Announcement

Collapse
No announcement yet.

Computer Virus Question

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
    #1

    Computer Virus Question

    Just returned home from a long weekend with a sick laptop.

    Note: Not my computer, but I brought it home to see if I could help fix it.

    I have finally been able to download and run Malwarebytes.org...came back with multiple issues...cleaned that up.

    Next step, download and run AVG...came back with 4 issues. One has a big red X next to it. When I try to clean it up by first option it told me it "could" cause a system crash. I choose to not go that route and checked on the next option. I have this message, "Threat cannot be removed by standard user rights. Do you want to remove threat as power user?

    Appears it is the Trojan located here
    c:\Windows\System32\sysprep\cryptbase.dll

    Advice?
    Tags: None
    #2
    Back up your files to an external hard drive then reformat laptop to factory settings. Reinstall software programs from original disks including a good virus/ spyware program (I like Trend Microvirus). Scan files on external hard drive before returning them to the laptop. That should cure what ails the sick laptop.

    Comment

      #3
      Might try this also it is free and easy just takes a while....GL

      Page not found
      http://www.microsoft.com/download/en/details.aspx?id=16&WT.mc_id=MSCOM_EN_US_DLC_FAMILIES_121LSUS008548

      Comment

        #4
        Restart the computer in safe mode and re-run tools. Then restart and repeat. Malwarebytes is good, spybot is good, avg is good. Use them all.

        Comment

          #5
          Since I owe you I could do it for you. If you need help pm me.

          Comment

            #6
            I work in the IT field and i have found Combofix has worked great for us you can get it here http://www.bleepingcomputer.com/comb...o-use-combofix
            just download it from that site id also suggest running it in safemode with networking enabled so it can downlaod any updates to the software and remove what you have.

            Another one is Hitman pro i think they will let you run it and remove things atleast once for free. http://www.surfright.nl/en

            I hope this can help out and thanks for the help on my TBH member sticker in the mail!

            Comment

              #7
              Download combofix for sure. Boot to safe mode, run combofix. Should take care of the problem.

              Comment

                #8
                Originally posted by dcw View Post
                Since I owe you I could do it for you. If you need help pm me.
                I'll try the suggestions listed for cleaning...if I fail at it...I will definitely be pm'ing you!

                Thanks!

                Comment

                  #9
                  One more question....

                  I have the laptop clean. BUT...I have one last issue I would like to fix. I am getting this message upon start up...

                  There was a problem starting
                  C:\ProgramData\GoogleOnlineOnline.dll
                  The specific module can not be found.

                  I've googled, and been directed to a Module.dll Repair Tool...but I don't want to download anything I am not familiar with. Is this legit?

                  Comment

                    #10
                    go to start\run and type regedit. click on the HKeyLocalMachine\Software\Microsft\Windows\Current Version\Run and look for that statement in the right hand side of the box. highlight it, hit delete and confirm the deletion. if it isnt there, click start\programs(or All Programs depending on your OS)\startup and remove anything related to google in there. if its not there, go to the top and click Edit in the toolbar, then type that dll name. delete every instance it finds in the registry.


                    if that doesnt work try opening a command prompt and typing regsvr32 /u C:\ProgramData\GoogleOnlineOnline.dll then hit enter. if it tells you server successfully unregistered, reboot and do a search for that dll. delete it at that point once you find it.
                    Last edited by Tommyh; 11-09-2011, 12:49 PM.

                    Comment

                      #11
                      Originally posted by Tommyh View Post
                      go to start\run and type regedit. click on the HKeyLocalMachine\Software\Microsft\Windows\Current Version\Run and look for that statement in the right hand side of the box. highlight it, hit delete and confirm the deletion. if it isnt there, click start\programs(or All Programs depending on your OS)\startup and remove anything related to google in there. if its not there, go to the top and click Edit in the toolbar, then type that dll name. delete every instance it finds in the registry.


                      if that doesnt work try opening a command prompt and typing regsvr32 /u C:\ProgramData\GoogleOnlineOnline.dll then hit enter. if it tells you server successfully unregistered, reboot and do a search for that dll. delete it at that point once you find it.
                      Didn't show up on either of those.

                      Comment

                        #12
                        okay okay okay try this. open regedit and click file search then put the name in there. thats waht i meant but brain got ahead of my fingers sorry

                        Comment

                          #13
                          Originally posted by Tommyh View Post
                          okay okay okay try this. open regedit and click file search then put the name in there. thats waht i meant but brain got ahead of my fingers sorry
                          Found it...Just highlight and delete?

                          Comment

                            #14
                            thats it. once its deleted hit f3 and remove every reference to it until it finds nothing else.

                            Comment

                              #15
                              Thank you!

                              Comment

                              Previous 1 2 template Next
                              Working...
                              X