Jump to content

Search the Community

Showing results for tags 'rootkit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. I have xp and yesterday I was hit with security shield rougue stuff. Which I guess started to give me lots of malware and trojans. I have removed lots of virus and trojans but I keep getting the rootkit.0access showng up. I am pretty much a noob so here I am lol. I came across a couple threads for malware so AI dl both olt and dds and attached all reports. Thanks so much in advance AJ OTL.Txt DDS.txt Attach.txt Extras.Txt
  2. I have been infected with the Trojan.Dropper.BCMiner virus on my work computer. It happened a couple of weeks ago and I have noticed IE redirecting after the infection. I ran MalwareBytes from safe mode but the virus was not successfully cleaned. I have been reading about this virus and it seems that it may not be an easy one to get rid of yet. I have attached the DDS, Attach and mbam logs and would really appreciate any help with this issue. Thanks in advance. Attach.txt DDS.txt mbam-log-2012-08-08 (16-23-20).txt
  3. I seem to have this bug. Did a lot of reading, tried normal removal tools with no luck. Seems most I saw needed more invasive help and that your group has been successful removing this. Hope you can for me... I have run DDS, FRST and RogueKiller scans as I see most need some combination of these log files... . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by jeffrey at 8:44:16 on 2012-08-09 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8190.5944 [GMT -4:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ==========
  4. MBAM has caught an infection from Rootkit.0Access and Trojan.Dropper.BCMiner malware that it doesn't seem to be able to permanently remove. The malware reinstalls itself nearly immediately from what I can tell even though MalwareBytes claims to have successfully quarantined and deleted it. Posting the logs per instruction: Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.04.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Isaac :: ISAAC-PC [administrator] Protection: Enabled 8/5/2012 12:09:34 AM mbam-log-2012-08-05 (00-09-34).txt
  5. Not really sure what else to tag up there in the topics tag... ...anyway. Two days ago my boss alerts me to some crazy noises (like 6 radio stations going off at the same time, some warbled, some skipping, some spanish, some songs, one specifically a home depot commercial) going on in the background of his computer. I kind of laughed and went over to close out of any hidden windows he had or to shut down some secrete IE process running in the background somehow. I don't know. Well there were no open windows and I closed out every process not windows-critical with no success... the noise contin
  6. I know I posted a topic on this before, and I'm terribly sorry, I completely forgot about it. I have Farbar downloaded onto my jumpdrive, plugged it into the infected machine, accessed BIOS Settings, started Repair, Windows is still loading files... I promise to stay into this, this time.. Will have the logs soon!
  7. Hi there. Another product found htcupctupdate.exe to be a backdoor trojan a few weeks ago. I've been researching ever since and have decided it must be a false positive. AT the time I was having internet connectivity problems, but not any more. Currently my symptoms are only printers appearing and disappearing from the print menu, and denied access to "add printer". But that was probably a result of changing printer names, but I can't fix it. Can you please look at my DDS and my gmer? ( If you see combofix, please know that I did not run it. ) Thank you! . DDS (Ver_2011-08-26.01) - NTFSAMD64 I
  8. Thank you in advance. I have been reading your posts for 3 days and based on an older previous forum thread from maddoktor, (now Mr. Charlie) with the following post I thought I was being hacked and have changed all logins and passwords for all sensitive on-line accounts. I was ready tonight to reformat and re-install XP PRO and lose ALOT of important data. I thought that this was bad because it is blocking a root scan. So, is this normal? 7/18/2012 11:58:59 PM mbam-log-2012-07-18 (23-58-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/
  9. My Microsoft Security Essentials wasn't working and I scanned m computer with MalwareBytes Anti-Malware and it detected several viruses. This is what it lists: Rootkit.0Access Trojan.Dropper.BCMiner Rootkit.0Access Trojan.Sirefef Everytime I removed them with Malwarebytes Anti-Malware only to find that every time I perform a nother scan they are still present. If anyone could help me that would be amazing.
  10. My Microsoft Security Essentials stopped working and Malwerebyte Anti-Malware detected several viruses, I removed them but ever time I boot back up and run a scan they don't seem to have been deleted and are back. I hope someone can help me with my problem as I don't know what to do.
  11. Please help, I'm hoping to not have to perform a full reformat to fix this issue. I first noticed that my Google searches were being redirected a few weeks back, I cleaned this with MS Security Essentials, but the infection would return every so often, and finally the infection disabled MS Security Essentials. After trying a few other AV prodcuts, I installed MalewareBytes which reports a Trojan.Dropper.BCMiner, and every time it cleans the trojan, the trojan comes back. My Google searches are still being redirected, and every now and then I get a pop up. Attach.txt DDS.txt
  12. I was asked to take a look at a Dell Optiplex 330 running Vista Business SP2 because it had picked up the ZeroAccess rootkit/trojan. The PC was running McAfee Security as a Service, but the subscription was no longer up to date. I have run MBAM several times, sometimes detecting the infection, sometimes not. McAfee was not removing the infection, only detecting/blocking it, so I removed McAfee and replaced with Microsoft Security Essentials so it would, at the least, remain updated. Running a full scan overnight detected the infection again. I tried removing and rebooting, but then the PC
  13. Hi there, First, let it be known, I tried to download the dds.com and dd.scr files, and they wouldn't download. Kept getting an error no matter where I tried to save them. As for the problem: I've got two Rootkit.Agent files that Malwarebytes picks up. However, when I try and delete them + restart system, they just come back on the next scan. I've attached the log file.mbam-log-2012-07-06 (14-10-41).txt The two persistent problem files are: - c:\windows\system32\drivers\str.sys - c:\windows\SysWOW64\drivers\str.sys I found a similar thread, so I downloaded and ran the Kapersky TDSSKiller.
  14. Merged two post We look for post with 0 replies, so when you replied to your own topic, we assume you were being helped. Do Not bump your topic. I have a user who is still suffering from Google redirects. MWB comes up clean, Trend Micro WFB reports no infections, SAS comes up clean, TDSS Killer comes up clean, MBR Check came up clean, et cetera, et cetera. HitmanPro intially reported some ZeroAccess stuff which it allegedly removed. Combofix does not delete any files. Yes, I know I'm not supposed to run Combofix without being asked to. Hopefully you all will anoint me for my sins. I just need
  15. Greetings, After tunning my normal AVG scan this morning it came back with "C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\i8d6h5d3.default\urlclassifier3.sqlite-journal";"Hidden file";"Object is inaccessible." I did a search for this threat and found this link to your site: http://forums.malwarebytes.org/index.php?showtopic=95704 I pretty much followed the list of things to do and when I got to the part about ESET Scan also got the following: C:\Documents and Settings\Owner\My Documents\Downloads\media.player.codec.pack.v4.0.2.setup.exe a variant o
  16. Thank you for your help with this problem. I just had Smart Fortress 2012 downloaded by accident today and have been trying to fix everything for hours. I have used the following programs that may have removed the Smart Fortress 2012 but left the rootkit problems. The computer also cannot connect to the network/internet and the install/remove programs doesn't show any programs when I open it. The combofix says I have the rootkit problem but after the program is finished and I run it again, it still says I have the rootkit problem. Since I dont have internet connection on that computer, I
  17. Hello, Yesterday I managed to come down with an ugly mass of malware including Smart Fortress 2012. I downloaded MalwareBytes which thankfully got my computer running again, but is still giving me repeated warnings about blocking Rootkit 0Access.H. Everytime I scan, I find another bunch of the rootkits. Here are my DDS logs: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Sophia at 23:37:53 on 2012-04-30 Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1015.80 [GMT -7:00] . AV: avast! antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avas
  18. Hello, I've been having troubles trying to keep these notifications of software trying to access malicious websites and along with these pop-ups Malwarebytes has been informing of, I keep seeing rootkit quarantines every once in a blue while even after running multiple full system scans with Malwarebytes and have since made logs of them through DDS. Here's the DDS log. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31 Run by Adrian at 21:15:13 on 2012-05-06 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1094 [GMT -7:00] . . ===
  19. Hello, I am in need of help with a rootkit problem that just won't go away. Not sure if it is 0access or something else but Malwarebytes is useless against it and TDSSkiller can't seem to clean in entirely. Please help me. Here is the TDSSkiller log and Malwarebytes log: 14:50:31.0328 3580 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 14:50:33.0328 3580 ============================================================ 14:50:33.0328 3580 Current date / time: 2012/05/04 14:50:33.0328 14:50:33.0328 3580 SystemInfo: 14:50:33.0328 3580 14:50:33.0328 3580 OS Version: 5.1.2600 ServicePack: 3
  20. I discovered I have a problem with my computer, malware anti-virus turned up rootkit.0Access.h, trojan dropper, trojan agent. I have run ComboFix, TDSSKiller and OTL several times, resetting the computer after each scan. I cannot seem to shake the Rootkit virus. Attached please find the logs from these scans. Any direction would be greatly appreciated. thanks Rigmund TDSSKiller Log 09:39:56.0718 3548 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47 09:39:59.0937 3548 ============================================================ 09:39:59.0937 3548 Current date / time: 2012/04/24 09:39
  21. Hi there, Attached is a log file from Rootkit Unhooker run on an XP Pro SP3 machine - at the bottom are TWO unknown/hidden drivers. I hope this is the correct place to post this - please let me know if the DDS log needs to be posted BEFORE anyone can help with this issue. If the DDS is required, I will run it as soon as I can and post the log. RkUnhooker report generator v0.7 ============================================== Rootkit Unhooker kernel version: 3.7.300.505 ============================================== Windows Major Version: 5 Windows Minor Version: 1 Windows Build Number: 2600 =====
  22. This malware has been running me up the wall. Malwarebytes keeps blasting off warnings and everytime it removes it, it simply replace itself. There is also a google redirect virus, I'm not sure where it's coming from but it is blocking me from anything google related including captchas. Attach.txt DDS.txt
  23. So ComboFix tells me I have Rootkit.ZeroAccess, and further research tells me that this may not be good. In 15 years of working with computers professionally, this is the worst one I've seen, although part of that may be of my own doing. First off, I know I'm supposed to have logs from DDS. Wish it were that easy. DDS hangs both in normal (tested 10 mins) and safe mode (tested 30 mins). This is the same as ComboFix, which I tested up to an hour and a half in safe mode where it hangs right after alerting me to the Rootkit. (This symptom continues even after everything below.) As a result of
  24. Hi Forum, I hate to re-post but it looks like I might have fallen through the cracks. I am still dealing with the issues listed in my previous post from two weeks ago. http://forums.malwarebytes.org/index.php?showtopic=103716&hl=&fromsearch=1 In short, I have a browser hijack / google redirect malware issue, Malwarebytes is notifying me of blocking outgoing contact to malicious websites, and while this is occuring I have high memory usage and a very slow system. Running Malwarebytes (even in safe mode) does not slove these issues. After reading around the forum I am wondering if I migh
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.