Operating System
Windows XP
Infection date and initial symptoms
Actual date unknown. About two-three weeks ago.
Current issues and symptoms
No internet. Unable to restore to previous time. Firewall freequently turned off.
Steps taken in order to remove the infection
1) Kaspersky TDSS Killer
2) Combofix (result: 'Blue Screen of Death'-dump physical memory to disk)
3) Rogue Killer (result: deleted POM; HJPOL; HKEY_CURRENT_USER)
4) MBAM
5) Hitman Pro (no internet- scan aborted)

fl.gardener

New Member
Good Evening,

I have picked up a nasty little 'bug' the other day while trollinh the job sites. Not only has it infected my desktop, it seems to have transfered to my laptop. Well the same files acording to RKILL (Bleeping Computer)

I am not technical by any means, but I am methodical. I have followed several removal methods with no results. This could be that I am unable to connect to the internet with my desktop even though I can connect with my laptop right next to it. The icon for the wireless is gone from the desktop. The desktop does not even see the WiFi.

Any help would be very helpful.

Thank You,

Michael
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
Hi,


I am going to need few reports to see what is going on on your PC. If you want to check both computers, please let's do it one by one. You will need to transfer the tools via USB on PC with internet not working.



Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

fl.gardener

New Member
Good Morning,

Sorry it took so long to get back to you. It is morning here in FL. The dog insisted on his walk. I have the rest of the day to dedicate to this project. Please find attached the files requested.

Thank you for all your time and help.

Michael
Hi,


I am going to need few reports to see what is going on on your PC. If you want to check both computers, please let's do it one by one. You will need to transfer the tools via USB on PC with internet not working.



Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

Attachments

fl.gardener

New Member
Hello,

This computer is primarly used for checking Email and surfing the web. I do help my brother by running QuickBooks for his small company.

Cheers,
M
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
I am volunteer here, and I contribute my time and knowledge free of charge, and get no recompense for the work I do. Company is making money through this PC, so you should pay for its repair.
 

fl.gardener

New Member
Hello,

Fair enough. I understand completly. The contributions you make are invaluable and very laudable. Unfortunatly my brother is not making money from his endevours. I guess I will continue to search the web for the answer. Any advice you would care to offer would be well received. Since I have Quickbooks on this computer as well does that make it a business computer?

Thank you,

Michael
 

fl.gardener

New Member
Good Afternoon,

Downloaded the file from DLink, transfered it, and extracted it. Am getting message "Please insert disk 1 that contains the file data2.cab"

Where would one find this file?
 

fl.gardener

New Member
Good Afternoon,

I think I understand how to proceed. I got some things I was not sure about so I stopped. I was able to follow with the W7/XP driver update tutorial but stoped when I saw the following:

A) Network Adaptors\Wild Packets D-Link DWA525 Wireless N 150 Desktop Adaptor has a yellow circle with an exclamation point(!) in it.
B) Got the message: "Cannot continue the hardware update wizard. The wizard could not find a better match for your hardware than the one you currently have.

Am I doing something wrong?

Thanks,

Michael
 

fl.gardener

New Member
Hello,

Managed to delete the old driver for the D-Link DWA525.

Tried to install the driver from D-Link. Nothing happens.

Tried to install driver from D-Link install CD. Program runs in a loop. Will not let me past the first two screens.

This is one tricky little bugger. It has got it's defenses up. If the computer needs to be replaced is there any chance that the 'bug' has gotten on to the wireless card and would infect another machine?

Thanks,

Michael
 

fl.gardener

New Member
Hello,

Managed to run TDSS Killer. I was searching for the report. When I was looking for it the system went into a loop. I stopped it after 52 instances of TDSS. I did manage to get a copy of the report.

I tried to run the Combofix. It got started, then the system failed (blue screen of death)

Thanks,

Michael
 

Attachments