Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help! Infected with Win32/Heur and Win32/Tanatos.M


  • This topic is locked This topic is locked
4 replies to this topic

#1 Kanye

Kanye

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:02:34 AM

Posted 30 October 2008 - 06:10 PM

Last night my firewall (Sygate) said there was a program requesting to connect to the internet. I do not remember what it was, but I know it looked like it had something to do with Microsoft or Windows because it was named something along the lines of something Microsoft would call one of their .exe's. So a few hours later, my computer is sluggish. I go to check the Task Manager... and it won't let me! It says "Task Manager has been disabled by your administrator". I AM the admin, so I know something is up. AVG suddenly starts showing me that Win32/Tanatos.M is infecting EVERYTHING! Windows Meida Player, Inter Explorer, Google Chrome, VLC Player, RealPlayer, Wordpad, paint, everything!

I googled a way to access the Task Manager and it gave me a code to run. Tried it, didn't work. Then i realized it actually DOES work, it's just that the virus quickly disables the Task Manager before I can get into it. So I ran the code in Start > Run one more time, and extremely quickly did Ctrl+Alt=Delete before it could disable it and I got in! I found a whole bunch of .exes that I've never seen before, like:

winkqrmmr.exe
winpfkp.exe
noytd.exe
ycln.exe
mvul.exe
rfpav.exe
winpoflfl.exe
winejlpg.exe

I googled them all and for most of them, nothing came up. So now I'm positive it's a virus. AVG keeps going nuts telling me it's infecting everything, and when I click Heal or Remove, it says the healing failed! I try to block it from the network in Sygate... and Sygate won't open! The virus is blocking my firewall from starting. Even tried starting it with Start > Run and the virus automatically closes it in less than a second.

AVG is doing nothing but warning me that it's infecting every single program, and my firewall is useless. Somebody please help me! My computer has become almost unuseable! And I have homework to work on...

Thanks.


Oh, and I'm doing an AVG scan right this moment and it's elapsed 12 minutes and it already found 26 threats, and they're all Tanatos and Heur! Help!

Edited by Kanye, 30 October 2008 - 06:11 PM.


BC AdBot (Login to Remove)

 


#2 Kanye

Kanye
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:02:34 AM

Posted 30 October 2008 - 06:59 PM

Argh!!! I think it ended the Explorer.exe task! Now I can't see my taskbar or open any new windows! I rebooted and NOTHING loads. No taskbar, no icons, Task Manager doesn't open. Just showing my wallpaper. Somebody PLEASE help me. I have no computer now! (Typing this on my sister's).

#3 Kanye

Kanye
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:02:34 AM

Posted 30 October 2008 - 10:03 PM

I just did a full Windows XP repair and nothing has changed. Would somebody please help me?

#4 Kanye

Kanye
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:02:34 AM

Posted 31 October 2008 - 07:32 AM

My flash drive was plugged into my comoputer during all of this and I brought it to school to use it and the school's virus scanner said there was an infected .exe file that I've never heard of! This thing has infected my flash drive and corrupted all the data!

Would somebody PLEASE help me.

#5 pskelley

pskelley

  • Staff Emeritus
  • 1,487 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 31 October 2008 - 07:48 AM

Ltangelic was kind enough to point out this member has multiposted and is being helped at GTG here:
http://www.geekstogo.com/forum/help-Infect...99#entry1363899

Topic is closed

Thanks
MS-MVP Windows Security 2007-08
Proud Member ASAP
UNITE Member 2006




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users