Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus - Services.exe


  • Please log in to reply
1 reply to this topic

#1 zoneout83

zoneout83

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:07 PM

Posted 29 July 2012 - 07:10 PM

Greetings Friend,

This is driving me batty!

What I know is going on: There is a "server" on my computer running a redirect, and some sort of program that is setting my proxy settings to 127.0.0.1 so that it can change what page I am on during a google search. Unfortunately I cannot locate it, or haven't yet anyhow.

I decided to install AVG (only antivirus on my computer now) which tossed me 6 threats 3 to do with iexplorer.exe and 3 to do with firefox.exe I removed/cleaned these. I was still getting the redirect, and still getting popups from AVG stating the dropper.generic_c.mmi So I restarted in safe mode ran AVG again and cleaned everything again. Unfortunately this time I wasn't paying much attention to what I was doing because my I was watching my daughter, but alas I still have the same problems. I then proceded to do searches and look through possible solutions. I found that each solution that was presented thus far didn't match my system. For example it said look for a specific service or exe file running and stop that process then delete this, well neither the exe was running nor did I have that file that was to be deleted.

At this point I found this site and as per my ego downloaded the ComboFix.exe as directed to another user. Then researched the program ComboFix.exe Where I seen tutorials on how it is used and the different switches used with the program. I ran the program three times in a row, maybe four. Once in safe mode. I also restarted between each run. Still have the redirect virus. At this point I am defering to the forum expertise.

The main reason I ran the ComboFix so many times was I did not see all the screens in the tutorials (which may not exist with my windows 7 installation) I do not see any log files in C:\ either. Also I am deferring because I seen something I believe will help fix my problem but it said that the information was particular for that user and may screw up my system.

Thanks,

Rob

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:07 PM

Posted 29 July 2012 - 07:11 PM

Do not run any other tools unless instructed


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users