[RESOLVED]SMART HDD Infection
- Thread starter Tillpott
- Start date
RE: SMART HDD Infection
Hi this should be able to restore your access back...
Please post:
All RKreport.txt text files located on your desktop.
Hi this should be able to restore your access back...
- Download RogueKiller and save it on your desktop.
- Quit all programs
- Start RogueKiller.exe.
- Wait until Prescan has finished ...
- Click on Scan
- Wait for the end of the scan.
- The report has been created on the desktop.
- Click on the Delete button.
- The report has been created on the desktop.
- Next click on the ShortcutsFix
- The report has been created on the desktop.
Please post:
All RKreport.txt text files located on your desktop.
- Apr 13, 2012
- 15
RE: SMART HDD Infection
.
All RogueKiller reports attached.
Progress report:
Desktop Icons have returned
All Programs from Start menu have returned BUT MOST are (empty)
e.g.
START > ALL PROGRAMS > ACCESSORIES > COMMUNICATIONS (empty)
START > ALL PROGRAMS > ACCESSORIES > ENTERTAINMENT (empty)
START > ALL PROGRAMS > ACCESSORIES > GAMES (empty)
START > ALL PROGRAMS > ACCESSORIES> SYSTEM TOOLS (empty)
How do I get the information / links back in the folders
Nice working with you - a positive beginning
[attachment=1134]
[attachment=1135]
[attachment=1136]
.
All RogueKiller reports attached.
Progress report:
Desktop Icons have returned
All Programs from Start menu have returned BUT MOST are (empty)
e.g.
START > ALL PROGRAMS > ACCESSORIES > COMMUNICATIONS (empty)
START > ALL PROGRAMS > ACCESSORIES > ENTERTAINMENT (empty)
START > ALL PROGRAMS > ACCESSORIES > GAMES (empty)
START > ALL PROGRAMS > ACCESSORIES> SYSTEM TOOLS (empty)
How do I get the information / links back in the folders
Nice working with you - a positive beginning
[attachment=1134]
[attachment=1135]
[attachment=1136]
- Apr 13, 2012
- 15
RE: SMART HDD Infection
.
REMEMBER I have Windows XP
-
I have already "Customized" my Taskbar and Start Menu that's NOT the problem.
Program SHORTCUTS in the Start menu have returned BUT MOST are (empty)
e.g. Windows XP
START > ALL PROGRAMS > ACCESSORIES > COMMUNICATIONS (empty)
START > ALL PROGRAMS > ACCESSORIES > ENTERTAINMENT (empty)
START > ALL PROGRAMS > ACCESSORIES > GAMES (empty)
START > ALL PROGRAMS > ACCESSORIES> SYSTEM TOOLS (empty)
How do I get the SHORTCUTS back FOR THE ABOVE - PARTICULARLY in SYSTEM TOOLS ???? :huh: Please
I have got most programs I need fixed by RE-INSTALLING them and the shortcut has appeared again in START > ALL PROGRAMS
Without these shortcuts we have to go into Explore / Programs / find the Program - then scroll through a whole bunch of information in the hope of finding the right Icon that starts the program -
It is way too dangerous for Hubby & I to be searching through parts of the computer he does not now how to navigate and it is just leaving ourselves open for more problems in the future
Thanks for your advice - I am a work in progress
Windows XP
.
REMEMBER I have Windows XP
-
I have already "Customized" my Taskbar and Start Menu that's NOT the problem.
Program SHORTCUTS in the Start menu have returned BUT MOST are (empty)
e.g. Windows XP
START > ALL PROGRAMS > ACCESSORIES > COMMUNICATIONS (empty)
START > ALL PROGRAMS > ACCESSORIES > ENTERTAINMENT (empty)
START > ALL PROGRAMS > ACCESSORIES > GAMES (empty)
START > ALL PROGRAMS > ACCESSORIES> SYSTEM TOOLS (empty)
How do I get the SHORTCUTS back FOR THE ABOVE - PARTICULARLY in SYSTEM TOOLS ???? :huh: Please
I have got most programs I need fixed by RE-INSTALLING them and the shortcut has appeared again in START > ALL PROGRAMS
Without these shortcuts we have to go into Explore / Programs / find the Program - then scroll through a whole bunch of information in the hope of finding the right Icon that starts the program -
It is way too dangerous for Hubby & I to be searching through parts of the computer he does not now how to navigate and it is just leaving ourselves open for more problems in the future
Thanks for your advice - I am a work in progress
Windows XP
RE: SMART HDD Infection
Thanks for the notice! i have a idea of fixing that...
Download OTL to your Desktop
Thanks for the notice! i have a idea of fixing that...
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Post both logs
RE: SMART HDD Infection
Thats not in there lets try this...
Restore Accessories Program Files Menu
Please download this tool here.
http://www.winxptutor.com/download/accrestore.zip
You will need to unzip the tool first.
Once you've unzipped the tool, please double-click on it to run it.
Ensure that the following check boxes are checked (as seen in this image below):
Once they are, click on the Restore button.
NEXT:
Restore Admin Tools Program Files Menu
Please download this tool here.
http://www.winxptutor.com/download/admintools.zip
You will need to unzip the tool first.
Once you've unzipped the tool, please double-click on it to run it.
Click on the Restore Administrative Tools Items button.
As seen in this image below:
Thats not in there lets try this...
Restore Accessories Program Files Menu
Please download this tool here.
http://www.winxptutor.com/download/accrestore.zip
You will need to unzip the tool first.
Once you've unzipped the tool, please double-click on it to run it.
Ensure that the following check boxes are checked (as seen in this image below):
Once they are, click on the Restore button.
NEXT:
Restore Admin Tools Program Files Menu
Please download this tool here.
http://www.winxptutor.com/download/admintools.zip
You will need to unzip the tool first.
Once you've unzipped the tool, please double-click on it to run it.
Click on the Restore Administrative Tools Items button.
As seen in this image below:
RE: SMART HDD Infection
LOL! I mean post the scan log in which threats were found
The scan log that was made when u got infected and scanned with MBAM
LOL! I mean post the scan log in which threats were found
The scan log that was made when u got infected and scanned with MBAM
- Apr 13, 2012
- 15
RE: SMART HDD Infection
[/align]
[attachment=1139]
Sorry I don't have them - I had to re-install MAB yesterday - and I am not sure if SMART HDD shows in there - but I will incluide it anyway.
:blush:
I did do a .dds scan for PCPitstops Forum - but have not had any help from them they seem overloaded so I came here - and am so glad I did - this will be my first port of call should I ever need assistance again you guys rock.
If you would like the ddstxt adn ddsattach let me know.
[/align]
[attachment=1139]
Sorry I don't have them - I had to re-install MAB yesterday - and I am not sure if SMART HDD shows in there - but I will incluide it anyway.
:blush:
I did do a .dds scan for PCPitstops Forum - but have not had any help from them they seem overloaded so I came here - and am so glad I did - this will be my first port of call should I ever need assistance again you guys rock.
If you would like the ddstxt adn ddsattach let me know.
RE: SMART HDD Infection
Ok...no problem i was to take some malware samples from your MBAM quarantine and send then to the AV vendors.
As an addition step it's recommended that you download other free anti-malware software from the list below and run a full system scan :
Microsoft Safety Scanner
ESET Online Scanner
Ok...no problem i was to take some malware samples from your MBAM quarantine and send then to the AV vendors.
As an addition step it's recommended that you download other free anti-malware software from the list below and run a full system scan :
RE: SMART HDD Infection
Congratulations!! Your PC is all clean!
To uninstall ComboFix
(Note: Make sure there's a space between the word ComboFix and the forward-slash.)
Here are some additional links for you to check out to help you with your computer security.
Browsers
Just because your computer came loaded with Internet Explorer doesn't mean that you have to use it, there are other free alternatives, FIREFOX and OPERA, both are free to use and are more secure than IE.
If you are using firefox you can stay more secure by adding NoScript and WOT (Web Of Trust)
NoScript stops Java scripts from starting on a web page unless you give permission for them, and WOT (Web Of Trust) has a comprehensive list of ratings for different websites allowing you to easily see if a website that you are about to go to has a bad reputation; in fact it will warn you to check if you are sure that you want to continue to a bad website.
Cleaning
Now that your PC is free of malware, it is important to clean up your PC. There are several good free cleaners available. You should make sure to clean up your temp files regularly, at least once a week.
ATF Cleaner
CCleaner
Defragmenting Your Hard Disk
Over time your PC can become fragmented, Windows comes with a defragmenting utility, however, it is very slow, and there are other options available.
To use the defragmenter included with Windows either go to Start/Run and type dfrg.msc, hit enter; or
right-click My Computer, choose Manage, Storage, Disk Defragmenter.
In the Defragmenter utility, select your main partition/HD, generally C:\ and select analyze . The analysis report will tell you whether or not your disk needs to be defragmented, if it does, click defragment. Be patient, this can take a long time.
Repeat for multiple partitions/hard disks.
System Restore Cleanup Instructions
If you are using Windows ME or XP then it is good to disable and re-enable system restore to make sure there are no infected files left in a restore point. (All restore points will be deleted that way)
You can find instructions on how to disable and re-enable system restore here:
Windows ME System Restore Guide
Windows XP System Restore Guide
Window Vista and Windows 7
Reading Tip:
Computer Health
Keep Your System Updated
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Please ensure that you visit the following websites regularly or do update your system regularly.
Install the updates immediately, if they are found. Reboot your computer if necessary, revisit Windows Update and Office update sites until there are no more updates to be installed.
To update Windows and office
Go to Start > All Programs > Microsoft Update
Alternatively, you can visit the link below to update Windows and Office products.
Microsoft Update
If you are forgetful, you can change some settings so that you will be informed of updates. Here's how:
1. Go to Start > Control Panel > Automatic Updates
2. Select Automatic (recommended) radio button if you want the updates to be downloaded and installed without prompting you.
3. Select Download updates for me, but let me chose when to install them radio button if you want the updates to be downloaded automatically but to be installed at another time.4. Select Notify me but don't automatically download or install them radio button if you want to be notified of the updates.
Please make sure that you update your antivirus, firewall and anti-spyware programs at least once a week.
Be careful when opening attachments and downloading files.
1. Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
2. Never open emails from unknown senders.
3. Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These are called hoaxes. The email addresses used in the hoaxes can be easily spoofed. Check the antivirus vendor websites to be sure.
4. Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Surf safely
Many security exploits on websites are directed to users of Internet Explorer and Firefox.
If you use Firefox, try the No-script Add On - which, by default, disables all scripts on all websites. If you trust the website, you can manually allow scripts to work.
Backup regularly
You never know when your PC will become unstable or become so infected that you can't recover it. Follow this Microsoft Article to learn how to backup. Follow This Article by Microsoft to restore your backups.
Alternatively, you can use 3rd-party programs to back up your data. Examples of these can be found at
Bleeping Computer
Avoid P2P
We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
Happy surfing and stay clean!
Congratulations!! Your PC is all clean!
To uninstall ComboFix
- Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
- In the field, type in ComboFix /uninstall
(Note: Make sure there's a space between the word ComboFix and the forward-slash.)
- Then, press Enter, or click OK.
- This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
Here are some additional links for you to check out to help you with your computer security.
Browsers
Just because your computer came loaded with Internet Explorer doesn't mean that you have to use it, there are other free alternatives, FIREFOX and OPERA, both are free to use and are more secure than IE.
If you are using firefox you can stay more secure by adding NoScript and WOT (Web Of Trust)
NoScript stops Java scripts from starting on a web page unless you give permission for them, and WOT (Web Of Trust) has a comprehensive list of ratings for different websites allowing you to easily see if a website that you are about to go to has a bad reputation; in fact it will warn you to check if you are sure that you want to continue to a bad website.
- Make your Internet Explorer more secure - This can be done by following these simple instructions:
- From within Internet Explorer click on the Tools menu and then click on Options.
- Click once on the Security tab
- Click once on the Internet icon so it becomes highlighted.
- Click once on the Custom Level button.
- Change the Download signed ActiveX controls to Prompt
- Change the Download unsigned ActiveX controls to Disable
- Change the Initialize and script ActiveX controls not marked as safe to Disable
- Change the Installation of desktop items to Prompt
- Change the Launching programs and files in an IFRAME to Prompt
- Change the Navigate sub-frames across different domains to Prompt
- When all these settings have been made, click on the OK button
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Next press the Apply button and then the OK to exit the Internet Properties page.
Cleaning
Now that your PC is free of malware, it is important to clean up your PC. There are several good free cleaners available. You should make sure to clean up your temp files regularly, at least once a week.
ATF Cleaner
CCleaner
Defragmenting Your Hard Disk
Over time your PC can become fragmented, Windows comes with a defragmenting utility, however, it is very slow, and there are other options available.
To use the defragmenter included with Windows either go to Start/Run and type dfrg.msc, hit enter; or
right-click My Computer, choose Manage, Storage, Disk Defragmenter.
In the Defragmenter utility, select your main partition/HD, generally C:\ and select analyze . The analysis report will tell you whether or not your disk needs to be defragmented, if it does, click defragment. Be patient, this can take a long time.
Repeat for multiple partitions/hard disks.
System Restore Cleanup Instructions
If you are using Windows ME or XP then it is good to disable and re-enable system restore to make sure there are no infected files left in a restore point. (All restore points will be deleted that way)
You can find instructions on how to disable and re-enable system restore here:
Windows ME System Restore Guide
Windows XP System Restore Guide
Window Vista and Windows 7
Reading Tip:
Computer Health
Keep Your System Updated
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Please ensure that you visit the following websites regularly or do update your system regularly.
Install the updates immediately, if they are found. Reboot your computer if necessary, revisit Windows Update and Office update sites until there are no more updates to be installed.
To update Windows and office
Go to Start > All Programs > Microsoft Update
Alternatively, you can visit the link below to update Windows and Office products.
Microsoft Update
If you are forgetful, you can change some settings so that you will be informed of updates. Here's how:
1. Go to Start > Control Panel > Automatic Updates
2. Select Automatic (recommended) radio button if you want the updates to be downloaded and installed without prompting you.
3. Select Download updates for me, but let me chose when to install them radio button if you want the updates to be downloaded automatically but to be installed at another time.4. Select Notify me but don't automatically download or install them radio button if you want to be notified of the updates.
Please make sure that you update your antivirus, firewall and anti-spyware programs at least once a week.
Be careful when opening attachments and downloading files.
1. Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
2. Never open emails from unknown senders.
3. Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These are called hoaxes. The email addresses used in the hoaxes can be easily spoofed. Check the antivirus vendor websites to be sure.
4. Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Surf safely
Many security exploits on websites are directed to users of Internet Explorer and Firefox.
If you use Firefox, try the No-script Add On - which, by default, disables all scripts on all websites. If you trust the website, you can manually allow scripts to work.
Backup regularly
You never know when your PC will become unstable or become so infected that you can't recover it. Follow this Microsoft Article to learn how to backup. Follow This Article by Microsoft to restore your backups.
Alternatively, you can use 3rd-party programs to back up your data. Examples of these can be found at
Bleeping Computer
Avoid P2P
We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
Happy surfing and stay clean!
RE: SMART HDD Infection
Nope! i am malwarekiller
Tillpott said:????? Are you blonde 2 . . . Ha Ha
Nope! i am malwarekiller
- Apr 13, 2012
- 15
RE: SMART HDD Infection
.
Thank you malawarekiller for ALL your help and instructions yesterday - (I ran out of downloads and had to wait till my new plan started today) I have run SuperAntiSpyware and Malawarebytes - Complete Scans had both are clear.
I have checked my IE8 with all of the instructions above and Idid not have to change anything on my Browser it was already set up as you said.
I will follow through with other suggestions you have made now that I can download again.
It is a wonderful feeling to have control of my computer again.
You are AWESOME. THANKS AGAIN
Kind Regards
.
Thank you malawarekiller for ALL your help and instructions yesterday - (I ran out of downloads and had to wait till my new plan started today) I have run SuperAntiSpyware and Malawarebytes - Complete Scans had both are clear.
I have checked my IE8 with all of the instructions above and Idid not have to change anything on my Browser it was already set up as you said.
I will follow through with other suggestions you have made now that I can download again.
It is a wonderful feeling to have control of my computer again.
You are AWESOME.
THANKS AGAIN Kind Regards
Similar threads
-
- Locked
