|
|
|
Junior Member
 
Group: Forum Members
Last Login: 7/19/2008 6:12 AM
Posts: 130,
Visits: 235
|
|
Hi on my other computer I think Ive been hijacked or there is a virus. When I try and load up Firefox, it comes up with the message Security Warning . Appication caanot be executed. Th e file bndcore.exe is infected. Do you want to activate your antivirus software now? Then if I answer yes the website for antispycraft comes up.
I already have avast running and I cant download any other applications to try and get rid of it. I have done a scan which came up with a few errors whic moved to chest but having that it still doesnt let me get onto any websire and keeps coming up with the above message. Please help.thanks
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,658,
Visits: 54,734
|
|
First of all which operating system have you got installed.
If you're running XP,have you tried System Restore in Safe Mode with Command Prompt.
If you have not disabled System Restore,restart your pc and select 'Safe Mode with Command Prompt'.
At the prompt copy and paste:
%systemroot%\system32\restore\rstrui.exe
Then press Enter.
Follow the onscreen instructions.
If still no joy try the following:
Download the following,save them to flash drive,then transfer them over to the infected pc.
Download TDSSKiller.zip
Download ComboFix from HERE
Then follow the steps below to run them both:
* Please download TDSSKiller.zip by Kaspersky,and save it to your desktop.
* Extract the zip file to your desktop (Very important its located there!).
* Click on Start > Run copy and paste the following bold text into the "Open:" space, then press Enter
"%userprofile%\desktop\tdsskiller.exe" -l report.txt
* The TDSSKiller rootkit removing tool should open on your desktop,click the "Start scan" button
* When the tool has finished running,close it.
* If needed reboot the computer.
It will produce a text file (report.txt) on your desktop.
Post the entire contents of that file into your next reply.
Download ComboFix from HERE to your Desktop,by following the steps below.
**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
1.If you are using Firefox, make sure that your download settings are as follows:
* Click on Tools->Options->"Main" tab
* Set to "Always ask me where to Save the files".
2.During the download,rename Combofix to Combo-Fix as follows:
3.It is important you rename Combofix during the download, but not after.
4.Please do not rename Combofix to other names, but only to the one indicated.
5.Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
* Click Here to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------
* Close any open browsers.
* WARNING: Combofix will disconnect your machine from the Internet as soon as it starts.
* Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
* If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
-----------------------------------------------------------
6.Double click on Combo-Fix.exe & follow the prompts,if you're running Windows Vista\Windows 7 right click on Combo-Fix.exe and click on "Run as Administrator".
7.When finished, it will produce a report for you.
8.Please post the contents of "C:\Combo-Fix.txt" into your next reply.
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**
___________________________________________________________
|
|
|
|
|
Junior Member
Group: Forum Members
Last Login: 7/19/2008 6:12 AM
Posts: 130,
Visits: 235
|
|
| Apologies the other pc is on vista. Does this make a difference to your advice? thanks
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,658,
Visits: 54,734
|
|
For Vista boot into just basic Safe Mode using the F8 method.
In Safe Mode click on Start,in the Start Menu "search" box type restore and you'll immediately see System Restore at the top of the start menu. You can also type rstrui into the search box and hit Enter.
Roll back the system to the last restore point by selecting "Recommended restore", and click Next.
Confirm your restore point and then restart your computer normally to roll the system back.
Carry on with the rest of the steps above as posted if necessary.
___________________________________________________________
|
|
|
|
|
Junior Member
Group: Forum Members
Last Login: 7/19/2008 6:12 AM
Posts: 130,
Visits: 235
|
|
| It seems to have worked with the restore.Thanks very much
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,658,
Visits: 54,734
|
|
You're welcome 
___________________________________________________________
|
|
|
|
