[Virussker]

Hello everyone. I am an experienced user, hanging around since good old Windows 3.1 / MSDOS times.. But all my experiences yielded nothing against this [bleep] malware I got.. I reinstalled Windows at least 50 times, while trying some Linux distros. The malware infects newly created bootdisks, not limiting to Windows, also including most Linux distros! It is also spreading over network. [bleep], it even added some fake devices to my BIOS, making a complete HDD Wipe useless.. Not to mention it is  capable of perfectly hiding itself, turning most of Antivirus software useless.

There should be a way to get out that [bleep] thing out of my home network! I need your expertise please..

 

PS: It creates a proxy server on infected machines, making hundreds of PCs connect to Internet through your IP.

.

I am ready to attach any logs you prefer.

[Advertisements]

I wanted to preface my Greeting (below) with a few thoughts.  I'm certainly willing to try and help you, but we have to go about this in a measured manner. By way of example, I can't clean multiple machines on a network, with shares, all at the same time. So, let's start with one (1) machine, connected to the Internet or not is fine, but not connected to an infected network or using infected file shares, etc.  

 

Assuming that your in agreement with this, then pick one machine and we'll work on that and see how it goes.

 

Hi there Virussker, Welcome back to the forums!
. My name is Biscuithd and I will be assisting you with your Computer issues.

I know how upsetting it can be when one's computer is experiencing problems. I will try to help get things squared away. For a start please make sure that you...

• Carefully read every post completely before doing anything.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• Do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

Ok, let's get started.

 

I saw your posted OTL scan. You should also have a file called Extras.txt that was produced at the same time that OTL.txt was produced. I you have that, please post it. I you don't, I'll need you to re-run OTL to produce the file. And, it you're going to re-run OTL, I'd like you to do it a little differently than you did the first time. There are instructions for a Custom script below along with instructions. Do this ONLY if you can't find the Extras.txt.

 

Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

• Simply double-click the program icon to run it. It will ask for administrator privileges.
  
  
• Copy and paste the following into the Custom Scans/Fixes box:

 

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
/md5start
rpcss.dll
/md5stop
CREATERESTOREPOINT

 

• Click Run Scan.
• Files are being searched and it may take some time. Once done, two Notepad windows will appear, named OTL.txt and Extras.txt.
• Alternatively, you can also find these at your desktop.
• Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.

[Biscuithd]

I wanted to preface my Greeting (below) with a few thoughts.  I'm certainly willing to try and help you, but we have to go about this in a measured manner. By way of example, I can't clean multiple machines on a network, with shares, all at the same time. So, let's start with one (1) machine, connected to the Internet or not is fine, but not connected to an infected network or using infected file shares, etc.  

 

Assuming that your in agreement with this, then pick one machine and we'll work on that and see how it goes.

 

Hi there Virussker, Welcome back to the forums!
. My name is Biscuithd and I will be assisting you with your Computer issues.

I know how upsetting it can be when one's computer is experiencing problems. I will try to help get things squared away. For a start please make sure that you...

• Carefully read every post completely before doing anything.
• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
• Do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

Ok, let's get started.

 

I saw your posted OTL scan. You should also have a file called Extras.txt that was produced at the same time that OTL.txt was produced. I you have that, please post it. I you don't, I'll need you to re-run OTL to produce the file. And, it you're going to re-run OTL, I'd like you to do it a little differently than you did the first time. There are instructions for a Custom script below along with instructions. Do this ONLY if you can't find the Extras.txt.

 

Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

• Simply double-click the program icon to run it. It will ask for administrator privileges.
  
  
• Copy and paste the following into the Custom Scans/Fixes box:

 

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
/md5start
rpcss.dll
/md5stop
CREATERESTOREPOINT

 

• Click Run Scan.
• Files are being searched and it may take some time. Once done, two Notepad windows will appear, named OTL.txt and Extras.txt.
• Alternatively, you can also find these at your desktop.
• Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.

[Dakeyras]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.