1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Virus

Discussion in 'Virus & Other Malware Removal' started by Menelodia, Oct 31, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Menelodia

    Menelodia Thread Starter

    Joined:
    May 16, 2007
    Messages:
    32
    HI, my laptop ( Lenovo Win 7 Home Primiun ) get a virus.
    My desktop became black and can't run a antivirus. I remove it from the startup and services ( On sys conf ), and I removed fron the task manager ( Services ),but coming back. It show as WINUPD 2556.EXE and WIN7. Can you help me to erase this guy from my PC.
    THANKS:
    Menelodia
     
  2. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,803
    First Name:
    Terry
  3. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
    • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
    • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
    • The fixes are specific to your problem and should only be used for the issues on this machine.
    • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
    • It's often worth reading through these instructions and printing them for ease of reference.
    • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
    • Please reply to this thread. Do not start a new topic.

    IMPORTANT NOTE : Please do not delete anything unless instructed to.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
    Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.


    Vista and Windows 7 users:
    These tools MUST be run from the executable (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.
    ----------

    Please download DDS from either of these links

    LINK 1
    LINK 2

    and save it to your desktop.
    • Disable any script blocking protection
    • Right-click and Run as Administrator dds to run the tool.
    • When done, two DDS.txt's will open.
    • Save both reports to your desktop.
    ---------------------------------------------------
    Please include the contents of the following in your next reply:

    DDS.txt

    Attach.txt
    ----------

    Download GMER Rootkit Scanner from here or here.
    • Extract the contents of the zipped file to desktop.
    • Right-click and Run as Administrator GMER.exe. If asked to allow gmer.sys driver to load, please consent .
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

      [​IMG]
      Click the image to enlarge it
    • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in your reply.

    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
    .
    ----------

    In your next reply please post the logs created by DDS and GMER. :)
     
  4. Menelodia

    Menelodia Thread Starter

    Joined:
    May 16, 2007
    Messages:
    32
    HI,thanks for you information but, I forget to tell you that i can't acacces to Internet for the same reason
     
  5. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Hi Menelodia,

    Print out these instructions as we may need to close every window that is open later in the fix.


    It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

    Do not reboot your computer after running rkill as the malware programs will start again.

    Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
    There are 5 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click and choose Run as Admin
    You only need to get one of them to run, not all of them.
    1. rkill.exe
    2. rkill.com
    3. rkill.scr
    4. WiNlOgOn.exe
    5. uSeRiNiT.exe

    Do not reboot your computer after running rkill as the malware programs will start again.
    --------------

    If need be, download DDS and GMER onto another computer and then transfer them to the infected one using either a USB drive or CD. After you get this done run RKill and then DDS and GMER. After they have run post the DDS and GMER logs into your next reply following the instructions previously given. If you still have problems let me know. :)
     
  6. jeffce

    jeffce Malware Specialist

    Joined:
    May 10, 2011
    Messages:
    1,727
    Do you still need help? :)
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1024857

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice