unable to remove rootkit

[peku006]

Hi turkish135

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:

Code:

:dir
C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} /s
C:\4def1fb4c283e45e9166c55fa90a /s
C:\ec219bc8d6ba0b0b0921a4efb1 /s
C:\8e6ebc1bb1c1c707162a7e0495cc32 /s

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found at on your Desktop entitled SystemLook.txt

thanks peku006

[turkish135]

Got a problem after pressing THE LOOK.

System Querying Tool has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.

[peku006]

Hi
1 - Clean temp files

• Download and Run ATF Cleaner
  Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.
  
  Under Main choose:
  • Windows Temp
    Current User Temp
    All Users Temp
    Temporary Internet Files
    Prefetch
    Java Cache
    *The other boxes are optional*
    Then click the Empty Selected button.
  
  if you use Firefox:
  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
  
  if you use Opera:
  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
  
  
  Click Exit on the Main menu to close the program

2 - Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with


1. the Kaspersky online scanner report
2. a fresh HijackThis log

Thanks peku006

[turkish135]

Ok everything was going fine with Kaspersky scan-it was taking a little while-then l left the comp. for 2 minutes and came back to the computer shut off. I'm guessing another blue screen-but that usually reboots the computer not shut down. ANyways going back to Kaspersky to try again-When I try upgrading it gives me the message:

Starting java applet has failed! Please go online to use Kaspersky.

Thats weird considering it worked the first time.

[peku006]

Hi
it seems that nothing will work......

1 - F-Secure Online Scan

1. Please go to F-Secure website to perform an online scan. Click on Start scanning at the bottom of the page.
2. You may be prompted to install an ActiveX before you are able to accept the License Agreement. If prompted, please install it. After installing, the Accept button will be available.
3. Click on Accept to accept the License Agreement.
4. Click on Custom Scan.
   • Under Virus Scan Options, select the Scan whole system option.
   • Under Other Scan Options, select these options:
     • Scan all files
     • Scan whole system for rootkits
     • Scan whole system for spyware
     • Scan inside archives
     • Use advanced heuristics
5. Click Start.
6. It will start installing the scanner and virus definitions. Once the installation is done, it will start scanning automatically. This takes a while. Please be patient.
7. Click on I want decide item by item.
8. Under Actions, select None for all infections found.
9. Click Next.
10. Click on Show Report.
11. Please copy and paste this report in your next reply.
12. Click Finish.

2 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

3 - Status Check
Please reply with

1. the F-Secure online scanner report
2. a fresh HijackThis log

Thanks peku006

[turkish135]

I don't see a start scanning....option...but I did just start downloading the free trial scanner.

[peku006]

Hi turkish135
sorry, I made a mistake.... it should be this

[turkish135]

Heh no problem--im still utterly amazed that there are people on the internet that HELP others! Instead of file manipulating maggots in CHINA creating some rdpwd file all those russians, and germans, and romans, and lithuanians! They are all viruses haha- you can tell my frustration.

Basically the computer shut down during this past scan..! I hope its not a hardware problem...which you may tell me. Still..thanks for the help..any other ideas!?

[peku006]

Hi turkish135
we can try eset.....

Please go to Eset website to perform an online scan. Please use Internet Explorer as it uses ActiveX.

1. Check (tick) this box: YES, I accept the Terms of Use.
2. Click on the Start button next to it.
3. When prompted to run ActiveX. click Yes.
4. You will be asked to install an ActiveX. Click Install.
5. Once installed, the scanner will be initialized.
6. After the scanner is initialized, click Start.
7. Uncheck (untick) Remove found threats box.
8. Check (tick) Scan unwanted applications.
9. Click on Scan.
10. It will start scanning. Please be patient.
11. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt. Please post this log in your next reply.

Thanks peku006

[turkish135]

Should it be taking more than 5 hours? It seems to get stuck on some zip. files and I was just wondering if it takes this long...Im just happy it may actually finish without a reboot.