Solved Information relating to RogueKiller software.

townsbg

~~тσωηsвg~~
Vista Guru
Gold Member
My point is that she may have decided to step back from this since she thinks that your computer is clean. She hasn't been on the forum in 2 days. How long do you want to wait on her?
 

DonnaB

Malware Fighter
Member
Hi townsbg,

Thank you for taking the time to have a look.

@ Bobby,

I do apologize for not responding sooner. It was not my intention to ignore you. I keep forgetting that once you get the first email notification that the thread has to be accessed manually to receive more notifications that someone has responded.

My specialty is the removal of malware and since RogueKiller is a tool used for the removal of malware, that is why I took on your thread and had you scan with other tools to determine if infection might have caused this corruption. The tools we used showed no since of infection, except for those undesirable programs that you had installed thinking they would resolve your problems.

Only thing I have not scanned your system with is a tool that would display if a rootkit is present or not. RogueKiller is able to detect and remove generic malwares and some advanced threats such as rootkits, rogues, worms, etc. though I took it upon myself to deem it unnecessary not to run another rootkit tool since you only mentioned in your first post that it detected PUP's (potentially undesirable programs) and PUM's (Potentially Unwanted Modification) detections which are not false positives or actual infections but rather settings which you may have made and in some cases, malware also makes. I saw no malware on your system that could cause this. Only programs that we deem undesirable because they optimize the system and can remove good files that lay idle and unused till they are called upon.

If you would like, I can have you run a tool that can will tell us if a rootkit is present, but I truly think what we have here is file corruption due to the use of optimizing programs.

Let me know what you would like to do. I'm still here. :)
 

bobbyscot

Member
DonnaB, pleased that you contacted me, as before your help is most appreciated. While reading you thread reply, suddenly screen went blue with writing that computer was being closed as a safeguard. tcpip.sys. Avast came on after power up - error - software out of date. Checking with appropriate software update, all software in question are latest version. Avast then goes on for me buy their software updater. All software you suggested to be uninstaled have been removed, including RogueKiller. Any suggestions you deem necessary will be most appreciated. Thanks BobbyScot.
 

DonnaB

Malware Fighter
Member
Hi Bobby,

We'll discuss Avast in a moment. For now, let's make sure there are no rootkits on your system.

I really need for you to follow my instructions exactly. I had asked you to change the default download location to the desktop of your computer, which you did, though when I asked you to download FRST to the desktop, you created a folder as shown below:

Running from C:\Users\Robert\Desktop\New Folder

And downloaded FRST to that folder. There is a reason that I need ALL the tools on your desktop. Please open that "New Folder" and drag and drop FRST64.exe to the desktop.

Next:

Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista - W7 users: Right-click and select "Run As Administrator".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com). If you don't see file extensions, please see: How to change the file extension.
  • Click the Start Scan button. Do not use the computer during the scan!
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure SKIP is selected... DO NOT attempt to FIX anything yet!
    • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C: ).
  • Copy and paste the contents of that file in your next reply.
 

DonnaB

Malware Fighter
Member
Thank you Bobby.

To find the log file:

  • Click on your Start
  • In the right side column of the Start menu, look for and click on Computer.
  • On the next screen, click on Local Disk ( C: )

Next, look down below the folders for a text file that is titled as follows:

TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt

Where dd.mm.yyyy is the date that the log was created.

Let me know if you have trouble finding it. :)
 

bobbyscot

Member
DonnaB, I apologise, but I simply can not find the Report file. After the Scan, clicking on Report, displayed a very long detailed report but no hard copy can be found.
 

DonnaB

Malware Fighter
Member
Hm? That is strange. A report should have been automatically created on your hard drive.

Let's try this:

Click on your Start
to open the Start Menu.
At the bottom of Start Menu, under All Programs, you will see the Start Search area.
Type in TDSSKiller and see if anything is found.

If a TDSSKiller text file is found, click on it to open it.

Then click on file and save it to the desktop.

Let me know if it is there or not.
 

bobbyscot

Member
DonnaB, sorry for delay, as I tried a different route but carried out your way, both showed ::
TDSSKiller.exe. TDSSKiller.zip. login.is index.is login.css index.css login.css style.css
Reply to thread information RogueKiller. I can not understand as to why TDSSKiller report file is omitted.
 

DonnaB

Malware Fighter
Member
Bobby,

Could you run TDSSKiller again and this time when you click on Report, click on File at the top left of text file and choose Save as...

Then click on Desktop in the window that opens.

Then click on the Save button at the bottom right of the window.

That should save the text file to your desktop so it can be found.
 

bobbyscot

Member
DonnaB, do you mean click on Report icon top right, if this be, when Report opens there is nothing visible other than contents of the Report itself. I feel that I am missing the point of your instructions or computer is not showing all points.
 

DonnaB

Malware Fighter
Member
Bobby,

Let me post the instructions to run TDSSKiller again. Do you have a 2nd computer so you can read the instructions while the scan is running?

When you get to the part where you are to choose

When you get to the part where you are to "Ensure SKIP is selected" and your next step is to click on Report, that is when you click on File then Save As... then choose the Desktop and then click on the Save button so it will save to the desktop so you can post it in your next reply.

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista - W7 users: Right-click and select "Run As Administrator".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com). If you don't see file extensions, please see: How to change the file extension.
  • Click the Start Scan button. Do not use the computer during the scan!
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure SKIP is selected... DO NOT attempt to FIX anything yet!
    • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C: ).
  • Copy and paste the contents of that file in your next reply.

I need to see what that Report says.
 

DonnaB

Malware Fighter
Member
Bobby,

I just ran TDSSKiller on my computer so I could see what you are seeing. When the scan is finished, do you get the same screen as shown below:

TDSSKiller 4-23-15.JPG
 

bobbyscot

Member
DonaB, reading instructions, it reads that if scan finds nothing, click close to exit. Nothing is found in my case, click close, or what should I do as no further instructions are shown at this scan. As it is nearly 2am, my time could be why!!
 

DonnaB

Malware Fighter
Member
Bobby,

Since your system shows no sign if infection, I will have to turn you over to one of the members who is more experienced with registry corruption.

Sorry,

Donna :(
 

DonnaB

Malware Fighter
Member
You will need to remove the tools we had installed. Please do the following:

Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.
 

bobbyscot

Member
DonnaB, there is nothing to be sorry, as you have done an excellent job in trying to solve my computer's malfunction, I agree that Registry probably is corrupted. Thanks BobbyScot.
 
Top