binky101

Viruses and worms
21

…and that makes TWO new things I have learned today! ;D

22

Please read carefully and follow these steps.

[*]DownloadTDSSKiller and save it to your Desktop.
[*]Extract its contents to your desktop.
[*]Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

http://i1224.photobucket.com/albums/ee362/Essexboy3/TDSSKiller%20shots/TDSSKillermain.png

[*]If an infected file is detected, the default action will be Cure, click on Continue.

http://i1224.photobucket.com/albums/ee362/Essexboy3/TDSSKiller%20shots/TDSSKillerMal-1.png

[*]If a suspicious file is detected, the default action will be Skip, click on Continue.

http://i1224.photobucket.com/albums/ee362/Essexboy3/TDSSKiller%20shots/TDSSKillerSuspicious.png

[*]It may ask you to reboot the computer to complete the process. Click on Reboot Now.

http://i1224.photobucket.com/albums/ee362/Essexboy3/TDSSKiller%20shots/TDSSKillerCompleted.png

[*]If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
[*]If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of “TDSSKiller.[Version][Date][Time]_log.txt”. Please copy and paste the contents of that file here.

23

It’s dead. ;D Avast reports nothing in memory and no more random redirects.

Took several days but I saved $120.

Thank you. :slight_smile:

24

Could you post the TDSSKiller log so that I can see which one it was

25
2011/08/23 17:04:07.0510 0780 Detected object count: 1 2011/08/23 17:04:07.0510 0780 Actual detected object count: 1 2011/08/23 17:04:16.0802 0780 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/08/23 17:04:16.0802 0780 \Device\Harddisk0\DR0 - ok 2011/08/23 17:04:16.0803 0780 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/08/23 17:04:20.0285 3748 Deinitialize success

…here is the log.

26

On your desktop should be a file called MBR.dat could you rename that to MBR.txt and attach it to your next post please

27

MBR.TXT.

28

Thank you