BleepingComputer.com: Rootkit infection

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Rootkit infection Cannot run any tools

#1 User is offline   mohavepc 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 14
  • Joined: 15-July 10

Posted 23 November 2010 - 04:26 PM

Hello All
I have an XP home SP2 machine that has a root kit infection that I cannot Identify or remove. When I try to run a tool such as Malwarebytes or Superantyspyware the program closes as soon as it catches a glimps of something. I have run several programs including Mbam, Superantispyware portable, Hijackthis, tdsskiller, rkill all have been run in safe mode with command prompt from both desktop of infected pc and from a flash drive. Tdsskiller finds a rootkit named vbma1a1f.sys and will only quarantine it not delete it but it returns immediately. rkill closes Svchost.exe that immediately restarts. I cannot post a log as I cannot get anything to run long enough to get a log.Have done a windows repair install to get it out of a no boot situation that was missing the host.dll Any help would be appriciated

This post has been edited by hamluis: 23 November 2010 - 04:56 PM
Reason for edit: Moved from XP to Am I Infected ~ Hamluis.

#2 User is offline   mohavepc 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 14
  • Joined: 15-July 10

Posted 24 November 2010 - 11:40 AM

View Postmohavepc, on 23 November 2010 - 04:26 PM, said:

Hello All
I have an XP home SP2 machine that has a root kit infection that I cannot Identify or remove. When I try to run a tool such as Malwarebytes or Superantyspyware the program closes as soon as it catches a glimps of something. I have run several programs including Mbam, Superantispyware portable, Hijackthis, tdsskiller, rkill all have been run in safe mode with command prompt from both desktop of infected pc and from a flash drive. Tdsskiller finds a rootkit named vbma1a1f.sys and will only quarantine it not delete it but it returns immediately. rkill closes Svchost.exe that immediately restarts. I cannot post a log as I cannot get anything to run long enough to get a log.Have done a windows repair install to get it out of a no boot situation that was missing the host.dll Any help would be appriciated

seems that there is no love on this board
will look elsewhere
thanks just the same

#3 User is offline   mohavepc 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 14
  • Joined: 15-July 10

Posted 26 November 2010 - 06:54 PM

Just as a follow up to this and although I didn't get a response. I was able to fix this myself by using a live linux (Tux) cd and deleting the files that were causing the issue. I was then able to use all the tools I needed to remove the infection. it was an AV8 infection and it was Nasty to say the least. Good luck you ya

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users