Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got a nasty virus on my laptop now, need some help healing it.


  • Please log in to reply
1 reply to this topic

#1 IconoclastTS

IconoclastTS

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 11 June 2010 - 10:39 PM

Somehow my computer contracted a Win32.HEUR virus off of an accidental spam site visit, and now my computer is full of infections.

At first I tried using AVG, but the virus basically overpowered it and tried to uninstall it.. So I got Kaspersky's virus removal tool. It seems to have taken care of the heur for the most part, but now I have a rootkit.tdss that just won't go away.

The problem is, I can't kill any processes, it's locked my taskbar out, I can hardly open any programs, it just says "This file does not have a program associated with it for performing this action. Please install a program or, if one is alread yinstalled, create an association in the Default Programs control panel." I can run programs if I select "run as administrator" but thats the only way they will work right now..

There are other symptoms as well, the whole pc is a complete mess right now, I've been working on it all day and night trying to get the infections cleared out. I just ran Hijackthis and I have a log I can post if necessary.

Is there anything else that I can do get this thing off of my computer??

-EDIT

I forgot to mention that when running malwarebytes or kasperskys virus removal, before I can complete the scan, the computer forces a shutdown.

Edited by IconoclastTS, 11 June 2010 - 10:41 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,725 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:51 AM

Posted 12 June 2010 - 09:13 AM

Hello and welcome let's do these. tell me how we are after.

>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

RKill....

Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

TDDS Killer
Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK. (If Vista, click on the Vista Orb and copy and paste the following into the Search field. (make sure you include the quotation marks) Then press Ctrl+Shift+Enter.)


    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • It may ask you to reboot the computer to complete the process. Allow it to do so.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users