Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HELP

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby beynac » September 20th, 2006, 2:20 am

Hi aaiibn

Welcome to Malware Removal! I'm looking through your log now, and will post back soon.

Until I complete my training, everything that I post to you must be checked by an expert - so there may be a small delay between posts.

Thanks for your patience. :)
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England
Advertisement
Register to Remove

Unread postby Elrond » September 21st, 2006, 8:33 am

beynac
As this originally was two threads that I merged and hillbilly was working the older one let's leave him in charge.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Unread postby beynac » September 21st, 2006, 8:39 am

No problem. Hillbillycj's done a lot of work on it so far - I didn't really start. Thanks for the clarification, Elrond.

I will follow this one with interest. :)
User avatar
beynac
MRU Honors Grad Emeritus
 
Posts: 1638
Joined: February 14th, 2006, 12:14 pm
Location: Norwich, England

Unread postby hillbillycj » September 25th, 2006, 8:09 am

Hi aaiibn

This is just to touch base with you and let you know that I am now researching your second log. Much more infected than your first. I will get back to you shortly with a revised fix and hopefully get you cleaned up. Please resist the urge to go online with this machine on a regular basis until we make some progress.

Back shortly...

Thanks,

Hillbillycj
User avatar
hillbillycj
Regular Member
 
Posts: 397
Joined: April 18th, 2006, 7:31 am
Location: Metro Atlanta

Unread postby hillbillycj » September 26th, 2006, 1:53 pm

Hi aaiibn,

You posted another hijack this log which is now much more infected than your original. You still have a variant of the "hacker defender" rootkit infection.

Any attempt to clean anything else on your system while that rootkit is present will be met with failure. Since the rootkit is designed to hide both itself and whatever the attacker see's fit to put on your computer without your knowledge. If you clean the other infections without getting rid of the rootkit, the infections will regenerate every time, you will NEVER get rid of them. .

Please Print these instructions as you will be offline for the fix. You might find it useful to check off each step with a pen/pencil as you go so as not to miss a step.

Step 1 I need you to follow the instructions for showing Hidden files and folders:

Click on Start then My Computer. On the tool bar at the top of the window choose:
  • Tools
  • Now choose Folder Options from the pull down menu
  • Click on View.
  • Click on Show Hidden Files and Folders
  • Click on Apply
  • Click on OK

Step 2 Download and run SDFix:

Download SDFix and save it to your desktop. (Please click on the red link)

Please then reboot your computer in Safe Mode by doing the following :

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.

  • In Safe Mode, right click the SDFix.zip folder and choose Extract All,
  • Open the extracted folder and double click RunThis.bat to start the script.
  • Type Y to begin the script.
  • It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • Your system will take longer that normal to restart as the fixtool will be running and removing files.
  • When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
  • Run HiJack This and save a new log file.
  • Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log


To recap:

Please post the SDFix report and a new HiJack This log to this thread.

Thanks :)

Hillbillycj
User avatar
hillbillycj
Regular Member
 
Posts: 397
Joined: April 18th, 2006, 7:31 am
Location: Metro Atlanta

Unread postby agrarianmonk » October 9th, 2006, 11:47 am

Whilst we appreciate that you may be busy, it has been 14 days or more since we heard from you.

Infections can change and fresh instructions will now need to be given. This topic is now closed, if you still require assistance then please start a new topic in the Malware Removal Forum

If you wish this topic reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid,
working link to the closed topic is required along with the user name used.
If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
agrarianmonk
MRU Teacher Emeritus
 
Posts: 5439
Joined: December 24th, 2005, 3:11 am
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 67 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware