Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVCARE and TDSS infection


  • This topic is locked This topic is locked
2 replies to this topic

#1 malikye2876

malikye2876

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 02 September 2009 - 03:46 PM

As the title states, I believe I was and still am infected with one of these two infections. AVcare propted the notification in the bottom right hand corner, at which point fired off Windows Defender, and AVG 8.5 free which "deleted" the infection. I proceeded to follow the guidlines on removing the infection from the Registry, File locations, and known files types then began the Malwarebytes scan. Once I tried to run the Malwarebytes scan it closed after running for 2 seconds. The same was true for SuperAntiSpyware, Spybot, Rootkit Revealer, F-Secure Black Ice, Combo Fix, HiJackthis, and numerous other spyware programs. The same was true for safe mode - networking - cmd line - and without. Note that immediately after malwarebytes failed in normal mode I rebooted into safe mode to attempt the run. Now, even when in safe mode, when I try to run or install (different names for exe and different locales, removalbe drives) it states something to the effect that I do not have permission. This is on Vista Home Premium by the way. The only effective thing was running UBCD4WIN (latest version) and running the superanitspyware, spybot, and a squared spyware removal programs. But I am still unable to run anything in safe mode or normal mode. It was spybot in UBCD4WIN that found TDSS.reg, which made me think it was a rootkit infection as well. I was able to run Normans Malware Cleaner and Sophos Anti-Rootkit in normal mode afterwards and the anti-rootkit found nothing, and Norman's cleaned some tracking cookies, but nothing related to AVCARE. Still can not open malwarebytes or any of the other programs. Now Windows willl not let me log in as it states it found an issue and will restart in 1 minute. Any help appreciated.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:00 AM

Posted 02 September 2009 - 04:57 PM

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.

==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 malikye2876

malikye2876
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 04 September 2009 - 07:59 AM

Please close this topic. I've resolved this issue. Reinstalled system.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users