Author Topic: HELP (Read 4333 times)

Dibiase · « **on:** December 10, 2008, 01:53:07 AM »

I got a trojan, it disabled task manager, regedit, safe mode, and it shuts off avast everytime i try ti uninstall, install, open, close, ect, all it lets me do is scan, can someone tell me how to fix this? ive fixed everything else.

Thanks
-Dibiase

DavidR · « **Reply #1 on:** December 10, 2008, 01:59:14 AM »

If you have XP, vista32bit or Win2k, you could enable a boot time scan. Right click the avast icon, select Start avast! Antivirus, a memory scan will take place followed by the opening of the Simple User Interface, Menu, 'Schedule boot-time scan...' Or see http://www.digitalred.com/avast-boot-time.php.

How to restore Safe Boot.
The malware may have deleted the SafeBoot registry keys.
Here are some options to restore them:

http://didierstevens.wordpress.com/2006/06/26/restoring-safeboot/
http://didierstevens.wordpress.com/2007/02/19/restoring-safe-mode-with-a-reg-file/
Also see http://forum.avast.com/index.php?topic=26554.msg216924#msg216924

If you haven't already got this software (freeware), download, install, update and run it, preferably in safe mode and report the findings (it should product a log file).
1. SUPERantispyware On-Demand only in free version.
2. MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.

Dibiase · « **Reply #2 on:** December 10, 2008, 02:09:05 AM »

i have avast pro

CharleyO · « **Reply #3 on:** December 10, 2008, 07:59:23 AM »

***

Welcome to the forums, Dibiase.

Please follow David's advice above and let us know the results.

***

DavidR · « **Reply #4 on:** December 10, 2008, 02:51:05 PM »

Some other tools as this could be using a rootkit to hide it.

Also see, anti-rootkit, detection, removal & protection http://www.antirootkit.com/software/index.htm. Try these as they are some of the more efficient and user friendly anti-rootkit tools.
- Panda Rootkit Cleaner - http://research.pandasoftware.com/blogs/images/AntiRootkit.zip.
- Trend Micro RootkitBuster - http://www.trendmicro.com/download/rbuster.asp
- F-Secure Blacklight may not always be available, http://www.f-secure.com/blacklight

Dibiase · « **Reply #5 on:** December 10, 2008, 03:08:39 PM »

they didnt work

Dibiase · « **Reply #6 on:** December 10, 2008, 03:19:30 PM »

o forget it... no one knows my problem unless you see it(or have/had it)

DavidR · « **Reply #7 on:** December 10, 2008, 03:24:12 PM »

Which didn't work ?

Are you talking of the Didier Stevens links, or SAS or MBAM and can you expand a little on 'they didn't work,' that gives us nothing to work with ?

I can't believe that you have downloaded all of the anti-rootkit tools and run them in the 15 minutes or so since I posted them ?

CharleyO · « **Reply #8 on:** December 10, 2008, 08:35:05 PM »

***

Well, Dibiase ... we do not give up so easily but if you do, then we can not help you.

***

Author Topic: HELP (Read 4333 times)

Dibiase

HELP

DavidR

Re: HELP

Dibiase

Re: HELP

CharleyO

Re: HELP

DavidR

Re: HELP

Dibiase

Re: HELP

Dibiase

Re: HELP

DavidR

Re: HELP

CharleyO

Re: HELP