espeak / colexity trojan?

[JNorth]

The antivirus programs were never running at the same time but yeah, no reason to have them both on there.  AppRemover did not find the antivirus that I uninstalled.  I'm not sure if \Device\Harddisk0\DR0 ( TDSS File System ) actually got deleted - avast interfered with TDSSKiller when I asked it to be removed.

Can you tell me what this rootkit ( TDL4 ) does? Is the intent to get information from people's computers?

[magna86]

Can you tell me what this rootkit ( TDL4 ) does? Is the intent to get information from people's computers?

In principle, its redirect to some sites. But I can guarantee your privacy. It would be good idea to change your passwords.
More information about the analysis:

http://www.securelist.com/en/blog/337/TDL4_Starts_Using_0_Day_Vulnerability
http://www.securelist.com/en/analysis/204792180/TDL4_Top_Bot
http://www.securelist.com/en/blog/516/TDL_4_Indestructible_or_not
**************

>> Temporaly disable your avast antivirus. Download fresh TDSSKiller and re-run as before with change parametres and use Delete option for this entry if shows:

\Device\Harddisk0\DR0 ( TDSS File System )
\Device\Harddisk0\DR0 ( TDSS File System )

Attach here logresults from TDSSKiller.


>> Re-run Malwarebytes, do a Quick Scan and attach here fresh log.

How is your computer behaving now ?

[JNorth]

TDSSKiller did not show the harddisk.

The computer is operating normally.  Nice job

[magna86]

OK, that's it. 
No more malware detections , no traces of malware. You are clean


It is necessary to uninstall the ComboFix :

• Click Start (or ) then Run.
  
  
  On Windows7 or Vista you may use Start Search field if Run is not available.
  
  
• In the line of text type in (Copy) the following:

Code: [Select]

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

• then click OK (or press Enter ).

Wait for the uninstall process is complete.



>>> Re-Run OTL and click on CleanUp! button.

[JNorth]

Thank you! That's awesome how it automatically cleans up most of what we used. BlitzBlank, adwcleaner, and AppRemover are still there - do I just delete the executable files and call it good?

[magna86]

AppRemover will remove any traces of antivirus leftovers. It olso can be use to uninstall antivirus.
AdwCleaner  will remove any adware or toolbar.
You can keep those tools if you will for future use. It can be useful. 
BlitzBlank just delete.

[Crynopsa]

Hello to the both of you. I was having the exact same problem and am now in the process of fixing it with the TDDSkiller. I have a couple questions to ask if you wouldn't mind.
First, how do I know that TDDS is gone entirely? After I am finished deleting what I think I need to, I want to be sure it's gone for good.
Secondly, this going to magna86, how do you know all of this? Is there any possibility you could teach me to understand as much as you do?

[Asyn]

Hello to the both of you. I was having the exact same problem and am now in the process of fixing it with the TDDSkiller. I have a couple questions to ask if you wouldn't mind.

Please start your own topic. Thanks.

[GriffBeeks]

Dude! i just wanted to say, you are my fucking hero, i've been trying for weeks to clean this up on my own, and your step by step here worked on the first try i fucking LOVE you.