Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Alureon.FO


  • Please log in to reply
17 replies to this topic

#1 Warnempm

Warnempm

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 06 March 2013 - 12:54 PM

I have this virus on my computer. It won't allow me to run any security software. It goes blue screen and shuts down every time. I can't even run windows update! I ran windows defender from CD when booting, and it found and supposedly removed the Trojan, but I am still having all of the same issues. Any other ideas? I really don't want to have to uninstall and reinstall OS.
Thank you!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 06 March 2013 - 06:02 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif NOTE. Make sure all logs are pasted not attached.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 07 March 2013 - 01:51 PM

The MiniToolBox and the Security Check did not work on my computer. They downloaded and came up just fine, but nothing ever happened when I started them up. I ran MalwareBytes, and this was the log for that.

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.07.10
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Paige :: PAIGE-PC [administrator]
 
3/7/2013 11:12:13 AM
mbam-log-2013-03-07 (11-12-13).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219074
Time elapsed: 59 minute(s), 40 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
I am in the process of running the RootKit. It has been scanning slowly for hours...It does say it has found Malware. I just hope it finishes eventually...When it does, I will post the log.


#4 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 07 March 2013 - 06:00 PM

I ran the Rootkit. It found 3 pieces of Malware, but I could not find the log anywhere. I did a search on every drive I could think of for the word "log" and found nothing...I am really starting to think I should just uninstall and reinstall Windows. Can you someone tell me how to do that? I have the recovery CDs that came with my computer, but if I just put those in, will it for sure get rid of the virus before it reinstalls Windows?



#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 07 March 2013 - 06:29 PM

We need to know what you're infected with.

If you're dealing with a rootkit recovery CD won't do as it doesn't format the drive.

You'd have to format hard drive and then use recovery CD.

 

Re-run MBAR one more time.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 08 March 2013 - 09:41 AM

I ran the rootkit again. Here are the logs:

 

Mbar-log:

 

Malwarebytes Anti-Rootkit BETA 1.01.0.1021

www.malwarebytes.org

 

Database version: v2013.03.08.11

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Paige :: PAIGE-PC [administrator]

 

3/8/2013 9:31:28 AM

mbar-log-2013-03-08 (09-31-28).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 29705

Time elapsed: 1 hour(s), 18 minute(s), 3 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 3

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Bootstrap_0_0_5_infected.mbam (Rootkit.Pihar.c.MBR) -> Delete on reboot.

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\MBR_0_infected.mbam (Rootkit.Pihar.c.MBR) -> Delete on reboot.

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_488397136_user.mbam (Forged physical sector) -> Delete on reboot.

 

(end)

 

System Log: 

 

 

Malwarebytes Anti-Rootkit BETA 1.01.0.1021

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

 

Account is Administrative

 

Internet Explorer version: 9.0.8112.16421

 

Java version: 1.6.0_13

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED

CPU speed: 1.995000 GHz

Memory total: 3181760512, free: 1430081536

 

------------ Kernel report ------------

     03/08/2013 08:11:23

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\halmacpi.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\DRIVERS\MpFilter.sys

\SystemRoot\System32\Drivers\PxHelp20.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\igdkmd32.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\drivers\usbuhci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\bcmwl6.sys

\SystemRoot\system32\DRIVERS\yk62x86.sys

\SystemRoot\system32\drivers\i8042prt.sys

\SystemRoot\system32\DRIVERS\Apfiltr.sys

\SystemRoot\system32\drivers\mouclass.sys

\SystemRoot\system32\drivers\kbdclass.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\drivers\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\stwrt.sys

\SystemRoot\system32\DRIVERS\portcls.sys

\SystemRoot\system32\DRIVERS\drmk.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\OA009Vid.sys

\SystemRoot\system32\DRIVERS\OA009Ufd.sys

\SystemRoot\system32\DRIVERS\CtClsFlt.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\drivers\RTSTOR.SYS

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\mbam.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\pnarp.sys

\SystemRoot\system32\DRIVERS\purendis.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\DRIVERS\NisDrvWFP.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\??\C:\Program Files\CyberLink\PowerDVD DX\000.fcl

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\sechost.dll

\Windows\System32\shlwapi.dll

\Windows\System32\ole32.dll

\Windows\System32\imm32.dll

\Windows\System32\urlmon.dll

\Windows\System32\advapi32.dll

\Windows\System32\normaliz.dll

\Windows\System32\psapi.dll

\Windows\System32\user32.dll

\Windows\System32\oleaut32.dll

\Windows\System32\wininet.dll

\Windows\System32\lpk.dll

\Windows\System32\msvcrt.dll

\Windows\System32\imagehlp.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff870915d8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \IAAStorageDevice-1\

Lower Device Object: 0xffffffff862f1028

Lower Device Driver Name: \00000548\

Driver name found: iaStor

Initialization returned 0x0

Load Function returned 0x0

Downloaded database version: v2013.03.08.11

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 3

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff870915d8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff87091210, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff870915d8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff862f1028, DeviceName: \IAAStorageDevice-1\, DriverName: \00000548\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0xffffffff8d1eb138, 0xffffffff870915d8, 0xffffffff862c2ac8

Lower DeviceData: 0xffffffffc334f088, 0xffffffff862f1028, 0xffffffff85d53af0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 3

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

MBR buffers are not equal

MBR is forged! [5b875a22f8ce39ec096216471c83be3f]

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 638CBF

 

Partition information:

 

    Partition 0 type is Empty (0x0)

    Partition is ACTIVE.

    Partition starts at LBA: 5  Numsec = 0

    Partition is not bootable

Infected: VBR on Empty active partition --> [Rootkit.Pihar.c.MBR]

Changing partition to empty and not active.  New active partition is 2 on drive 0 ...

 

    Partition 0 type is Other (0xde)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 63  Numsec = 80262

 

    Partition 1 type is Primary (0x7)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 81920  Numsec = 30720000

 

    Partition 2 type is Primary (0x7)

    Partition is ACTIVE.

    Partition starts at LBA: 30801920  Numsec = 457593200

    Partition file system is NTFS

    Partition is bootable

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

MBR infection found on drive 0

Disk Size: 250059350016 bytes

Sector size: 512 bytes

 

Scanning physical sectors of unpartitioned space on drive 0 (1-4-488377168-488397168)...

Done!

Performing system, memory and registry scan...

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-10-16.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-10-18.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-10-31.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-11-01.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-11-15.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-11-16.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-11-19.log" is compressed (flags = 1)

Read File: File "c:\ProgramData\AVG2012\log\avgual.2012-11-20.log" is compressed (flags = 1)

Done!

Scan finished



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 08 March 2013 - 07:11 PM

Download and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 08 March 2013 - 10:39 PM

Should I click "Cleanup" on the rootkit first, or should I just close that out and do this instead?

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 08 March 2013 - 10:43 PM

  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 09 March 2013 - 04:05 PM

When I got home to actually try this, I realized there is no actual link to download TDSSKiller. Did you mean to include that?

Thanks.



#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 09 March 2013 - 04:13 PM

I'm not sure what happened :)

 

Download TDSSKiller and save it to your desktop.


 


Edited by Broni, 09 March 2013 - 04:14 PM.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 09 March 2013 - 05:42 PM

The program isn't working. This is the error message I keep getting..."The dependency service or group failed to start"...



#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 09 March 2013 - 06:02 PM

See if you can run it from safe mode.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 Warnempm

Warnempm
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:59 AM

Posted 10 March 2013 - 06:23 PM

I ran it, hit "cure", rebooted, but then I cannot find the log. I searched every drive for TDSS and Killer and Log with no results...

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:59 AM

Posted 10 March 2013 - 06:35 PM

Re-run it one more time.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users