Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Major infection

  • Please log in to reply
1 reply to this topic

#1 BillRoss


  • Members
  • 2 posts
  • Local time:01:01 AM

Posted 08 January 2010 - 01:37 PM

34 infections

Infected files include rundll32.exe, taskmgr.exe, wscntfy.exe, and wmiprvse.exe

Unable to install files from CD, run antivirus files on HD, access to IE is blocked, system restore will not run.

Infections include:
LdPinch V
VMalum AWS
Disable Key
Zlob AN
and many others.

What can I try next?

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)


#2 trev47


  • Members
  • 113 posts
  • Local time:01:01 AM

Posted 11 January 2010 - 10:19 PM

Try downloading rkill to your desktop from one of the following links. Double click the file and a black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. If it does not work try the next file.
try this one http://download.bleepingcomputer.com/grinler/rkill.pif
or this http://download.bleepingcomputer.com/grinler/rkill.scr
or this http://download.bleepingcomputer.com/grinler/rkill.exe
or this http://download.bleepingcomputer.com/grinler/rkill.com

Now, download Malwarebytes from http://malwarebytes.org/ update it and run a full scan. Remove any infections found and post the results in your next reply.

Then download atf cleaner from http://www.atribune.org/index.php?option=c...5&Itemid=25
run it, select all, and empty selected

Finally run a scan at http://www.eset.com/onlinescan/

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users