IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> clicking on link goes to different web page, clicking on C drive takes a minute, previous problems returned on desktop this time
pournstarr
post 31.05.2009 08:56
Post #1


Member
**

Group: Members
Posts: 14
Joined: 5.04.2009




Hello. I've had a very similar problem before and i received tremendous help from this site, so here i am again. I'm basically having the same symptoms as i had last time with my laptop, only this time, i can't even get kaspersky to start at all. Plus clicking on my C drive takes almost a minute to open, and this is a new computer that i built with a core 2 duo processor... no way it should take that long and it only started recently. Also, when i click on web pages from yahoo or something, the first time i click on it, i'll get redirected to some BS website. then i have to click back and click on the same link again to get the page i was trying to get. Also, i've been getting a lot of BSODs lately... it seems like i have a similar version of the infection i had last time only this one is on steroids. I d/l'ed AVZ since thats the only way i could get the syscure zip. i've attached it here. any help would be appreciated. Thanks.

-Jason
Attached File(s)
Attached File  virusinfo_syscure.zip ( 40,32K ) Number of downloads: 12
 
Go to the top of the page
 
+Quote Post
pournstarr
post 1.06.2009 00:28
Post #2


Member
**

Group: Members
Posts: 14
Joined: 5.04.2009




Sorry for the double post, but i'm now having issues with my ide channel as well. neither of my optical drives are showing up in "my computer" but they do show up in the bios and in the device manager (however, in DM they both have the yield with exclamation sign, and in properties, it says theres no drivers installed for the specific drives.)
Go to the top of the page
 
+Quote Post
Baz^^
post 1.06.2009 01:49
Post #3


Wrestling Champion
**************

Group: Gold beta testers
Posts: 8799
Joined: 10.03.2007




1. I suggest you stay away from pirated software as your log suggests you are using some at the moment....it's a surefire way to get such infections.


2. Follow instructions below:

Please execute the following script using AVZ.
Instructions on script execution: http://forum.kaspersky.com/index.php?showt...st&p=678368
Your computer will reboot during script execution.

CODE
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
QuarantineFile('C:\WINDOWS\System32\Drivers\a99eygqq.SYS','');
QuarantineFile('C:\WINDOWS\TEMP\tempo-711093.tmp','');
QuarantineFile('C:\WINDOWS\system32\dll.dll','');
QuarantineFile('\\?\globalroot\systemroot\system32\gxvxcuyqihlqcimspjaufdqoqxrqusnfssiim.dll','');
QuarantineFile('c:\windows\temp\tempo-711093.tmp','');
DeleteFile('c:\windows\temp\tempo-711093.tmp');
DeleteFile('\\?\globalroot\systemroot\system32\gxvxcuyqihlqcimspjaufdqoqxrqusnfssiim.dll');
DeleteFile('C:\WINDOWS\system32\dll.dll');
DeleteFile('C:\WINDOWS\TEMP\tempo-711093.tmp');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.



-----
After your computer has rebooted, please do the following:

I would like you to run a tool called ComboFix and post the logfile it generates.

Download it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Before saving the file, rename it to something like 123.exe

Now, please make sure no other programs are running, close all other windows and pause Kaspersky if it is running (Choose the option "resume manually" if still active) until after the scanning and removal process has taken place.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall. It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt , please attach it to your next post. Also, please don't forget to resume the Kaspersky that you paused.

-----

After combofix has finished running, please open AVZ and execute the following script:

CODE
begin
CreateQurantineArchive('c:\quarantine.zip');
end.


A file called quarantine.zip should be created in C:\

Please send it to me via private messenger. If you cannot attach it to your message, upload it to a filehosting service like www.rapidshare.com and send me the download link to the file.

This post has been edited by Baz^^: 1.06.2009 01:51


--------------------
Kind Regards,

Baz
Go to the top of the page
 
+Quote Post
pournstarr
post 1.06.2009 03:51
Post #4


Member
**

Group: Members
Posts: 14
Joined: 5.04.2009




message sent with quarantine file. combofix log attached to this message. just curious... what software looks pirated on my system? and how are you able to tell by looking at the log?
Attached File(s)
Attached File  ComboFix.txt ( 29,47K ) Number of downloads: 8
 
Go to the top of the page
 
+Quote Post
pournstarr
post 3.06.2009 01:11
Post #5


Member
**

Group: Members
Posts: 14
Joined: 5.04.2009




bump...
Go to the top of the page
 
+Quote Post
pournstarr
post 7.06.2009 04:39
Post #6


Member
**

Group: Members
Posts: 14
Joined: 5.04.2009




seriously? no one??
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 20.12.2014 13:42