Your log which indicates a TDSS
, TDL3/TDL4 rootkit infection
. The forged file was identified and will be cured after reboot. Please reboot if you have not done so already.
Please download Malwarebytes Anti-Malware
and follow these instructions
for doing a Quick Scan
in normal mode.
-- If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
- When removal is completed, a log report will open in Notepad.
- The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the contents of that report in your next reply and exit MBAM.
-- Some types of malware will target Malwarebytes Anti-Malware and other security tools to keep them from running properly. If that's the case, please refer to the suggestions provided in For those having trouble running Malwarebytes Anti-Malware
as you may need to rename it or use RKill
Then try doing an online scan to see if it finds anything else (i.e. remnants) that the other scans may have missed.
Please perform a scan with Eset Online Anti-virus Scanner
- This scan requires Internet Explorer to work. If using a different browser, you will be given the option to download and use the ESET Smart Installer.
- Vista/Windows 7 users need to run Internet Explorer as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
- Click the green button.
- Read the End User License Agreement and check the box:
- Check .
- Click the button.
- Accept any security warnings from your browser.
- Check Remove found threats and Scan potentially unwanted applications. (If given the option, choose "Quarantine" instead of delete.)
- Click the Start button.
- ESET will then download updates for itself, install itself, and begin scanning your computer.
- If offered the option to get information or buy software at any point, just close the window.
- The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
- When the scan completes, push
- Push , and save the file to your desktop as ESETScan.txt.
- Push the button, then Finish.
- Copy and paste the contents of ESETScan.txt in your next reply.
Note: A log.txt
file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.
If you did not save the ESETScan log, click
, then type or copy and paste everything in the code box below into the Open dialogue box:
-- Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.Important Note
- Click Ok and the scan results will open in Notepad.
- Copy and paste the contents of log.txt in your next reply.
: Using any Torrents
(P2P) or file sharing
program (i.e. Limewire, eMule, Kontiki, BitTorrent, uTorrent, BitLord, BitLord, BearShare, Azureus/Vuze) is a security risk which can make your system susceptible to a smörgåsbord of malware infections
, remote attacks, and exposure of personal information.
The reason for this is that file sharing relies on its members giving and gaining unfettered access to computers across the P2P network. This practice can make you vulnerable to data and identity theft, system infection and remote access exploit
by attackers who can take control of your computer without your knowledge. Even if you change the risky default settings to a safer configuration, downloading files from an anonymous source increases your exposure to infection
because the files you are downloading may actually contain a disguised threat. Many malicious worms and Trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities. In some instances the infection may cause so much damage to your system that recovery is not possible
and a Repair Install will NOT help!. In those cases, the only option is to wipe your drive, reformat and reinstall the OS.
Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The best way to eliminate these risks is to avoid using P2P applications
.Using such programs or going to torrent sites is almost a guaranteed way to get yourself infected!!