Rorschach112

Managers
  • Content Count

    425
  • Joined

  • Last visited

Everything posted by Rorschach112

  1. some fun here Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. Download SDFix and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doi
  2. hello Download the GMER Rootkit Scanner. Unzip it to your Desktop. Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan. Double-click gmer.exe. The program will begin to run. **Caution** These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst If possible rootkit activity is found, you will be asked if you would like to perform a full
  3. hello Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you
  4. hello Download Rooter.exe to your desktop Then doubleclick it to start the tool A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here
  5. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.
  6. your logs are clean Follow these steps to uninstall Combofix and tools used in the removal of malware Click START then RUN Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there. Download ToolsCleaner2 to your desktop and run it ( by de A.Rothstein & Dj Quiou ) Click the Pt. Restauration button and press OK to the prompts. Click the Corbeille button and press OK to the prompt. Click the Fichiers temp button and press OK to the prompt. Click the Recherche button and let it run ( it may look like it freezes but let it continu
  7. Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.
  8. hello Please download the OTMoveIt3 by OldTimer Save it to your desktop. Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): :Processes explorer.exe :Services :Reg :Files C:\Program Files\EasyBits\KidsReady\Setup.exe C:\Program Files\Online Services\BTYahoo\HPPre05.msi C:\WINDOWS\Motive\btbb\UninstallHelper.exe :Commands [purity] [emptytemp] [s
  9. looking good Please download ATF Cleaner by Atribune. Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main menu to close the program. P
  10. hello 1 - Flash Drive Disinfector Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop. Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear. The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well. Wait until it has finished scanning and then exit the program. Reboot your computer when done. Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged i
  11. hello Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you
  12. Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.
  13. hello Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. Download SDFix and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the f
  14. hello Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you
  15. Not to end on a sour note Methods are kept private because malware writers do monitor their infections at work. If we can keep something private as long as possible it will help a huge amount of people. If you don't have access to information about ComboFix, then suggesting people run it is extremely dangerous and foolish.
  16. Do that if you want The privateness is there for a reason
  17. Yes there are a few reasons and work arounds for this, but they are private and only for trained malware staff. This is one of the many reasons you shouldn't be running ComboFix.
  18. I would not recommend running ComboFix If MBAM cant remove those, you should get them uploaded, usually within 24 hours they will be added
  19. I have to stress how dangerous it is to be using ComboFix on friends PCs I would throw in the Kaspersky Webscanner, its excellent
  20. hello Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you
  21. hello Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you
  22. A scan with an anti-rootkit program The purpose of ARKs is to show hidden processes, services, files, drivers, etc Rootkits are going to be too complex to get a handle on I must admit, especially if you don't know in complete detail other pieces of malware and how to remove them
  23. Some forums worth checking http://www.rootkit.com/index.php http://forum.sysinternals.com/forum_topics.asp?FID=18 http://www.antirootkit.com/
  24. Rootkits are way too complicated, having a "general knowledge" isn't going to help you remove them. They require you to use complicated tools and understand tough logs