August 29, 2009 at 06:04:01
Specs: Windows Vista
 Hey I've been having lots of issues with this virus I've tried using Combo-Fix, CCleaner, Malware and various other free virus cleaners to get rid of this but none of it has seemed to solve the problem. I know that the author of the virus has found a way of making it harder to get rid of recently so any help would be great!

#1
August 29, 2009 at 20:05:39
 If you still need help reply back.If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#2
August 29, 2009 at 20:13:31
 You can try the free rootkit remover called unhackme:http://www.greatis.com/unhackme/dow...How to use it taken from the authors site:After the installation is completed, the program should be activated using the menuStart - Programs - UnHackMe - UnHackMe.Removal Procedure1. Click the Check button.2. If a Trojan will be found you will see the Results page.3. Click on the Stop button and restart your computer.4. A rootkit will be completely deleted at the next reboot of your computer.

Report •

#3
August 30, 2009 at 05:53:45
 That's not free? and yeah I still need help please.

Report •

Related Solutions

#4
August 30, 2009 at 06:40:08
 EDIT: The prog is has a fully functional 30 day evaluation period to home users

Report •

#5
August 30, 2009 at 08:15:10
 Post your combofix log.If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#6
August 30, 2009 at 16:13:36

Report •

#7
August 30, 2009 at 17:08:41
 Note: I can help you remove malware manually. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. First Track this topic. Then follow:1) Can you please post your AVZ log:Note: Run AVZ in windows normal mode and make sure you are connected to internet. If avz.exe doesn't start, then try to rename the file avz.exe to game.pif and try to run it again. Pause/Stop your antivirus, firewall software (if any), close games, text editors and all other programs; leave Internet Explorer/Firefox running, before following the steps below.i) To create the log file, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.ii) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.iii) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator.You should now see the main window of the AVZ utility. --> Please navigate to "File" => "Custom Scripts". Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.begin ExecuteAVUpdate; end. Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script.--> Choose from the menu "File" => "Standard scripts" and mark the "Healing/Quarantine and Advanced System Analysis" check box. Click on the "Execute selected scripts" button.Automatic scanning, healing and system check will be executed. A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip. Upload virusinfo_syscure.zip to rapidshare.com and paste the link here.* It is necessary now to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan. All applications will work properly after the system restart.Image Tutorial2) Download and Run DDS which will create a Pseudo HJT Report as part of its log: DDS Tool Download Link. When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt Upload the logs to rapidshare.com and paste download link in your next reply.Note: Disable any script-blocking programs and then double-click on the DDS.scr icon to start the program. If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.scr to run. Please allow it to do so.In your next reply, please include download links to the following:[*] virusinfo_syscure.zip[*] DDS Logs If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#8
August 31, 2009 at 06:38:46
 I've tried Spyhunter before and that didn't help. Also AVZ utility came up with just numbers so I couldn't control it as in I couldn't find file>custom scripts etc.

Report •

#9
August 31, 2009 at 09:52:35
 did you try unhackme like I mentioned? That's about the easiest to remove a rootkit.

Report •

#10
August 31, 2009 at 14:54:31
 Try this for AVZ: http://rapidshare.com/files/2408795...If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#11
September 1, 2009 at 07:17:21
 This is the AVZ file:http://rapidshare.com/files/2742945...The DDS didn't run though.

Report •

#12
September 1, 2009 at 20:42:54
 No need .zip file did you use Response Number 11's AVZ ? If you did start with Run.cmd

Report •

#13
September 2, 2009 at 03:57:10
 Sorry here's the zip file:

Report •

#14
September 2, 2009 at 07:39:48
 Post your last MBAM scan log.If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#15
September 3, 2009 at 05:59:00

Report •

#16
September 3, 2009 at 19:53:39
 Update your malwarebytes and run a scan again.If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#17
September 5, 2009 at 08:52:26
 This is the new scan again and I'm pretty sure its all updated:Malwarebytes' Anti-Malware 1.40Database version: 2551Windows 6.0.6001 Service Pack 103/09/2009 13:56:28mbam-log-2009-09-03 (13-56-28).txtScan type: Full Scan (C:\|D:\|E:\|)Objects scanned: 226991Time elapsed: 1 hour(s), 14 minute(s), 40 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)

Report •

#18
September 5, 2009 at 20:31:55
 You database version is still old. Its not updated.If I'm helping you and I don't reply within 24 hours send me a PM.

Report •

#19
September 8, 2009 at 09:48:52
 Malwarebytes' Anti-Malware 1.40Database version: 2750Windows 6.0.6001 Service Pack 108/09/2009 17:47:34mbam-log-2009-09-08 (17-47-34).txtScan type: Full Scan (C:\|D:\|E:\|)Objects scanned: 229549Time elapsed: 1 hour(s), 17 minute(s), 32 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Google seems fine now thanks so much!

Report •

#20
September 8, 2009 at 17:31:09
 No problem.If I'm helping you and I don't reply within 24 hours send me a PM.

Report •