Hi please cacel the avp scan...i will run the big boys.
Download ComboFix from the any of the locations given in this website:
- IMPORTANT !!! You need to Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- If you already have the Recovery Console preinstalled, it will not ask for the following. If it does prompt, allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click Yes, to continue scanning for malware. Please be patient and don't use the PC whilst it is scanning.
When finished, it shall produce a log for you. Please copy & paste the contents of this log (also found at C:\ComboFix.txt) in your next reply at your topic.NEXTDownload aswmbr.exe ( 1.8mb ) to your desktop.
http://public.avast.com/~gmerek/aswMBR.htm
Double click the aswMBR.exe to run it Click the "Scan" button to start scan.
Click the [Scan] button to start scan
On completion of the scan click [Save log], save it to your desktop and post in your next reply.
Hi..i think combofix failed in curing rootkit zaccess...Re-run aswmbr and if the trojan is detected press fix button once the scan completes and the OTL fix did work...as OTL kills explorer before the fix thats the reason u lost your desktop.
Download the latest version of TDSSKiller from here and save it to your Desktop.
download link:http://support.kaspersky.com/viruses/utility
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
- Click the Start Scan button.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results and offer three (3) options.
- Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
- Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.If TDLFS File system is found it can be deleted.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
NEXT
- Download RogueKiller and save it on your desktop.
- Quit all programs
- Start RogueKiller.exe.
- Wait until Prescan has finished ...
- Click on Scan
- Wait for the end of the scan.
- The report has been created on the desktop.
- Click on the Delete button.
- The report has been created on the desktop.
- Next click on the ShortcutsFix
- The report has been created on the desktop.
Please post:
All RKreport.txt text files located on your desktop
Copyright (c) 1989-2012 Trend Micro Incorporated. All rights reserved.
