Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I was online have different Trojans,viruses ,Trojan.Tracor,Malware.Acka


  • This topic is locked This topic is locked
194 replies to this topic

#16 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 17 April 2011 - 08:22 AM

Hello, frankp747.

That RKU log is clean. The possible rootkit activity is coming from hooks that your Logitech quickcam and Yahoo Messenger have. Both appear to be legitimate.

Do you have a flash drive we can use? We can boot outside of Windows using that and run a scan in case a rookit is hiding in Windows

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


BC AdBot (Login to Remove)

 


#17 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 18 April 2011 - 12:26 AM

Hi Etavares im sorry i do not have a flash drive, Frank

#18 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 18 April 2011 - 01:42 AM

Hi ETavares i dont have a flash drive is there any other way to get around this and find the cause still this is so slow booting up and sounds like a cave or echo the sounds or speakers as in slow motion booting can take 5 to 20 minutes depends ,frank

#19 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 19 April 2011 - 05:03 PM

Do you have access to a clean computer with a CD burner? We can burn a CD instead.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#20 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 20 April 2011 - 02:37 AM

Hi etavares, sorry no this is the only computer i have access to , it has a cdburner and like 4 usb drives,is there any other way still runnning very slow and speakers sound slow or distorted, Frank

#21 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 21 April 2011 - 05:10 PM

OK, let's try a scan using the Antivir Rescue CD. Please follow the instructions here. It's not idea to use the same computer, but we'll have to make do with this one. Once you save the log, please attach it to your reply here.

http://forum.avira.com/wbb/index.php?page=Thread&threadID=82163


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#22 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 23 April 2011 - 07:10 PM

Hi Etavares i now have a Usb 2.0 flas drive handy how will we use this device, since i did download the avira rescue cd as instructed ran it at leaset 4 timees the problem i was getting first was settings in bios i resolved that issue then after ward i saw 17 , tried to save the log file i did but can not find it on the computer i tried to save in to desk top to no avail, only said to save to computer i did and too media but when i run a search in all files and folders i can not find the file rescue-system_scan.log it does not show up in a search any where and i saved it 4 to five attempts , now is there any way or do you think we can try with the USB would that be better i just got one , , P.S. i will try it once more but let me know how to and what to do with the USB Flash Drive, sincerely Frank

#23 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 24 April 2011 - 10:23 AM

Hello, frankp747.

then after ward i saw 17


Do you mean that it detected 17 viruses? That's good if it found them. If you reboot normally, do you still have issues?

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#24 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 24 April 2011 - 10:27 AM

no its all th same didn tnot do anything at all , alerts 26 , i saved the log and could not find it no matter how many times i searched, but i did get the USB Flash Drive, Frank

#25 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 24 April 2011 - 10:31 AM

Hello, frankp747.
Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download http://noahdfear.net/downloads/driver.sh to your USB
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Remove the USB drive and insert back in your working computer and navigate to report.txt

    Please note - all text entries are case sensitive
Copy and paste the report.txt for my review

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#26 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 24 April 2011 - 12:34 PM

Hi etavares i have th USB FLash Drive but i do not have a clean computer is it ok if i download this it to this computer as instructed ,Frank

#27 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 24 April 2011 - 03:43 PM

It's not ideal, but it worth a try.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#28 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 24 April 2011 - 03:48 PM

ok thanks i will try im sorry its the only pc have available right now hope this works ,Frank

#29 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 PM

Posted 24 April 2011 - 04:18 PM

OK, no problem. It won't fix anything, but it allows us to take a very different look than what we have done to find the root cause of the issues.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#30 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:06:37 PM

Posted 24 April 2011 - 04:23 PM

Ok thanks etavares and i am very gratefull for all your help , i will post log as soon as possible , Frank




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users