|
|
 Posted 10/3/2004 5:59 PM |
|
|
Senior Advisor
 
Group: Senior Advisor
Last Login: 6/23/2008 10:37 AM
Posts: 1,371,
Visits: 681
|
|
WARNING: If you are just browsing through the posts in this forum, hopefully to find a fix for your specific problem and think you found it, DO NOT FOLLOW THOSE INSTRUCTIONS. Those instructions have been posted by a member of the forum staff to fix that particular members problems, NOT YOURS. Not reading, or ignoring this warning could lead to serious problems within your operating system.
Please read and follow these instructions:
Please mention in your post that you have already read this announcement and followed the directions.
 If you are are using a CD Emulator (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) be aware that they use hidden drivers with rootkit-like techniques to hide from other applications. When dealing with a malware infection, CD Emulators can interfere with investigative tools producing misleading or inaccurate scan results and false detections. This often often makes it hard to differentiate between malicious rootkits and the legitimate drivers used by CM Emulators. Since this is the case, please follow these instructions to disable CD Emulators until disinfection is completed.
 Please download GMER from one of the following locations and save it to your desktop:
Main Mirror <- This version will download a randomly named .exe file (Recommended)
Zipped Mirror <- This version will download a zip file you will need to extract first.
• Disconnect from the Internet and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan so they will not conflict with gmer's driver. Click this link to see a list of such programs and how to disable them..
• Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked. If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
• GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
• If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
• On the right side panel, several boxes have been checked. Please UNCHECK the following:
-- IAT/EAT
-- Drives/Partition other than Systemdrive (typically C:\)
-- Show All <- don't miss this one
• Now click the Scan button. If you see a rootkit warning window, click OK.
• When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
• Click the Copy button and paste the results into your next reply.
• Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
 Please download DDS by sUBs from one of the following links and save it to your desktop.
DDS.com
DDS.scr
DDS.pif
• Disconnect from the Internet and temporarily disable your anti-virus, script blocking and any real time protection programs before using this tool.
• Double click the DDS icon to run the tool.
Vista/Windows 7 users right-click and select Run As Administrator.
• A DOS window will open with an explaination about the tool. No input is needed, the scan is running.
• After the scan, Notepad will open with the results in a log report named DDS.txt.
• Notepad will also open with another report named Attach.txt.
• Click Ok when prompted to save both reports to your desktop.
• Look at your desktop to see if the reports are there. If not, go to File > Save as..., click the drop down box next to Save in: at the top and click Desktop.
• Then click Save to save DDS.txt to your desktop.
• Go to File > Save as and repeat the steps to save Attach.txt to your desktop.
• Copy and paste ONLY the contents of DDS.txt into a new topic in the Virus & Malware Removal forum along with the GMER log.
Post the following into your new topic:
The contents of the GMER.log
The contents of DDS.txt
• Do not post your reply in a thread started by someone else, even if you are having the same problem as the original poster. It is confusing and it is irritating,we will have to delete such posts.
• Please give a brief explanation of the problems you are having. Also give your post a relevant Subject Title.
Please be patient after posting.
Thank you,
The Tweaks.com Staff
|
|
|
|
