Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Redirect Virus...Combofix Log


  • This topic is locked This topic is locked
5 replies to this topic

#1 stormm

stormm

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 02 May 2011 - 12:27 AM

Hello good evening.

Starting Monday April 25, when I shut down, I got a blue screen. Never happened before.

I tried system restore, nothing. I tried to do microsoft updates, since the blue screen seemed to say that it's possible that drivers are out of date, but for some reason, I am unable to update. Then I realized that when I was doing a search on the web, it would redirect me to another unrelated site.

So now I think I have the redirect virus that may also be affecting any microsoft updates to my machine.

I have tried Malwarebytes (free version). I have Trend Micro installed and while it did find some items (like a couple of trojans) and deleted the infected file, I still kept getting the blue screen.

Eventually, I restored my laptop with a backup that I had from end of December 2010. The restore I chose was on the whole hard drive. After the restore, it attempted to reboot and bluescreen happened again. I forced the reboot and after rebooting, I installed Malwarebytes again from a USB (note that I had my internet disconnected). Did a scan and found and fixed a backdoor.bot. Then I ran trend micro---found nothing. Then I rebooted again, and this time, no blue screen. Then I connected to the internet so I can update Malwarebytes and Trend Micro, and re-run those two and found nothing. At this point I was hoping I no longer had the redirect virus as this only started to manifest itself in the past week and since I restored my entire Hard Drive from a December back up. Alas...no luck. I did a search, it did bring me to the correct site but then a pop up opened to another site and as soon as it did that, I turned my router off.

Anyway, after many searches, I tried to do a TDSSKiller by Kaspersky but for some reason I could not get it to work. When I ran the exe file it would say that it failed to execute or run or something like that. So my sister recommended to do the Combofix. Then found your site...

I realize that I did the Combofix before reading the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help...so pardon me if I am requesting help in interpreting the log.

May you please help me?

I would appreciate your help.

Attached Files


Edited by stormm, 02 May 2011 - 12:31 AM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:19 AM

Posted 09 May 2011 - 07:53 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 stormm

stormm
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 11 May 2011 - 02:08 AM

Hello, yes I am still here.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:19 AM

Posted 11 May 2011 - 05:10 PM

We will start by running a program to check for rootkit activity

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:19 AM

Posted 14 May 2011 - 09:05 PM

Hi,

I have not had a reply from you for 4 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:19 AM

Posted 16 May 2011 - 05:02 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users