07-18-2009 07:45 AM
I've got a problem with my computer same as some other people on this forum. I saw that it's needed a tailored script to repair it.
Someone can help me with this problem? Please find in attachement the GMER log file.
Thanks in advance for your help.
Solved! Go to Solution.
07-18-2009 03:47 PM
What version of Norton do you have on your system? NIS/NAV or N360, or some other.
07-18-2009 06:48 PM
You will find a version number under help and support...about. If you have the latest version v3, you may be able to rid yourself of the rootkit yourself. You would need to go into the computer pane...settings and turn advanced heuristic protection to aggressive, early load to on, make certain that rootkits and stealth items is set to on.
Download the latest updates from Intelligent updater
Once that is done, reboot into safe mode and right click on Norton to run a full system scan. This has succeeded on MSIVX rootkits already. It is worth a try, as Quads has quite a few rootkits ahead of you that won't come out this way.
Let us know if you have no luck and we will add you to the list.
07-19-2009 04:15 AM
At first I'd like thank you Delphinium for your help.
I've followed your method and at first scan Norton found something. When I've rebooted the computer and opened Internet, the problem stil on the machine. So I've tried again one safe mode scan, and nothing happened, keep on status "starting", no scanning. :-(
FYI, a part the problem with the internet, I cannot update my Vista to SP2, and impossible to restore the computer with System Restor.
Thanks again for your help.
07-19-2009 10:52 AM
We will pluck it out the hard way. Please see if you can run a GMER scan for us, all boxes checked. If you have trouble, you can run the scan in safe mode, or try doing it in two separate scans with half the boxes checked each time. Scan only, damage can be done to your system if it tries to repair.
Also you can give us a Rootrepeal log. Go to reports, or log tab and make sure all areas are checked.
You will be able to attach the logs using the "add attachments" link just below the post button. Quads has managed to get through quite a few of these remediations in the last two days, but it does take some time.
07-19-2009 11:50 AM
07-19-2009 11:56 AM
Looks like nice logs. Quads will be along later in the day due to time zone differences. I will let him know your logs are up.
07-19-2009 08:00 PM
Now (read carefully) If you have Spybot S&D uninstall it.
Also during the restarts with Avenger if Your PC has a Startup repair center like with HP and Toshiba tell it to start Normally if it kicks in.
1. Download Avenger to your desktop,
Unzipped version http://homepages.slingshot.co.nz/~crutches/Avenger
Creators website http://swandog46.geekstogo.com/avenger2/avenger2.h
2. Click to run "Avenger.exe" (right click "Run as Administrator" if using Vista)
3. In the "Input script here:" copy and paste the script between the lines
Drivers to disable:
Drivers to delete:
Files to delete:
Registry keys to delete:
Here is a screenshot (script updated since shot)
Make sure the "Automatically disable any rootkits found" is NOT selected
4. Click "Execute"
You will be asked to restart the PC click "Yes", when the PC restarts the load screen will takes slightly longer, then when it looks as though windows is loading the PC will restart again.
Then when Windows fully loads the Avenger log will be loaded, showing files it could or could not find. C:\Avenger.txt
5. Restart the PC again, then see if you can install Update and run Malwarebytes http://www.filehippo.com/download_malwarebytes_ant
07-20-2009 09:07 AM
Thanks guys for all your help, it worked perfectly!
I've updated Vista to SP2, I can run Norton scan also, great.
Still have some problems with Vista updates, but looks easy to resolve.