Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Blue Screen


  • This topic is locked This topic is locked

#16
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
umm i dont know if i have a partition or not. i dont even know what that is...

how do i check?

Edited by LSEactuary, 20 November 2010 - 09:28 AM.

  • 0

Advertisements


#17
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
After typing

'map' after the c:\windows prompt i get

C: NFTS 9998MB \ DEVICE\HARDDISK0\PARTITION 1
E: NFTS 186159MB \DEVICE\HARDDISK0\PARTITION 2
D: NFTS 286158MB \ DEVICE\HARDDISK1\PARTITION 1
J: \ DEVICE\CDROM1
K: \DEVICE\CDROM2

Edited by LSEactuary, 20 November 2010 - 09:35 AM.

  • 0

#18
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
If you have only XP installed and the other partition is just for data storage, you can go ahead with the fixmbr command.
  • 0

#19
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
okay it says 'the new master boot command has been sucessfully written'.
  • 0

#20
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY!

IT WORKED!!!! :D

Should I scan it and post logs or something to make sure everythigs fine? What shall I use?
  • 0

#21
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Yes, please do so.

OTL
-----
Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Quick Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

  • 0

#22
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
scan complete - only 1 report came up (attached)

btw a lot of files are on my computer that i recall deleting. loads of temporary files too. what shall i do?

Attached Files

  • Attached File  OTL.Txt   52.85KB   158 downloads

  • 0

#23
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Hi again, there is still some malware alive there, so lets get rid of that. :D

COMBOFIX
---------------
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#24
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
heres the combofix report:

Attached Files

  • Attached File  log.txt   15.4KB   210 downloads

  • 0

#25
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Hi, that was still quite some malware and more to go. :D

CF-SCRIPT
-------------
We need to execute a CF-script.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Start > Run and in the box that opens type notepad and press enter. Copy/paste the text in the codebox below into it:
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yfixatofoke"=-

File::
c:\windows\oxuwoyul.dll

Driver::
jtflnqg
ahxljnbn
cstgbops
epqnanfy
ewfdbvpr
fazsnxbs
hlkbiybv
izguimaq
jraxstkx
lgcqxfww
mohlczml
qkyotxfh
sufumffj
Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0

Advertisements


#26
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
i hope this helps...

Attached Files

  • Attached File  log.txt   13.37KB   182 downloads

  • 0

#27
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Hi there, that is looking quite okay now. :D How are things running? Any problems left?

Please rerun OTL, click the NONE button, then change the value under Extra Registry to "use safelist" and click Run Scan. Post me extra.txt
  • 0

#28
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Thanks! :D Everything's working perfectly atm. I'm asking everyone to save stuff on their USBs so the computer remains 'empty' just in case. Ill scan it again on Friday/the weekend - that gives it enough time to 'settle down'! lol

Thanks so much for the help though - I owe you £200! ;)
  • 0

#29
Elise

Elise

    Emsisoft Research

  • Expert
  • 3,389 posts
Hi there, I'm glad to hear that. :D

To make sure everything stays clean, I recommend to post extra.txt as instructed, so we can make sure all your programs are up to date.
  • 0

#30
LSEactuary

LSEactuary

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
as requested.... :D

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP