Author Topic: Need help to remove a bad guy.  (Read 4319 times)

0 Members and 1 Guest are viewing this topic.

September 27, 2014, 06:46:06 pm

lblanc

  • Guest
Need help to remove a bad guy.
« on: September 27, 2014, 06:46:06 pm »
I'm new to this, so sorry in advance if i don't do things the right way. Also i'm french, so my english might not be perfect.  :-[

I'm posting here because i need help on removing a malware from my computer.

I think I'm sufering from a case of winmgr.exe (that's what i deduced from searching around the internet, but i might be wrong). It's description (from my task manager) says only "Miashu Laekroaai". I'm using Win7 64bit.

Long story short, i can't remove it. I tried using my antivir (ESET nod32), but it seems the malware is blocking it (error message says i don't have the rights to launch nod32, even tho i'm on admin acount). I tried dling and using another antivir (kaspersky), but the malware blocks the installation. So i dled and used TDSSkiller, witch removed something (can't remember what, i was 10 hours ago). After this i was able to find the virus and manually deleted it. I Thought it was over, but i still couldn't open my antivir. Rebooted my comp (thought i might help), and the malware was back in my task manager.
Since then i tryed : 
Security tadk manager. But only the free version, and they wanted me to pay to remove the prog.
Malware bite anti spyware. Can't be installed (i don't have the rights to do it)
Microsoft emergency support tool. Took 3 hours to scan my comp, didn't find the virus.
Rogue killer. Didn't find the virus (or couldn't remove it)
Task Run. Crash at startup (stopped working).

Now i have ran out of options... Can you please help me ?

Reply #1September 30, 2014, 12:46:15 pm

Tigzy

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 916
  • Reputation:
    91
  • Personal Text
    Owner, Adlice Software
    • View Profile
    • Adlice Software
Re: Need help to remove a bad guy.
« Reply #1 on: September 30, 2014, 12:46:15 pm »
Hello
Maybe some rootkit here.

Could you try Gmer? http://www.gmer.net/