also @ TechSpot: California man finds limits of Verizon FiOS unlimited data broadband service: 77TB

Having continual problems with Google redirect virus

Discussion in 'Virus and Malware Removal' started by vukker, May 10, 2010.

Page 3 of 3

  1. Broni Malware Annihilator Posts: 39,391   +177

    I just wonder how many more system files are missing/corrupted?

    Let's give it another shot.
    You'll have to boot to OTLPE CD and run another OTL scan.

    New code:

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    ntoskrnl.exe
    Ntfs.sys
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    userinit.exe
    explorer.exe
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    Broni, May 22, 2010
    #41

  2. vukker Newcomer, in training Posts: 37

    Yea it does seem a bit excessive I just wonder how all this happened and if it has to do with my external hard drive or what. But anyhow here is the OTL log

    Attached Files:

    • OTL.Txt
      File size:
      184.1 KB
      Views:
      2
    vukker, May 23, 2010
    #42

  3. Broni Malware Annihilator Posts: 39,391   +177

    Do this on the computer you are posting from:
    Copy the text in the codebox below:


    Code:
    :OTL

:Services

:Reg

:Files
C:\WINDOWS\system32\ntoskrnl.exe|C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe /replace

:Commands
[purity]
[emptytemp]
    Open Notepad and paste it.
    Save the document as Fix.txt on to a USB flash drive


    On the infected computer the following...

    Run OTLPE

    • Insert USB stick and find the file Fix.txt. Drag the file Fix.txt and drop it under the Custom Scans/Fixes box at the bottom.
      • (The content of Fix.txt should appear in the box)
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post the log produced (you'll need to transfer it with USB stick)
    • Attempt to reboot normally into windows.
    Broni, May 23, 2010
    #43

  4. vukker Newcomer, in training Posts: 37

    heres the log booting in safe mode now keeping my fingers crossed
    vukker, May 23, 2010
    #44

  5. vukker Newcomer, in training Posts: 37

    like i said heres the log

    Attached Files:

    vukker, May 23, 2010
    #45

  6. vukker Newcomer, in training Posts: 37

    windows not starting stuck at initial windows screen with loading bar still moving
    vukker, May 23, 2010
    #46
     

  7. vukker Newcomer, in training Posts: 37

    when starting in safe mode it starts loading last output on screen is loading windows\system32\drivers\mup.sys then it restarts the computer
    vukker, May 23, 2010
    #47

  8. Broni Malware Annihilator Posts: 39,391   +177

    OK, we can keep playing around, if you wish, replacing those system files, but surely we can't do it for ever.
    Let's give it couple more shots.

    New OTLPE script:


    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    mup.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    Broni, May 23, 2010
    #48

  9. vukker Newcomer, in training Posts: 37

    Hey broni sorry went on an outing for the day yesterday and yes I agree i dont think we can keep this up forever, what would be my options after that? And is that a fix or a scan for OTL
    vukker, May 24, 2010
    #49

  10. vukker Newcomer, in training Posts: 37

    stupid question scan obviously.....booting up other pc will have log soon
    vukker, May 24, 2010
    #50

  11. vukker Newcomer, in training Posts: 37

    here is the log
    vukker, May 24, 2010
    #51

  12. vukker Newcomer, in training Posts: 37

    im having trouble posting the log it keeps telling me i have already attatched this file to this thread
    vukker, May 24, 2010
    #52

  13. vukker Newcomer, in training Posts: 37

    hmm ok finally here it is

    Attached Files:

    • OTL.Txt
      File size:
      161.8 KB
      Views:
      1
    vukker, May 24, 2010
    #53

  14. Broni Malware Annihilator Posts: 39,391   +177

    Do this on the computer you are posting from:
    Copy the text in the codebox below:


    Code:
    :OTL

:Services

:Reg

:Files
C:\WINDOWS\system32\drivers\mup.sys|C:\WINDOWS\ServicePackFiles\i386\mup.sys /replace

:Commands
[purity]
[emptytemp]
    Open Notepad and paste it.
    Save the document as Fix.txt on to a USB flash drive


    On the infected computer the following...

    Run OTLPE

    • Insert USB stick and find the file Fix.txt. Drag the file Fix.txt and drop it under the Custom Scans/Fixes box at the bottom.
      • (The content of Fix.txt should appear in the box)
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post the log produced (you'll need to transfer it with USB stick)
    • Attempt to reboot normally into windows.
    Broni, May 24, 2010
    #54

  15. vukker Newcomer, in training Posts: 37

    ok won't be home until 10 or so
    vukker, May 24, 2010
    #55

  16. Broni Malware Annihilator Posts: 39,391   +177

    No problem :)
    Broni, May 24, 2010
    #56

  17. vukker Newcomer, in training Posts: 37

    Dear Broni did the fix here's the log but when attempting to reboot it failed in normal mode then when tried in safe mode it restarted itself at the exact same point im pretty sure

    Attached Files:

    vukker, May 26, 2010
    #57

  18. Broni Malware Annihilator Posts: 39,391   +177

    Broni, May 26, 2010
    #58
Page 3 of 3
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.