-
Good Morning,
Please download TDSSKiller.zip- Extract it to your desktop
- Double click TDSSKiller.exe
- Press Start Scan
- Only if Malicious objects are found then ensure Cure is selected
- Then click Continue > Reboot now
- Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)
-
TDSS will not run???
Greg
-
Run this program first, then try both aswMBR and TDSSkiller
- Please download rkill (Courtesy of Bleepingcomputer.com).
- There are 5 different versions of this tool. If one of them will not run, please try the next one in the list.
- Note: Vista and Windows 7 Users must right click and select "Run as Administrator" to run the tool.
- Note: You only need to get one of the tools to run, not all of them.
- Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message.
Run rkill repeatedly until it's able to do it's job. This may take a few tries.
You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.
-
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 09/06/2011 at 12:40:17.
Operating System: Microsoft Windows XP
Processes terminated by Rkill or while it was running:
C:\Documents and Settings\Greg\Desktop\rkill.scr
C:\Documents and Settings\Greg\Desktop\uSeRiNiT.exe
C:\WINDOWS\system32\grpconv.exe
Rkill completed on 09/06/2011 at 12:42:20.
-
Run this program first, then try both aswMBR and TDSSkiller
-
Ken,
Neither will run.
Greg
-
Run this program first and try them again, but boot to safemode with networking and try it from there
To Enter Safemode
- Go to Start> Shut off your Computer> Restart
- As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu. - Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
- Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
-
exeHelper by Raktor
Build 20100414
Run at 21:15:27 on 09/09/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
Thanks, Greg
-
exeHelper by Raktor
Build 20100414
Run at 21:15:27 on 09/09/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
exeHelper by Raktor
Build 20100414
Run at 21:21:35 on 09/09/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
-
Will either of those programs run ?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules