 |
 |
Security |  |
||||||||||||||||||||||||||||
|
• Greatis | |
|
• AppDatabase | |
 |
|
• Utilities | |
|
|
• Delphi/CB | |
|
|
• Visual Basic | |
|
|
• .NET | |
|
|
• just4fun | |
||||||
|
|||||||||||||||||||||||||||||||
RegRun Security Suite
|
Google redirect problem solved using RegRunCK.exe. It detects MAX++ rootkit and removes rootkit's NTFS mount points
You should check your computer immeditelly. Probably you are infected by MAX++ or TDSS rootkit. Download and open RegRunCK.exe. RegRunCK.exe is a free of charge. It doesn't include viruses/adware/spyware. You will see DOS-like window:  Wait for finishing executing of the RegRunCK.exe. You will see execution log on the screen.
If you see the words "Device\__max++" in your result report - you are infected. Search the report for "Access is denied" text. If you find the result linke this: Failed to open: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe Access is denied. some of your system files are infected by rootkit and need to be replaced by original files from Windows CD or from another sources.
The rootkit is hard in removal and you need be very careful! If you simply delete rootkit files c:\windows\win32k.sys:1, c:\windows\win32k.sys:2 using your antivirus or another software, this may cause the Windows BSOD at next reboot.
 Please, follow our instructions step by step: 1. Download RegRun Reanimator (free of charge, no ads): http://www.greatis.com/reanimator.html or update your UnHackMe or RegRun Suite software. Reanimator already includes RegRunCK.exe. 
2. Open "Scan for Viruses" screen using Reanimator. Look at the video lesson how to use "Scan for Viruses". Watch Video Reanimator automatically detects presence of the rootkit and starts the "RegRunCK.exe" for removing rootkit's mount points. RegRunCK has a switch "/f" that is used for going to the removal mode. To start RegRunCK manually, open Windows Start menu, "All Programs", "Run", type the path to the RegRunCK and switch /f: regrunck.exe /f 3. Be careful! The "win32k.sys" is stored in the Windows folder is a rootkit file. The legitimate win32k.sys is located in the Windows\System32 folder. 4. Rootkit will be removed after Windows reboot. 5. Restore infected system files. Contact our support center if you have any questions. Suggest you to use RegRun Platinum Edition to be sure that you are clean! Good luck!
Dmitry Sokolov
Would you like to add your opinion?
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
