Solved Computer Virus

June 6, 2011 at 18:41:18
Specs: Windows 7
So here is what happened. First it told me taht my hard disk was corrupted and that I needed a restart... Then, the PC freezed and I couldn't do nothing on it. So I closed it by force and now when it opened up, everything was black and some "Windows XP restore" program was active and I couldn't click on anything. TRask Manager was blocked... Later I discovered it is shortcuted to 17096484.exe (if it can help).

But now, I can't do anything on my PC, start menu is empty (I am now on the second user) and the desktop of the other user is untouchable. I have an anti-virus programs (KasperskY) but i did nothing against it. Did I loose everything? Hope not!

This is why I came here, I have NO idea what the virus is And NO IDEA how to solve this problem.


See More: Computer Virus

Report •

June 6, 2011 at 23:39:53
✔ Best Answer
Try the following:

Please download TDSSKiller from the following link:
Save it to the Desktop.

If you cannot download the file, the malware may be blocking the attempt. You need to download the file to a clean computer and then transfer it to the infected one using a USB flash drive, or external media (an external drive or a CD) .

Once the file is on the Desktop, right-click on the TDSSKiller.exe icon and select: Rename.
Name it a random name with a .com extension. For example:

Now, double-click on the renamed file to launch it. If you receive a warning from Publisher: Kaspersky Lab asking if you want to run the file, click on the Run button to allow TDSSKiller to run.

Click on the Start Scan button at the main screen.

When the scan finishes it displays a results screen stating whether or not the infection was found on your computer.

To remove an infection, click on the Continue button.
If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button.

Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.

When TDSSKiller finishes cleaning the infection, a report stating whether or not it was successful is shown.

If TDSSKiller requires a reboot to finish the cleaning process, click on: Reboot Now

Next, start the computer in Safe Mode with Networking by tapping the F8 key while it boots, and selecting this option

Download iExplore.exe a renamed copy of RKill:

Save the file selected to the Desktop, and double-click on it. (For Vista/Windows 7, select: Run as Administrator)
Ignore any messages, and allow the file to run until the command window closes.

Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:

Double-click mbam-setup.exe and follow the prompts to install the program. (For Vista/Windows 7, select: Run as Administrator)

Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

>>Please post the TDSSKiller and the Malwarebytes' logs in your reply so we can see where we are at, and plan any additional removal strategy.<<

Report •

June 16, 2011 at 16:33:23
Thank you it worked ;)

Report •

June 16, 2011 at 19:40:31
According to the problems presented:
-the PC freezing
-everything was black and some "Windows XP restore" program was active
-couldn't click on anything
-Task Manager was blocked...
-shortcuted to 17096484.exe
-start menu is empty
-the desktop is untouchable

I am surprised all your problems are solved!

The instructions provided in Post #1 were preliminaries, with a plan to follow them with more specific actions to address the problems presented.

Retired - Doin' Dis, Dat, and slapping malware.

Report •

Related Solutions

Ask Question