Not able to open programs and slow internet

[pncl321]

Hi I would post a hijackthis log but I can't because that is one of the many problems I'm having. I am not able to run alot of antispyware programs or things alike. When I click on them it just loads then nothing happens.
Then when i downloaded hijackthis and tryed to run it it also did the same.
The only programs that actually worked were ccleaner, spyware blaster and Ad-aware.
But ad-aware didn't find anything.
I can't run hijackthis, superantispyware, or malwarebyte's anti-malware.

Another thing that seems to happen is that I hear a kind of popup window noise as if some kind of information pop up happens but, nothing ever appears.

Then I'm also having a problem with google. When ever I click on a link for a term i searched it opens a new tab and opens some random window of information like other search sites and adds and doesnt even open what I want.

And to top it all off my internet is acting very sluggish and slow. It seems to be affecting everything as well.

So if anybody can help me out and tell me were to start, that would be great thank you.

 

[thodoris85]

have you followed the instactions for hijackthis that say to rename the exe file to: crusty.exe?
If you cannot run "HJTIntall.exe" at all, try to rename that file too, anything would be fine.

I just had the same problem

 

[rf6647]

Welcome to TS. Your problem statement is very helpful. I am trying to anticipate your needs. You are now facing dificulties.

In case of difficulty, attempt this method
Note, one user reported the need to restart in safe mode with networking, as the relief was temporary. This refers to message #1.
Additional note: Message #3 link to 'fixit download' has demonstrated its effectiveness in many cases. Go to message # 3 'fixit download'

Other: As part of your response, please feedback which method was effective. Message #1 is for the specific named trojan, and message # 3 has broader coverage.


Genreal Remark: - React to unanswered items appearing in scan logs

• NO Action’ - Remove Selected when offered by MBAM
• 'Delete on Reboot’ - Restart the computer after concluding the scan

Proceeding along a typical path.

• Update both MBAM & SAS. Rerun them both.
• This effort is complete when logs report NO infections/threats, or reporting something it can not clean.
• Restart the computer. Scan with HJT.
• Posts logs. Report progress & what changes are observed.

 

[pncl321]

thanks rf6647.

It looks like it doesn't redirect me anymore on google.

should I ever enable TDSSserv.sys agian?

I managed to run hijack this, malwarebytes anti malware, and superantispyware.

I attached their logs here. I was just wondering if theres still anything wrong.

thanks anybody.

 

[rf6647]

You have merely passed stage 1. Stage 2 is this reply. The TDSS is the exploit (infection) using non-plug and play drivers. Stage 3 is rerun of ComboFix plus script file when indicated. Stage 4 is cleanup.

Presently, the method being used for this type of infestation (TDSS) is becoming more ‘typical’.

Successive scans are used to uncover additional infections, since masking is common with many infestations. When a tool reports something it can not clean, that's when the strategy calls for a stronger scanner. The sequence for applying the scanners begins with the standard scanners (fully updated) and ends with the stronnger cleaner, with a side benifit that it adds information about the comparative effectiveness among the tools.

The TDSS exploit (among other non-plug and play driver exploits) is quite the rage. The temptation is to package a method for this. However, the result would be quite lengthy and possibly confusing, since it is not possible to anticipate contributing factors.

Your feedback is appreciated. Your logs show found and removed items. For your case, we will supplement our guide with a special scan / tool.

Overview -

• ComboFix is a very effective tool that scans / fixes hard to clean infections. Additionally, it includes diagnostic information.
• Uninstall old copy of ComboFix - if tool was used previously

Supplement to guide. Successive scans used to uncover additional infections.

• Update both MBAM & SAS. Rerun them both.
  
  
• This effort is complete when logs report NO infections/threats, or reporting something it can not clean.
  
  
• Follow ComboFix instructions referenced below.
  
  
• Scan with HJT. (part of instructions for ComboFix)
  
  
• Posts logs. Report progress & what changes are observed. Include logs that found infections.

Uninstall Combofix

Simplified Instructions for ComboFix + link to download
How-to-use instructions - full version

Please see this for instructions:
Temporarily Disable Real Time Monitoring Programs:

• 1 Spybot S&D (Teatimer)
• 2 Ad-Aware Ad-Watch
• 3 Spywareguard
• 4 Windows Defender
• 5 TrojanHunter Guard
• 6 Disable SpySweeper
• 7 WinPatrol
• 8 CounterSpy
• 9 AVG Anti-Spyware (formerly ewido)
• 10 Spyware Doctor
• 11 Prevx
• 12 ProcessGuard
• 13 ZoneAlarm's OS Firewall
• 14 Ad-Aware 2007 Service

 

[pncl321]

Ok did everything. attached the two spyware logs, combofix and hijack this after everything.

 

[rf6647]

Throttle up for Stage 3. Systems are go. Rerun ComboFix to confirm clean status is holding. Restart the computer & run HJT. Submits logs.

 

[pncl321]

Ok here we go.

 

[rf6647]

Here it is. Finally stage 4 - you're in the clear.

Now let's remove the cleaning tools:

• Download OTCleanIt . Save to desktop.
• OTCleanIt.exe. > CleanUp >Yes to the "Begin cleanup Process?"
• Approve all attempts for accessing the Internet and resources, if prompted by Firewall, Widows Defender or other guards or security programs challenging actions by OTCleanIt
• It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).

Establish a new clean restore point and Clear your existing System Restore points:

• New
  • Go to Start > All Programs > Accessories > System Tools > System Restore>
  • Select Create a restore point> OK.
• Clear Old
  • go to Start > Run > cleanmgr > Select the More options tab >
  • Choose the option to clean up System Restore > OK
    • 
      This will remove all restore points except the new one you just created.

 

[pncl321]

ok allset.

thank you very much for your help.
IT was very appreciated.