Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Under Attack?


  • Please log in to reply
1 reply to this topic

#1 Warrenx

Warrenx

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 15 June 2010 - 02:32 PM

Hello,

My name is Warren. Recently I cleaned out my computer and installed some new drivers for my processor (dual core optomizer/cool n' queit), used ccleaner, and then defraged etc., and afterward my computer began to slowdown, so I restored to an earlier point. Fast forward a day or two and I have restored back and forth, cleaned here and there, and my computer is still somewhat slower than it should be (nothing big, just longer than usual delays when opening windows, etc.). So I settle on a restore point, run ccleaner, change my virtual memory, and a few other things, and my computer begins to pick up speed again. Just to feel at ease, I used PcPitstop's Pc Matic to just see how my overall system performance is looking. I was surprised to find that according to Pc Matic there was a "rogue security software" installed on my computer, it didn't give me a location, it just gave me a security identifier, but it labeled it a TDSS. I scanned with AVG and Malwarebyte. AVG found nothing, while Malwarebyte found 4-6 infections, and then upon a rescan found 1 more. I deleted all of them restarted my computer. Feeling insecure I downloaded some additional security precautions including: spyware blaster, webroot, combofix, eset, and hijackthis (I think that these are all legitimate downloads, but I am not certain). I went nuts this time, doing multiple scans in safemode, and using alot of the features of the other AV/AS/AM stuff. Upon trying to use malwarebyte again I ran into a error 0, then 404, so I assumed this to be a rootkit problem, so I went with my sophos AR, but it did not find anything really malicious. Now here I am, using Pc matic to see if I have eliminated the infection, and here is what I get:

1) Bifrost Backdoor Level 3 (1)
S-1-5-21-1978815123-2928815371-573437872-1000...

2) WinAntiVirus Pro 2006 Rogue Security Software Level 3 (1)
*\shellex\contextmenuhandlers\shellextension

3) WinSpywareProtect Rogue Security Software Level 3 (1)
S-1-5-21-1978815123-2928815371-573437872-1000...

4) Grokster P2P Level 0 (1)
magnet

5) Ares P2P Level 0

I know Ares is ok, but other than that, it seems my problem has multiplied itself. The odd thing is, is that my computer is finally running as fast as it did before I "cleaned" it. I have no idea what is going on. I just ran a scan right now with malwarebyte and AVG and both are not picking up anything, but I just know that there is something on my computer (I think :thumbsup:) I have alot of sensitive information on my computer and can't afford to have a backdoor program in it if that is the case. Please help if you can.

Thank you very much for your time.

-Warren.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:37 AM

Posted 17 June 2010 - 07:37 PM

Try this:

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users