Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirecting virus


  • This topic is locked This topic is locked
6 replies to this topic

#1 tallguy_az

tallguy_az

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 22 October 2010 - 01:54 PM

My computer has a virus that will cause redirects when clicking on web links, mainly from google search results. I use firefox, if that helps any. The redirects are never to the same site, always random. I've tried to remove it with AVG and malwarebytes, to no avail. I've attached the DDS.txt file below. The gmer.exe file freezes everytime I try to run it.

Thank you.


DDS (Ver_10-10-21.02) - NTFSx86
Run by Richard Thomas at 11:04:40.71 on Fri 10/22/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1021.272 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\ofps.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\Program Files\ScanSoft\OmniForm 5.1\OFPA.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\plexcalc\plexcalc.exe
C:\Program Files\plexcalc\plexcalc.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Richard Thomas\Desktop\dds.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10i_Plugin.exe -update plugin
mRun: [IntelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" BOOT
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [CORSAIR_PLUtil] c:\program files\corsair\corsair flash voyager utility\PLBkMon.exe
mRun: [PLFFAP] c:\windows\system32\HotfixQ0306270.exe
mRun: [OmniForm OFPA] c:\program files\scansoft\omniform 5.1\OFPA.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRunOnce: [Uninstall Adobe Download Manager] "c:\windows\system32\rundll32.exe" "c:\program files\nos\bin\getPlus_Helper_3004.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\\DownloadPDF.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160583010031
DPF: {7B19E477-0FF8-11d4-9914-005004D3B3DB} - hxxp://java.sun.com/products/plugin/1.2/jinstall-122_017-win.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} - hxxp://www.ads-pipe.com/dwf/DwfViewerSetup.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {AECDFE45-DA5F-4072-972A-DA497919C05E} = 192.168.0.1
TCP: {D2ABA2A6-FB97-47E8-AE05-5195C7DF1E22} = 192.168.0.1
TCP: {ED648BAA-5136-4235-891F-D1DC93AE6F5A} = 192.168.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\richar~1\applic~1\mozilla\firefox\profiles\v0m1jd8c.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\richard thomas\application data\mozilla\firefox\profiles\v0m1jd8c.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 PLFF;USB Flash Disk Driver;c:\windows\system32\drivers\plff.sys [2006-10-11 7424]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-28 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-5-30 27784]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-4 297752]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2006-2-28 14336]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]

============== File Associations ===============

.scr=Mathcad.ScriptedObject.Component

=============== Created Last 30 ================

2010-10-21 20:32:50 -------- d-----w- c:\docume~1\richar~1\applic~1\Uniblue
2010-10-21 20:32:44 -------- d-----w- c:\program files\Uniblue
2010-10-21 14:58:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-10-21 14:58:21 -------- d-----w- c:\program files\McAfee Security Scan
2010-10-13 06:41:26 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 06:41:25 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 06:41:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-09-27 15:42:08 253168 ----a-w- c:\windows\system32\Msfrt10.dll
2010-09-27 15:42:08 210944 ----a-w- c:\windows\system32\Msvcrt10.dll
2010-09-27 15:42:08 -------- d-----w- c:\program files\Whamgr
2010-09-27 15:33:08 -------- d-----w- C:\WHAMO
2010-09-27 14:56:23 -------- d-----w- c:\docume~1\richar~1\locals~1\applic~1\Apple
2010-09-27 14:56:06 -------- d-----w- c:\docume~1\richar~1\locals~1\applic~1\Apple Computer
2010-09-23 20:42:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-23 20:42:28 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-23 20:42:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

==================== Find3M ====================

2010-09-18 19:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ------w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 18:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 18:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-04 13:09:51 659456 ------w- c:\windows\ArchSet.exe
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 13:28:57 73216 ------w- c:\windows\ST6UNST.EXE
2010-08-16 13:28:57 249856 ------w- c:\windows\Setup1.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
1997-06-23 10:00:00 123664 --sha-w- c:\windows\system32\Msjint35.dll
1997-06-23 19:06:50 24848 --sha-w- c:\windows\system32\Msjter35.dll
1997-06-23 19:06:50 252176 --sha-w- c:\windows\system32\Msrd2x35.dll
1997-06-23 19:06:50 287504 --sha-w- c:\windows\system32\Msxbse35.dll

============= FINISH: 11:06:07.57 ===============

BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:35 PM

Posted 22 October 2010 - 08:49 PM

Hello tallguy_az ,

Posted Image

Download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Thank,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 tallguy_az

tallguy_az
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 25 October 2010 - 12:29 PM

Thanks, Teacup61. Here is a copy of the TDSSKiller log:

2010/10/25 10:21:30.0296 TDSS rootkit removing tool 2.4.5.0 Oct 25 2010 09:49:04
2010/10/25 10:21:30.0296 ================================================================================
2010/10/25 10:21:30.0296 SystemInfo:
2010/10/25 10:21:30.0296
2010/10/25 10:21:30.0296 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/25 10:21:30.0296 Product type: Workstation
2010/10/25 10:21:30.0296 ComputerName: BARBADOS
2010/10/25 10:21:30.0296 UserName: Richard Thomas
2010/10/25 10:21:30.0296 Windows directory: C:\WINDOWS
2010/10/25 10:21:30.0296 System windows directory: C:\WINDOWS
2010/10/25 10:21:30.0296 Processor architecture: Intel x86
2010/10/25 10:21:30.0296 Number of processors: 2
2010/10/25 10:21:30.0296 Page size: 0x1000
2010/10/25 10:21:30.0296 Boot type: Normal boot
2010/10/25 10:21:30.0296 ================================================================================
2010/10/25 10:21:30.0593 Initialize success
2010/10/25 10:21:33.0500 ================================================================================
2010/10/25 10:21:33.0500 Scan started
2010/10/25 10:21:33.0500 Mode: Manual;
2010/10/25 10:21:33.0500 ================================================================================
2010/10/25 10:21:34.0609 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/25 10:21:34.0640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/10/25 10:21:34.0703 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/10/25 10:21:34.0734 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/10/25 10:21:34.0875 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/10/25 10:21:34.0968 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/25 10:21:35.0015 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/25 10:21:35.0078 ati2mtag (dcd26b36ce305b718e2f1c56c19df668) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/10/25 10:21:35.0156 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/25 10:21:35.0203 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/25 10:21:35.0250 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys
2010/10/25 10:21:35.0281 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2010/10/25 10:21:35.0312 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/25 10:21:35.0359 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/25 10:21:35.0406 CdaC15BA (f76cb7259aa575cc53f3996bc6b68c18) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
2010/10/25 10:21:35.0531 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/25 10:21:35.0656 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/25 10:21:35.0765 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/25 10:21:35.0843 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/10/25 10:21:35.0921 DgiVecp (770471de2550820feeb7e5d24bf2e273) C:\WINDOWS\system32\Drivers\DgiVecp.sys
2010/10/25 10:21:35.0968 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/25 10:21:36.0046 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/25 10:21:36.0109 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/25 10:21:36.0140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/25 10:21:36.0218 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/25 10:21:36.0328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/25 10:21:36.0359 e1express (e1fa10ed8f9f700c1be1eae05a80ef57) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2010/10/25 10:21:36.0406 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
2010/10/25 10:21:36.0468 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/25 10:21:36.0484 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/10/25 10:21:36.0515 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/25 10:21:36.0546 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/10/25 10:21:36.0593 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/10/25 10:21:36.0640 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/25 10:21:36.0656 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/25 10:21:36.0703 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/25 10:21:36.0718 grmnusb (cd007d03a9284bfe67d49c01213132bf) C:\WINDOWS\system32\drivers\grmnusb.sys
2010/10/25 10:21:36.0765 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2010/10/25 10:21:36.0812 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/10/25 10:21:36.0843 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
2010/10/25 10:21:36.0890 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/25 10:21:36.0953 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/25 10:21:37.0000 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/10/25 10:21:37.0031 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/25 10:21:37.0109 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/10/25 10:21:37.0140 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/10/25 10:21:37.0171 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/25 10:21:37.0187 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/25 10:21:37.0218 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/25 10:21:37.0234 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/25 10:21:37.0265 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/25 10:21:37.0312 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/25 10:21:37.0343 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/25 10:21:37.0375 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/25 10:21:37.0421 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/25 10:21:37.0500 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/25 10:21:37.0531 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/25 10:21:37.0593 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/25 10:21:37.0625 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/10/25 10:21:37.0640 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/25 10:21:37.0703 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/25 10:21:37.0796 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/25 10:21:37.0828 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/25 10:21:37.0859 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/25 10:21:37.0890 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/25 10:21:37.0937 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/25 10:21:37.0968 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/25 10:21:38.0000 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/25 10:21:38.0031 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/25 10:21:38.0078 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/25 10:21:38.0093 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/25 10:21:38.0109 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/25 10:21:38.0156 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/25 10:21:38.0171 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/25 10:21:38.0203 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/25 10:21:38.0234 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/10/25 10:21:38.0281 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/25 10:21:38.0328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/25 10:21:38.0390 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/25 10:21:38.0484 nv (9e1f2f09e34c92a96b9900b6a45d5026) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/10/25 10:21:38.0640 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/25 10:21:38.0656 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/25 10:21:38.0703 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/10/25 10:21:38.0718 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/10/25 10:21:38.0765 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/25 10:21:38.0796 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/25 10:21:38.0812 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/25 10:21:38.0875 PCIIde (8be5f3c96f3eb87d6cc4a647124e472d) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/25 10:21:38.0875 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\pciide.sys. Real md5: 8be5f3c96f3eb87d6cc4a647124e472d, Fake md5: ccf5f451bb1a5a2a522a76e670000ff0
2010/10/25 10:21:38.0875 PCIIde - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/10/25 10:21:38.0890 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/10/25 10:21:39.0062 PLFF (a20ac92609f3b246be3b761bb72fc6a5) C:\WINDOWS\system32\Drivers\PLFF.sys
2010/10/25 10:21:39.0109 Point32 (d0be72557de73acabbab536496d23115) C:\WINDOWS\system32\DRIVERS\point32.sys
2010/10/25 10:21:39.0140 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/25 10:21:39.0171 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/25 10:21:39.0203 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/25 10:21:39.0281 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/25 10:21:39.0312 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/25 10:21:39.0328 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/25 10:21:39.0359 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/25 10:21:39.0406 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/25 10:21:39.0437 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/25 10:21:39.0531 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/10/25 10:21:39.0578 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/25 10:21:39.0609 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/25 10:21:39.0687 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/25 10:21:39.0734 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/10/25 10:21:39.0765 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/10/25 10:21:39.0812 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/25 10:21:39.0843 sfng32 (3ce805e0e752f1febd52ac4899f5febf) C:\WINDOWS\system32\drivers\sfng32.sys
2010/10/25 10:21:39.0906 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/10/25 10:21:39.0953 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/25 10:21:39.0968 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/25 10:21:40.0078 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/25 10:21:40.0390 STHDA (ad7f9e184a75c5024707c5a41097f781) C:\WINDOWS\system32\drivers\sthda.sys
2010/10/25 10:21:40.0625 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/25 10:21:40.0734 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/25 10:21:41.0062 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/25 10:21:41.0156 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/25 10:21:41.0312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/25 10:21:41.0390 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/25 10:21:41.0500 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/25 10:21:41.0656 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/25 10:21:41.0781 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/25 10:21:41.0875 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/10/25 10:21:41.0984 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/25 10:21:42.0078 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/25 10:21:42.0171 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/10/25 10:21:42.0250 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/10/25 10:21:42.0359 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/25 10:21:42.0437 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/10/25 10:21:42.0531 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2010/10/25 10:21:42.0640 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/10/25 10:21:42.0765 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/25 10:21:42.0875 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/25 10:21:42.0984 wceusbsh (4a954a20a4c73d6db13c0fe25f3f1b0c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
2010/10/25 10:21:43.0171 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/25 10:21:43.0265 WIBUKEY (afcea7939925378f867dde6af76f3924) C:\WINDOWS\system32\DRIVERS\WibuKey.sys
2010/10/25 10:21:43.0421 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/10/25 10:21:43.0515 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/10/25 10:21:44.0578 ================================================================================
2010/10/25 10:21:44.0578 Scan finished
2010/10/25 10:21:44.0578 ================================================================================
2010/10/25 10:21:44.0578 Detected object count: 1
2010/10/25 10:22:05.0187 PCIIde (8be5f3c96f3eb87d6cc4a647124e472d) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/25 10:22:05.0187 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\pciide.sys. Real md5: 8be5f3c96f3eb87d6cc4a647124e472d, Fake md5: ccf5f451bb1a5a2a522a76e670000ff0
2010/10/25 10:22:06.0953 Backup copy found, using it..
2010/10/25 10:22:06.0968 C:\WINDOWS\system32\DRIVERS\pciide.sys - will be cured after reboot
2010/10/25 10:22:06.0968 Rootkit.Win32.TDSS.tdl3(PCIIde) - User select action: Cure
2010/10/25 10:22:14.0218 Deinitialize success

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:35 PM

Posted 25 October 2010 - 12:49 PM

Hi there :)

How is it running now? Got the rootkit, so it *should* be better. :thumbup2:

tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 tallguy_az

tallguy_az
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 25 October 2010 - 06:51 PM

Looks great now, thank you!

#6 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:35 PM

Posted 25 October 2010 - 07:00 PM

You're most welcome. :)

Your AVG is WAY out of date....you need the latest build, as we're way past 8.

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Those old versions also take up a ton of space! Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 22 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u22-windows-i586.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

If your updating goes well, then we're done here. :thumbup2: If you have any other problems with it, please feel free to let me know. :)

Take care!
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#7 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:35 PM

Posted 30 October 2010 - 01:11 AM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users