Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirecting. Is it a virus? Please help


  • This topic is locked This topic is locked
3 replies to this topic

#1 member419

member419

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 19 April 2011 - 10:29 PM

I just noticed that when I use Google (or Bing) I get redirected. It is very frustrating! I don't know much about repairing computers but I follow instructions and would appreciate any help!

I am using Firefox and the only other problem that I have noticed is Firefox locking up and closing on me lately. I don't know if it is related or not.

Edited by Budapest, 20 April 2011 - 01:57 AM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest


BC AdBot (Login to Remove)

 


#2 member419

member419
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 20 April 2011 - 09:57 AM

Here are the logs I forgot to post before.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by HP_Owner at 9:39:49.60 on Wed 04/20/2011
Internet Explorer: 8.0.6001.18241 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1983.1174 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\progra~1\scansoft\paperp~1\pptd40nt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Evernote\Evernote\EvernoteTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Cobian Backup 10\cbVSCService.exe
C:\Program Files\Cobian Backup 10\Cobian.exe
C:\Program Files\Cobian Backup 10\cbInterface.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Owner\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.cox.net
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
uSearch Bar = hxxp://home.peoplepc.com/search
uWindow Title = Internet Explorer Provided by Cox High Speed Internet
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://www.symantec.com/techsupp/activation/activate-redirect.jsp?LG=ENG&IVR=3003421387384078614521362813586285001737481263338&SO={05858CFD-5CC4-4ceb-AAAF-CF00BF39736A}
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mSearchAssistant = hxxp://home.peoplepc.com/search
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No File
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
uRun: [PPWebCap] c:\progra~1\scansoft\paperp~1\PPWebCap.exe
uRunOnce: [<NO NAME>] c:\program files\internet explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/ProductMessages?module=2009&error=0&language=en&product=SymNRT&version=2009.0.0.41&build=Symantec&a=00000082.00000015.00000022&b=00000082.0000001f.0000004b&c=00000082.00000049.000000b9
mRun: [VTTimer] VTTimer.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PS2] c:\windows\system32\ps2.exe
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [DeviceDiscovery] c:\program files\hp\digital imaging\bin\hpotdd01.exe
mRun: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe
mRun: [SymNRT] "c:\docume~1\hp_owner\locals~1\temp\wzse0.tmp\SymNRT.exe" /unrun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [lxdxmon.exe] "c:\program files\lexmark 3600-4600 series\lxdxmon.exe"
mRun: [lxdxamon] "c:\program files\lexmark 3600-4600 series\lxdxamon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\hp_owner\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\docume~1\hp_owner\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\HOTSYNC.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\norton~1.lnk - c:\program files\norton goback\GBTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\309731\program\Updates from HP.exe
uPolicies-explorer: NoFileAssociate = 0 (0x0)
mPolicies-explorer: NoFileAssociate = 0 (0x0)
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Add To HP Organize... - c:\progra~1\hewlet~1\hporga~1\bin/module.main/favorites\ie_add_to.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\hp_owner\application data\dvdvideosoftiehelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\hp_owner\application data\dvdvideosoftiehelpers\youtubetomp3.htm
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: turbotax.com
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163345080125
DPF: {6F750200-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} - hxxp://vsp.closetmaid.com/vsp/cmaidctl_vsp.closetmaid.com_downloader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/4051/ftp.coupons.com/r3302/cpbrkpie.cab
DPF: {B030900C-746A-47BF-8B1D-EA3FB3395563} - hxxps://fastconnect.cox.net/cd20/CoxFastConnect20.ocx
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\0vo5p2hr.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/accounts/ServiceLogin?hl=en&nui=1&service=reader&continue=http%3A%2F%2Fwww.google.com%2Freader|https://www.mturk.com/mturk/dashboard
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\documents and settings\hp_owner\application data\mozilla\firefox\profiles\0vo5p2hr.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp07061050.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol500.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Vacuum Places Improved: VacuumPlacesImproved@lultimouomo-gmail.com - %profile%\extensions\VacuumPlacesImproved@lultimouomo-gmail.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R2 BCMNTIO;BCMNTIO;c:\progra~1\checkit\diagno~1\BCMNTIO.sys [2005-2-3 3744]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files\cobian backup 10\cbVSCService.exe [2011-4-19 67584]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 MAPMEM;MAPMEM;c:\progra~1\checkit\diagno~1\MAPMEM.sys [2005-2-3 3904]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2010-8-15 94208]
.
=============== Created Last 30 ================
.
2011-04-20 03:49:16 -------- d-----w- c:\docume~1\hp_owner\locals~1\applic~1\Safe mirror
2011-04-20 03:48:51 -------- d-----w- c:\program files\Cobian Backup 10
2011-04-20 02:42:41 238417 ------w- c:\documents and settings\hp_owner\null0.7280974476711213.exe
2011-04-09 14:08:23 2345733 ------w- c:\documents and settings\all users\SPL5.tmp
2011-04-06 18:04:39 -------- d-----w- c:\program files\Garmin GPS Plugin
2011-04-06 18:00:20 -------- d-----w- c:\docume~1\hp_owner\applic~1\GARMIN
2011-04-06 18:00:20 -------- d-----w- c:\docume~1\alluse~1\applic~1\GARMIN
2011-04-06 17:59:57 -------- d-----w- c:\program files\Garmin
2011-04-06 17:32:01 -------- d-----w- C:\Garmin
2011-04-06 16:58:24 69715 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2011-04-06 16:58:24 5632 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2011-04-06 16:58:24 266240 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2011-04-06 16:58:24 192512 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2011-04-06 16:58:23 729088 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2011-04-06 16:58:23 188548 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2011-04-06 16:58:22 311428 ------w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2011-04-06 16:57:55 65536 ------r- c:\docume~1\hp_owner\applic~1\microsoft\installer\{2bcb62f5-7ec5-4637-8f7a-2e7f5b437a70}\PalmDesktopShortcut.exe
2011-04-06 16:57:55 65536 ------r- c:\docume~1\hp_owner\applic~1\microsoft\installer\{2bcb62f5-7ec5-4637-8f7a-2e7f5b437a70}\ARPPRODUCTICON.exe
2011-04-06 16:57:51 -------- d-----w- c:\program files\Palm
2011-03-27 03:20:00 -------- d-----w- c:\program files\iPod
2011-03-27 03:15:42 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2011-04-16 14:09:51 43520 ------w- c:\windows\system32\CmdLineExt03.dll
2011-02-28 20:19:41 398760 ------r- c:\windows\system32\cpnprt2.cid
2011-02-18 21:36:58 4184352 ------w- c:\windows\system32\usbaaplrc.dll
2004-08-04 12:00:00 94784 -csh--w- c:\windows\twain.dll
2004-08-04 12:00:00 50688 --sh--w- c:\windows\twain_32.dll
2004-08-04 12:00:00 1028096 --sh--w- c:\windows\system32\mfc42.dll
2004-08-04 12:00:00 54784 --sh--w- c:\windows\system32\msvcirt.dll
2004-08-04 12:00:00 413696 --sh--w- c:\windows\system32\msvcp60.dll
2004-08-04 12:00:00 343040 --sh--w- c:\windows\system32\msvcrt.dll
2004-08-04 12:00:00 11776 --sh--w- c:\windows\system32\regsvr32.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe GoBack2K.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x898FDECC]<<
c:\windows\system32\drivers\GoBack2K.sys Symantec Corporation Norton GoBack
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x89928879; SUB DWORD [EBP-0x4], 0x89928135; PUSH EDI; CALL 0xffffffffffffdf2c; }
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x8A4AEAB8]
3 CLASSPNP[0xF763805B] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000060[0x8A5129E8]
5 ACPI[0xF75AE620] -> nt!IofCallDriver[0x804E37D5] -> [0x8A56ED98]
[0x89A5BC30] -> IRP_MJ_CREATE -> 0x898FDECC
kernel: MBR read successfully
_asm { CALL 0x56; }
detected disk devices:
\Device\Ide\IdeDeviceP2T0L0-12 -> \??\IDE#DiskWDC_WD800BB-22JHA0______________________05.01C05#4457572d414d394d363333333733203120202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x898FDAF1
user != kernel MBR !!!
sectors 156301486 (+135): user != kernel
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.
.
============= FINISH: 9:40:18.92 ===============

#3 member419

member419
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:44 PM

Posted 20 April 2011 - 10:01 AM

I cannot figure out how to attach a file to a post. I can't find the option. I need to attach the Attach.txt

Also, when I backed up my computer I got this error.
ERR 2011-04-20 03:57 An error occurred while compressing the file "GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db.shadow": Cannot open file "\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db.shadow" - Native error: 00033


Don't know if that pertains to my problem or not.
Thanks for your help!

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:44 PM

Posted 21 April 2011 - 05:50 PM

Duplicate topic closed.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users