AV Software Suite, as Usual

View previous topic View next topic Go down

AV Software Suite, as Usual

Post by diogenese19348 on Wed 09 Jun 2010, 6:00 am

This time they have me stumped, and that is hard to do. No footprint, no new files installed, no registry changes, and nothing any of my usual tools can pick up, even with the drive pulled and mounted as a USB non-booting drive. It doesn't seem to be a hidden partition either unless they use sector addressing nothing can pick up.

So any idea how these, um, 'clowns' went about it this time? I really don't have an afternoon to spend every time a user manages to pick this one up. With previous versions I could clean them up in under an hour. At this point it is taking a complete reformat and restore.

And I seem to have posted this in the wrong forum didn't I?



Posts : 1
Joined : 2010-06-09
Operating System : XP

View user profile

Back to top Go down

Re: AV Software Suite, as Usual

Post by Kenny94 on Thu 10 Jun 2010, 2:17 am

Hi diogenese19348 And Welcome to GeekPolice!

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 6 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.

  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. rkill.pif
  5. WiNlOgOn.exe
  6. uSeRiNiT.exe

Once you've gotten one of them to run then try to immediately run the following:

  1. Download ComboFix from below:

    Combofix download

    * IMPORTANT !!! Place combofix.exe on your Desktop

  2. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.

    You can get help on disabling your protection programs here

  3. Double click on combofix.exe & follow the prompts.

  4. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

    Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.

    With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.

    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.

    ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:

    The Recovery Console was successfully installed.

    Click on Yes, to continue scanning for malware.

  5. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

  6. When finished, it shall produce a log for you. Post that log in your next reply

    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


  7. Ensure your AntiVirus and AntiSpyware applications are re-enabled.



Tech Officer
Tech Officer

Posts : 2019
Joined : 2010-04-23
Operating System : Windows 7

View user profile

Back to top Go down

View previous topic View next topic Back to top

Permissions in this forum:
You cannot reply to topics in this forum