Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

win32 trojan and others [Solved]


  • This topic is locked This topic is locked

#16
archie10

archie10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
I get to see it but all greyed out.
Um type in command hit enter.
Okay type in nautilus. hit enter.
Alt f2 again click on nautilus hit enter, hit enter, hit enter, hit enter,
no joy,
How exactly am I supposed to get it out of the console????
It does not take me anywhere just exits back to home folder with no results or file?
Pardon me for being as smart as a rock, but I must not be doing some thing right?
If I double click it, it just leaves the console,then alt f2 I can see it but not any where in real world??
Its telling me it made it but how do I find it?
Searched my hard drive with both nautilus. and MBRbackup.zip,its not there?
Do I do a shift click to travel ??
again thanks for your time (it seems that maybe I need a crowbar to pry it out of there lol)

Edited by archie10, 03 April 2012 - 02:49 AM.

  • 0

Advertisements


#17
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

you need to type the command starting with dd into your terminal, not into the alt-f2 box, right? Then it should appear in your home directory, when you open nautilus.

regards myrti
  • 0

#18
archie10

archie10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
[email protected]:~$ dd if=/dev/sda of=MBRbackup.zip bs=512 count=1
dd: opening `/dev/sda': Permission denied
[email protected]:~$
Keep getting this message that is input to the terminal in Ubuntu.
While looking for a work around I came across this,
http://forums.malwar...howtopic=101122
and this,
http://ad13.geekstogo.com/MBRCheck.exe
Would this get you the data that you need ?

Half way down the thread it says, that you down load this to your desktop
and close all running programs and run it on exit it produces a log file

thank you very much for your help
it is greatly appreciated
  • 0

#19
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

I'm sorry, you will need to alter the command: sudo dd if=/dev/sda of=MBRbackup.zip bs=512 count=1

MBRCheck can not be run from Ubuntu and it will be fooled by the infection, if present, if run from within Windows.

regrads myrti
  • 0

#20
archie10

archie10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
And mister potato head strikes again.
Hope this is what you want.
worked like a charm
thanks again for the crash course in linux
(lol) (lol)

Attached Files


  • 0

#21
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

that is looking clean. At this point I'm not sure we're looking at a malware issue and not a software/hardware issue. Did you change anything before that message started appearing?

regards myrti
  • 0

#22
archie10

archie10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Had to clone my hard drive it was failing after 7 years continual operation,
made a direct clone with acronis.
But other than running various trojan killers
windows essentials,immunet and trial maleware bytes.
Just keep getting the same error message about explorer has to close because memory could not be written to
and every time i try to update the drivers to what there supposed to be,
I get the explorer error and a hidden fax error as well
and it wont save my settings either.only on shut down is when these errors occur.
any thoughts other than shoot it ?(lol)
The other drive had the same errors as well.
again thanks for your time and effort
  • 0

#23
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

you could try running a system file check and see if that fixes the issue? If that doesn't help, maybe try the windows forums. I'm sure people there have more experience with that kind of issue than I have and can help you more adequatly.

regards myrti
  • 0

#24
archie10

archie10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Have run the scan you mentioned it runs the full course,
and never wants any thing from the repair drive.
Well since you think my system is bug free,
It must be a corrupted driver for the memory management
system.
I downloaded speed fan and it gets some rather peculiar
readings,any thing to do with fan speed on the cpu comes back as write only
it should be able to read and write to those addresses and it cannot
Nor can I update the cpu drivers memory cannot be written to
nor my video card same error.
What ever it is its in there deep, I thought it might be the processor,
so got another one off of ebay nothing changed same symptoms.
Think its in the software not the hardware its all different but the symptoms persist.
thank you so much for your time
do you think you could get the moderator to move this thread to the windows xp thread
as we are pretty sure its not malware
  • 0

#25
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

the tools we used in this thread are only supposed to be used in this forum, so I can't move the thread. So I would like to ask you to create a new thread and just link to this one instead. That way people will see what we did.
It will also make it more obvious for people that you are waiting for a reply since there are 0 replies to your thread thaen isntead of 25.

If you post and don't get a reply within the next few days, send me a PM and I will get one of the tech staff to take a look.

regards myrti
  • 0

Advertisements


#26
archie10

archie10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
thank you very much for your time and effort it is greatly appreciated.
I have created a new thread and posted a link to this one as well.
  • 0

#27
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Great! :) Let's hope things will work out there.

regards myrti
  • 0

#28
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP