I.E. not coming up after attempted malware removal

View previous topic View next topic Go down

I.E. not coming up after attempted malware removal

Post by benb on 2nd May 2009, 7:18 pm

so i managed to download another autorun virus, which was making my antivirus pop up every 30 seconds are so saying that i had a virus. went through and found that some of the same files that i was told to delete when this happened the first time (in this thread: [You must be registered and logged in to see this link.] ), so i deleted them and that seemed to get fix the problem, until i went to get on the internet and none of the search engines would open. any advice?

benb
Novice
Novice

Posts Posts : 11
Joined Joined : 2009-03-02
OS OS : microsoft vista
Points Points : 28376
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I.E. not coming up after attempted malware removal

Post by Belahzur on 2nd May 2009, 8:10 pm

Hmm.
Re-run DDS and post the new log so we have an updated log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: I.E. not coming up after attempted malware removal

Post by benb on 2nd May 2009, 11:29 pm

for some reason its not letting me run dds or mbam...any suggestions? btw, i'm on a different computer.

benb
Novice
Novice

Posts Posts : 11
Joined Joined : 2009-03-02
OS OS : microsoft vista
Points Points : 28376
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I.E. not coming up after attempted malware removal

Post by Belahzur on 2nd May 2009, 11:31 pm

Lets try a rootkit scan.

1. Please download The Avenger by Swandog46 to your Desktop
Link: [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].

  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop

Note: This tool was posted specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


2. Now, start The Avenger program by clicking on its icon on your desktop.

  • Leave the script box empty.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avengerís actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
3. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: I.E. not coming up after attempted malware removal

Post by benb on 4th May 2009, 10:49 pm

Logfile of The Avenger Version 2.0, (c) by Swandog46
[You must be registered and logged in to see this link.]

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

Hidden driver "gxvxcserv.sys" found!
ImagePath: \systemroot\system32\drivers\gxvxcbvjpenovrereedrcilpneyweusrnmtnt.sys
Start Type: 1 (System)

Rootkit scan completed.


Completed script processing.

*******************

Finished! Terminate.

benb
Novice
Novice

Posts Posts : 11
Joined Joined : 2009-03-02
OS OS : microsoft vista
Points Points : 28376
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I.E. not coming up after attempted malware removal

Post by benb on 4th May 2009, 10:59 pm

oops, forgot to click the "disable" box...ran it again, here's the text

Logfile of The Avenger Version 2.0, (c) by Swandog46
[You must be registered and logged in to see this link.]

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

Hidden driver "gxvxcserv.sys" found!
ImagePath: \systemroot\system32\drivers\gxvxcbvjpenovrereedrcilpneyweusrnmtnt.sys
Driver disabled successfully.

Rootkit scan completed.


Completed script processing.

*******************

Finished! Terminate.



it seemed to work, i have everything back up and running again, thanks

benb
Novice
Novice

Posts Posts : 11
Joined Joined : 2009-03-02
OS OS : microsoft vista
Points Points : 28376
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I.E. not coming up after attempted malware removal

Post by Belahzur on 4th May 2009, 11:11 pm

Hello.
It only seems better because we disabled the rootkit, it's still on your machine though.

1. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+CCrying


Drivers to delete:
gxvxcserv.sys

Files to delete:
C:\WINDOWS\system32\drivers\gxvxcbvjpenovrereedrcilpneyweusrnmtnt.sys

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


2. Now, start The Avenger program by clicking on its icon on your desktop.

  • Under "Input script here:", paste in the script from the quote box above.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avengerís actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
3. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum