Jump to content

Recommended Posts

I have been going through your various forums trying to remove malware left by wtk 2.6.7.  My machine died, I did an image restore to a new machine.  Original machine was a win 7 pro and upgraded.  MS wouldn't give me a new number cause where I bought the machine from closed so I didn't have original license.  To help me out and get their homework done, my kids ran wtk 2.6.7 on both my server (2008 standard) and win 10 pro.

Can only start things on pro from eleavated cmd prompt.  gpedit has a file in %windir%\temp.  Can delete entry, but replaced.  Can't delete file.  Ran defogger.  Made all files visible.  installed Malwarebytes and chameleon.  chameleon.chm only runs from elevated dos prompt.  cannot delete entries in host file.

2008 server will run chameleon as admin, no need for elevated prompt.

Neither rkill nor tdsskiller will make Malwarebytes start straight up nor from chameleon, on either machine.

Logs attached.

Thanks so much up front for any and all help.


anti Tool Kit.txt



Link to post
Share on other sites

Hi Ron.  Thanks for the suggestion but I used Eset and that fixed it.  I ran Malwarebytes afterwards and it cleaned the registry.

As noted chameleon was ran over 13 times to no avail.  I am glad I installed it on my D drive, because although it said failed to create directory, it had created over 2,000 directories and was over 600 GB large.  Filling up my C drive would have caused other issues.

Thanks for having this forum as I would have been rebuilding machines left and right.  My kids have been restricted and back to fighting with MS about the license key!

I did have notifications on for this topic, but received none or I would have replied sooner.  Much clean up.  I am done replying as this has been remedied.

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.