Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PA MBR Alureon (R-K) Virus [Closed]


  • This topic is locked This topic is locked

#31
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)

I had already ran RK - why am I running again, if you don't mind.

As aswMBR won't run, I need to run RogueKiller to comfirm that the rootkit partition has gone.


Prior to connecting with Geekstogo and yourself, I had run a registry clean and there were a lot of Reg keys that had error and I deleted them; HOWEVER I did save before I deleted and can put the REG keys back. DO YOU THINK IT's NECESSARY?

We will just leave them alone. I don't condone the use of registry cleaners because they can be extremly dangerous in the hands of a novice user. Deleting the wrong entries can render a PC unusable and we don't want to be in a position of helping a user recover from that. There is also no evidence that cleaning out the registry has any effect on the overall speed of a PC.


What do you mean set the Save as type to All Files before saving it.

When you save the file a small window should pop up. At the bottom should be a Save as Type box. Click on the arrow at the end of the box and select All Files from the menu.


Step 1

We need to disable Spybot S&D's "TeaTimer".

TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can re-enable it when we're done if you like.

  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode and then on "Advanced Mode".
    Posted Image
  • You may be presented with a warning dialog. If so, press Yes.
  • Click on Posted Image
  • Click on Posted Image
  • Uncheck these checkboxes:
    Posted Image
  • Close/Exit Spybot Search and Destroy.

  • 0

Advertisements


#32
jazzdazz

jazzdazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Good Afternoon,

I did all that you said re: disabling security on the computer. I ran the COMBOFIX and a dialogue box read "scan will usually finished in 10 minutes, but some computers are badly infected and the time could easily double. After 45 minutes of running I had to leave. Any suggestions????? Is it common for Combofix to run this long? If so I can run again when I return later.


JAZZDAZZ
  • 0

#33
Nedklaw

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Try running ComboFix overnight and you could see if it is still running in the morning.
If it has completed post the log; if it hasn't then post back and tell me.
  • 0

#34
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP