ComboFix 13-01-05.01 - Charon 01/05/2013 12:57:55.11.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1988 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...
Type: Posts; User: Looking4Info; Keyword(s):
ComboFix 13-01-05.01 - Charon 01/05/2013 12:57:55.11.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1988 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...
Hi, Happy New Year. I used IE for a while and did not have the redericting issue. The issue is intermittent so I'm not for sure it doens't exist, but again, I did not have it occur over about 6 hours...
Okay I jinxed myself and it happened again. Can I bother you for the combofix link?
I already removed combo fix and err.. effort. But again THANK YOU so much my Finnish Santa. :heart: I'm waiting for the redirect to happen again before I post. And honestly at that point I might just...
Thanks for sticking with me. :) I do all my browsing with firefox, so I'm not sure if the issue persists with i.e. I ran a full malware scan and found and removed:...
Hello. I completed the steps. Thank you again for your help with these issues. However it appears I still have some malware on my computer. I am often redirected to sites other than the one I intend...
I wasn't getting any of the pop-ups and I just ran a malware scan that came up clean. Can, can it really be gone??? Either way thank you so much for your help over the past few days!
ComboFix 12-12-27.03 - Charon 12/27/2012 21:00:28.9.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1998 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...
C:\Windows\System32\drivers\etc>attrib /s
A C:\Windows\System32\drivers\etc\hosts.20121214-194535.backup
A C:\Windows\System32\drivers\etc\hosts.20121214-194612.backup
A ...
I ran the commands in recovery mode. No files in the c drive per dir.
ComboFix 12-12-25.02 - Charon 12/26/2012 12:29:42.8.2 - x64
Microsoft Windows 7 Home Premium ...
I assume you meant to run those commands under the D:\ directory as
C:\ is empty. Each command returned an error.
The attrib command returned the error:
"File not found - hosts"
The del...
I see the files under D: I tried the commands from earlier and access was denied for the attrib command, and file not found for "del /q".
When in recovery mode everything is defaulted to x:/ . I typed C to bring it to the C drive which was fine. But then there was no directory for c:\windows etc. I typed dir and there were no files in...
A SHR C:\Windows\System32\drivers\etc\hosts
A SHR C:\Windows\System32\driversetc\hosts.20121214-194535.backup
A SHR C:\Windows\System32\drivers\etc\hosts.20121214-194612.backup...
x:\windows\system32\drivers\etc\
services
lmhosts.sam
networks
protocol
The commands returned 'invalid switch "y"'
I tried the command leaving out the /y
the command del hosts*.backup returned a message that hosts*.backup does not exist
attrib /s hosts* returns...
Yes, no error messages, but no confirmation messages either. It just continued to display the same "c:\windows\system32\drivers\etc" line.
Still listed.
I don't think it worked. Still receiving the same output for attrib /s hosts*
c:\Windows\System32\drivers\etc>attrib /s hosts*
A SHR C:\Windows\System32\drivers\etc\hosts
A SHR C:\Windows\System32\drivers\etc\hosts.20121214-194535.backup
A SHR ...
Received an error:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>cd /d c:\windows\system32\drivers\etc
...
ComboFix 12-12-20.02 - Charon 12/21/2012 17:13:10.7.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.2094 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...
Uploaded
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by Charon at 17:19:22 on 2012-12-19
Microsoft Windows 7 Home Premium ...
ComboFix 12-12-19.02 - Charon 12/19/2012 12:17:00.6.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1729 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...
Having some trouble with HostsXpert. When I run the file I receive warnings that the HOSTS file is marked as a system file, and a hidden file and cannot be manipulated. I okay both warnings. The...
Phew, okay that took a while! :)
eset:
C:\ProgramData\Microsoft\Windows\DRM\6612.tmp.dat a variant of Win32/Kryptik.AQQU trojan
C:\ProgramData\Spybot - Search &...
Combofix didn't force a restart and I didn't complete one:
ComboFix 12-12-14.01 - Charon 12/16/2012 13:50:39.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1872 [GMT...
When I restarted my computer I was asked if I wanted to run a program by 'kapersky labs' I chose no. Also there are messages about missing .dll files upon startup. The log is above the character...
I'm sorry, I did find it! :oops:
13:18:39.0275 1180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:18:39.0587 1180 ============================================================...
I'm sorry but I can't find the log file. Should I post the text from 'report'?
13:18:39.0275 1180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
is the first line.
Ran combofix again in regular mode. My computer crashed at some point while I wasn't watching it. Ran the fix again and restarted and can access web browsing.
Combo fix log:
ComboFix...
I ran combofix but was not able to disable AVG. I cannot open AVG to disable it, nor can I uninstall the program through the control panel. After running combofix I am not able to run any internet...
I have attempted to remove smitfraud-c.generic several times and it comes back as soon as I can run another scan. I have run scans with AVG and adaware before trying spybot. I disabled both others...