Hello and welcome to Bleeping Computer!
I am D-FRED-BROWN and I will be helping you.
Please print or save this topic.
It will make it easier for you to follow the instructions and complete all of the necessary steps.
I know you've already run TDSSKiller before, but please run it one more time so we have an up-to-date idea of what may be remaining on the computer.
Please download the TDSS Rootkit Removing Tool
) and save it to your Desktop. <-Important!!!
- Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
- If TDSSKiller does not run, try renaming it.
- To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
- Click the Start Scan button.
- Do not use the computer during the scan
- If the scan completes with nothing found, click Close to exit.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
- Ensure Skip is selected, then click Continue > Reboot now to finish the cleaning process.
Note: Do not choose Cure or Delete unless instructed.
- A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.188.8.131.52_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
- Copy and paste the contents of that file in your next reply.
Please download ComboFix.exe
. Please visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix***IMPORTANT: save ComboFix to your Desktop****
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Please go here
to see a list of programs that should be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**
Please include the C:\ComboFix.txt
in your next reply for further review.
Please download Security Check
by screen317 from here
- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
In your next reply, please include the following:
- TDSSKiller's logfile
- ComboFix's report (C:\ComboFix.txt)
- Security Check checkup.txt
After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask.