Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection disabled Malwarebytes/rootrepeal/dds


  • This topic is locked This topic is locked
2 replies to this topic

#1 dorje

dorje

  • Members
  • 143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portland, OR, USA
  • Local time:06:08 AM

Posted 29 September 2009 - 03:23 PM

Hi,

I've read the intro and prep info.

Malwarebytes won't run, even after renaming the executable.

Rootrepeal will run once after installation, not after that.

DDS doesn't seem to produce any text file output.

So I don't have any DDS output for you, but I've attached the rootrepeal log.

I eagerly await your reply!

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:07:08 AM

Posted 15 October 2009 - 08:43 PM

Hi dorje,

You have a nasty rootkit on your computer.

Step 1

Download and run Win32kDiag:Step 2

Download and run a batch file (peek.bat):
  • Download peek.bat from the download link below and save it to your Desktop.
  • Double-click peek.bat to run it.A black Command Prompt window will appear shortly: the program is running.
  • Once it is finished, copy and paste the entire contents of the Log.txt file it creates as a reply to this post.
Please post back with:
  • Win32kDiag.txt
  • Content of the log.txt

Edited by SifuMike, 15 October 2009 - 08:46 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:07:08 AM

Posted 24 October 2009 - 12:22 AM

Due to inactivity, this thread will now be closed.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users