Rootkit or Malware infection
- Thread starter Royville
- Start date
ken545
Emeritus-Security Expert
Royville
No need to run TFC, you can just delete it.
This sounds like a windows problem, post here and see what they say.
http://forums.whatthetech.com/Microsoft_Windows_f119.html
No need to run TFC, you can just delete it.
This sounds like a windows problem, post here and see what they say.
http://forums.whatthetech.com/Microsoft_Windows_f119.html
Hi Ken,
I went to the forum you suggested, registered and had a look around before posting. I noticed that a lot of people were using the chkdsk utility, so before I posted I ran "chkdsk /r".
Now the file has gone and every thing seems to be fine, so I didn't post in the end.
Do I need to do anything else Ken? or am I clear now?
Royville.
I went to the forum you suggested, registered and had a look around before posting. I noticed that a lot of people were using the chkdsk utility, so before I posted I ran "chkdsk /r".
Now the file has gone and every thing seems to be fine, so I didn't post in the end.
Do I need to do anything else Ken? or am I clear now?
Royville.
ken545
Emeritus-Security Expert
Hello Roy,
You appear to be ok, what we like to do as a final check is to run a free online virus scanner.
Please run this free online virus scanner from ESET
You appear to be ok, what we like to do as a final check is to run a free online virus scanner.
Please run this free online virus scanner from ESET
- Note: You will need to use Internet explorer for this scan
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the activex control to install
- Click Start
- Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
- Click Scan
- Wait for the scan to finish
- Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
- Copy and paste that log as a reply to this topic
Hi Ken,
Sorry for the delay, Here is the results of the scan.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=7.00.6000.16876 (vista_gdr.090625-2339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=bb6663f155e2cb41b36cc8867993032d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-10-06 06:01:49
# local_time=2009-10-06 07:01:49 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=258 37 100 98 47250943520
# scanned=59616
# found=0
# cleaned=0
# scan_time=4278
Roy
Sorry for the delay, Here is the results of the scan.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=7.00.6000.16876 (vista_gdr.090625-2339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=bb6663f155e2cb41b36cc8867993032d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-10-06 06:01:49
# local_time=2009-10-06 07:01:49 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=258 37 100 98 47250943520
# scanned=59616
# found=0
# cleaned=0
# scan_time=4278
Roy
ken545
Emeritus-Security Expert
Hello Roy,
Looks like your good to go . Keep an eye on those youngsters so you don't get infected again. Remember , file sharing sites and those sites that they can download free software...GUARANTEED YOU WILL BE BACK SOON
RootRepeal <--Drag it to the trash
TFC <--Yours to keep, run it about once aweek to clean out the clutter.
Malwarebytes <-- Yours to keep also, check for updates and run a scan now and then.
Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
Safe Surfn
Ken
Looks like your good to go . Keep an eye on those youngsters so you don't get infected again. Remember , file sharing sites and those sites that they can download free software...GUARANTEED YOU WILL BE BACK SOON
RootRepeal <--Drag it to the trash
TFC <--Yours to keep, run it about once aweek to clean out the clutter.
Malwarebytes <-- Yours to keep also, check for updates and run a scan now and then.
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.- Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
- WhattheTech
- Grinler BleepingComputer
- GeeksTo Go
- Dslreports
Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
- Spybot Search and Destroy 1.6
Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.
- Spyware Blaster It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.
- Spyware Guard It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.
- IE-Spyad
IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.
- Firefox 3 It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
Safe Surfn
Ken
Last edited:
Dear Ken,
Just a final note to say a huge Thanks for you Help, Patients and Compassion.
I am very greatful to you for giving my family back the confidence to be able to go online secure in the knowledge that no one is spying or tracking us.
I will follow your advice and do my best to not be back in the future.
Wishing you and your team the very best
Roy.
Just a final note to say a huge Thanks for you Help, Patients and Compassion.
I am very greatful to you for giving my family back the confidence to be able to go online secure in the knowledge that no one is spying or tracking us.
I will follow your advice and do my best to not be back in the future.
Wishing you and your team the very best
Roy.
