Wish

iTrader: (2)

Started the computer this morning to find a couple of virus on it.
Can someone help me to remove them.

They are called

1. Win32rootkit.TDSS
2. Win32trojanOLMARIK

I currently run The following Programs on my computer but none will remove them.

1. AGV FREE
2. WINDOWS DEFENDER
3. AD-AWARE
4. CCLEANER

I googled the name of the virus's and downloaded a program called SPYWARE DOCTOR, this was of little use as well.

Anyone able to help ???

Kind Regards

sti-chris

avg 8.5 with the latest updates should remove this for you.
have you started your pc in safe mode and ran a full scan ?

press F8 repeatedly while your pc is booting up this will give you the option to boot using safe mode , then run a full scan.

make sure that your avg is up todate.

also spybot is a free adware removal program which i find good.

Boro

iTrader: (1)

Good advice above. If AVG doesnt cure it, get the trial version of NOD32 from ESET.

Wish

iTrader: (2)

Well Ive downloaded and run NOD32. It sees it, but wont remove it .....


What can i do ??

Boro

iTrader: (1)

Have you run it in safe mode?

Wish

iTrader: (2)

I have tried to. But It wont allow it for some reason ... I will have another go in the morning. Ive wasted too much time on it for one night.

Boro

iTrader: (1)

NOD wont run in safe mode? or you cant get into safe mode at all?

Wish

iTrader: (2)

Safe mode opens, but NOD32 keeps bringing up the same message

"name="C:\Documnets and Settings\*****\localsettings\applications Data\Microsoft\windows\usrclass.dat.log",threat="" , action="" , info""error opening"

The hard drive is spinning but just keeps bringing this error message up.

Boro

iTrader: (1)

Where did your download come from? Was it the ESET website?

You could also try this one, its a free online scanner, but you will need to open your computer in SAFE MODE with NETWORKING.

Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro UK

Wish

iTrader: (2)

Thanks, I have tried both now and still it wont remove it ...... Little feker!!

Ahh well I was looking at replacing my old computer

Ray L

Try getting malwarebytes' Anti-malware

that got rid of my dads virus

Wish

iTrader: (2)

Tried that too .....

JMCG

iTrader: (1)

Try all these, looks like you have tried some. Also ensure you have the latest dat updates. Some sneaky wee bastid virus block the updates of known tools, so you may have to go to the vendor site and apply the update manually.

All free:
Spybot - Search & Destroy
Malwarebytes Antimalware
XoftSpySE
SUPERAntiSpyware Free Edition

Also the latest stinger, a standalone tool

Dedrater

They are not a virus, AV software will do nothing/little.

Download HijackThis 2.0.2 - Download - FileHippo.com

post the log file, its all i can do to help you...

Dedrater

SPYWARE DOCTOR... is a rootkit,avoid

Dedrater

do not use any of these.

Wish

iTrader: (2)

OK thanks will do


this was the first one I downloaded, but have now deleted.

Wish

iTrader: (2)

I have downloaded this, but it wont run on my computer, Ive tried it
in safe mode as well, but nothing ??

Markus

Do you have another PC? If so then you could have a look at The Ultimate Boot CD for Windows. Configure it, get the AV an Spyware software on it updated (think you may also be able to do this when booted from the disk) then build and boot from the CD and run the AV/Spyware stuff and see if it finds/fixes the issues.

ChrisB

Why not?

Markus

Out of curiosity, try going to this page and see what images load and then view the chart below it. Obviously you'll need to have the machine on the internet to do this.

Wish

iTrader: (2)

= Normal/Not Infected by Conficker (or using proxy)

Wish

iTrader: (2)

I run NOD32 and it says Ive got 25 virus and deletes 24 of them but always leaves one behind.
I currently scan twice a day and get between 25 and 75 at a time ......

Dedrater

Why?

sti-chris

if its that bad then back up your pics etc to cd and just do a reinstall.

the final straw to the cure.

hoochydady

have u tryd reg edit and had a go at del it from the reg

Wish

iTrader: (2)

Nope ?? I wouldnt know what to do ??