Search:

ComboFix 13-01-05.01 - Charon 01/05/2013 12:57:55.11.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1988 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...

Hi, Happy New Year. I used IE for a while and did not have the redericting issue. The issue is intermittent so I'm not for sure it doens't exist, but again, I did not have it occur over about 6 hours...

Okay I jinxed myself and it happened again. Can I bother you for the combofix link?

I already removed combo fix and err.. effort. But again THANK YOU so much my Finnish Santa. :heart: I'm waiting for the redirect to happen again before I post. And honestly at that point I might just...

Thanks for sticking with me. :) I do all my browsing with firefox, so I'm not sure if the issue persists with i.e. I ran a full malware scan and found and removed:...

Hello. I completed the steps. Thank you again for your help with these issues. However it appears I still have some malware on my computer. I am often redirected to sites other than the one I intend...

I wasn't getting any of the pop-ups and I just ran a malware scan that came up clean. Can, can it really be gone??? Either way thank you so much for your help over the past few days!

ComboFix 12-12-27.03 - Charon 12/27/2012 21:00:28.9.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1998 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...

C:\Windows\System32\drivers\etc>attrib /s
A C:\Windows\System32\drivers\etc\hosts.20121214-194535.backup
A C:\Windows\System32\drivers\etc\hosts.20121214-194612.backup
A ...

I ran the commands in recovery mode. No files in the c drive per dir.

ComboFix 12-12-25.02 - Charon 12/26/2012 12:29:42.8.2 - x64
Microsoft Windows 7 Home Premium ...

I assume you meant to run those commands under the D:\ directory as
C:\ is empty. Each command returned an error.

The attrib command returned the error:

"File not found - hosts"

The del...

I see the files under D: I tried the commands from earlier and access was denied for the attrib command, and file not found for "del /q".

When in recovery mode everything is defaulted to x:/ . I typed C to bring it to the C drive which was fine. But then there was no directory for c:\windows etc. I typed dir and there were no files in...

A SHR C:\Windows\System32\drivers\etc\hosts
A SHR C:\Windows\System32\driversetc\hosts.20121214-194535.backup
A SHR C:\Windows\System32\drivers\etc\hosts.20121214-194612.backup...

x:\windows\system32\drivers\etc\
services
lmhosts.sam
networks
protocol

The commands returned 'invalid switch "y"'

I tried the command leaving out the /y

the command del hosts*.backup returned a message that hosts*.backup does not exist

attrib /s hosts* returns...

Yes, no error messages, but no confirmation messages either. It just continued to display the same "c:\windows\system32\drivers\etc" line.

Still listed.

I don't think it worked. Still receiving the same output for attrib /s hosts*

c:\Windows\System32\drivers\etc>attrib /s hosts*
A SHR C:\Windows\System32\drivers\etc\hosts
A SHR C:\Windows\System32\drivers\etc\hosts.20121214-194535.backup
A SHR ...

Received an error:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>cd /d c:\windows\system32\drivers\etc
...

ComboFix 12-12-20.02 - Charon 12/21/2012 17:13:10.7.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.2094 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...

Uploaded

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by Charon at 17:19:22 on 2012-12-19
Microsoft Windows 7 Home Premium ...

ComboFix 12-12-19.02 - Charon 12/19/2012 12:17:00.6.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1729 [GMT -5:00]
Running from: c:\users\Charon\Desktop\ComboFix.exe...

Having some trouble with HostsXpert. When I run the file I receive warnings that the HOSTS file is marked as a system file, and a hidden file and cannot be manipulated. I okay both warnings. The...

Phew, okay that took a while! :)

eset:

C:\ProgramData\Microsoft\Windows\DRM\6612.tmp.dat a variant of Win32/Kryptik.AQQU trojan
C:\ProgramData\Spybot - Search &...

Combofix didn't force a restart and I didn't complete one:

ComboFix 12-12-14.01 - Charon 12/16/2012 13:50:39.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2942.1872 [GMT...

When I restarted my computer I was asked if I wanted to run a program by 'kapersky labs' I chose no. Also there are messages about missing .dll files upon startup. The log is above the character...

I'm sorry, I did find it! :oops:

13:18:39.0275 1180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:18:39.0587 1180 ============================================================...

I'm sorry but I can't find the log file. Should I post the text from 'report'?

13:18:39.0275 1180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

is the first line.

Ran combofix again in regular mode. My computer crashed at some point while I wasn't watching it. Ran the fix again and restarted and can access web browsing.

Combo fix log:

ComboFix...

I ran combofix but was not able to disable AVG. I cannot open AVG to disable it, nor can I uninstall the program through the control panel. After running combofix I am not able to run any internet...

I have attempted to remove smitfraud-c.generic several times and it comes back as soon as I can run another scan. I have run scans with AVG and adaware before trying spybot. I disabled both others...