Jump to content

malwarebytes / hijack this / spybot will not run


Recommended Posts

Hi,

I tried running MBAM. Nothing.Hijack this, and spybot.

Mbam and spybot install, but will not run. Hijackthis will not install.

I've also looked for the TDSS*.sys in my non Plug and Play drivers. They're not there.

I have tried installing / running all in safe mode. Nothing. Tried renaming, nothing.

Think its a CLB Rootkit, which is stopping me running these programs, so downloaded Rootreppeal. This installs, but will not run.

Comes up with the following error message.

FOPS - DeviceIOControl Error! Error Code = 0xc000024

Extended Info (0x00000f4)

Can anyone please shed some light on these issues?

many thanks for your time

be safe

nige :lol:

Link to post
Share on other sites

Hello nige,

Look for (locate) the hijackthis.exe and RENAME it to something like FINDIT.exe

Typically the program is installed in C:\Program Files\Trend Micro\HijackThis folder

Then run FINDIT to get a HJT log

Also, run this tool (but do not post the log here in this thread

Post it in your Malware Removal topic

Go >> here <<

and download RootRepeal and SAVE to your Desktop.

Doubleclick RootRepeal.exe icon on your Desktop.

Click on the Report tab at bottom of window and then click on Scan button.

A Windows will open asking what to include in the scan. Check all of the below and then click Ok.

Drivers

Files

Processes

SSDT

Hidden Services

Stealth Objects

You will then be asked which drive to scan.

Check C: (or the drive your operating system is installed on if not C) and click Ok again.

The scan will start.

It will take a little while so please be patient. When the scan has finished, click on Save Report.

Name the log RootRepeal.txt and save it to your Documents folder (it should default there).

See and follow this article --> http://www.malwarebytes.org/forums/index.php?showtopic=9573

and make your New Topic post (with the logs) in the Malware Removal-Hijackthis sub-forum ---- not here

P.S. If MBAM will not run now, skip that step. At least try to get a HijackThis log, and more important, the RootRepeal log

HTH

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.