Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware problem I think


  • This topic is locked This topic is locked
9 replies to this topic

#1 brobradh77

brobradh77

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 27 July 2012 - 05:24 PM

My computer has become extrememly sluggish at times and everytime I run Ad Aware if finds 100+ infections. I ran it 3 days ago and found 16o. Everytime I clean it it runs better for a very short time and then it hits a wall again. I feel something must be re-installing itself. I have Windows 7. I use free Ad Aware, Malwarebytes, and I use Webroot Security. I have ran every scan i can think of and figure there must be something else. Thanks in advance

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:52 PM

Posted 27 July 2012 - 06:51 PM

Hello and welcome,,, what does MBAM (Malwarebytes)find?
Let's run a few tools.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 28 July 2012 - 12:07 AM

I can not get minitoolbox to download I keep recieving this error

MiniToolBox detects Internet connection issues due to broken or hijacked LSP, proxy settings, and problems with network adapters. It can also be used to detecte search redirections and router hijackings.

#4 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 28 July 2012 - 12:09 AM

I cant open it in internet explorer either...I get warnings and only options is to delete program. Malwarebytes hasnt found anything it never does. BUt I keep getting malicious warnings from my antivirus etc..I will move on to tdsskiller and post those results

Edited by brobradh77, 28 July 2012 - 12:11 AM.


#5 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 28 July 2012 - 12:15 AM

OK..I am having the exact same problem with TDSSKiller..It will not let me download it or run it

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:52 PM

Posted 28 July 2012 - 08:03 PM

You may need to Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode


Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.


OR

Use the following command to scan the PC with a detailed log written into the file report.txt (created in the TDSSKiller.exe utility folder):
Open Command Prompt in XP = click Start >> Run,type cmd
copy and paste this at the flashing cursor and hit Enter

TDSSKiller.exe -l report.txt
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 28 July 2012 - 09:06 PM

It told me No Infections Where Found...I just don't see how this is possible..lots of instability going on..I use AOl (awaiting lecture..lol) I always have but the past few months it has been extrememly unresponsive as well...I dunno what is going on...Thanks again for your help in resolving this matter

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:52 PM

Posted 28 July 2012 - 09:24 PM

I think we should get a deeper look to see why you can't run these apps normally. We may find what is mucking up the system.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and

Malware Removal Logs
and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 28 July 2012 - 10:11 PM

I have posted it in the new section as you asked..Thanks...I couldnt run anything thru AOL..I had to internet explorer to get these programs to run

#10 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,911 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:52 PM

Posted 29 July 2012 - 04:41 AM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic462927.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users