Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.
If you think you have similar problems, please post a log in the HJT forum and wait for help.
Hello and welcome to the forums
My name is Katana and I will be helping you to remove any infection(s) that you may have.
Please observe these rules while we work:
- Please Read All Instructions Carefully
- If you don't understand something, stop and ask! Don't keep going on.
- Please do not run any other tools or scans whilst I am helping you
- Failure to reply within 5 days will result in the topic being closed.
- Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)
If you can do those few things, everything should go smoothly
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------
Download and Run RSIT
- Please download Random's System Information Tool by random/random from here and save it to your desktop.
- Double click on RSIT.exe to run RSIT.
- Click Continue at the disclaimer screen.
- Once it has finished, two logs will open:
- log.txt will be opened maximized.
- info.txt will be opened minimized.
- Please post the contents of both log.txt and info.txt.
( They can also be found in the C:\RSIT folder )
GMER Rootkit Detector
Please download GMER Rootkit Scanner from Here or Here
***Please close any open programs ***
- Extract the contents of the zip file to your desktop.
- Disable your onboard Anti Virus and any other Active protection programs you have installed.
- Double-click gmer.exe. The program will begin to run.
Note:- If GMER doesn't run, please Reboot and then rename gmer.exe to Look.exe and try again
**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst
- If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO,
- Now use the following settings for a more complete scan..
Click the image to enlarge it- In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
- Sections
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
- Then click the Scan button & wait for it to finish.
- Once the scan is complete, you may receive another notice about rootkit activity. If you recive it, click OK.
- Click on the Save button, and save the log as gmer.txt somewhere you can easily find it, such as your desktop.
DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !
Please post the results from the GMER scan in your reply.
----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
- RSIT Logs
- GMER Log