Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Help remove zeroaccess rootkit
Message
<blockquote data-quote="Fiery" data-source="post: 91713" data-attributes="member: 9"><p>Hi,</p><p></p><p>Open OTL in OTLPE again. Under <strong>custom scan/fixes</strong>, copy and paste the following:</p><p>[code]</p><p>:OTL</p><p>O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)</p><p>O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)</p><p>[2008/12/28 02:51:46 | 000,000,050 | ---- | C] () -- C:\WINDOWS\qwimp.ini</p><p>@Alternate Data Stream - 1222 bytes -> C:\Documents and Settings\Sam\Cookies:QoSnn4svZRg0sohAo8188UBZpx4</p><p>@Alternate Data Stream - 1215 bytes -> C:\Documents and Settings\All Users\Application Data\DRM:QbNt0gB8Ra30H67Cd</p><p>@Alternate Data Stream - 1206 bytes -> C:\Program Files\Common Files\MSN:52qkdIvvrQxpOwOXeG</p><p></p><p>:Files</p><p>ipconfig /flushdns /c</p><p></p><p>:Commands</p><p>[EMPTYTEMP]</p><p>[RESETHOSTS]</p><p></p><p>[/code]</p><p></p><p>Then click <strong>Run Fix</strong>. Post the log afterwards.</p><p></p><p>After, download HitmanPro</p><p><ol></p><p> <li>This step can be performed in <<strong>>Normal Mode</<strong>> ,so please <<strong>>download the latest official version of HitmanPro</<strong>>.</strong></strong></strong></strong></p><p><strong><strong><strong><strong><a href="http://www.surfright.nl/en/downloads" rel="nofollow" target="_blank"> <<strong>>HITMANPRO DOWNLOAD LINK</<strong>></a> <em>(This link will open a download page in a new window from where you can download HitmanPro)</em></li></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong> <li><<strong>>Double click on the previously downloaded file</<strong>> to start the HitmanPro installation.</strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><img title="HitmanPro Installer" src="http://malwaretips.com/images/removalguide/hpro1.png" alt="[Image: hitmanpro-icon.png]" width="54" height="58" border="0" /></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><<strong>>IF</<strong>> you are experiencing problems while trying to starting HitmanPro, you can use the "<em>Force Breach</em>" mode.To start this program in Force Breach mode,<<strong>> hold down the left CTRL-key when you start HitmanPro</<strong>> and all non-essential processes are terminated, including the malware process. (<a href="http://www.youtube.com/watch?feature=player_embedded&v=m6eRWTv2STk" target="_blank">How to start HitmanPro in Force Breach mode - Video</a>)</li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>Click on <<strong>>Next </<strong>>to install HitmanPro on your system.</strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><img title="HitmanPro installation process" src="http://malwaretips.com/images/removalguide/hpro2.png" alt="[Image: installing-hitmanpro.png]" width="532" height="421" border="0" /></li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>The setup screen is displayed, from which you can decide whether you wish to install HitmanPro on your machine or just perform a one-time scan, select a option then click on <<strong>>Next </<strong>>to start a system scan.</strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><img title="HitmanPro setup options" src="http://malwaretips.com/images/removalguide/hpro3.png" alt="[Image: hitmanpro-setup-options.png]" width="532" height="421" border="0" /></li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>HitmanPro will start scanning your system for malicious files. Depending on the the size of your hard drive, and the performance of your computer, this step will take several minutes.</strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><img title="HitmanPro scanning for Win 8 Security System" src="http://malwaretips.com/images/removalguide/hpro4.png" alt="[Image: hitmanpro-scanning.png]" width="532" height="421" border="0" /></li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>Once the scan is complete,a screen displaying all the malicious files that the program found will be shown as seen in the image below.After reviewing each malicious object click <<strong>>Next</<strong>>.</strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><img title="HitmanPro Win 8 Security System scan results" src="http://malwaretips.com/images/removalguide/hpro5.png" alt="[Image: hitmanpro-scan-results.png]" width="532" height="421" border="0" /></li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>Click <<strong>>Activate free license </<strong>>to start the free 30 days trial and remove the malicious files.</strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><img title="Activate HitmanPro free license to remove detected infections" src="http://malwaretips.com/images/removalguide/hpro6.png" alt="[Image: hitmanpro-activation.png]" width="532" height="421" border="0" /></li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong> <li>HitmanPro will now start removing the infected objects, and in some instances, may suggest a reboot in order to completely remove the malware from your system. In this scenario, always confirm the reboot action to be on the safe side.</li></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p><p><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong><strong></ol></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></strong></p></blockquote><p></p>
[QUOTE="Fiery, post: 91713, member: 9"] Hi, Open OTL in OTLPE again. Under [b]custom scan/fixes[/b], copy and paste the following: [code] :OTL O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) [2008/12/28 02:51:46 | 000,000,050 | ---- | C] () -- C:\WINDOWS\qwimp.ini @Alternate Data Stream - 1222 bytes -> C:\Documents and Settings\Sam\Cookies:QoSnn4svZRg0sohAo8188UBZpx4 @Alternate Data Stream - 1215 bytes -> C:\Documents and Settings\All Users\Application Data\DRM:QbNt0gB8Ra30H67Cd @Alternate Data Stream - 1206 bytes -> C:\Program Files\Common Files\MSN:52qkdIvvrQxpOwOXeG :Files ipconfig /flushdns /c :Commands [EMPTYTEMP] [RESETHOSTS] [/code] Then click [b]Run Fix[/b]. Post the log afterwards. After, download HitmanPro <ol> <li>This step can be performed in <[b]>Normal Mode</[b]> ,so please <[b]>download the latest official version of HitmanPro</[b]>. <a href="http://www.surfright.nl/en/downloads" rel="nofollow" target="_blank"> <[b]>HITMANPRO DOWNLOAD LINK</[b]></a> <em>(This link will open a download page in a new window from where you can download HitmanPro)</em></li> <li><[b]>Double click on the previously downloaded file</[b]> to start the HitmanPro installation. <img title="HitmanPro Installer" src="http://malwaretips.com/images/removalguide/hpro1.png" alt="[Image: hitmanpro-icon.png]" width="54" height="58" border="0" /> <[b]>IF</[b]> you are experiencing problems while trying to starting HitmanPro, you can use the "<em>Force Breach</em>" mode.To start this program in Force Breach mode,<[b]> hold down the left CTRL-key when you start HitmanPro</[b]> and all non-essential processes are terminated, including the malware process. (<a href="http://www.youtube.com/watch?feature=player_embedded&v=m6eRWTv2STk" target="_blank">How to start HitmanPro in Force Breach mode - Video</a>)</li> <li>Click on <[b]>Next </[b]>to install HitmanPro on your system. <img title="HitmanPro installation process" src="http://malwaretips.com/images/removalguide/hpro2.png" alt="[Image: installing-hitmanpro.png]" width="532" height="421" border="0" /></li> <li>The setup screen is displayed, from which you can decide whether you wish to install HitmanPro on your machine or just perform a one-time scan, select a option then click on <[b]>Next </[b]>to start a system scan. <img title="HitmanPro setup options" src="http://malwaretips.com/images/removalguide/hpro3.png" alt="[Image: hitmanpro-setup-options.png]" width="532" height="421" border="0" /></li> <li>HitmanPro will start scanning your system for malicious files. Depending on the the size of your hard drive, and the performance of your computer, this step will take several minutes. <img title="HitmanPro scanning for Win 8 Security System" src="http://malwaretips.com/images/removalguide/hpro4.png" alt="[Image: hitmanpro-scanning.png]" width="532" height="421" border="0" /></li> <li>Once the scan is complete,a screen displaying all the malicious files that the program found will be shown as seen in the image below.After reviewing each malicious object click <[b]>Next</[b]>. <img title="HitmanPro Win 8 Security System scan results" src="http://malwaretips.com/images/removalguide/hpro5.png" alt="[Image: hitmanpro-scan-results.png]" width="532" height="421" border="0" /></li> <li>Click <[b]>Activate free license </[b]>to start the free 30 days trial and remove the malicious files. <img title="Activate HitmanPro free license to remove detected infections" src="http://malwaretips.com/images/removalguide/hpro6.png" alt="[Image: hitmanpro-activation.png]" width="532" height="421" border="0" /></li> <li>HitmanPro will now start removing the infected objects, and in some instances, may suggest a reboot in order to completely remove the malware from your system. In this scenario, always confirm the reboot action to be on the safe side.</li> </ol>[/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b][/b] [/QUOTE]
Insert quotes…
Verification
Post reply
Top