Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects still


  • This topic is locked This topic is locked
11 replies to this topic

#1 thewoodman22

thewoodman22

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 05 July 2011 - 11:53 AM

Hoping to get some help here

after picking up something nasty a few days ago
and somewhat foolishly attemting my own removal - which was partially sucessful

After one last online virus scan which found nothing
decided to do a clean install of vista (system was very cluttered HDD almost full so scans taking forever - fully backed up all needed stuff to external HDD)

all seem to go well
But still getting browser redirects via IE and Firefox
also iexplore.exe is running as process in the background - end the process and it reappears within 10 mins

so far only tried malwarebytes scan X2 - both crashed within 4 mins
and one online scan which found nothing

help is needed

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:29 AM

Posted 05 July 2011 - 02:14 PM

Hello, please run these next. Was that an ESET online scan?
Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.



Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Next run How to remove Google Redirects

A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 thewoodman22

thewoodman22
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 05 July 2011 - 05:11 PM

right then
was an ESET online scan which found nothing

Did the hosts fix as advised

ran security check
during scan displayed

antivirus and firewall check done
file not found - hostcopy.txt
cannot find file - flash3.txt
cannot find file - flash4.txt

then completed rest of scan

Results of screen317's Security Check version 0.99.7
Windows Vista (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Adobe Flash Player 9 (Out of date Flash Player installed!)
Adobe Reader 8
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-GB..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Windows Defender MSASCui.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````


tried to run TDSSkiller several times with no joy, even after renaming it
also tried in safe mode and still won't run

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:29 AM

Posted 05 July 2011 - 08:57 PM

We will need to update afew things later.

TDSSKiller from Command Prompt

Use the following command to scan the PC with a detailed log written into the file report.txt (created in the TDSSKiller.exe utility folder):
Open Command Prompt in XP = click Start >> Run,type cmd
copy and paste this at the flashing cursor and hit Enter

TDSSKiller.exe -l report.txt

OR
Please, try to use attached version of TDSSKiller

tdsskiller.zip
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 thewoodman22

thewoodman22
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 06 July 2011 - 06:25 AM

managed to run zip version from kapersky

guessing the last entry on report is the problem

2011/07/06 12:16:36.0144 2752 TDSS rootkit removing tool 2.5.4.0 Jun 15 2011 07:59:01
2011/07/06 12:16:39.0030 2752 ================================================================================
2011/07/06 12:16:39.0030 2752 SystemInfo:
2011/07/06 12:16:39.0030 2752
2011/07/06 12:16:39.0030 2752 OS Version: 6.0.6000 ServicePack: 0.0
2011/07/06 12:16:39.0030 2752 Product type: Workstation
2011/07/06 12:16:39.0030 2752 ComputerName: JASE-PC
2011/07/06 12:16:39.0030 2752 UserName: jase
2011/07/06 12:16:39.0030 2752 Windows directory: C:\Windows
2011/07/06 12:16:39.0030 2752 System windows directory: C:\Windows
2011/07/06 12:16:39.0030 2752 Processor architecture: Intel x86
2011/07/06 12:16:39.0030 2752 Number of processors: 2
2011/07/06 12:16:39.0030 2752 Page size: 0x1000
2011/07/06 12:16:39.0030 2752 Boot type: Normal boot
2011/07/06 12:16:39.0030 2752 ================================================================================
2011/07/06 12:16:39.0498 2752 Initialize success
2011/07/06 12:17:38.0174 2700 ================================================================================
2011/07/06 12:17:38.0174 2700 Scan started
2011/07/06 12:17:38.0174 2700 Mode: Manual;
2011/07/06 12:17:38.0174 2700 ================================================================================
2011/07/06 12:17:42.0573 2700 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/07/06 12:17:45.0475 2700 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/07/06 12:17:47.0924 2700 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/07/06 12:17:50.0358 2700 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/07/06 12:17:53.0712 2700 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/07/06 12:17:59.0203 2700 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/07/06 12:18:03.0602 2700 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/07/06 12:18:07.0658 2700 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/06 12:18:09.0780 2700 aliide (c20f9bce0956a7e3deaa6848ee1f1682) C:\Windows\system32\drivers\aliide.sys
2011/07/06 12:18:11.0402 2700 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/07/06 12:18:13.0368 2700 amdide (bee39c63d6259f795d110fe89fd9f056) C:\Windows\system32\drivers\amdide.sys
2011/07/06 12:18:15.0692 2700 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/07/06 12:18:17.0627 2700 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/07/06 12:18:19.0889 2700 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/07/06 12:18:21.0651 2700 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/07/06 12:18:23.0149 2700 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\Windows\system32\drivers\aswFsBlk.sys
2011/07/06 12:18:24.0990 2700 aswMonFlt (ff83c93aeee8b0cf4b464ca667a67acd) C:\Windows\system32\drivers\aswMonFlt.sys
2011/07/06 12:18:26.0846 2700 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\Windows\system32\drivers\aswRdr.sys
2011/07/06 12:18:28.0515 2700 aswSnx (17230708a2028cd995656df455f2e303) C:\Windows\system32\drivers\aswSnx.sys
2011/07/06 12:18:29.0935 2700 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\Windows\system32\drivers\aswSP.sys
2011/07/06 12:18:32.0057 2700 aswTdi (984cfce2168286c2511695c2f9621475) C:\Windows\system32\drivers\aswTdi.sys
2011/07/06 12:18:34.0553 2700 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/06 12:18:37.0002 2700 atapi (224505155ec3e36d7a1f36e446f04c2a) C:\Windows\system32\drivers\atapi.sys
2011/07/06 12:18:39.0264 2700 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/07/06 12:18:44.0303 2700 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/06 12:18:46.0206 2700 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/06 12:18:47.0532 2700 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/06 12:18:49.0310 2700 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/06 12:18:50.0449 2700 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/06 12:18:51.0900 2700 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/06 12:18:53.0101 2700 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/06 12:18:54.0505 2700 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/06 12:18:56.0439 2700 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/06 12:18:58.0327 2700 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/06 12:19:00.0573 2700 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/07/06 12:19:01.0867 2700 CLFS (51b4b82560e49c415ae5b1337d635c3f) C:\Windows\system32\CLFS.sys
2011/07/06 12:19:03.0244 2700 cmdide (4fdf23b1124b36c2cfd0f675f950ae1b) C:\Windows\system32\drivers\cmdide.sys
2011/07/06 12:19:04.0585 2700 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys
2011/07/06 12:19:06.0582 2700 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/06 12:19:08.0376 2700 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/07/06 12:19:10.0232 2700 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/07/06 12:19:11.0667 2700 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/07/06 12:19:13.0555 2700 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/07/06 12:19:15.0411 2700 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/06 12:19:17.0315 2700 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/06 12:19:18.0750 2700 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/07/06 12:19:20.0481 2700 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/07/06 12:19:21.0979 2700 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/07/06 12:19:24.0756 2700 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/06 12:19:27.0002 2700 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/07/06 12:19:29.0701 2700 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/07/06 12:19:32.0837 2700 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/06 12:19:34.0599 2700 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/07/06 12:19:36.0393 2700 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/06 12:19:38.0733 2700 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/06 12:19:40.0808 2700 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/07/06 12:19:42.0555 2700 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/06 12:19:44.0677 2700 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/06 12:19:45.0551 2700 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/06 12:19:46.0502 2700 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/07/06 12:19:47.0469 2700 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/07/06 12:19:48.0265 2700 HTTP (f31d27ccf514549a17e79bebe01b40b6) C:\Windows\system32\drivers\HTTP.sys
2011/07/06 12:19:49.0107 2700 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/07/06 12:19:50.0106 2700 i8042prt (1060f1377f395a242e27719440ece602) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/06 12:19:50.0901 2700 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/07/06 12:19:51.0744 2700 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/06 12:19:52.0727 2700 IntcAzAudAddService (efad2bc74d06c5f53fa64b6dd6dbb459) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/06 12:19:53.0600 2700 intelide (c87b3428607ef44068df98a8d1904785) C:\Windows\system32\drivers\intelide.sys
2011/07/06 12:19:54.0411 2700 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/06 12:19:55.0207 2700 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/06 12:19:56.0798 2700 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/06 12:19:57.0594 2700 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/06 12:19:58.0389 2700 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/07/06 12:19:59.0185 2700 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/07/06 12:19:59.0981 2700 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/06 12:20:00.0776 2700 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/06 12:20:01.0572 2700 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/06 12:20:02.0352 2700 kbdclass (1a48765f92ba1a88445fc25c9c9d94fc) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/06 12:20:03.0132 2700 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/07/06 12:20:03.0943 2700 KSecDD (11d0bc1f2afd8abbb5a3dc47a042de54) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/06 12:20:04.0785 2700 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/06 12:20:05.0597 2700 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/06 12:20:06.0408 2700 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/06 12:20:07.0219 2700 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/06 12:20:08.0015 2700 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/07/06 12:20:08.0826 2700 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/07/06 12:20:09.0621 2700 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/07/06 12:20:10.0448 2700 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/06 12:20:11.0259 2700 mouclass (3c9469dfb3440555dab070716d768b1e) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/06 12:20:12.0055 2700 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/07/06 12:20:12.0835 2700 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/07/06 12:20:13.0646 2700 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/07/06 12:20:14.0426 2700 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/06 12:20:15.0222 2700 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/06 12:20:16.0017 2700 MRxDAV (93224014a418b72356462b8f7de6e8c9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/06 12:20:16.0829 2700 mrxsmb (529b64f9735d27fef1b8ea1678f8c79e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/06 12:20:17.0624 2700 mrxsmb10 (58a9ab5754fa4cabede7401283b5a771) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/06 12:20:18.0404 2700 mrxsmb20 (30a67c7d8b80281028916ded6a64aec9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/06 12:20:19.0184 2700 msahci (a7df0c3adb40919f91b2917fbe07a370) C:\Windows\system32\drivers\msahci.sys
2011/07/06 12:20:19.0964 2700 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/07/06 12:20:20.0760 2700 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/07/06 12:20:21.0571 2700 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/07/06 12:20:22.0382 2700 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/06 12:20:23.0209 2700 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/06 12:20:24.0005 2700 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/07/06 12:20:24.0800 2700 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/07/06 12:20:25.0627 2700 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/06 12:20:26.0423 2700 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/07/06 12:20:27.0218 2700 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/07/06 12:20:28.0045 2700 NativeWifiP (52acc9fdebbd2e523eb3ae2ca6882e9b) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/06 12:20:28.0872 2700 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/07/06 12:20:29.0667 2700 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/06 12:20:30.0463 2700 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/06 12:20:31.0259 2700 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/06 12:20:32.0054 2700 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/07/06 12:20:32.0865 2700 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/06 12:20:33.0661 2700 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/06 12:20:34.0488 2700 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/06 12:20:35.0299 2700 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/07/06 12:20:36.0095 2700 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/06 12:20:36.0937 2700 Ntfs (2620822a21b76375f5fd6e0986407cd1) C:\Windows\system32\drivers\Ntfs.sys
2011/07/06 12:20:37.0733 2700 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/06 12:20:38.0528 2700 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/07/06 12:20:39.0511 2700 nvlddmkm (1d35fbcb03d4b1e702674c1d9e37ca0e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/06 12:20:40.0447 2700 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/07/06 12:20:41.0258 2700 nvrd32 (b8d6145d3eb05e9f81bade9b7afc2c80) C:\Windows\system32\drivers\nvrd32.sys
2011/07/06 12:20:42.0849 2700 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\Windows\system32\drivers\nvsmu.sys
2011/07/06 12:20:43.0707 2700 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/07/06 12:20:44.0550 2700 nvstor32 (4876e7c3184bdf50ede043fef616b867) C:\Windows\system32\drivers\nvstor32.sys
2011/07/06 12:20:45.0345 2700 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/07/06 12:20:47.0748 2700 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/07/06 12:20:48.0559 2700 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/06 12:20:49.0355 2700 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/07/06 12:20:50.0150 2700 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/06 12:20:50.0946 2700 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/07/06 12:20:51.0773 2700 pciide (6889e46da655916e493537032d7ef095) C:\Windows\system32\drivers\pciide.sys
2011/07/06 12:20:52.0553 2700 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/06 12:20:53.0473 2700 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/06 12:20:54.0393 2700 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/06 12:20:55.0202 2700 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/07/06 12:20:56.0029 2700 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/06 12:20:56.0835 2700 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/07/06 12:20:57.0675 2700 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/07/06 12:20:58.0518 2700 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/06 12:20:59.0313 2700 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/06 12:21:00.0093 2700 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/06 12:21:00.0889 2700 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/06 12:21:01.0700 2700 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/06 12:21:02.0496 2700 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/06 12:21:03.0291 2700 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/06 12:21:04.0103 2700 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/07/06 12:21:04.0914 2700 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/06 12:21:05.0725 2700 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/07/06 12:21:06.0583 2700 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/06 12:21:07.0363 2700 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/07/06 12:21:08.0190 2700 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/06 12:21:09.0017 2700 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/06 12:21:09.0828 2700 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/06 12:21:10.0655 2700 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/06 12:21:11.0419 2700 sermouse (fd06895f55c0bec3cbd84bda14e1c6b7) C:\Windows\system32\drivers\sermouse.sys
2011/07/06 12:21:12.0246 2700 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/07/06 12:21:13.0026 2700 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/06 12:21:13.0806 2700 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/06 12:21:14.0617 2700 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/06 12:21:15.0444 2700 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/07/06 12:21:16.0239 2700 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/07/06 12:21:17.0035 2700 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/07/06 12:21:17.0846 2700 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/07/06 12:21:18.0642 2700 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/07/06 12:21:19.0453 2700 srv (2c677528b24d64d22886ecbe5cd97f20) C:\Windows\system32\DRIVERS\srv.sys
2011/07/06 12:21:20.0249 2700 srv2 (e8c4d5bca3c7b5c2a040052aa467b5bf) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/06 12:21:21.0044 2700 srvnet (cd11a0767e82dd8b1a3a26d305dbec0f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/06 12:21:21.0871 2700 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/06 12:21:22.0667 2700 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/06 12:21:23.0478 2700 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/06 12:21:24.0258 2700 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/06 12:21:25.0085 2700 Tcpip (028061c7f6d2d03068c72e2a27e4228a) C:\Windows\system32\drivers\tcpip.sys
2011/07/06 12:21:25.0896 2700 Tcpip6 (028061c7f6d2d03068c72e2a27e4228a) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/06 12:21:26.0723 2700 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/06 12:21:27.0503 2700 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/07/06 12:21:28.0314 2700 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/07/06 12:21:29.0125 2700 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/06 12:21:29.0936 2700 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/06 12:21:30.0763 2700 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/06 12:21:31.0559 2700 tunmp (a858917785681743c512950fdfa14db7) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/06 12:21:32.0354 2700 tunnel (29f1d1d888ee61d20d5662e72aa34129) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/06 12:21:33.0165 2700 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/07/06 12:21:33.0961 2700 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/06 12:21:34.0772 2700 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/06 12:21:35.0583 2700 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/07/06 12:21:36.0379 2700 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/06 12:21:37.0175 2700 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/06 12:21:37.0955 2700 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/06 12:21:38.0781 2700 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
2011/07/06 12:21:39.0561 2700 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/06 12:21:40.0373 2700 usbehci (2f83363f98484f8edaf49f9b41520d14) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/06 12:21:41.0168 2700 usbhub (14d2a4dcd92c0b3368667aed6893463d) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/06 12:21:41.0995 2700 usbohci (51dc36722172d45f2f935ce5cc18a812) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/06 12:21:42.0791 2700 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/07/06 12:21:44.0382 2700 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/06 12:21:45.0240 2700 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/06 12:21:46.0051 2700 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/07/06 12:21:46.0847 2700 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/07/06 12:21:47.0673 2700 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/07/06 12:21:48.0485 2700 viaide (99f3e24f50b4e9282ca5edc684d012ed) C:\Windows\system32\drivers\viaide.sys
2011/07/06 12:21:49.0296 2700 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/07/06 12:21:50.0091 2700 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/07/06 12:21:50.0887 2700 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/07/06 12:21:51.0683 2700 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/07/06 12:21:52.0494 2700 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/06 12:21:53.0289 2700 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/06 12:21:53.0336 2700 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/06 12:21:54.0147 2700 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/07/06 12:21:54.0943 2700 Wdf01000 (5dfdbd5ef13e4d95be6fc108e2ed4a67) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/06 12:21:55.0863 2700 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/06 12:21:56.0690 2700 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/06 12:21:56.0799 2700 MBR (0x1B8) (6f9a1d528242bc09104b85e0becf5554) \Device\Harddisk0\DR0
2011/07/06 12:21:56.0877 2700 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
2011/07/06 12:21:56.0893 2700 ================================================================================
2011/07/06 12:21:56.0893 2700 Scan finished
2011/07/06 12:21:56.0893 2700 ================================================================================
2011/07/06 12:21:56.0909 4056 Detected object count: 1
2011/07/06 12:21:56.0909 4056 Actual detected object count: 1
2011/07/06 12:22:19.0607 4056 Rootkit.Win32.BackBoot.gen(\Device\Harddisk0\DR0) - User select action: Skip

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:29 AM

Posted 06 July 2011 - 09:14 AM

Yes.. this is it..Rootkit.Win32.BackBoot.gen

Did you select skip or was there no Cure option?

bootkit is a type of malware that infects the Master Boot Record (MBR).
This infection method allows the malicious program to be executed before the operating system boots. As soon as BIOS (Basic Input Output System) selects the appropriate boot device (it can be a hard disk or a flash drive), the bootkit that resides in the MBR starts executing its code. Once the bootkit receives the control, it usually starts preparing itself (reads and decrypts its auxiliary files in its own file system that it has created somewhere in the unallocated disk space) and returns the control to the legitimate boot loader overseeing all stages of the boot process.

http://support.kaspersky.com/viruses/solutions?qid=208280748
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 thewoodman22

thewoodman22
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 06 July 2011 - 10:18 AM

Gave me no option to cure
is - restore - the option to use

thought I'd check before trying it

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:29 AM

Posted 06 July 2011 - 11:44 AM

Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
  • press Enter.
  • The process is automatic...a black DOS window will open and quickly disappear. This is normal.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
  • Copy and paste the results of the mbr.log in your next reply.
If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 thewoodman22

thewoodman22
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 06 July 2011 - 02:48 PM

here we go, didn't find anything?

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6000 Disk: ST325031 rev.3.AA -> Harddisk0\DR0 -> \Device\0000004c

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

so one scan finds something and the other can't
whats next?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:29 AM

Posted 06 July 2011 - 06:47 PM

I think it best we get a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Title it Rootkit.Win32.BackBoot.gen

If Gmer won't run,skip it and move on.

Copy this link to your topic here into the new post.

http://www.bleepingcomputer.com/forums/topic407830.html/page__pid__2323340#entry2323340

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 thewoodman22

thewoodman22
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:29 PM

Posted 07 July 2011 - 06:17 AM

done all above steps

many thanks for help so far :thumbup2:

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:29 AM

Posted 07 July 2011 - 01:49 PM

Ok,thanks.
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users