Hello, friends. I have two issues that may be related to each other, and I've no idea where to start with either of them. First is a redirect virus. It sends me to channel1reports.com (make money from home). MalwareBytes also repeatedly blocks outgoing signals. 212.117.177.13 91.193.194.137 91.193.194.138 91.193.194.8 91.212.226.179 91.212.226.182 91.212.226.5 I have run Malwarebytes' scan and it found a .TDSS rootkit in my temp folder (under c:/users/me/appdata/roaming), and it was quarantined/deleted. Nevertheless, the problem still persists. Secondly, and more importantly, is my computer crashing on startup. I've no idea if this is virus-related, but it's very inconsistent and annoying. I say inconsistent because I am, in fact, posting from the infected computer. 90% of the time the computer will not boot in to Windows. The variables of when it starts seems to change each time. Before, it was dependent on whether or not my LAN cable was connected (when it was disconnected, computer booted fine. If I connected it, instant crash). But not too long ago the computer would not get past the first BIOS screen (the processor did complete POST), and the only way I got past it was to connect the LAN cable. Upon trying to load Windows it wanted to boot a diagnostic/repair service, which I allowed it to. It did a system restore (which I have done before) and the computer is now working as it should (for the time being). It boots 100% of the time in Safe Mode, but not with Safe Mode + Networking. Any help on either issue is appreciated; I can deal with a redirect here and there but this crashing on startup is painful. If it helps, the screen tears (horizontal broken lines) before restarting. Finally, the computer will crash guaranteed if I run many of the scanning programs used on MWB. These will most likely work in safe mode, but I'm not going to turn the computer off now when it's actually on; I'll get scans when requested. However, I did get a GMER test. GMER 1.0.15.15530 - http://www.gmer.net Rootkit scan 2011-01-27 17:53:28 Windows 6.1.7600 Running: gmer.exe ---- Registry - GMER 1.0.15 ---- Reg HKLMSYSTEMCurrentControlSetservicesBTHPORTParametersKeys\0011678778ea Reg HKLMSYSTEMCurrentControlSetservicessptdCfg@s1 771343423 Reg HKLMSYSTEMCurrentControlSetservicessptdCfg@s2 285507792 Reg HKLMSYSTEMCurrentControlSetservicessptdCfg@h0 1 Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC @p0 C:Program Files (x86)DAEMON Tools Lite Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC @u0 0x00 0x00 0x00 0x00 ... Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC @h0 0 Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC @hdf12 0xD1 0x4E 0x7E 0x9D ... Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x22 0x23 0x1E 0x3A ... Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001gdq0 Reg HKLMSYSTEMCurrentControlSetservicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001gdq0@hdf12 0x2E 0x5E 0x63 0x0D ... Reg HKLMSYSTEMControlSet002servicesBTHPORTParametersKeys\0011678778ea (not active ControlSet) Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:Program Files (x86)DAEMON Tools Lite Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC@hdf 12 0xD1 0x4E 0x7E 0x9D ... Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x22 0x23 0x1E 0x3A ... Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001gdq0 (not active ControlSet) Reg HKLMSYSTEMControlSet002servicessptdCfg14919EA49A8F3B4AA3CF1058D9A64CEC\00000001gdq0@hdf12 0x2E 0x5E 0x63 0x0D ... ---- EOF - GMER 1.0.15 --- I have a laptop which I can use to download and transfer any file you need. Any and ALL help is vastly appreciated. Thanks! Steve. Bump..sorry if that isn't allowed.
