Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Magecart Attacks Grow Rampant in September

Featured Deal: Get 92% off The Complete Cisco Network Certification Training Bundle

Photo

Rootkit Removal

Started by istbar , Feb 06 2009 08:31 PM

  • Please log in to reply
3 replies to this topic

#1 istbar

istbar

  • Members
  • 44 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Vancouver
  • Local time:07:56 PM

Posted 06 February 2009 - 08:31 PM

I have exchanged a few posts with extremeboy regarding my inability to access update pages for Windows, MBAM, SB S&D, AVG8, etc. Ran gmer and MBAM, posted the logs and was advised to bring up my issue here as I am dealing with a Rootkit (I wasn't very worried before, but now I'm getting a little anxious).

I've read the 'Read this topic' and can not get dds.scr to function. It displays as an AutoCAD script (ACAD is installed and used heavily on my machine) and when double clicked opens to notepad showing wingdings with some legible english text (not posting that unless asked - there's a lot) no program launched.

I've got nothing but good things to say so far in my experience with BC so far.
In desperate need of solving this issue, please help.

istbar
'You tried and you failed. The lesson is never try.'

BC AdBot (Login to Remove)

 

#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:10:56 PM

Posted 06 February 2009 - 08:42 PM

I'm moving this post back to the AII forum for additional help in getting DDS to work.

One has to post a log in the HJT Forum or you are wasting everyone's time.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:56 PM

Posted 06 February 2009 - 08:55 PM

Hello istbar,
If you cannot get DDS to work, please try this instead.

Please download RSIT by random/random and save it to your Desktop.
Note: You will need to run this tool while connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding Rist attempting to contact the Internet, please allow the connection.
  • Close all applications and windows so that you have nothing open and are at your Desktop.
  • Double-click on RSIT.exe to start the program.
  • If using Windows Vista, be sure to Run As Administrator.
  • Click Continue after reading the disclaimer screen.
  • Leave the drop down box set to default: "List/folders created or modified in the last 1 month (30 days).
  • When the scan is complete, a text file named log.txt will automatically open in Notepad.
  • Save the log file to your desktop and copy/paste the contents into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.
Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.
If RSIT did not work, then reply back here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:10:56 PM

Posted 06 February 2009 - 09:00 PM

Hello.

@boopme
It seems we are posting 2 advice to istbar: http://www.bleepingcomputer.com/forums/t/201127/suspected-malwarevirus/

Try what boopme suggested and also see if dds.com/dds.pif works or not. Either logs will work so reply back telling if any of them works or not.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·