Rootkit Infection!

[darkgr33n]

cool, will give it another run and save as ansi later tonight when i'm back.
thanks

[darkgr33n]

Hi

Here is the ANSI version of my OTS log [as one file now its ansi].

I've haven't had a recurrence of the ROOTKIT warning from avast, but I did download and run MBAM ... er, it discovered 868 threats that needed to be deleted ...

ANSI log attached, thanks.

[essexboy]

Yep looking at that I can see why - did MBAM remove all the IFEO registry settings and the disallow run ones ?

This is a big fix so I will attach it as a text file download it to your desktop

• Start OTS
• Then press the Run Fix button and a dialogue box will pop up asking for the location - select the fix.txt you downloaded 
  
• Then click the Run Fix button at the top
  

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix.  Post that information back here

I will review the information when it comes back in.

[darkgr33n]

Hi

Yep - there was a shed load of IFEO settings that MBA found, and 16 [0-15] disallow run ones. All removed now.

Thanks for the sorting a fix file for me, nice one 

I've run the fix in OTS, and the log is attached.

Thanks again!

[Cam Gibb]

aswmbr.exe just fixed what Malwearbytes missed. Thanks Avast! support :-) I'm trying your trial version 6 :-)

[essexboy]

What problems do you have remaining darkgr33n ?

[darkgr33n]

What problems do you have remaining darkgr33n ?

As far as I can tell, we're as clean as a whistle ...

Thanks for all of your help pondus and essexboy [i'm one too!]

Cheers!

[essexboy]

Run OTS and hit the cleanup button and it shall disappear