Browser redirect Laptop

June 20, 2009 at 07:21:48
Specs: vista home premium, intel 2 duo t7300/2GB ddr2
for reference see Browser redirect this is step 3 results didn't find any thing tho

kaspersky log

http://rapidshare.com/files/2466545...

Thanks Webb


See More: Browser redirect Laptop

Report •


#1
June 20, 2009 at 07:39:31
Can you zip it and upload it so its compressed to smaller size. Also upload it as a txt file.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#2
June 20, 2009 at 08:23:58
Kaspersky say's the scan failed wont open redoing now takes ages with external hard drive as well so maybe some time

Thanks Webb


Report •

#3
June 20, 2009 at 08:31:27
You don't have to redo it. You can get your last report if you click on report add >>. Refer to image below.

Image: http://avptool.virusinfo.info/en/im...

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

Related Solutions

#4
June 20, 2009 at 10:42:14
Hi again the files are "RPT FIles" i cant find a program to open them so i can copy and paste them ?

plus the kaspersky program never gets to the end of scan after about an hour it shouts down and reboots laptop ???

Thanks Webb


Report •

#5
June 20, 2009 at 10:44:43

Report •

#6
June 20, 2009 at 11:00:48
Hi again zipped file

http://rapidshare.com/files/2467224...

Thanks Webb


Report •

#7
June 20, 2009 at 11:12:31
I can't open that file you know what it detected?

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#8
June 20, 2009 at 11:27:51
like i said kaspersky scan never ended and it never reported finding any objects ? ..... just turns it self off after about an hour and reboots laptop ? every time

try the link below different scan ended the same

http://rapidshare.com/files/2467301...


Report •

#9
June 20, 2009 at 11:38:46
Note: I can help you remove malware manually. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. First Track this topic. Then follow:

1) Can you please post your AVZ log:
Note: Run AVZ in windows normal mode. If avz.exe doesn't start, then try to rename the file avz.exe to something else and try to run it again. Make sure you have your web browser open in background before following the steps below.

i) To create the log file, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.

ii) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.

iii) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.
Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator.

You should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.

begin
ExecuteAVUpdateEx( 'http://avz.virusinfo.info/avz_up/', 1, '','','');
ExecuteStdScr(3);
RebootWindows(true);
end.


Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called virusinfo_syscure.zip inside. Upload that file to rapidshare.com and paste the link here.

Image Tutorial

2) Download and Run DDS which will create a Pseudo HJT Report as part of its log: DDS Tool Download Link. When done, DDS will open two (2) logs

   1. DDS.txt
   2. Attach.txt

Upload the logs to rapidshare.com and paste download link in your next reply.
Note: Disable any script-blocking programs and then double-click on the DDS.scr icon to start the program. If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.scr to run. Please allow it to do so.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#10
Report •

#11
June 20, 2009 at 12:55:44
Follow these steps in order numbered:

1) Download GMER: http://gmer.net/download.php
[This version will download a randomly named file (Recommended).]

2) Disconnect from the Internet and close all running programs.

3) Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

4) Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.

5) GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)

6) If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.

7) Now click the Scan button. If you see a rootkit warning window, click OK.

8) When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log and upload it rapidshare.com. Post the download link to the uploaded file in your post.

9) Exit GMER and re-enable all active protection when done.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#12
June 21, 2009 at 04:55:54
Hi again gmer.log below

http://rapidshare.com/files/2469671...

thanks Webb


Report •

#13
June 21, 2009 at 07:13:13
Follow these Steps in order numbered. Don't proceed to next step unless you have successfully completed previous step:

1) Run this script in AVZ like before, your computer will reboot:

begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 DeleteService('gxvxcserv.sys');
 StopService('gxvxcserv.sys');
 QuarantineFile('C:\Windows\System32\gxvxcxhacsvwvpgbxjvvoftrmispqqqyitxrr.dll','');
 DeleteFile('C:\Windows\System32\gxvxcxhacsvwvpgbxjvvoftrmispqqqyitxrr.dll');
 QuarantineFile('C:\Windows\System32\gxvxcpdosotirwyxrgccfrgnnicpuppoaijfc.dll','');
 DeleteFile('C:\Windows\System32\gxvxcpdosotirwyxrgccfrgnnicpuppoaijfc.dll');
 QuarantineFile('C:\Windows\System32\gxvxccount','');
 DeleteFile('C:\Windows\System32\gxvxccount');
 QuarantineFile('C:\Windows\system32\drivers\gxvxcmxfsrubidyooepxebbxnpedatxciprre.sys','');
 DeleteFile('C:\Windows\system32\drivers\gxvxcmxfsrubidyooepxebbxnpedatxciprre.sys');
 QuarantineFile('C:\Windows\temp\6032855.tmp','');
 DeleteFile('C:\Windows\temp\6032855.tmp');
 DeleteFile('C:\windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job');
BC_ImportAll;
ExecuteSysClean;
 ExecuteRepair(14);
 ExecuteRepair(15);
BC_Activate;
SetAVZPMStatus(true);
RebootWindows(true);
end.

2) After reboot execute following script in AVZ:

begin
CreateQurantineArchive('C:\quarantine1.zip');    
end.


A file called quarantine1.zip should be created in C:\. Upload that file to rapidshare.com and private message me download link.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#14
June 21, 2009 at 09:09:08
log sent

Thanks Webb


Report •

#15
June 21, 2009 at 12:49:16
Attach a Combofix log, please review and follow these instructions carefully.

Download it here -> http://download.bleepingcomputer.co...

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows and pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) until after the scanning and removal process has taken place.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan. Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please upload that file to rapidshare.com and paste the link here.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#16
June 21, 2009 at 14:09:53
Hi again

combo one

http://rapidshare.com/files/2471319...

Thanks Webb


Report •

#17
June 22, 2009 at 05:28:45
Follow these Steps in order numbered. Don't proceed to next step unless you have sucessfully completed previous step:

1) Run this script in AVZ. Your computer will reboot.

begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 DeleteService('XPB');
 StopService('XPB');
 QuarantineFile('c:\users\Webb\AppData\Local\Temp\XPB.exe','');
 DeleteFile('c:\users\Webb\AppData\Local\Temp\XPB.exe');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.

2) Lastly, uninstall Combofix by: pause Antivirus/Sypware programs (http://www.bleepingcomputer.com/forums/topic114351.html Programs to disable) > Start > run > type combofix /u > ok. Or Start > run > type 123 /u > ok.

PS: Is your original problem solved?

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#18
June 22, 2009 at 10:02:21
Hi again i did'nt notice your "ps:" message things seem to be back to normal i can connect to windows update too

that file u asked for isn't where u siad it would be tho i will search for it see if i can find

Thanks Webb


Report •

#19
June 22, 2009 at 10:25:25
searched cant find it, i need to do a big down load from windows update am i ok to do it now ?

Windows Vista Service Pack 2 (KB948465)

Download size: 337.9 MB - 343.9 MB

Thanks Webb


Report •

#20
June 22, 2009 at 12:01:10
Yes its ok no need for that file. Complete these steps first then do windows update to service pack 2.

1) Run complete scan with: http://onecare.live.com/site/en-Us/...

2) Install, update database and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log, fix anything detected.

3) House cleaning. Run full Scan with SuperAntispyware : http://www.superantispyware.com/dow... . Fix what it detects and post summary scan log.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#21
June 23, 2009 at 18:00:25
complete scan ended badly it reported lots of bad stuf on my external hard drive well drive f ...... but when tried fix Experienced an error 0x10600c06


malwarebytes log
http://rapidshare.com/files/2479377...

opps just noticed Superantispyware one too will run now lol


Report •

#22
June 23, 2009 at 18:57:17
Where was 0x10600c06 error shown?

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#23
June 24, 2009 at 11:03:48
Hi again the "0x10600c06" error was shone by the onecare.live program when it tried to fix the things it found wrong, there woz about 9 issue's all on my external hard drive ....... would it of saved a log ?, i cant find it if it did, i could run again but took about 5 hours to run ...... plus just started the superantispyware one

thanks Webb


Report •

#24
June 24, 2009 at 12:46:13
Hi again log from superantisptware

http://rapidshare.com/files/2482360...

also didnt finish properly see screen shot

http://i36.photobucket.com/albums/e...

the objects are still in quarentine tho

should i run onecare.live program again ? try save before fix

thanks Webb


Report •

#25
June 24, 2009 at 13:09:45
Is that your external drive? Follow:

1) Run a full scan with http://www.eset.com/onlinescan/

# Check the box next to YES, I accept the Terms of Use.
# Click Start
# When asked, allow the activex control to be installed.
# Click Start
# Check below options:

    * Remove found threats
    * Scan archives
    * Scan for potentially unwanted applications (Advance Settings).
    * Enable Anti-Stealth technology (Advance Settings).

# Click Scan
# Wait for the scan to finish
# When it finishes it will create a log file here: C:\Program Files\ESET\ESET Online Scanner\log.txt
# Attach this logfile to your next message.

Illustrated tutorial: http://img155.imageshack.us/img155/...

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#26
June 24, 2009 at 13:15:55
i think f is my external drive how i got stuff set up at mo i also got a sd card pluged in and a memory stick cos i been useing them to tranfer stuff

Report •

#27
June 24, 2009 at 13:32:14
Run check disk on all your drives and follow Response Number 25.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#28
June 25, 2009 at 10:20:09
hi again check disk doesnt seem to working properly or im doing it wrong lol

open my computer click on the drive to check, click properties, tools, check now,

click scan for bad sectors, start

then u get the warning thing asking u to shedule scan cos windows cant check while its running

i click shedule disk check, but nothing happens ???
i even tried restarting it manually still nothing

ps tried on a few dif drives get the same thing ? laptop on vista home

Thanks Webb


Report •

#29
June 25, 2009 at 10:25:39
You can start it manually. Start windows in safe mode with command prompt and run it manually.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#30
June 25, 2009 at 12:25:53
Hi again i had to look up how to start it from the safe mode command prompt couldnt get it to work ??? do u have toturial for that ???

i did run sfc /scannow and windows resource protection found corrupt files on C: ...... but woz unable to fix some of them

plus i can locate the cbs.logs but i cant zip them see them or move or copy them access is denied, is that just vista been stupid why cant i post the logs

thanks Webb


Report •

#31
June 25, 2009 at 13:39:10
Seems like hard drive problem check in windows or hardware forum not too sure.

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#32
June 29, 2009 at 14:02:32
Hi again I am not having much luck with “C” drive on laptop at vista and hardware forums, looking like I will have to reformat but as u know I still have problems with my external hard drive spyware wise, but if I connect back to laptop, will it all just start again ?

Plus I got a second drive on laptop when I clean install “C” will my “D” drive be formatted too ?, and if not could my spyware problem be there too

I normally have my external hard drive connected to my xp machine the desktop but the desktop seems to be running ok since u last cleaned

Anyway any advise u can offer would be greatly received

Thanks Webb


Report •


Ask Question