J
john
noBuffalo said:After deleting the two entries and without rebooting, will MBAM or SAS run?
noBuffalo said:After deleting the two entries and without rebooting, will MBAM or SAS run?
john said:
I ran Gmer but, it got to the folder in the windows directory $hf_mig$David said:From: "john" <[email protected]>
| Fail to execute. I posted the error message in one of my replies.
| John
TDSS RootKit ?
Close all running programs and utilities and download Gmer
http://www.gmer.net/#files
hijack this suffered the same result as other programs did--got shut down.David said:From: "john" <[email protected]>
| I ran Gmer but, it got to the folder in the windows directory $hf_mig$
| which I think stores all the windows updates, and promptly shut down. I
| can not delete the file from my down load directory. I am thinking that
| this nasty critter is located in the windows directory but, not at all
| sure how to find it. I am wondering if it might be wise to create a log
| file when the system boots up. Any thoughts on that?
| John
Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
Then post the contents of the HJT log in your post with a full explanation of your problem
and what you have done to date in one of the below expert forums...
{ Please - Do NOT post the HJT Log here ! }
Forums where you can get expert advice for HiJack This! (HJT) Logs.
NOTE: Registration is REQUIRED in any of the below before posting a log
Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0
Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
I ran gmer 4 times and the last time it did not shut down or find anyDavid said:From: "john" <[email protected]>
| Fail to execute. I posted the error message in one of my replies.
| John
TDSS RootKit ?
Close all running programs and utilities and download Gmer
http://www.gmer.net/#files
john said:I ran gmer 4 times and the last time it did not shut down or find any
thing in the Rootkit. I ran Stopzilla between the 3rd and 4th runs of
gmer. What remains is that none of the programs--SypBot,Bit Defender,
Malwarebytes, HijackThis, or SuperAntiSpyware work and they cannot be
removed.
The error message when I try to delete them is:
"Can not delete <HijackThis.exe>: Access is denied. Make sure the
disk is not full or write-protected and that the file is not
currently in use" Do I need to take control of these to delete them?
John
Yes I tried but, it would not allow any changes. I think that theBuffalo said:Just curious. Did you ever try renaming SuperAntiSpyware.exe to something
else and then executing it?
Buffalo
Thanks, Bit Defender sounds promising, since it runs.john said:Yes I tried but, it would not allow any changes. I think that the
offending Trojan is gone but, I will not know for sure until I
re-install everything that I un installed. BitDefender is now working
and that is a good sign. I'll keep you all posted on the final
outcome.
Thanks,
John
I would like to thank all of you for your help. The links that Davidjohn said:Yes I tried but, it would not allow any changes. I think that the
offending Trojan is gone but, I will not know for sure until I
re-install everything that I un installed. BitDefender is now working
and that is a good sign. I'll keep you all posted on the final outcome.
Thanks,
John