Tech Stocking Stuffers: 18 awesome gifts under $50

Not able to open programs and slow internet

By pncl321 · 9 replies
Nov 26, 2008
  1. Hi I would post a hijackthis log but I can't because that is one of the many problems I'm having. I am not able to run alot of antispyware programs or things alike. When I click on them it just loads then nothing happens.
    Then when i downloaded hijackthis and tryed to run it it also did the same.
    The only programs that actually worked were ccleaner, spyware blaster and Ad-aware.
    But ad-aware didn't find anything.
    I can't run hijackthis, superantispyware, or malwarebyte's anti-malware.

    Another thing that seems to happen is that I hear a kind of popup window noise as if some kind of information pop up happens but, nothing ever appears.

    Then I'm also having a problem with google. When ever I click on a link for a term i searched it opens a new tab and opens some random window of information like other search sites and adds and doesnt even open what I want.

    And to top it all off my internet is acting very sluggish and slow. It seems to be affecting everything as well.

    So if anybody can help me out and tell me were to start, that would be great thank you.
  2. thodoris85

    thodoris85 TS Rookie

    have you followed the instactions for hijackthis that say to rename the exe file to: crusty.exe?
    If you cannot run "HJTIntall.exe" at all, try to rename that file too, anything would be fine.

    I just had the same problem
  3. rf6647

    rf6647 TS Maniac Posts: 829

    Welcome to TS. Your problem statement is very helpful. I am trying to anticipate your needs. You are now facing dificulties.

    In case of difficulty, attempt this method
    Note, one user reported the need to restart in safe mode with networking, as the relief was temporary. This refers to message #1.
    Additional note: Message #3 link to 'fixit download' has demonstrated its effectiveness in many cases. Go to message # 3 'fixit download'

    Other: As part of your response, please feedback which method was effective. Message #1 is for the specific named trojan, and message # 3 has broader coverage.

    Genreal Remark: - React to unanswered items appearing in scan logs
    • NO Action’ - Remove Selected when offered by MBAM
    • 'Delete on Reboot’ - Restart the computer after concluding the scan
    Proceeding along a typical path.
    • Update both MBAM & SAS. Rerun them both.
    • This effort is complete when logs report NO infections/threats, or reporting something it can not clean.
    • Restart the computer. Scan with HJT.
    • Posts logs. Report progress & what changes are observed.
  4. pncl321

    pncl321 TS Rookie Topic Starter

    thanks rf6647.

    It looks like it doesn't redirect me anymore on google.

    should I ever enable TDSSserv.sys agian?

    I managed to run hijack this, malwarebytes anti malware, and superantispyware.

    I attached their logs here. I was just wondering if theres still anything wrong.

    thanks anybody.
  5. rf6647

    rf6647 TS Maniac Posts: 829

    You have merely passed stage 1. Stage 2 is this reply. The TDSS is the exploit (infection) using non-plug and play drivers. Stage 3 is rerun of ComboFix plus script file when indicated. Stage 4 is cleanup.

    Presently, the method being used for this type of infestation (TDSS) is becoming more ‘typical’.

    Successive scans are used to uncover additional infections, since masking is common with many infestations. When a tool reports something it can not clean, that's when the strategy calls for a stronger scanner. The sequence for applying the scanners begins with the standard scanners (fully updated) and ends with the stronnger cleaner, with a side benifit that it adds information about the comparative effectiveness among the tools.

    The TDSS exploit (among other non-plug and play driver exploits) is quite the rage. The temptation is to package a method for this. However, the result would be quite lengthy and possibly confusing, since it is not possible to anticipate contributing factors.

    Your feedback is appreciated. Your logs show found and removed items. For your case, we will supplement our guide with a special scan / tool.

    Overview -
    • ComboFix is a very effective tool that scans / fixes hard to clean infections. Additionally, it includes diagnostic information.
    • Uninstall old copy of ComboFix - if tool was used previously

    Supplement to guide. Successive scans used to uncover additional infections.
    • Update both MBAM & SAS. Rerun them both.

    • This effort is complete when logs report NO infections/threats, or reporting something it can not clean.

    • Follow ComboFix instructions referenced below.

    • Scan with HJT. (part of instructions for ComboFix)

    • Posts logs. Report progress & what changes are observed. Include logs that found infections.

  6. pncl321

    pncl321 TS Rookie Topic Starter

    Ok did everything. attached the two spyware logs, combofix and hijack this after everything.
  7. rf6647

    rf6647 TS Maniac Posts: 829

    Throttle up for Stage 3. Systems are go. Rerun ComboFix to confirm clean status is holding. Restart the computer & run HJT. Submits logs.
  8. pncl321

    pncl321 TS Rookie Topic Starter

    Ok here we go.
  9. rf6647

    rf6647 TS Maniac Posts: 829

    Here it is. Finally stage 4 - you're in the clear.

    Now let's remove the cleaning tools:
    • Download OTCleanIt . Save to desktop.
    • OTCleanIt.exe. > CleanUp >Yes to the "Begin cleanup Process?"
    • Approve all attempts for accessing the Internet and resources, if prompted by Firewall, Widows Defender or other guards or security programs challenging actions by OTCleanIt
    • It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).

    Establish a new clean restore point and Clear your existing System Restore points:
    • New
      • Go to Start > All Programs > Accessories > System Tools > System Restore>
      • Select Create a restore point> OK.
    • Clear Old
      • go to Start > Run > cleanmgr > Select the More options tab >
      • Choose the option to clean up System Restore > OK

        • This will remove all restore points except the new one you just created.
  10. pncl321

    pncl321 TS Rookie Topic Starter

    ok allset.

    thank you very much for your help.
    IT was very appreciated.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...