Virus/trojan problem
Closed
sakibd
Posts
4
Registration date
Sunday December 4, 2011
Status
Member
Last seen
December 6, 2011
-
Dec 4, 2011 at 08:56 AM
Anonymous User - Dec 6, 2011 at 06:39 PM
Anonymous User - Dec 6, 2011 at 06:39 PM
Related:
- Virus/trojan problem
- Goose virus - Download - Other
- Ntuser.dat virus - Guide
- Can jpg have virus - Guide
- Trojan remover - Download - Antivirus
- Attrib - r-h-s /s /d *.* virus ✓ - Hard Drive & SSD Forum
5 responses
Anonymous User
Dec 4, 2011 at 10:11 AM
Dec 4, 2011 at 10:11 AM
IMPORTANT:
Go to run and type
%temp% and click ok
If you find a folder called smtmp ,copy it to a safe location.
If you do not find it,check here
C:/windows/temp
If you still do not find it,leave it
Please boot into safemode with networking
Download this
https://download.bleepingcomputer.com/sUBs/dds.scr
Save it on desktop,run it ,a command prompt window will pop up ,
after that you will get two logs
dds.txt
attach.txt
Please upload the dds.txt file to
https://authentification.site
and paste the link here
Download
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
Cure the infections
Go to C drive,there should be a TDSSkiller log file,open it and post the contents here
Let me know after this
Go to run and type
%temp% and click ok
If you find a folder called smtmp ,copy it to a safe location.
If you do not find it,check here
C:/windows/temp
If you still do not find it,leave it
Please boot into safemode with networking
Download this
https://download.bleepingcomputer.com/sUBs/dds.scr
Save it on desktop,run it ,a command prompt window will pop up ,
after that you will get two logs
dds.txt
attach.txt
Please upload the dds.txt file to
https://authentification.site
and paste the link here
Download
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
Cure the infections
Go to C drive,there should be a TDSSkiller log file,open it and post the contents here
Let me know after this
sakibd
Posts
4
Registration date
Sunday December 4, 2011
Status
Member
Last seen
December 6, 2011
Dec 5, 2011 at 09:12 PM
Dec 5, 2011 at 09:12 PM
My mistake I haven't been home much last few days, sorry for my late'ness.
Also thanks for the detailed response! and heres the files:
Archive copy of both the files: http://speedy.sh/NesjD/DDS.Attach-Files.rar
Also, I could not find the smtmp folder.
Here is the TDSSkiller log files: http://speedy.sh/9QxeW/TDSSKiller-files.rar
There were 3 files there. Two of them looked very similar and different, so I uploaded all 3 and archived.
Once again, thanks in advance !
Also thanks for the detailed response! and heres the files:
Archive copy of both the files: http://speedy.sh/NesjD/DDS.Attach-Files.rar
Also, I could not find the smtmp folder.
Here is the TDSSkiller log files: http://speedy.sh/9QxeW/TDSSKiller-files.rar
There were 3 files there. Two of them looked very similar and different, so I uploaded all 3 and archived.
Once again, thanks in advance !
sakibd
Posts
4
Registration date
Sunday December 4, 2011
Status
Member
Last seen
December 6, 2011
Dec 5, 2011 at 09:13 PM
Dec 5, 2011 at 09:13 PM
"There were 3 files there. Two of them looked very similar and different, so I uploaded all 3 and archived. " I meant and one different*
Anonymous User
Dec 6, 2011 at 12:12 AM
Dec 6, 2011 at 12:12 AM
Step 1:
Download
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Install and launch it
Select '' perform a full scan option,and scan
Remove infections,make sure you get a clean LOG
Step 2:
Go to start and type
cmd
Right click on the command prompt and select run as administrator
Run this command now
attrib -h c:\*.* /s /d
Unhide your files.
Step 3:
Try this only if you are missing startmenu,desktop icons
Go to these paths
c:\program data/microsoft/windows/start menu
C:\Users\user_name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\Public\Desktop
Right click on the respective folders-for example
startmenu,quicklaunch,desktop
Right click on these folders-Click on restore previous versions tab
Restore it to a date before you got infected
Let me know after you get back your icons
Download
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Install and launch it
Select '' perform a full scan option,and scan
Remove infections,make sure you get a clean LOG
Step 2:
Go to start and type
cmd
Right click on the command prompt and select run as administrator
Run this command now
attrib -h c:\*.* /s /d
Unhide your files.
Step 3:
Try this only if you are missing startmenu,desktop icons
Go to these paths
c:\program data/microsoft/windows/start menu
C:\Users\user_name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\Public\Desktop
Right click on the respective folders-for example
startmenu,quicklaunch,desktop
Right click on these folders-Click on restore previous versions tab
Restore it to a date before you got infected
Let me know after you get back your icons
sakibd
Posts
4
Registration date
Sunday December 4, 2011
Status
Member
Last seen
December 6, 2011
Dec 6, 2011 at 05:46 PM
Dec 6, 2011 at 05:46 PM
Thanks so much! The first part worked perfectly my files are all back.
only the second part on restoring the start menu didn't work.
c:\program data/microsoft/windows/start menu - I found this but sadly my previous versions are all when I still had the virus.
C:\Users\user_name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\Public\Desktop
^ Those two I cannot find. Well I can't find the users folder at all :S.
only the second part on restoring the start menu didn't work.
c:\program data/microsoft/windows/start menu - I found this but sadly my previous versions are all when I still had the virus.
C:\Users\user_name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\Public\Desktop
^ Those two I cannot find. Well I can't find the users folder at all :S.
Didn't find the answer you are looking for?
Ask a question
Anonymous User
Dec 6, 2011 at 06:39 PM
Dec 6, 2011 at 06:39 PM
sakibd
I guess that you followed the steps.You got your MBAM scan clean right?
//c:\program data/microsoft/windows/start menu - I found this but sadly my previous versions are all when I still had the virus. //
that doesnt matter,if your startmenu looks empty,then go ahead and restore to a previous version
Make sure to remove SYSTEM FIX or SYSTEM restore OR DATA recovery rogue icon or folder after you restore them
//Those two I cannot find. Well I can't find the users folder at all :S.//
https://download.bleepingcomputer.com/grinler/unhide.exe
Just launch it and wait for it to complete unhiding files.Make sure you get back your users folder and retry them
Let me know after that
I guess that you followed the steps.You got your MBAM scan clean right?
//c:\program data/microsoft/windows/start menu - I found this but sadly my previous versions are all when I still had the virus. //
that doesnt matter,if your startmenu looks empty,then go ahead and restore to a previous version
Make sure to remove SYSTEM FIX or SYSTEM restore OR DATA recovery rogue icon or folder after you restore them
//Those two I cannot find. Well I can't find the users folder at all :S.//
https://download.bleepingcomputer.com/grinler/unhide.exe
Just launch it and wait for it to complete unhiding files.Make sure you get back your users folder and retry them
Let me know after that
