Hello and Welcome to TSF.
Please
Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click
Thread Tools, then click
Subscribe to this Thread. Make sure it is set to
Instant notification by email, then click
Add Subscription.
Please save this page to
Notepad in order to assist you when carrying out the following instructions.
Before beginning the fix,
read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
------------------------------------------------------
Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.
Please stay with me until given the 'all clear' even if symptoms seemingly abate.
Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.
------------------------------------------------------
Your computer has more problems than malware. Your WMI or Windows Management Instrumentation is not working.
We will try to clean your system, but you may need to seek additional help in our Windows XP forum to get your system back to normal.
------------------------------------------------------
Quote:
|
\Win2kserver\files\New Folder (2)\dss.exe
|
Please note that tools are best Run from the Desktop. Easier to find and perform specialized functions which may be required.
Save to the Desktop and then Run from the Desktop. Thanks.
------------------------------------------------------
Please download
SDFix and Save it to your Desktop.
- Double-click SDFix.exe
- Click Run
- Click Install to extract the files to the Windows Directory drive, typically C:\SDFix
------------------------------------------------------
Please visit this webpage for instructions on downloading and running ComboFix:
http://www.bleepingcomputer.com/comb...o-use-combofix
Please ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery(repair) mode, if needed. This allows us to help you in the case that your computer has a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Once the Recovery Console is installed, this blue window will appear:
Click
NO to exit ComboFix now.
------------------------------------------------------
Please reboot your computer in
Safe Mode by doing the following:
- Restart your computer.
- After hearing your computer beep once during startup, but before the Windows icon appears, start pressing the F8 key. In some systems, this may be the F5 key.
- Instead of Windows loading as normal, a menu should appear.
- Use the up arrow key to highlight Safe Mode and press Enter.
- Login on your usual account. Make sure to close any open browsers.
- Open the extracted SDFix folder and double-click RunThis.bat to start the script.
- Type Y to begin the cleanup process.
- It will now remove any Trojan Services and Registry Entries that it finds.
- Please be patient while it runs. When finished, it will prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
- Once the desktop icons load the SDFix report will open on screen and also save into the C:\SDFix folder as Report.txt
- Post that log in your next reply.
------------------------------------------------------
From Normal Mode...
Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Get help
here
------------------------------------------------------
Double-click on
ComboFix.exe & follow the prompts.
When the tool is finished, it will produce a log for you.
Please post that log,
ComboFix.txt along with a new
HijackThis log so we may continue cleansing the system.
------------------------------------------------------
Open HijackThis and click on 'Do a System Scan and Save a Logfile'. Save the logfile and post it here.
------------------------------------------------------
Please post the following in your next reply:
C:\SDFix\Report.txt
C:\ComboFix.txt
new HijackThis log
If you have any questions along the way...STOP and ask them before proceeding.