Skip to content


Reply
Stone Emissary
Cosmixy
Posts: 18
Registered: ‎05-26-2012

Re: Rootkit Buster won't run / freezes computer

It is happening on firefox 12.0

 

OTL.exe did not create an Extras.txt log. OTL.txt is attached.

Please use plain text.
Legendary Emissary
malwarekiller
Posts: 3,926
Registered: ‎08-08-2011

Re: Rootkit Buster won't run / freezes computer

Please download GooredFix from the below link and save it to your Desktop. See the download links under this icon 

GooredFix

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista/Win 7).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear.
  • Please attach the Goored.txt log to your next reply (it can be found on your desktop).
—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Cosmixy
Posts: 18
Registered: ‎05-26-2012

Re: Rootkit Buster won't run / freezes computer

 
Please use plain text.
Legendary Emissary
malwarekiller
Posts: 3,926
Registered: ‎08-08-2011

Re: Rootkit Buster won't run / freezes computer

how is firefox running now?

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Cosmixy
Posts: 18
Registered: ‎05-26-2012

Re: Rootkit Buster won't run / freezes computer

Still get redirects occasionally and RKB still says installation failed.

Please use plain text.
Stone Emissary
Cosmixy
Posts: 18
Registered: ‎05-26-2012

Re: Rootkit Buster won't run / freezes computer

I geuss RKB doesn't matter if you fix the redirect anyway =) Thanks for the help thus far.

Please use plain text.
Legendary Emissary
malwarekiller
Posts: 3,926
Registered: ‎08-08-2011

Re: Rootkit Buster won't run / freezes computer

[ Edited ]

Alright! can u tell me if this also happens in internet explorer??

 

 

download NPE from here to your desktop    [U will have to enable the rootkit scan in the options of NPE before scan]

run as administrator

it may ask for reboot before scan let it do the reboot proccess

at the end fix all issues found

and then tell me what items where found.

NEXT

Download hostfileexpert.exe from here:

http://www.snapfiles.com/get/hoster.html

 

Run as administrator

 

Choose the edit option.

 

now click on the file handling tab.

 

click on restore MS hosts file.

 

For screenshots see here:

http://www.snapfiles.com/screenshots/hoster.htm

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Cosmixy
Posts: 18
Registered: ‎05-26-2012

Re: Rootkit Buster won't run / freezes computer

I'm testig for it in IE, not getting anything, but it still may be affected given how randomly the redirect occurs. I spent just as much time tesing in firefox and didn't get any results while I was actively trying to.

 

NPE tried and failed to remove ComboFix.exe, detected Defogger.exe and GooredFix.exe. Nothing else.

Please use plain text.
Legendary Emissary
malwarekiller
Posts: 3,926
Registered: ‎08-08-2011

Re: Rootkit Buster won't run / freezes computer

[ Edited ]

Please re-install firefox and re-run Hitman pro and remove everything it finds.

 

Do u recognize these??

 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

S:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe

 

 

 

Download hostfileexpert.exe from here:

http://www.snapfiles.com/get/hoster.html

 

Run as administrator

 

Choose the edit option.

 

now click on the file handling tab.

 

click on restore MS hosts file.

 

For screenshots see here:

http://www.snapfiles.com/screenshots/hoster.htm

 

NEXT

 

Download aswmbr.exe ( 1.8mb ) to your desktop. 

http://public.avast.com/~gmerek/aswMBR.htm
 Double click the aswMBR.exe to run it  Click the "Scan" button to start scan.

  • Click the [Scan] button to start scan

  • On completion of the scan click [Save log], save it to your desktop and post in your next reply.

     

    NEXT

     

    WarningThis fix is only relevant for this system and no other, using on another computer may cause problems 

    Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot 


    If u have malwarebytes 1.5 or later disable it for the duration of this run


    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:
:OTL
[2012/05/23 23:52:44 | 000,000,000 | ---D | C] -- C:\Users\nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/05/23 23:52:44 | 000,000,000 | ---D | M] -- C:\Users\nick\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1


ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Please attach the log generated after the fix completion
—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Trend Micro Employee
johnd
Posts: 9
Registered: ‎11-24-2010

Re: Rootkit Buster won't run / freezes computer

Hi Cosmixy,

 

I suggest that before you uninstall and reinstall Mozilla Firefox 12.0, you may reset the browser to it's default settings first. Sometimes the cause of random redirect is  either temporary browser files or an unwanted browser add-on. Click on the link below for steps on how you can reset Firefox.

 

 

Resetting Firefox to default settings:

http://browserland.com/featured/restore-firefox-default-settings-without-uninstalling-it/

 

 

You can also reset Internet Explorer in case you are experiencing random redirection. Below is the link for it.

 

 

Resetting IE to default settings:

http://support.microsoft.com/kb/923737


I am a Trend Micro employee. My comments and advice come from my personal knowledge and experience. I’m happy to volunteer what I can to help others have a great Trend Micro experience.
Please use plain text.