and welcome to my office here at G2G
My nick is maliprog
and I'll be your technical support on this issue. Before we start please read my notes carefully:NOTES:
- Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
- Absence of symptoms does not always mean the computer is clean
- Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
- Please DO NOT run any scans or fix on your own without my direction.
- Please read all of my response through at least once before attempting to follow the procedures described.
- If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
- Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
- You must reply within 3 days or your topic will be closed
Since you can't use your system in Normal mode we will do this fixes in Safe mode with networking
Please restart in safe mode:
- If the computer is running, shut down Windows, and then turn off the power
- Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
- Ensure that the Safe mode with networking option is selected.
- Press Enter. The computer then begins to start in Safe mode with networking.
Download the latest version of TDSSKiller from here
and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Check the boxes beside:
- Verify Driver Digital Signature
- Detect TDLFS file system
- then click OK.
- Click the Start Scan button to start the scan.
- If a suspicious object is detected, the default action will be Skip
- If malicious objects are found, they will show in the Scan results and offer three (3) options.
- Ensure Cure is selected for malicious objects
- Click Continue then Reboot now to finish the cleaning process.
- Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt"
. Please copy and paste its contents on your next reply.Step 3
to your Desktop
- Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
- Under the Custom Scan/Fixes box paste this in
%systemroot%\*. /mp /s
Step 4Please don't forget to include these items in your reply:
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them if you need to start a new topic.
It would be helpful if you could post each log in separate post using "Add Reply" button
- OTL log
- OTL Extras log
- TDSSKiller log