Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

>_< C: problems and Trojan + hard-to-kill Spyware


  • This topic is locked This topic is locked
2 replies to this topic

#1 Arekanderu

Arekanderu

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 25 March 2009 - 05:36 PM

alright so every time i (dbl)click C: this odd message comes up "<Title Bar>RECYCLERS\S-9-6-37-100002886-100012609-100017295-4337.com<Title Bar/> <Msg> Windows cannot find 'RECYCLERS\S-9-6-37-100002886-100012609-100017295-4337.com'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.<msg/><option>OK<option/>

alright, so whenever i want to go into my program files or so i have to manually type in C:/programs files (or wherever else i want to go) because access to C: menu itself is completely eradicated by this message, now im sure im not hallucinating and i definitely did not type anything in so i ran a few scans with FSecure, registry Toolkit, OneCareLive, regedit.exe, and autorun.exe, and through those scans and searches(autorun and regeidt) i cleared ouyt the list to a trojan of the name w32 tdss, however the odd thing is that i've googled and read various answers upon this and answers from thius site but no matter how hard i search(manually mind you) i cannot seem to find a physical implication that the file exists, the folder exists, the folder is taking up space, however, even with 'show hidden files and folders', i cannot find this elusive file, i've been working at it for over a week now, i know how my computer got it but im unsure how the hell i managed to get it on my Psp >_>, yea, the trojan came from my psp, apparently it came with the new update that Sony Playstation sent out for the Psp, after the update i saw the new folder but didnt think much of it, because new folders appear from time to time when you update from sony, mind you, they are usually within the Psp folder, but i didnt think anything of it, i hooked it up to my computer and played music off of it, whilst loading manga(comics >_>) upon it, due to the new update you cannot watch movies and barely any games work on it, so i just went for books and things, but anyway so i get through all of this and then i disconnect, go to delete a few leftover program file folders from my last cleaning, and then this happens-->RECYCLERS\S-9-6-37-100002886-100012609-100017295-4337.com' confusing the hell out of me i try the C; a few more times and attempt to clear out this fabled "recycler' folder, but i cant, i've tried many many many MANY times, but no matter how hard i try, it seems that every time i delete it it multiplicates itself within new areas of my computer, so i stopped deleting it and quarintined everything i could with fsecure, not that i actually expect much from it but i tried at any rate, so looking for any tips on how to kill this thing without having to overhaul my system, would be greatly appreciated, Hijackthis stats included; by the way i should add, that the second i started hijackthis.exe from C:\program files\hjt folder it tried to add a registry for S-9-6-37-100002886-100012609-100017295-4337, it seems that the only way i've been able to keep this thing out of my registry and my hive's is FSecure(i guess this is one of those times where i am thankfull for the constant (OMG WARNING SOMETHINGS HAPPENING!!!) popups >___>........hjt log not coming after the trojan, err, well, raped it, it seems......... well considering how many problems it found i wouldnt doubt it, i tried downloading a few other things and running them as well, every time i execute a program, the trojan has already inserted itself within it and tries, depserately, to create a registry key, using 'S-9-6-37-100002886-100012609-100017295-4337' idiotically as the name for the registry......any help is warrented at this point, and anyone who knows how the hell i should get a trojan off of an external memory card, preferably without formatting it, please inform me, thanks.... :/
oh, found the log, sending it afterall, it seems it made the logg and tried to do something afterwards, and THEN it was raped....eitherway the hijack this i have is now,m not-so-reliable......

--Arekanderu--

Attached Files



BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:09:52 PM

Posted 04 April 2009 - 04:58 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:09:52 PM

Posted 08 April 2009 - 01:42 PM

Due to the lack of feedback This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users