3 replies to this topic

[dsj1000]

[size="4"]I have a pc, running on Vista Home premium, and need help removing the ntoskrnl-hook Trojan. Started three days ago. I can only run the pc in Safe mode (with networking); tried using one of the restore points, and there are none found, which is very strange since I have always used them!
Mcafee detects the two files, but can't remove them; will not let me check the boxes. I have used Malwarebytes, and during the first scan, it did see the same two files, and indicated they were removed, but now - is does not see them at all. I called Mcafee and paid the $89 removal fee and they were unsuccessful, and refunded the money. What can I do?
Thanks.

[TeMerc]

Hello and welcome to Malwarebytes

Please follow these basic steps first before posting any logs.

Our program, Malwarebytes' Anti-Malware can detect and remove most Malware with no further actions required for free.

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
  
• At the end, be sure a checkmark is placed next to the following:
  
  
  • Update Malwarebytes' Anti-Malware
    
  • Launch Malwarebytes' Anti-Malware
  
  
• Then click Finish.
  
  
• If an update is found, it will download and install the latest version.
  
  
• Once the program has loaded, select Perform quick scan, then click Scan.
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
• Be sure that everything is checked, and click Remove Selected.
  
  
• When completed, a log will open in Notepad and if required the program will ask you to reboot to remove locked files.

We hope our application has helped you eradicate this malicious Malware.

If your current anti-virus solution let this infection through please consider purchasing the PRO version of Malwarebytes' Anti-Malware for additional protection.

Update your current Anti-Virus to the latest definitions and then perform a Full scan of your system.

If you don't currently have Anti-Virus please download and install Avira AntiVir Personal

Then update to the latest definitions and perform a Full scan of your system.



If you're still experiencing issues after running the above procedures then please follow the instructions below.

Scan and Log Procedures


• Please download this program Trend Micro HijackThis to your desktop.
  
  
• Double-click on it to run and install it.
  
  
• Then launch the program and click on Do a system scan and save a logfile. This log file will open in Notepad.
  
  
• Please start a Newtopic here and post the most recent Malwarebytes' Anti-Malware log file and HijackThis log file using Copy/Paste.
  
  
• The Malwarebytes' Anti-Malware log file is located in the Logs tab of the program.

Someone will analyze the logs and give you further instructions.

Prompt responses to instructions and performing the required fixes as soon as possible is always best.

During this scan and cleanup process you should not install any other software unless requested to do so.

Logs to reply with: MBAM and HijackThis

NOTE: If Malwarebytes won't run or HijackThis won't run please still create a new post in the Malware Removal - HijackThis Logs forum and explain what happens.

NOTE: Please DO NOT post back to your post within the first 48 hours. Replying to your own posts changes the post count and will often cause helpers to think that you're already being helped and thus they won't open and look at your post. If no one has replied within 48 hours then please go ahead and either reply to your post or send a private message to a Moderator and let them know that you're still needing assistance.

As soon as someone is available they will assist you.

[dsj1000]

TeMerc, on Jul 20 2009, 07:10 PM, said:

Hello and welcome to Malwarebytes

Please follow these basic steps first before posting any logs.

Our program, Malwarebytes' Anti-Malware can detect and remove most Malware with no further actions required for free.

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
  
• At the end, be sure a checkmark is placed next to the following:
  
  
  • Update Malwarebytes' Anti-Malware
    
  • Launch Malwarebytes' Anti-Malware
  
  
• Then click Finish.
  
  
• If an update is found, it will download and install the latest version.
  
  
• Once the program has loaded, select Perform quick scan, then click Scan.
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
• Be sure that everything is checked, and click Remove Selected.
  
  
• When completed, a log will open in Notepad and if required the program will ask you to reboot to remove locked files.

We hope our application has helped you eradicate this malicious Malware.

If your current anti-virus solution let this infection through please consider purchasing the PRO version of Malwarebytes' Anti-Malware for additional protection.

Update your current Anti-Virus to the latest definitions and then perform a Full scan of your system.

If you don't currently have Anti-Virus please download and install Avira AntiVir Personal

Then update to the latest definitions and perform a Full scan of your system.



If you're still experiencing issues after running the above procedures then please follow the instructions below.

Scan and Log Procedures


• Please download this program Trend Micro HijackThis to your desktop.
  
  
• Double-click on it to run and install it.
  
  
• Then launch the program and click on Do a system scan and save a logfile. This log file will open in Notepad.
  
  
• Please start a Newtopic here and post the most recent Malwarebytes' Anti-Malware log file and HijackThis log file using Copy/Paste.
  
  
• The Malwarebytes' Anti-Malware log file is located in the Logs tab of the program.

Someone will analyze the logs and give you further instructions.

Prompt responses to instructions and performing the required fixes as soon as possible is always best.

During this scan and cleanup process you should not install any other software unless requested to do so.

Logs to reply with: MBAM and HijackThis

NOTE: If Malwarebytes won't run or HijackThis won't run please still create a new post in the Malware Removal - HijackThis Logs forum and explain what happens.

NOTE: Please DO NOT post back to your post within the first 48 hours. Replying to your own posts changes the post count and will often cause helpers to think that you're already being helped and thus they won't open and look at your post. If no one has replied within 48 hours then please go ahead and either reply to your post or send a private message to a Moderator and let them know that you're still needing assistance.

As soon as someone is available they will assist you.

[Maurice Naggar]

@ dsjNeedshelp

See my reply to you in the Malware Removal - HijackThis sub-forum
http://www.malwarebytes.org/forums/index.p...st&p=101012

Kindly make all replies in that thread only.