WiredWX Hobby Weather ToolsLog in

 


Another victim of Antivirus System Pro

3 posters

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Something weird is happening. When I paste the instructions into OTM and hit the move it button everything disappears, except my wallpaper. The IE window goes, the OTM goes, even all icons, and task bars. I run task manager and it says no programs running... mouse moves, but there is nothing to click, just the wallpaper... what am I doing wrong?

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Hello, are you able to open Task manager(Ctrl+Shift+Esc)?

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
yes I was, and it said no applications running. I rebooted and tried it a 2nd time and same thing happened...

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Ok I need you to open task manager-->Go to file-->New Task--> and type in this: explorer.exe

Can you see your desktop now?

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Yes, when I do that everything comes back.

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Try to run the above script again and tell me if it happens again.

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
yes it did, I already did it again b4 I tried the explorer.exe command

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Ok lets try this one:


  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :files
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    C:\DOCUME~1\Owner\APPLIC~1\curb readme file
    C:\WINDOWS\tasks\B0F5399F9792AF8B.job
    C:\Program Files\curb readme file
    C:\Program Files\Adverts

    :commands
    [emptytemp]


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
same thing happens

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Alright lets try a different approach:


  • Download combofix from here
    Link 1
    Link 2
1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:

Another victim of Antivirus System Pro - Page 2 CF_download_FF

Another victim of Antivirus System Pro - Page 2 CF_download_rename

3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
I'll have to pick it up again tomorrow, it's 3 AM here, and I can't focus anymore. I really appreciate your help, and I'll get back ASAP

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Ok get some sleep, and I would be glad to help you tomorrow Smile...

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
I have struck a new problem, I ran combofix instead of saving it, therefore didn't change the name. when I realised I saved it and renamed it. now it's telling me it's partial corrupt and to reload another version, when i try to do that it won't replace the file because it says it is in use. I have small combofix boxes on the screen that wont disappear with green bars in them. I do however have the correct combo-fix icon on my desktop, but when I click it I just get the combofix box with the green bars?? I'm lost now... help!! what do I do now?

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
Did the ComboFix fully run though?

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
no it didn't it says something about part of the instalation being corrupt. and now I can't see the icon because it is covered with the boxes with the green bars. there are 3 combofix icons on my task bar that wont close and task manager doesn't see any application for them.

descriptionAnother victim of Antivirus System Pro - Page 2 EmptyRe: Another victim of Antivirus System Pro

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum