57 PM
The good news is that your PC is only 4 months old so reverting back to the way it came from the factory should not be so tragic. Hopefully it either came with disks or has a hidden partition which you access during boot - usually with F12 but it may vary. IF you didn't get disks and it doesn't have a recovery option at boot then contact the manufacturer and ask for the cds or dvd. Usually they will send them for a nominal charge.
Once you reload go immediately to windows update and start downloading all of the patches. Do not go anywhere until you have the full set then go to http://www.avast.com...avast-home.html and get the free avast anti-virus.
I'd also get the free WinPatrol 2010 from http://www.winpatrol.com/download.html
It's a small program that will sit in your systray and warn you if something tries to make changes to your system.
IF you use a USB drive then you might want to install Autorun Eater v2.4.
Another small program which will stay resident and prevent an infected USB drive from infecting your PC.
Then get Firefox http://www.mozilla.c...x/personal.html
and make sure you get the AdBlock Plus Add-on.
Don't let the kids install any p2p software such as Limewire, bittorrent or similar. These are prime sources of viruses.
It's also best if you put a password on any administrative logins and create a standard user login for the kids to use. That way it will limit what damage they can cause.
Keep your Java uptodate and remove older versions if it doesn't do it automatically.
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Adobe is fond of foisting GetPlus on you. You can let them install it and then afterwards, go into Control Panel, Add/Remove Software and remove it. It probably doesn't hurt to leave it but I don't see the need for it and it has caused problems in the past.
Posted 24 April 2010 - 04:52 PM