im getting really tired of trying to find out how to fix this... i went to a site called 4chan and like an idiot downloaded a rapidshare file. as soon as i unzipped the file, my computer flooded with trojans, adware, and i think a few rootkits. I have avg free, and now avast! antivirus, as well as spybot search and destroy. system messages keep popping up telling me that my windows system 32 folder is infected, though i dont know if thats adware or if my AV has been hacked. I'm currently using a clean computer to type this, because the performance is being affected on the other one. if the system messages are true, i have at last count over 250 trojans infecting all of the drivers in my system 32 folder. is there any way to fix this? i would really appreciate any help.
btw, the messages say the trojan is rootkit.bs or something
This conversation is currently closed to new comments.
Follow the steps below with the System started in Safe Mode with Networking. <br><br> Removing malware from System Restore points <br> To remove the malware, you must first disable System Restore, then scan the system with up-to-date antivirus software - allowing it to clean, delete, or quarantine any viruses found. After the system has been disinfected, you may then re-enable System Restore. The steps for disabling System Restore vary, depending on whether the default Start Menu or the Classic Start Menu is being used. <br><br> Default Start Menu <br> If using the default Start Menu, click Start | Control Panel | Performance and Maintenance | System. Select the System Restore tab and check "Turn off System Restore". <br><br> Classic Start Menu <br> If using the Classic Start Menu, click Start | Settings | Control Panel and double-click the System icon. Select the System Restore tab and check "Turn off System Restore". <br><br> After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps, this time removing the check from "Turn off System Restore". <br><br> Click Start, Run type msconfig and press Enter. <br> Now if you have the Configuration Utility open. <br> Configure selective startup options<br> In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.<br> Click to clear the Process SYSTEM.INI File check box.<br> Click to clear the Process WIN.INI File check box.<br> Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.<br> Click the Services tab.<br> Click to select the Hide All Microsoft Services check box.<br> Click Disable All, and then click OK.<br> When you are prompted, save the settings and restart the PC.<br><br> When the System is disinfected re-run the Configuration Utility and in the System Configuration Utility dialog box, click the General tab, and then click Normal Startup.<br> <br> Download Malwarebytes Anti-Malware, install it and update it. <br> http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe <br><br>
* Double-click mbam-setup.exe and follow the prompts to install the program.<br> * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.<br> * If an update is found, it will download and install the latest version.<br> * Once the program has loaded, select Perform Quick Scan, then click Scan.<br> * When the scan is complete, click OK, then Show Results to view the results.<br> * Be sure that everything is checked, and click Remove Selected.<br> <br> I would keep scanning with it until it is clean by closing out and rebooting and running it again. <br> Just to be on the safe side when you finish do an online scan with Bitdefender. Or Google for an online scanner. <br> http://www.bitdefender.com/scan8/ie.html <br><br> If you can't access the internet to update MBAM try the instructions below to clear a path to the internet to be able to run MBAM. <br><br> From another PC download and install Spybot, update it and copy the the installed folders to a USB Stick. <br><br> Restart the PC in Safe Mode, navigate to the USB stick and run Spybot. <br><br> Download Spybot - Search & Destroy and install it. Update it. http://www.safer-networking.org/en/download/index.html <br><br> With the new strains of Virus that have been created you may find it necessary to rename the executable files so that they will work. Rename mbam-setup.exe and then navigate to the install folder and rename mbam.exe. Do not change the files extension from .exe. Do the same with Spybot. <br><br> Also run this Rootkit Revealer GMer <br> http://www.gmer.net/index.php <br> FAQ <br> http://www.gmer.net/faq.php <br><br> BleepingComputer<br> http://www.bleepingcomputer.com/malware-removal/page/2/ <br><br> You could also try this AntiVir Removal Tool <br> http://www.avira.com/en/support/antivir_removal_tool.html <br><br> Update your Antivirus software. <br> Let us know how you get on. </br>
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Trojans rootkits and windows /system32 folder
btw, the messages say the trojan is rootkit.bs or something