Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Problems in Removing Fake Police Warning Virus
Message
<blockquote data-quote="Fiery" data-source="post: 135264" data-attributes="member: 9"><p>Hi,</p><p></p><p>Glad you got your Desktop back <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" />. We are not quite done yet...</p><p></p><p><u>Step 1</u></p><p>Please re-run TDSSkiller but this time, if the following entry appears, choose <strong>delete</strong>. If Delete is not available, choose <strong> quarantine </strong>.</p><p></p><p>etadpug ( Rootkit.Win32.PMax.gen ) </p><p></p><p>11:13:29.0909 0x0f90 \Device\Harddisk1\DR4 ( TDSS File System ) - skipped by user</p><p>11:13:29.0909 0x0f90 \Device\Harddisk1\DR4 ( TDSS File System ) - User select action: Skip </p><p></p><p><u>Step 2</u></p><p>Afterwards, download the following file by <strong>right-clicking</strong> it and select <strong>save as</strong></p><p></p><p>[attachment=5612]</p><p></p><p>and save it onto your flash drive with the Farbar tool.</p><p></p><p>Then in <strong><u>normal mode</u></strong>, plug in your flash drive, open FRST and click <strong>fix</strong>. Post the generated log.</p><p></p><p><u>Step 3</u></p><p>Please download <a href="http://www.bleepingcomputer.com/download/adwcleaner/" target="_blank">AdwCleaner</a> by Xplode onto your desktop.</p><ul> <li data-xf-list-type="ul">Close all open programs and internet browsers.</li> <li data-xf-list-type="ul">Double click on<strong> AdwCleaner.exe</strong> to run the tool(For Vista or Windows 7, right-click and select <strong>Run as Administrator to start</strong>)</li> <li data-xf-list-type="ul">Click<strong> delete</strong></li> <li data-xf-list-type="ul">Please post the content of that logfile with your next reply.</li> <li data-xf-list-type="ul">You can find the logfile at <strong>C:\AdwCleaner[S1].txt</strong></li> </ul><p></p><p><u>Step 4</u></p><p>Download & SAVE to your Desktop RogueKiller or from <a href="http://www.bleepingcomputer.com/download/roguekiller/" target="_blank">here</a></p><ul> <li data-xf-list-type="ul">Quit all programs that you may have started.</li> <li data-xf-list-type="ul">Please disconnect any USB or external drives from the computer before you run this scan!</li> <li data-xf-list-type="ul">For Vista or Windows 7, right-click and select <strong>Run as Administrator to start</strong></li> <li data-xf-list-type="ul">Wait until Prescan has finished, then click on<strong> "Scan" </strong>button</li> <li data-xf-list-type="ul">Wait until the Status box shows "Scan Finished"</li> <li data-xf-list-type="ul">Click <strong> delete</strong> and wait until it saids <strong>deleting finished</strong></li> <li data-xf-list-type="ul">Click on<strong> "Report"</strong> and copy/paste the content of the Notepad into your next reply.</li> <li data-xf-list-type="ul">The log should be found in RKreport[1].txt on your Desktop<br /> Exit/Close RogueKiller+</li> </ul><p></p><p><u>Step 5</u></p><p>Lastly, Please download SystemLook from one of the links below and save it to your Desktop.</p><p><a href="http://jpshortstuff.247fixes.com/SystemLook.exe" target="_blank"><strong>Download Mirror #1</strong></a></p><p><a href="http://images.malwareremoval.com/jpshortstuff/SystemLook.exe" target="_blank"><strong>Download Mirror #2</strong></a></p><ul> <li data-xf-list-type="ul"> Double-click SystemLook.exe to run it.<br /> </li> <li data-xf-list-type="ul"> Copy the content of the following codebox into the main textfield:</li> </ul><p></p><ul> <li data-xf-list-type="ul"> Click the Look button to start the scan.<br /> </li> <li data-xf-list-type="ul"> When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.</li> </ul><p></p><p>Note: The log can also be found on your Desktop entitled <strong>SystemLook.txt</strong></p></blockquote><p></p>
[QUOTE="Fiery, post: 135264, member: 9"] Hi, Glad you got your Desktop back :). We are not quite done yet... [u]Step 1[/u] Please re-run TDSSkiller but this time, if the following entry appears, choose [b]delete[/b]. If Delete is not available, choose [b] quarantine [/b]. etadpug ( Rootkit.Win32.PMax.gen ) 11:13:29.0909 0x0f90 \Device\Harddisk1\DR4 ( TDSS File System ) - skipped by user 11:13:29.0909 0x0f90 \Device\Harddisk1\DR4 ( TDSS File System ) - User select action: Skip [u]Step 2[/u] Afterwards, download the following file by [b]right-clicking[/b] it and select [b]save as[/b] [attachment=5612] and save it onto your flash drive with the Farbar tool. Then in [b][u]normal mode[/u][/b], plug in your flash drive, open FRST and click [b]fix[/b]. Post the generated log. [u]Step 3[/u] Please download [url=http://www.bleepingcomputer.com/download/adwcleaner/]AdwCleaner[/url] by Xplode onto your desktop. [list] [*]Close all open programs and internet browsers. [*]Double click on[b] AdwCleaner.exe[/b] to run the tool(For Vista or Windows 7, right-click and select [b]Run as Administrator to start[/b]) [*]Click[b] delete[/b] [*]Please post the content of that logfile with your next reply. [*]You can find the logfile at [b]C:\AdwCleaner[S1].txt[/b] [/list] [u]Step 4[/u] Download & SAVE to your Desktop RogueKiller or from [url=http://www.bleepingcomputer.com/download/roguekiller/]here[/url] [list] [*]Quit all programs that you may have started. [*]Please disconnect any USB or external drives from the computer before you run this scan! [*]For Vista or Windows 7, right-click and select [b]Run as Administrator to start[/b] [*]Wait until Prescan has finished, then click on[b] "Scan" [/b]button [*]Wait until the Status box shows "Scan Finished" [*]Click [b] delete[/b] and wait until it saids [b]deleting finished[/b] [*]Click on[b] "Report"[/b] and copy/paste the content of the Notepad into your next reply. [*]The log should be found in RKreport[1].txt on your Desktop Exit/Close RogueKiller+ [/list] [u]Step 5[/u] Lastly, Please download SystemLook from one of the links below and save it to your Desktop. [url=http://jpshortstuff.247fixes.com/SystemLook.exe][b]Download Mirror #1[/b][/url] [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b]Download Mirror #2[/b][/url] [list] [*] Double-click SystemLook.exe to run it. [*] Copy the content of the following codebox into the main textfield: [/list] [list] [*] Click the Look button to start the scan. [*] When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. [/list] Note: The log can also be found on your Desktop entitled [b]SystemLook.txt[/b] [/QUOTE]
Insert quotes…
Verification
Post reply
Top