Welcome Guest ( Login | Register )


IRP Hook Rootkit found by AVG Expand / Collapse
Posted 1/25/2011 9:50 AM

Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 36,762, Visits: 54,734
Download TFC by OldTimer to your Desktop.
* Please double-click TFC.exe to run it,if you're running Windows Vista right click on TFC.exe and click on "Run as Administrator".
* It will close all programs when run, so make sure you have saved all your work before you begin.
* Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Let it run uninterrupted until it's finished.
* Once it's finished it should reboot your machine.If it doesn't,please manually restart the pc to ensure a complete cleanup.

Please download Malwarebytes Anti-Malware from Here or Here.
Double Click mbam-setup.exe to install the application.
(If using Windows Vista/Windows 7,be sure to "Run As Administrator").

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan",then click "Scan".
* Make sure ALL partitions/hard drives are selected in the opening box,then click "Start Scan".
* The scan will certainly take some time to finish so please be patient.
* When the scan is complete, click OK, then click Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy and paste the entire report into your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Run F-Secure Online Scanner.
If you are using Windows Vista/Win 7, open your web browser by right-clicking on its icon and select "Run as administrator" to perform this scan.

Before you can start scanning your computer, you need to install the F-Secure Online Scanner add-on for your browser.

* First read the licence terms on the opening page,then place a check in the box "I have read and accepted the license terms",then click on "Install".
* Install the 'Add On' when prompted,then click Start.
* Then click to select Full Scan.
* Then click on "Start",the "Downloading files.." window will appear.
* Once the files have installed,the scan will then start automatically,and will take some time to finish,so please be patient.
* When the scan completes, click the Automatic cleaning (recommended) button.
* Click the Full Report button then copy and paste the entire report into your next reply.

Also let me know how your pc is running now.


  Post #260201
« Prev Topic | Next Topic »


All times are GMT -6:00, Time now is 7:00am

Powered By InstantForum.NET v4.1.4 © 2014
Execution: 0.036. 12 queries. Compression Disabled.
Terms of Service - Privacy Policy - Contact    © 2014 Advanced PC Media LLC, all rights reserved.