Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirecting, browser not letting me sign in to many websites


  • This topic is locked This topic is locked
2 replies to this topic

#1 Deganveran

Deganveran

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 26 December 2010 - 10:18 PM

I did a clean install on my system after some malware bound with a sys 32 file and my antiviruses deleted it. When I got it back google kept redirecting me. I did a repair install and it stopped for a while but its back. In addition, its not letting me sign onto a lost of sites or post things. I can't post on my facebook, forums, its not letting me get Microsoft service pack 3, autoupdate isnt working, I keep getting an false anti virus scanner virus that can be taken out with malware bites and microsoft security essentials but keeps coming back. Here are the logs:


DDS (Ver_10-12-12.02) - NTFSx86
Run by Justin Arroyo at 13:24:08.23 on Sat 12/25/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3582.2577 [GMT -8:00]

AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: Norton Internet Security *Disabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
C:\Program Files\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.0.30\InstStub.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugin-container.exe
C:\Program Files\Steam\Steam.exe
D:\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.bing.com/?pc=Z007&form=ZGAPHP
uInternet Connection Wizard,ShellNext = hxxp://avsoftwareport.com/shop?abc=cGdpZD03JnI9NzguMTg=
uInternet Settings,ProxyServer = http=127.0.0.1:8074
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.7.0.30\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.7.0.30\IPSBHO.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.7.0.30\coIEPlg.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\airlin~1.lnk - c:\program files\airlink101\airlink101 wlan monitor\RtWLan.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.7.0.30\CoIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\justin~1\applic~1\mozilla\firefox\profiles\hsr5uf8w.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox 4.0 beta 7\plugins\npwachk.dll

============= SERVICES / DRIVERS ===============

R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2010-12-24 219360]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.7.0.30\ccSvcHst.exe [2010-12-24 117640]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090713.024\NAVENG.SYS [2010-12-24 87888]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090713.024\NAVEX15.SYS [2010-12-24 875728]
R3 RTL8192su;Airlink101 AWLL6077v2 Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-12-10 587776]
S0 ayow;ayow;c:\windows\system32\drivers\lhhqenfm.sys --> c:\windows\system32\drivers\lhhqenfm.sys [?]
S0 lnowv;lnowv;c:\windows\system32\drivers\tuqsyh.sys --> c:\windows\system32\drivers\tuqsyh.sys [?]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-12-24 1684736]

=============== Created Last 30 ================

2010-12-25 10:56:50 -------- d-----w- c:\docume~1\justin~1\locals~1\applic~1\Adobe
2010-12-25 09:53:50 -------- d-----w- c:\docume~1\justin~1\locals~1\applic~1\2DBoy
2010-12-25 02:34:48 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-12-25 02:34:48 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-12-25 02:34:47 -------- d-----w- c:\program files\Cheat Engine
2010-12-25 02:29:45 -------- d-s---w- c:\documents and settings\justin arroyo\UserData
2010-12-24 08:31:32 89904 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\symfw.sys
2010-12-24 08:31:32 48688 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\symndisv.sys
2010-12-24 08:31:32 482432 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\cchpx86.sys
2010-12-24 08:31:32 43696 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\srtspx.sys
2010-12-24 08:31:32 36400 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\symndis.sys
2010-12-24 08:31:32 33072 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\symids.sys
2010-12-24 08:31:32 310320 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\SymEFA.sys
2010-12-24 08:31:32 308272 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\srtsp.sys
2010-12-24 08:31:32 259632 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\BHDrvx86.sys
2010-12-24 08:31:32 217136 ----a-w- c:\windows\system32\drivers\nis\1007000.01e\symtdi.sys
2010-12-24 08:30:54 -------- d-----w- c:\windows\system32\drivers\nis\1007000.01E
2010-12-24 08:30:54 -------- d-----w- c:\windows\system32\drivers\NIS
2010-12-24 08:30:52 -------- d-----w- c:\program files\Norton Internet Security
2010-12-24 08:30:50 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-12-24 08:30:10 -------- d-----w- c:\program files\NortonInstaller
2010-12-24 08:30:10 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-12-24 08:29:45 73728 ----a-r- c:\windows\system32\RtNicProp32.dll
2010-12-24 08:29:45 142592 ----a-r- c:\windows\system32\drivers\Rtenicxp.sys
2010-12-24 08:28:38 -------- d-----w- c:\windows\system32\Lang
2010-12-24 08:26:30 6400 -c--a-w- c:\windows\system32\dllcache\splitter.sys
2010-12-24 08:26:30 6400 ----a-w- c:\windows\system32\drivers\splitter.sys
2010-12-24 08:26:23 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys
2010-12-24 08:26:23 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys
2010-12-24 08:26:03 7552 -c--a-w- c:\windows\system32\dllcache\mskssrv.sys
2010-12-24 08:26:03 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
2010-12-24 08:20:04 -------- d-----w- c:\windows\system32\ReinstallBackups
2010-12-24 08:20:00 53248 ----a-r- c:\windows\system32\CSVer.dll
2010-12-24 08:19:51 -------- d-----w- C:\Intel
2010-12-24 08:19:29 -------- d--h--w- c:\program files\DeviceVM
2010-12-24 08:18:42 207400 ----a-r- c:\windows\GSetup.exe
2010-12-24 06:09:02 -------- d-----w- c:\docume~1\justin~1\applic~1\.purple
2010-12-23 21:59:18 54016 ----a-w- c:\windows\system32\drivers\lewrf.sys
2010-12-23 21:53:34 -------- d-----w- c:\docume~1\justin~1\locals~1\applic~1\CCP
2010-12-23 21:41:43 -------- d-----w- c:\docume~1\justin~1\applic~1\Malwarebytes
2010-12-23 21:39:02 -------- d-----w- c:\docume~1\justin~1\locals~1\applic~1\Mozilla
2010-12-23 21:38:04 -------- d-----w- c:\docume~1\justin~1\locals~1\applic~1\ATI
2010-12-23 21:30:59 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2010-12-23 21:29:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-23 21:13:55 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-12-23 21:13:55 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-12-23 21:13:55 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-12-23 21:13:55 13312 ----a-w- c:\windows\system32\irclass.dll
2010-12-23 21:13:39 14573 ----a-r- c:\windows\SET8D.tmp
2010-12-23 21:13:28 13753 ----a-r- c:\windows\SET52.tmp
2010-12-23 21:13:26 1086058 ----a-r- c:\windows\SET46.tmp
2010-12-23 21:13:24 1042903 ----a-r- c:\windows\SET43.tmp
2010-12-23 04:48:57 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{51464325-1f20-4356-b333-4806518637e8}\mpengine.dll
2010-12-19 00:22:51 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-12-18 19:35:23 -------- d-----w- c:\program files\iPod
2010-12-18 19:35:18 -------- d-----w- c:\program files\iTunes
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-12-18 19:27:54 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-12-17 08:31:39 -------- d-----w- c:\windows\system32\AGEIA
2010-12-17 08:31:18 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-12-17 08:31:16 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-12-17 08:31:15 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-12-17 08:31:15 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-12-17 08:31:14 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-12-17 08:31:14 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-12-17 08:31:13 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-12-17 07:34:06 -------- d-----w- c:\program files\OpenAL
2010-12-17 07:34:05 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-17 07:34:05 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-17 03:55:59 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2010-12-16 02:39:50 -------- d-----w- c:\docume~1\alluse~1\applic~1\CCP
2010-12-16 02:09:09 -------- d-----w- c:\program files\CCP
2010-12-15 08:37:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-15 08:37:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-15 08:37:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-15 08:37:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-13 18:30:55 -------- d--h--w- c:\windows\PIF
2010-12-11 20:17:51 -------- d-----w- c:\windows\system32\PreInstall
2010-12-11 19:30:26 -------- d-----w- c:\program files\abgx360
2010-12-11 08:29:27 -------- d-----w- c:\windows\system32\%APPDATA%
2010-12-11 06:28:59 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-12-11 06:16:14 -------- d-----w- c:\docume~1\alluse~1\applic~1\2DBoy
2010-12-11 06:07:17 222080 ----a-w- c:\windows\system32\MpSigStub.exe
2010-12-11 06:04:13 -------- d-----w- c:\program files\Steam
2010-12-11 06:03:40 -------- d-----w- c:\windows\system32\SoftwareDistribution
2010-12-11 06:03:27 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-12-11 06:01:39 -------- d-----w- c:\windows\system32\XPSViewer
2010-12-11 06:01:17 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-12-11 06:01:06 597504 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-12-11 06:01:06 575488 ----a-w- c:\windows\system32\xpsshhdr.dll
2010-12-11 06:01:06 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2010-12-11 06:01:06 117760 ----a-w- c:\windows\system32\prntvpt.dll

==================== Find3M ====================

2010-12-11 05:49:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-11 05:49:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-11 05:39:44 0 ----a-w- c:\windows\ativpsrm.bin
2010-12-06 13:58:56 2496715 ----a-w- c:\windows\system32\abgx360.exe
2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-30 01:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-30 01:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-10-27 03:17:30 16330752 ----a-w- c:\windows\system32\atioglxx.dll
2010-10-27 03:10:46 57344 ----a-w- c:\windows\system32\aticalrt.dll
2010-10-27 03:10:36 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-10-27 03:09:28 4489216 ----a-w- c:\windows\system32\aticaldd.dll
2010-10-27 03:02:58 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-10-27 02:51:30 3958784 ----a-w- c:\windows\system32\ati3duag.dll
2010-10-27 02:50:50 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-10-27 02:49:48 301056 ----a-w- c:\windows\system32\ati2dvag.dll
2010-10-27 02:48:12 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-10-27 02:36:08 2671744 ----a-w- c:\windows\system32\ativvaxx.dll
2010-10-27 02:30:46 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2010-10-27 02:30:32 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-10-27 02:30:24 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-10-27 02:30:16 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-10-27 02:30:04 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-10-27 02:28:32 614400 ----a-w- c:\windows\system32\ati2evxx.exe
2010-10-27 02:27:02 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-10-27 02:26:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-10-27 02:22:30 651264 ----a-w- c:\windows\system32\atikvmag.dll
2010-10-27 02:20:30 64512 ----a-w- c:\windows\system32\atimpc32.dll
2010-10-27 02:20:30 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2010-10-27 02:20:30 196608 ----a-w- c:\windows\system32\atiadlxx.dll
2010-10-27 02:20:12 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-10-27 02:14:32 704512 ----a-w- c:\windows\system32\ati2cqag.dll
2010-10-07 20:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 20:23:02 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 20:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 20:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD2500JS-60NCB2 rev.10.02E03 -> Harddisk0\DR0 -> \Device\Ide\IdePort2 P2T1L0-16

device: opened successfully
user: MBR read successfully

Disk trace:
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP2T1L0-16 -> \??\IDE#DiskWDC_WD2500JS-60NCB2_____________________10.02E03#5&1714ff57&0&0.1.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A82F39B
user & kernel MBR OK

============= FINISH: 13:29:35.46 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Deganveran

Deganveran
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 28 December 2010 - 01:26 AM

Bump, this is the second time I've posted this and Id really like some help because this virus keeps spreading.

#3 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:09:17 AM

Posted 28 December 2010 - 04:20 AM

gringo_pr has been awaiting your response to your original topic since the 26th. See here: http://www.bleepingcomputer.com/forums/topic367623.html


To avoid confusion, I'm closing this topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users