Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Had Tidserv request 2, cleaned but...


  • Please log in to reply
40 replies to this topic

#1 patchwork

patchwork

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 04 July 2010 - 06:57 PM

Hi, I had a virus/trojan attack of HTTP Tidserv Request2, managed to clean off with MBAM and SuperAntiSpyware, also ran ATF cleaner.
But I still have the search redirect sometimes, when I go to Google and initiate a search, when I click on search results nothing happens.
Thanks

Edited by patchwork, 04 July 2010 - 07:10 PM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 04 July 2010 - 07:27 PM

Try this:

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 04 July 2010 - 07:32 PM

OK ran that, it didnt find anything....

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 04 July 2010 - 08:19 PM

Which operating system and which browser do you use?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 05 July 2010 - 01:34 AM

XP Pro and Internet Explorer

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 05 July 2010 - 01:37 AM

Download this file and save it to your desktop:

http://download.bleepingcomputer.com/grinler/rkill.scr

Double-click the file to run it. A command window will open briefly. Then run a quick scan with Malwarebytes. Post the Malwarebytes log if it finds anything..
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 05 July 2010 - 01:46 AM

Here you go:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as sylvia on 07/04/2010 at 23:43:04.


Processes terminated by Rkill or while it was running:


C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Documents and Settings\sylvia\Desktop\rkill.scr


Rkill completed on 07/04/2010 at 23:43:08.

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 05 July 2010 - 01:49 AM

Did Malwarebytes find anything after you ran rkill?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 05 July 2010 - 02:04 AM

Here you go:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4260

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/5/2010 12:03:54 AM
mbam-log-2010-07-05 (00-03-54).txt

Scan type: Quick scan
Objects scanned: 145515
Time elapsed: 12 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 05 July 2010 - 02:08 AM

Make sure you are logged in as an Admin.

Please download HostsXpert 4.3
  • Extract (unzip) HostsXpert.zip to a permanent folder on your hard drive such as C:\HostsXpert
  • Double-click HostsXpert.exe to run the program.
  • Click "Restore MS Hosts File".
  • Click OK at the confirmation box.
  • Click "Make ReadOnly?".
  • Click the X to exit the program.
-- Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

Go Start > Run > type: "cmd" In the window that appears type: "ipconfig /flushdns". Close the command box.

Then let me know if there is any improvement.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#11 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 05 July 2010 - 02:15 AM

OK I will try it for a while and see.
THanks!

#12 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 15 July 2010 - 12:29 AM

OK This was great since we fixed it, but the Google search redirect just came back today. When I did a Google search, the search results show up, but when I click on one, it doesnt go forward, just returns to the search results page.
Thanks in advance....

#13 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 15 July 2010 - 12:34 AM

Log in as an Admin and go Start > Run > type: "cmd" In the window that appears type: "ipconfig /flushdns". Close the command box.

Also reset your router if you use one.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#14 patchwork

patchwork
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 15 July 2010 - 02:03 PM

OK I did that. Google still redirects. I can get Bing to search OK.

Edited by patchwork, 15 July 2010 - 02:06 PM.


#15 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:00 AM

Posted 15 July 2010 - 04:21 PM

Try this again:

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users