Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Freeware Forum > Freeware Installation & Usage

Reply
 
Thread Tools Display Modes
Old 27. Oct 2011, 11:14 AM   #11 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,322
Default

I am sorry, I cant help you here, as I don't have any knowledge about TDSS Killer, or any other rootkit removers. You could wait for someone else to reply here. Otherwise, as I said before, its best to post about this on a forum which specially deals with removing malware.
__________________
Anupam
Anupam is offline   Reply With Quote
Old 27. Oct 2011, 11:15 AM   #12 (permalink)
Member
 
Join Date: Oct 2011
Posts: 8
Default

Hi Anupam,

I also used F-secure Black light and it came up with one rootkit that just indicated a "hidden file" and that it was "c/windows" and this all it said. Any suggestions?

Thanks again.
Indoubt is offline   Reply With Quote
Old 27. Oct 2011, 11:17 AM   #13 (permalink)
Member
 
Join Date: Oct 2011
Posts: 8
Default

Quote:
Originally Posted by Anupam View Post
I am sorry, I cant help you here, as I don't have any knowledge about TDSS Killer, or any other rootkit removers. You could wait for someone else to reply here. Otherwise, as I said before, its best to post about this on a forum which specially deals with removing malware.
Thanks Anupam, I will wait for a possible response from other members, and at the same time will go to one of those sites you suggested thanks again.
Indoubt is offline   Reply With Quote
Old 27. Oct 2011, 01:05 PM   #14 (permalink)
Copy Editor
 
torres-no-tan-magnifico's Avatar
 
Join Date: Sep 2009
Posts: 1,120
Default

The following website has a lot of info regarding malware removal:

http://www.selectrealsecurity.com/

Good luck!
__________________
(Mx16 + Cx1 + Lx2) + (Tx5 + Nx2 + Bx33)
torres-no-tan-magnifico is offline   Reply With Quote
Old 29. Oct 2011, 10:33 PM   #15 (permalink)
Senior Member
 
bo.elam's Avatar
 
Join Date: Nov 2009
Posts: 1,714
Default

Quote:
Originally Posted by Indoubt View Post

I tried the TDSS Killer and it found 23 threats in the Driver section, I clicked to Quanratine. I then did another scan and the same 23 threats came up. Could you advise me if I had taken the right procedure, and is there anything I need to do after this. The other button had something do with the "default".
TDSS Killer will select delete or cure if the files are malicious. For suspicious files it will prompt you to select the action, skip is on default. I think you copied the files to quarantine and did not choose delete or cure. Thats why they showed up on the second scan.
Anyway, I would be "very" careful about deleting any file even if TDSS Killer selects it as malicious. Maybe you want to run the scan again and handle one file at a time. If they are selected as suspicious, I would not worry about it that much but would upload each file to Virus Total and Jottis to see what they say.
If the files are malicious(according to TDSS Killer), I would handle each detection at a time and if the scan results at Virus Total and Jottis come up pretty bad, then I would handle the file according to what TDSS Killer suggest.
This is what I would do if I was you. Remember one at a time and if they are suspicious, I would not worry but would check them out anyway. After cure or deleting a file, you need to reboot the computer.
Let me finish by saying that if those 23 files are malicious, you are in very bad shape and deleting some of them might make your PC unbootable.


Bo
bo.elam is offline   Reply With Quote
Old 29. Oct 2011, 11:29 PM   #16 (permalink)
Senior Member
 
Join Date: Nov 2009
Posts: 445
Default

Hi there,

A bit late into this discussion, but coincidentally I had to deal with the Whistler rootkit from a Win XP system on Friday.

First off, about Dr.Web CureIt! - it does not install anything on your system. You just download it and run it. As Anupam said, when run in Enhanced Mode It prevents other apps (including malware) to run on your system; this also locks your screen while Dr.Web CureIt! is running, but it asks you first if you want to do the scan this way. Dr.Web CureIt! also takes a long time to do a full scan and in Enhanced Mode your system will be unusable.
Quote:
began to flash not user friendly message
Not sure what you mean by this. I know from personal use that you get a couple of messages about their commercial products, but they come up before and after the scan, they're not scary or anything and all have the x button.
Did you download it from ftp://ftp.drweb.com/pub/drweb/cureit/?

Now, about the rootkit.
Quote:
I tried the TDSS Killer and it found 23 threats in the Driver section
Dealing with rootkits is not for the novice and your situation looks quite severe, if those are real threats as Bo said. My best advice would be for you to post about your problem at one of the "special" forums, like BleepingComputer.com or Malwarebytes or Avast and wait for their help (read the stickies to follow the rules before posting, that way you'll get better help).

Good luck.
__________________
26Dolphins
26Dolphins is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 11:07 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.