Jump to content

Change Mode

Can anyone help, possible rootkit?


ilikenemo

Recommended Posts

Hi all, I'm having mega problems with downloading and running programs. I had the ukash virus a few weeks ago and when I ran malwarebytes it found a rootkit and said it removed it, is it possible it's still here? and this is whats giving me the downloading probs? I'm currently running avg. I'm going to scan now. Any ideas please?

Link to post
Share on other sites

These type infections go after disabling antivirus first, so no wonder AVG can't find it or even run.Yeah my security centre has been turned off and I can't turn it on. I'm quite happy to reinstall windows but if I put some photos on a pen drive will they transer the virus? I have forwarded my important emails to another email address.

Thanks for your help :)

Link to post
Share on other sites

I can post info for cleaning an USB drive.

 

Do you have another computer that we can use to download and transfer tools with a flash drive? If so, continue below. If not, let me know.

 

On the clean computer:

 

 

Download/Run Panda USB Vaccine:

 

Please download Panda USB Vaccine from here to the desktop of your machine.

[*]Right-click on USBVaccineSetup.exe and and select Run as Administrator >> follow the prompts in the installation wizard.

[*]At the configuration screen(settings)...

[*]Ensure both Run Panda USB Vaccine automatically when computer boots (/resident mode) & Automatically vaccinate any newly inserted USB key are selected >> plus NTFS support

[*]Now click on Next> >> ensure Launch Panda USB Vaccine is selected >> clcik on Finish.

[*]Insert the USB Drive in your machine...it will be automatically vaccinated(as will any USB drives connected in the future).

Note: You may uninstall Panda USB Vaccine when we have completed the Malware Removal process if you so wish. Though my advise would be to keep it installed.

Link to post
Share on other sites

Let's see if we can get your machine to scan with this tool.

Then, I want you to go here, start a new topic, and post the logs.

http://forums.pcpitstop.com/index.php?/forum/25-have-i-been-hijacked/

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will produce a log called FRST.txt in the same directory the tool is run from.

[*]Please copy and paste log back here.

[*]The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Copies of logs are saved at %systemdrive%:FRSTLogs (in most cases this will be C:FRSTLogs).

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...