Malicious URL blocked

[jomztaruc]

How to set the boot...? Ive pressed f12 but there are many choices

[essexboy]

You need to set the boot order to USB/Removable media as number one and Hard drive to number two

[jomztaruc]

What is the name of hard drive? And what is the name for usb?

There two usbs
-usb fdd
-usb..:hp

[essexboy]

Try USB fdd first

What is your computer and I will look for the BIOS

[jomztaruc]

Its at the first page.

Im at windows vista and asking me to install windows vista. There's no Repair my computer

[essexboy]

Could you reboot and try again please

[jomztaruc]

Here are the choices

Ide0: hitachi.....
Ide1: optiarc dvd rw
Usb fdd
Network boot: realtek...
Usb hdd: hp..
Usb cdrom: ....

[essexboy]

OK lets try a different tool

Download Peazip to the desktop 
Run and install the programme
As it installs this page will show, deselect the AVG ticks
Press decline and it will then install cleanly 
 

 
Download the following files to the desktop .. Right click the links and select save as...then select desktop 
 
Rufus
 
OTLPE_standard
 
Right click OTLPE on your desktop and select  ..Open as archive 
 

 
 
Select OTLPE standard 
 

 
Click Extract, ensure that desktop is selected 
 

 
Insert the USB stick Then run Rufus
 
Select the ISO file on the desktop via the ISO icon.

Press Start Burn


Once the USB has burnt then

• Download Farbar Recovery Scan Tool and save it to the flash drive.
  
  
  • Reboot your system using the boot USB you just created.
  Note : If you do not know how to set your computer to boot from USB follow the steps here
  
• As the  Programme needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads  :)
• Your system should now display a Reatogo desktop.
• Locate the flash drive and run FSRT
• The tool will start to run.

• When the tool opens click Yes to disclaimer.
• Press Scan button.
  
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

[jomztaruc]

Hey guys? Do you think the next procedure you've mentioned will solve this problem? Not that im doubting you guys just asking cause im planning to reformat this lapfop(the chance of solving the problem is high) which is easier (back up some important files- reformat - restore). What do you guys think? Should i follow the procedure(the one that you mentioned above) or reformat my laptop (which i want, not my sister's. She owns the laptop so i have to back almost all of the files)

[essexboy]

The quickest option would be to back up, reformat and restore

[jomztaruc]

Is this malicious url dangerous(can affect other files) or only the chrome will be affected(cause its the only thing that doesnt work normally since this malicious blabla appeared)?

[essexboy]

The following are rootkits

SRV - File not found [Unknown (-1) | Unknown] -- -- (SKYNETrvnsxyqe)
DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (SKYNETrvnsxyqe)
[2013/02/28 00:59:51 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job
[C:\Windows\$NtUninstallKB59234$] -> Error: Cannot create file handle -> Unknown point type


You can try OTL again in case Combofix remove the main part


Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:OTL
SRV - File not found [Auto | Stopped] -- -- (Winstep Xtreme Service)
SRV - File not found [Unknown (-1) | Unknown] -- -- (SKYNETrvnsxyqe)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (XDva300)
DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (SKYNETrvnsxyqe)
O2 - BHO: (Browsee2saave) - {1EE53832-30EE-7924-5350-98544FF758ED} - C:\ProgramData\Browsee2saave\512d143499ba8.dll ()
O20 - AppInit_DLLs: (c:\progra~1\easylife\sprote~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\Program Files\BrowseToSave\sprotector.dll ()
O33 - MountPoints2\{f67bed7f-0490-11de-951f-001eecd87995}\Shell\AutoRun\command - "" = F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\OgarD.exe
O33 - MountPoints2\{f67bed7f-0490-11de-951f-001eecd87995}\Shell\open\command - "" = F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\OgarD.exe
[2013/02/27 03:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe
[2013/02/27 03:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft
[2013/02/27 03:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\BrowseToSave
[2013/02/27 03:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browsee2saave
[2013/02/27 03:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Browsee2saave
[2013/02/27 03:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/02/27 02:24:01 | 000,000,000 | ---D | C] -- C:\Users\Melissa Taruc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mega Codec Pack
[2013/02/28 00:59:51 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job
[C:\Windows\$NtUninstallKB59234$] -> Error: Cannot create file handle -> Unknown point type

:Files
C:\ProgramData\BetterSoft
c:\Program Files\BrowseToSave
C:\ProgramData\Browsee2saave

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]


• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[jomztaruc]

After startimg up my laptop, avast popped out that it detected a virus(rootkit), so i deleted it and no more malicious url.. I guess ill leav that way?

[essexboy]

If you are sure, but there was a lot of adware on your system, so maybe try AdwCleaner again

[jomztaruc]

I'll be back here if something happened again, thanks for your help and time man! If you dont mind asking, why cant i install google chrome? After the malicious url ppeared ive uninstalled it(i thought it will solve the problem) via control panel, now that the malicious url is gone i want it back cause mozilla and IE is so sloooow. So ive opened mozilla (tried IE too) and go to google's homepage, there's an option there (INSTALL GOOGLE CHROME...) so i clicked it and it load pfoperly and there's an option there again (DOWNLOAD LINK FOR CHROME) i clicked it, this time it loads but its loading very long so it stops and told that there might be a connection problem. Thats the only page that wont load properly, im pretty sure that im the only one using the wifi and as so theres no chance that its my connection. What should i do man? Im not sure if i uninstall it completely cause there's still a GOOGLE folder at progam files, is it related? Or someone is blocking it?