Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus Caused BSOD


  • This topic is locked This topic is locked
5 replies to this topic

#1 Eezo

Eezo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 13 August 2012 - 09:52 AM

Hello!

About a week ago I noticed my google results were being redirected to other websites (click.findsearchresults.com, etc). I did some research and found out I likely had a redirect virus on my computer. I ran malwarebytes, spybot, and ESET to try and find any suspicious files. I also deleted all temporary files from firefox and did a routine scan just to check everything out. Malware found and took care of two files, while ESET placed another file in quarantine. The File ESET put into quarantine was a file called (basing this off memory) URLREDIR.dll which was located in my Microsoft Office program files.

I noticed that after that, my google results were still being redirected. I wasn't sure what else to do, so I ignored it for a few days until last night, when I suddenly got a pop-up from ESET telling me that my quarantined files called for a restart (this never happened before), so I went through with it. During the restart, I got the BSOD and now am unable to start Windows. I receive the following message when attempting to start up my computer, and am unable to access safe mode:

Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:

1. Insert your windows installation disc and restart your computer.
2. Choose your language settings, then click "next"
3. Click "repair your computer"

Status: 0xc000000e
Info: The boot selection failed because a required device is inaccessible.



So I'm wondering if this is due to the redirect virus or if this is just my anti-virus program creating trouble.

Edited by Eezo, 13 August 2012 - 11:46 AM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:18 AM

Posted 15 August 2012 - 01:58 PM

Hi and :welcome:

Please indicate which Operating System is installed?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Eezo

Eezo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 16 August 2012 - 03:23 PM

Hello and thank you!

I use Windows 7.

#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:18 AM

Posted 16 August 2012 - 04:35 PM

Lets give it a try. You will need a USB Flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Eezo

Eezo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 17 August 2012 - 12:09 PM

I'm going to try just reinstalling it and checking to make sure the redirect virus is gone. I'll let you know how it goes!

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:18 AM

Posted 21 September 2012 - 07:52 PM

Due to the lack of feedback this Topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users