Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Malware attack - Locked out of computer - need assistance
Message
<blockquote data-quote="Fiery" data-source="post: 110191" data-attributes="member: 9"><p>Excellent <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" /></p><p></p><p>Before we start:</p><ul> <li data-xf-list-type="ul">Note that the removal process is <strong>not</strong> immediate. Depending on the severity of your infection, it could take a long time. </li> <li data-xf-list-type="ul">Malware removal can be dangerous. I cannot guarantee the safety of your system as malware can be unpredictable. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system. Therefore, I would advise you to backup all your important files before we start. </li> <li data-xf-list-type="ul">Please be patient and stay with me until I give you the <span style="color: #006400">green lights</span> and inform you that your PC is clean. </li> <li data-xf-list-type="ul">Some tools may be flagged by your antivirus as harmful. Rest assure that ALL the tools we use are safe, the detections are false positives.</li> <li data-xf-list-type="ul">The absence of symptoms <strong>does not</strong> mean your PC is fully disinfected.</li> <li data-xf-list-type="ul">If you are unclear about the instructions, <strong>please stop and ask.</strong> Following the steps in the order that I post them in is <strong>vital</strong>. </li> <li data-xf-list-type="ul">Lastly, if you have requested help on other sites, that will <strong>delay and hinder</strong> the removal process. Please only stick to one site.</li> </ul><p></p><hr /><p></p><p>Go back to the account you ran OTL. Open OTL and under <strong>custom scan/fixes</strong>, copy and paste the following:</p><p></p><p></p><p></p><p>Then click <strong>Run Fix</strong>. Let your PC reboot to normal mode on your regular account (the one that has been infected). If you are able to access it, a new log will be created automatically, post the content in the next reply. Next, do the following in the same account.</p><p></p><p>Download TDSSkiller from <a href="http://support.kaspersky.com/downloads/utils/tdsskiller.exe" target="_blank">here</a></p><ul> <li data-xf-list-type="ul">Double-Click on <strong>TDSSKiller.exe</strong> to run the application</li> <li data-xf-list-type="ul">When TDSSkiller opens, click <strong> change parameters </strong> , check the box next to <strong>Loaded modules </strong>. A reboot will be required.</li> <li data-xf-list-type="ul">After reboot, TDSSKiller will run again. Click<strong> Change parameters</strong> again and make sure everything is checked.<br /> <img src="http://img.photobucket.com/albums/v257/MrChalee/clip.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /></li> <li data-xf-list-type="ul">click <strong>Start scan </strong>.<br /> </li> <li data-xf-list-type="ul">If a <strong>suspicious object</strong> is detected, the default action will be <strong>Skip</strong>, click on Continue. (If it saids TDL4/TDSS file system, select <strong>delete</strong>)</li> <li data-xf-list-type="ul">If <strong>malicious objects </strong>are found, ensure <strong>Cure (default)</strong> is selected, then click <strong>Continue</strong> and <strong>Reboot now</strong> to finish the cleaning process.</li> </ul><p></p><p>Post the log after (usually <strong>C:\</strong> folder in the form of <strong>TDSSKiller.[Version]_[Date]_[Time]_log.txt</strong></p><p></p><p>Please download <a href="http://www.bleepingcomputer.com/download/adwcleaner/" target="_blank">AdwCleaner</a> by Xplode onto your desktop.</p><ul> <li data-xf-list-type="ul">Close all open programs and internet browsers.</li> <li data-xf-list-type="ul">Double click on<strong> AdwCleaner.exe</strong> to run the tool(For Vista or Windows 7, right-click and select <strong>Run as Administrator to start</strong>)</li> <li data-xf-list-type="ul">Click<strong> delete</strong></li> <li data-xf-list-type="ul">Please post the content of that logfile with your next reply.</li> <li data-xf-list-type="ul">You can find the logfile at <strong>C:\AdwCleaner[S1].txt</strong></li> </ul><p></p><p>Download & SAVE to your Desktop RogueKiller or from <a href="http://www.bleepingcomputer.com/download/roguekiller/" target="_blank">here</a></p><ul> <li data-xf-list-type="ul">Quit all programs that you may have started.</li> <li data-xf-list-type="ul">Please disconnect any USB or external drives from the computer before you run this scan!</li> <li data-xf-list-type="ul">For Vista or Windows 7, right-click and select <strong>Run as Administrator to start</strong></li> <li data-xf-list-type="ul">Wait until Prescan has finished, then click on<strong> "Scan" </strong>button</li> <li data-xf-list-type="ul">Wait until the Status box shows "Scan Finished"</li> <li data-xf-list-type="ul">Click on<strong> "Report"</strong> and copy/paste the content of the Notepad into your next reply.</li> <li data-xf-list-type="ul">The log should be found in RKreport[1].txt on your Desktop<br /> Exit/Close RogueKiller+</li> </ul></blockquote><p></p>
[QUOTE="Fiery, post: 110191, member: 9"] Excellent :D Before we start: [list][*]Note that the removal process is [b]not[/b] immediate. Depending on the severity of your infection, it could take a long time. [*]Malware removal can be dangerous. I cannot guarantee the safety of your system as malware can be unpredictable. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system. Therefore, I would advise you to backup all your important files before we start. [*]Please be patient and stay with me until I give you the [color=#006400]green lights[/color] and inform you that your PC is clean. [*]Some tools may be flagged by your antivirus as harmful. Rest assure that ALL the tools we use are safe, the detections are false positives. [*]The absence of symptoms [b]does not[/b] mean your PC is fully disinfected. [*]If you are unclear about the instructions, [b]please stop and ask.[/b] Following the steps in the order that I post them in is [b]vital[/b]. [*]Lastly, if you have requested help on other sites, that will [b]delay and hinder[/b] the removal process. Please only stick to one site. [/list] [hr] Go back to the account you ran OTL. Open OTL and under [b]custom scan/fixes[/b], copy and paste the following: Then click [b]Run Fix[/b]. Let your PC reboot to normal mode on your regular account (the one that has been infected). If you are able to access it, a new log will be created automatically, post the content in the next reply. Next, do the following in the same account. Download TDSSkiller from [url=http://support.kaspersky.com/downloads/utils/tdsskiller.exe]here[/url] [list] [*]Double-Click on [b]TDSSKiller.exe[/b] to run the application [*]When TDSSkiller opens, click [b] change parameters [/b] , check the box next to [b]Loaded modules [/b]. A reboot will be required. [*]After reboot, TDSSKiller will run again. Click[b] Change parameters[/b] again and make sure everything is checked. [img]http://img.photobucket.com/albums/v257/MrChalee/clip.jpg[/img] [*]click [b]Start scan [/b]. [*]If a [b]suspicious object[/b] is detected, the default action will be [b]Skip[/b], click on Continue. (If it saids TDL4/TDSS file system, select [b]delete[/b]) [*]If [b]malicious objects [/b]are found, ensure [b]Cure (default)[/b] is selected, then click [b]Continue[/b] and [b]Reboot now[/b] to finish the cleaning process.[/list] Post the log after (usually [b]C:\[/b] folder in the form of [b]TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b] Please download [url=http://www.bleepingcomputer.com/download/adwcleaner/]AdwCleaner[/url] by Xplode onto your desktop. [list] [*]Close all open programs and internet browsers. [*]Double click on[b] AdwCleaner.exe[/b] to run the tool(For Vista or Windows 7, right-click and select [b]Run as Administrator to start[/b]) [*]Click[b] delete[/b] [*]Please post the content of that logfile with your next reply. [*]You can find the logfile at [b]C:\AdwCleaner[S1].txt[/b] [/list] Download & SAVE to your Desktop RogueKiller or from [url=http://www.bleepingcomputer.com/download/roguekiller/]here[/url] [list] [*]Quit all programs that you may have started. [*]Please disconnect any USB or external drives from the computer before you run this scan! [*]For Vista or Windows 7, right-click and select [b]Run as Administrator to start[/b] [*]Wait until Prescan has finished, then click on[b] "Scan" [/b]button [*]Wait until the Status box shows "Scan Finished" [*]Click on[b] "Report"[/b] and copy/paste the content of the Notepad into your next reply. [*]The log should be found in RKreport[1].txt on your Desktop Exit/Close RogueKiller+ [/list][/hr] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
