Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Poison Ivy


  • Please log in to reply
1 reply to this topic

#1 BLEEEPINGtime

BLEEEPINGtime

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 25 March 2012 - 12:18 AM

Hello BleepingComputer Forums.
i have a problem that bugging me for a very long time.
i dont want to reformat. so i need to remove this virus immediately

i know the virus already its the "Csss.exe" yeah its CSSS.exe
the location of the file is D:/Document and Settings/Administrator/Application Data/Css.exe
but when i go there , there is no Csss.exe there, even i turn on "SHOW HIDDEN FILES AND FOLDER OPTION"
this virus keeps running. and it create multiple proccess like the FF:
FIREFOX.EXE
Explorer.exe
. even i end process this program they keep coming Back...
and if i end process the orignal Explorer.exe in the task manager cause i have 3 or 4 explorer.exe running on the task manager.
and end process also the FIREFOX.EXE(VIRUS) EXPLORER.EXE(VIRUS) , they will not comeback, when i rerun (Explorer.exe)(NOT THE VIRUS)
they come back again. please Help! me. ive search the forum they say that this is Poision Ivy.

HERE's my HiJackThis Log:

Log removed so we can begin assistance in this forum. If it is determined that you need specialized assistance, you will receive instruction for posting in the log forum at that time. We rarely use HijackThis these days. ~ OB


THANK YOU! VERY MUCH

Edited by BLEEEPINGtime, 25 March 2012 - 03:47 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:55 AM

Posted 25 March 2012 - 09:10 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users