Author Topic: URL: MAL cant get rid of it  (Read 14285 times)

0 Members and 2 Guests are viewing this topic.

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #15 on: September 18, 2012, 11:21:29 PM »
GOOD NEWS! after being pi**ed off about TDSSSkiller not working and the URL still coming up, I kept playing with it and the tdssfix...long story short, I got tdssskiller to work!! (I had renamed tdssfix and ran it, didnt see anything on screen, re-downloaded from your link and it worked?!?! - Dont ask Dont tell...it just worked)

First run told me to reboot, needed deep scan or something so I did.
Came up with a malicious threat (Rootkit.Boot.SST.b in the physical HDD)

Then ran CURE and rebooted, then ran again...attached all the logs from this. WooHoo!
« Last Edit: September 18, 2012, 11:23:28 PM by thewebguy »

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #16 on: September 18, 2012, 11:21:55 PM »
one more tdsskiller report

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: URL: MAL cant get rid of it
« Reply #17 on: September 18, 2012, 11:29:54 PM »
Sorry for delay in responding. I have been working...


  • Re-run TDSSKiller.exe and click on Change parametres.
  • Under Additional options check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Click on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and attach the contents of it into your next reply
Note:It will also create a log in the C:\ directory.



thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #18 on: September 19, 2012, 12:37:29 AM »
Windows updated! Thats a good sign...

Re-ran TDSSSkiller...attached log...2suspects.

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: URL: MAL cant get rid of it
« Reply #19 on: September 19, 2012, 04:12:35 PM »
Yes.

> Delete current Combofix and download fresh one.
Re-run Combofix and attach here fresh Combofix.txt log.

> Re-run MBRCheck and attach here fresh MBRCheck.txt log
if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #20 on: September 19, 2012, 10:12:03 PM »
indows updated to SP1 + 73 other updates  :o

MBR Logs attached...

COMBOFIX LOG is attached in 2 parts..it was too big...

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #21 on: September 19, 2012, 10:16:10 PM »
combofix part 1

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #22 on: September 19, 2012, 10:18:10 PM »
combofix part 2

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #23 on: September 19, 2012, 10:18:46 PM »
make that 3 parts...combofix part 3

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: URL: MAL cant get rid of it
« Reply #24 on: September 19, 2012, 10:27:58 PM »
How is your computer running now?

thewebguy

  • Guest
Re: URL: MAL cant get rid of it
« Reply #25 on: September 20, 2012, 12:39:04 AM »
Seems good. No popups and not redirecting.

More windows updates installed successfully, and the machine made some recovery discs for me  ;D

Do you see anything else? Or do we begin to remove all the items we added? oh and THANKS!!!! :)

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: URL: MAL cant get rid of it
« Reply #26 on: September 20, 2012, 12:36:08 PM »
Nice.



It is necessary to uninstall ComboFix :
  • Click Start (or ) then Run.


    On Windows7 or Vista you may use Start Search field if Run is not available.

  • In the line of text type in (Copy) the following:
Code: [Select]
ComboFix /Uninstall
    Note that there is a space between " ComboFix " and " /Uninstall " .

    • then click OK (or press Enter ).
    Wait for the uninstall process is complete.



    > Re-run OTL and click on CleanUp! button.

    You will be asked to reboot the machine to finish the cleanup process, choose Yes.
    After the reboot all the tools we used should be gone.
    Note: Some more recently created tools may not yet be removed by OTL. Feel free to manually delete any tools it leaves behind.



    ...be safe  ;)