Jump to content

Recommended Posts

Hi all,

Firstly I thoroughly appreciate any help or adive given as you are not required to do so. I am quite a competent computer user and get called upon to remove viruses quite a lot. However, I recently got ask to help remove a virus or viruses and the state of the computer is the worse i've ever seen. I havn't done a DDS report as I am on my computer now, however I understand that this is required for each new post and I can get one within the next 24 hours.

So the computer is infected with the Windows System Restore Virus, and additional pop ups including windows detected a hard drive problem, which comes with multiple delayed write failed pop ups. Also just before loggging in an error of Windows Corrupt File (The file or directory c:\system volume information\"registry line" corrupt unreadable. Please run Chkdsk) not sure if they are part of the system restore virus or not. So I booted her up in safe mode with networking in an attmept to install Malwarebytes from usb with an update, and then scan. Installation was successful, however upon updating I get PROGRAM_ERROR_UPDATING 11004, 0, No address found. I followed section N in http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=439250entry439250 however when doing a quick scan (without updating) about 30 seconds in, Malwarebytes exits and is unopenable (In safe mode with networking!!). I can unistall then re-install to open Malwarebytes but the same errors occur. So it comes to my attention that there is also an infection that is corrupting the DNS settings of the PC. I cannot access the internet in Safe Mode with Networking either (most likely due to DNS corruption). I tried manually updating Malwarebytes (Mbam_rules.exe) and wasn't sure if I install this fresh or on top of an installation of Malwarebytes, however I did both and still quick scan randomly exits anyway. Also PC could boot in safe mode with networking but not safe mode and I could not do a system restore as clicking the next button on my chosen date would not do anything. I also tried connecting the modem directly to the PC and not through the router but I still received the PROGRAM_ERROR_UPDATING 11004 and the internet didn't work. Any advice or help that could point me in the right direction would be greatly appreciated! I was thinking along the lines of booting then running rkill to stop the system restore virus allowing me to try and manually remove it or the DNS infection so I can get an update and an uninterrupted scan?

Thanks

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.