Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Pop Up Virus


  • Please log in to reply
12 replies to this topic

#1 snoplow

snoplow

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 31 May 2011 - 09:20 PM

We've tried everything we could for the past couple days in trying to remove a redirecting pop up virus on our computer. We need help and this site was recommended to us to try.

We are running Windows XP sp3 and we use Firefox. The first time we noticed there was an issue was when an internet radio would start playing in the background along with pop ups (in explorer) and our searches being redirected. We ran a couple of virus and malware software scans. We seemed to have removed the internet radio issue, but are still having issues with pop ups and searches being redirected.

Any help or feedback you can provide would be greatly appreciated.

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 31 May 2011 - 11:23 PM

Please download Malwarebytes' Anti-Malware (v1.50) and save it to your desktop.
Download Link 1
Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 snoplow

snoplow
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 01 June 2011 - 06:23 AM

Thanks for your response here is the info you requested.


Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/1/2011 7:21:04 AM
mbam-log-2011-06-01 (07-21-04).txt

Scan type: Quick scan
Objects scanned: 188890
Time elapsed: 12 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 01 June 2011 - 04:02 PM

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 snoplow

snoplow
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 01 June 2011 - 10:26 PM

I wasn't able to download load it directly to my computer,but was able to run it after i downloaded it to my laptop. It did find something and it had asked me to reboot to fix the problem which I did. I've ran a few searches and so far no problems. Here is the report after the reboot..

2011/06/01 23:23:39.0875 3348 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/06/01 23:23:40.0421 3348 ================================================================================
2011/06/01 23:23:40.0421 3348 SystemInfo:
2011/06/01 23:23:40.0421 3348
2011/06/01 23:23:40.0421 3348 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/01 23:23:40.0421 3348 Product type: Workstation
2011/06/01 23:23:40.0421 3348 ComputerName: DC
2011/06/01 23:23:40.0421 3348 UserName: Owner
2011/06/01 23:23:40.0421 3348 Windows directory: C:\WINDOWS
2011/06/01 23:23:40.0421 3348 System windows directory: C:\WINDOWS
2011/06/01 23:23:40.0421 3348 Processor architecture: Intel x86
2011/06/01 23:23:40.0421 3348 Number of processors: 1
2011/06/01 23:23:40.0421 3348 Page size: 0x1000
2011/06/01 23:23:40.0421 3348 Boot type: Normal boot
2011/06/01 23:23:40.0421 3348 ================================================================================
2011/06/01 23:23:41.0562 3348 Initialize success
2011/06/01 23:23:44.0875 3640 ================================================================================
2011/06/01 23:23:44.0875 3640 Scan started
2011/06/01 23:23:44.0875 3640 Mode: Manual;
2011/06/01 23:23:44.0875 3640 ================================================================================
2011/06/01 23:23:45.0875 3640 6250spi (4f6b2305358c4b98d1e976507333692d) C:\WINDOWS\system32\Drivers\6250spi.sys
2011/06/01 23:23:46.0187 3640 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/06/01 23:23:46.0562 3640 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/01 23:23:46.0718 3640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/01 23:23:46.0875 3640 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/01 23:23:47.0046 3640 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/06/01 23:23:47.0187 3640 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/06/01 23:23:47.0375 3640 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/06/01 23:23:47.0531 3640 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/06/01 23:23:47.0687 3640 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/06/01 23:23:47.0843 3640 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/06/01 23:23:48.0031 3640 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/06/01 23:23:48.0187 3640 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/06/01 23:23:48.0359 3640 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/06/01 23:23:48.0515 3640 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINDOWS\system32\DRIVERS\amdk7.sys
2011/06/01 23:23:48.0640 3640 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/06/01 23:23:48.0828 3640 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/06/01 23:23:48.0968 3640 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/06/01 23:23:49.0125 3640 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/06/01 23:23:49.0359 3640 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/01 23:23:49.0515 3640 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/01 23:23:49.0812 3640 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/01 23:23:49.0984 3640 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/01 23:23:50.0078 3640 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/06/01 23:23:50.0218 3640 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/06/01 23:23:50.0390 3640 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/06/01 23:23:50.0562 3640 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/01 23:23:50.0953 3640 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/06/01 23:23:51.0109 3640 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/01 23:23:51.0281 3640 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/01 23:23:51.0437 3640 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/06/01 23:23:51.0593 3640 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/01 23:23:51.0765 3640 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/01 23:23:51.0906 3640 cdrbsvsd (7fc46240546c16c0448c29c9d233b915) C:\WINDOWS\system32\drivers\cdrbsvsd.sys
2011/06/01 23:23:52.0078 3640 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/01 23:23:52.0406 3640 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/06/01 23:23:52.0593 3640 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/06/01 23:23:52.0765 3640 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/06/01 23:23:52.0921 3640 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/06/01 23:23:53.0109 3640 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/01 23:23:53.0312 3640 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/01 23:23:53.0500 3640 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/01 23:23:53.0656 3640 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/01 23:23:53.0828 3640 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/01 23:23:54.0015 3640 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/06/01 23:23:54.0171 3640 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/01 23:23:54.0343 3640 ElbyCDIO (76cad4f1291990fc47824b845032e997) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/06/01 23:23:54.0531 3640 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/01 23:23:54.0703 3640 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/01 23:23:54.0859 3640 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/01 23:23:55.0015 3640 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/01 23:23:55.0187 3640 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/06/01 23:23:55.0359 3640 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/01 23:23:55.0515 3640 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/01 23:23:55.0687 3640 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/01 23:23:55.0890 3640 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/01 23:23:56.0046 3640 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/06/01 23:23:56.0203 3640 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/06/01 23:23:56.0359 3640 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/06/01 23:23:56.0515 3640 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/06/01 23:23:56.0671 3640 HSFHWBS2 (b6b0721a86e51d141ec55c3cc1ca5686) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2011/06/01 23:23:56.0875 3640 HSF_DP (9a0d0c461ef2b3d80cb7875b4b995e47) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/06/01 23:23:57.0078 3640 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/06/01 23:23:57.0281 3640 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/01 23:23:57.0468 3640 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/06/01 23:23:57.0609 3640 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/06/01 23:23:57.0765 3640 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/01 23:23:58.0031 3640 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/01 23:23:58.0187 3640 InCDfs (52f1dd6b069d15594c2e53cba40853dd) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/06/01 23:23:58.0343 3640 InCDPass (5210a42eb4c92c57378b975d31a5dc4c) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/06/01 23:23:58.0515 3640 InCDrec (dde0fc5b4baa91a936b88e6cddd83296) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/06/01 23:23:58.0671 3640 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/06/01 23:23:58.0843 3640 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/06/01 23:23:59.0015 3640 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/06/01 23:23:59.0171 3640 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/01 23:23:59.0343 3640 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/01 23:23:59.0500 3640 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/01 23:23:59.0656 3640 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/01 23:23:59.0828 3640 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/01 23:23:59.0968 3640 ivusb (339dea550cc17283d6fd689ac7e67c57) C:\WINDOWS\system32\DRIVERS\ivusb.sys
2011/06/01 23:24:00.0125 3640 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/01 23:24:00.0281 3640 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/01 23:24:00.0453 3640 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/01 23:24:00.0609 3640 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/01 23:24:00.0968 3640 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\WINDOWS\system32\drivers\mbam.sys
2011/06/01 23:24:01.0125 3640 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
2011/06/01 23:24:01.0296 3640 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/06/01 23:24:01.0468 3640 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/01 23:24:01.0640 3640 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/01 23:24:01.0796 3640 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/01 23:24:01.0968 3640 moufiltr (6ed1d87904edfbd26dfb31abf1040d92) C:\WINDOWS\system32\DRIVERS\moufiltr.sys
2011/06/01 23:24:02.0125 3640 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/01 23:24:02.0296 3640 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/01 23:24:02.0453 3640 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/06/01 23:24:02.0640 3640 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/01 23:24:02.0812 3640 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/01 23:24:03.0000 3640 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/01 23:24:03.0171 3640 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/01 23:24:03.0343 3640 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/01 23:24:03.0531 3640 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/01 23:24:03.0687 3640 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/01 23:24:03.0859 3640 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/01 23:24:04.0015 3640 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/01 23:24:04.0187 3640 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
2011/06/01 23:24:04.0359 3640 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/01 23:24:04.0531 3640 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/01 23:24:04.0687 3640 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/01 23:24:04.0843 3640 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/01 23:24:05.0000 3640 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/01 23:24:05.0140 3640 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/01 23:24:05.0281 3640 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/01 23:24:05.0421 3640 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/01 23:24:05.0593 3640 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/01 23:24:05.0828 3640 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/01 23:24:06.0000 3640 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/01 23:24:06.0171 3640 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/01 23:24:06.0421 3640 nv (69766e223343b4da517f49666556edc7) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/06/01 23:24:06.0593 3640 nvax (c940418d48b98359e9ccbad695e5f530) C:\WINDOWS\system32\drivers\nvax.sys
2011/06/01 23:24:06.0750 3640 NVENET (5155e22da2f2e1ca4023d00f6eb31b5e) C:\WINDOWS\system32\DRIVERS\NVENET.sys
2011/06/01 23:24:06.0921 3640 nvnforce (b000a8b4946f786a56c7b020620b3a46) C:\WINDOWS\system32\drivers\nvapu.sys
2011/06/01 23:24:07.0093 3640 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
2011/06/01 23:24:07.0265 3640 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/01 23:24:07.0437 3640 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/01 23:24:07.0640 3640 ovt519 (4cdadec3dc1300ee1d313ea5494e6472) C:\WINDOWS\system32\Drivers\ov519vid.sys
2011/06/01 23:24:07.0812 3640 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/06/01 23:24:07.0968 3640 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/01 23:24:08.0109 3640 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/01 23:24:08.0265 3640 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/01 23:24:08.0437 3640 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/01 23:24:08.0718 3640 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/01 23:24:08.0890 3640 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/01 23:24:09.0046 3640 Pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\Pcouffin.sys
2011/06/01 23:24:09.0750 3640 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/06/01 23:24:09.0890 3640 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/06/01 23:24:10.0109 3640 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/01 23:24:10.0265 3640 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/06/01 23:24:10.0437 3640 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/01 23:24:10.0593 3640 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/01 23:24:10.0734 3640 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/01 23:24:10.0875 3640 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/06/01 23:24:11.0015 3640 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/06/01 23:24:11.0171 3640 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/06/01 23:24:11.0328 3640 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/06/01 23:24:11.0453 3640 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/06/01 23:24:11.0609 3640 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/01 23:24:11.0781 3640 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/01 23:24:11.0937 3640 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/01 23:24:12.0093 3640 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/01 23:24:12.0250 3640 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/01 23:24:12.0421 3640 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/01 23:24:12.0593 3640 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/01 23:24:12.0781 3640 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/01 23:24:12.0953 3640 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/01 23:24:13.0093 3640 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/06/01 23:24:13.0140 3640 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/06/01 23:24:13.0328 3640 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/01 23:24:13.0500 3640 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/01 23:24:13.0640 3640 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/01 23:24:13.0859 3640 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/06/01 23:24:14.0171 3640 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/06/01 23:24:14.0328 3640 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/01 23:24:14.0515 3640 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/06/01 23:24:14.0671 3640 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/06/01 23:24:14.0812 3640 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/01 23:24:14.0968 3640 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/01 23:24:15.0156 3640 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/01 23:24:15.0328 3640 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/06/01 23:24:15.0484 3640 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/01 23:24:15.0625 3640 SunkFilt (d8cbd8b4bf4dc9cd64b5cc8e2bec1b96) C:\WINDOWS\System32\Drivers\sunkfilt.sys
2011/06/01 23:24:15.0796 3640 SunkFilt39 (fabcc3bec89a2853958cefb28943c470) C:\WINDOWS\System32\Drivers\sunkfilt39.sys
2011/06/01 23:24:16.0078 3640 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/01 23:24:16.0234 3640 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/01 23:24:16.0437 3640 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/06/01 23:24:16.0593 3640 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/06/01 23:24:16.0750 3640 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/06/01 23:24:16.0890 3640 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/06/01 23:24:17.0046 3640 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/01 23:24:17.0265 3640 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/01 23:24:17.0421 3640 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/01 23:24:17.0593 3640 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/01 23:24:17.0765 3640 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/01 23:24:17.0968 3640 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/06/01 23:24:18.0156 3640 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/01 23:24:18.0312 3640 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/06/01 23:24:18.0500 3640 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/01 23:24:18.0687 3640 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/06/01 23:24:18.0843 3640 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/01 23:24:19.0000 3640 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/01 23:24:19.0156 3640 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/01 23:24:19.0328 3640 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/06/01 23:24:19.0484 3640 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/01 23:24:19.0640 3640 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/01 23:24:19.0812 3640 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/01 23:24:19.0968 3640 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/01 23:24:20.0125 3640 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/01 23:24:20.0296 3640 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/06/01 23:24:20.0453 3640 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/06/01 23:24:20.0609 3640 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/01 23:24:20.0796 3640 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/01 23:24:20.0953 3640 wanatw (ba1d9278448cb26152a18b6a06b61ea3) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/06/01 23:24:21.0156 3640 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/06/01 23:24:21.0453 3640 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/01 23:24:21.0656 3640 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/06/01 23:24:21.0890 3640 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
2011/06/01 23:24:22.0109 3640 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/06/01 23:24:22.0281 3640 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/01 23:24:22.0453 3640 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/01 23:24:22.0625 3640 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/01 23:24:22.0812 3640 zumbus (337b9607f041b77824411750069aff2d) C:\WINDOWS\system32\DRIVERS\zumbus.sys
2011/06/01 23:24:22.0906 3640 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/06/01 23:24:23.0093 3640 MBR (0x1B8) (605c27bf0c53fbfe4ad2be7682f4fccd) \Device\Harddisk5\DR6
2011/06/01 23:24:23.0312 3640 ================================================================================
2011/06/01 23:24:23.0312 3640 Scan finished
2011/06/01 23:24:23.0312 3640 ================================================================================
2011/06/01 23:24:23.0359 3624 Detected object count: 0
2011/06/01 23:24:23.0359 3624 Actual detected object count: 0

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 01 June 2011 - 10:38 PM

Please run another quick scan with Malwarebytes and post the new log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 snoplow

snoplow
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 02 June 2011 - 06:33 AM

Here is the log from the scan. Thanks again for all your help with this.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6748

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/2/2011 7:31:53 AM
mbam-log-2011-06-02 (07-31-53).txt

Scan type: Quick scan
Objects scanned: 190356
Time elapsed: 15 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 02 June 2011 - 04:07 PM

How's your computer running now?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 snoplow

snoplow
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 02 June 2011 - 08:10 PM

Everything seems to be ok now, Thank you for your help.

#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 02 June 2011 - 08:17 PM

If you’re clean, you should create a new Restore Point to prevent possible re-infection from an old one.

Go Start > Programs > Accessories > System Tools and click System Restore. Choose the radio button marked Create a Restore Point on the first screen then click Next. Give the Restore Point a name and then click Create. Then use Disk Cleanup to remove all but the most recently created Restore Point. Go Start > Run and type: "Cleanmgr" (without the quotes). Click Ok > More Options tab > Clean Up in the System Restore section to remove all previous restore points except the newly created one.

Also, go Start > Control Panel and double-click Add or Remove Programs. Post back and report any Java or JS2E entries that you have.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#11 snoplow

snoplow
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 02 June 2011 - 10:57 PM

I set the restore point and ran the disk clean up. I didn't see any Java or JS2E entries.

Edited by snoplow, 02 June 2011 - 10:58 PM.


#12 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 02 June 2011 - 11:03 PM

Ok then you're good to go I think.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#13 snoplow

snoplow
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 02 June 2011 - 11:04 PM

Thanks again for your help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users