Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDSSkiller


  • Please log in to reply
1 reply to this topic

#1 Jake099

Jake099

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:05 PM

Posted 10 January 2012 - 09:25 PM

Alright now, Ive Defibrillated this computer once now! ( figuratively speaking )
>have windows 7
>happen to be infected with redirect "virus"
>read that TDSSkiller with screw up the computer if I am running windows 7

I have been reading up on this topic. mostly on these forums via google, and it seems like one of these scans would help determine what is going on

ListParts by Farbar
Ran by Jake on 10-01-2012 at 18:11:26
Windows 7 (X64)
Running From: C:\Users\Jake\Downloads
************************************************************

========================= Memory info ======================

Percentage of memory in use: 44%
Total physical RAM: 3957.86 MB
Available physical RAM: 2178.19 MB
Total Pagefile: 7913.91 MB
Available Pagefile: 5781.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: (TI106033W0C) (Fixed) (Total:452.58 GB) (Free:338.08 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 452 GB 1501 MB
Partition 3 Primary 11 GB 454 GB

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 System NTFS Partition 1500 MB Healthy Hidden

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI106033W0C NTFS Partition 452 GB Healthy Boot

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.



****** End Of Log ******

Whats that (suspicious type) about?!


Some additional information:
I have been running a kaspersky trial now for 20 days and every scan seems to come up with nothing.
in addition I have been running AVG. it seems to think the following destination has some adware:

"";"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\AVP";"Found Adware.Generic";"Potentially dangerous object"

I have ran registry edit and I cannot delete AVP as it seems to be what runs Kaspersky
and I have reason to believe that I do have some sort of Malicious herpty derp screwin up my computer. as i will get random lag spikes for NO apparent reason.
Some help would be phenomenal


EDIT: Programs that i have ran in the past include hamachi,daemon,Bittorent.
If any of those programs matter. (although I have uninstalled all of them)

Edited by Jake099, 10 January 2012 - 09:28 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:05 AM

Posted 10 January 2012 - 10:25 PM

Moved from Win7 to Am I Infected.

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

We can do The TDSS. But you should back up the PC first.

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my review.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Edited by boopme, 10 January 2012 - 10:36 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users