browser redirects me when seach and use links

August 28, 2011 at 10:59:13
Specs: Windows XP
When I do a Google search and click on one of the links it takes me to the wrong page. It takes me to an advertisement or to another page that asks me to put in my search criteria there. This happens in IE and in Firefox. Right before this began happening, ,my virus protection (PC Tools Spyware Dr.) found several issues and took care of them. Now a scan does not find anything wrong.

See More: browser redirects me when seach and use links

Report •


#1
August 28, 2011 at 21:02:35
jnnyprry,

Please remove any previous download of TDSSKiller and download the latest version TDSSKiller.zip:
http://support.kaspersky.com/downlo...

Right-click and select: Extract all...…
Follow the prompts to extract

Open the new folder that appears on the Desktop
Double-click TDSSKiller to run the tool.

Now click: Start Scan

If Malicious objects are found, please DO NOT allow the tool to Cure
Click the arrow next to 'Cure' and select: Skip

Click: 'Continue'

Reboot if needed.

Click on Report, and a text file opens.

A log is also produced at the root drive which is typically C:\
For example, C:\TDSSKiller.2.4.0.0_24.07.2010_13.10.52_log.txt

Please post the TDSSKiller report in your reply.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#2
August 29, 2011 at 20:41:08
There were no problems found:
2011/08/29 20:46:40.0000 0956 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/29 20:46:40.0562 0956 ================================================================================
2011/08/29 20:46:40.0562 0956 SystemInfo:
2011/08/29 20:46:40.0578 0956
2011/08/29 20:46:40.0578 0956 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/29 20:46:40.0578 0956 Product type: Workstation
2011/08/29 20:46:40.0578 0956 ComputerName: JENNY
2011/08/29 20:46:40.0578 0956 UserName: Jen
2011/08/29 20:46:40.0578 0956 Windows directory: C:\WINDOWS
2011/08/29 20:46:40.0578 0956 System windows directory: C:\WINDOWS
2011/08/29 20:46:40.0578 0956 Processor architecture: Intel x86
2011/08/29 20:46:40.0578 0956 Number of processors: 2
2011/08/29 20:46:40.0578 0956 Page size: 0x1000
2011/08/29 20:46:40.0578 0956 Boot type: Normal boot
2011/08/29 20:46:40.0578 0956 ================================================================================
2011/08/29 20:46:40.0953 0956 Initialize success
2011/08/29 20:46:48.0562 5092 ================================================================================
2011/08/29 20:46:48.0562 5092 Scan started
2011/08/29 20:46:48.0562 5092 Mode: Manual;
2011/08/29 20:46:48.0562 5092 ================================================================================
2011/08/29 20:46:48.0875 5092 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/08/29 20:46:48.0906 5092 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/29 20:46:48.0937 5092 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/29 20:46:48.0968 5092 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/08/29 20:46:48.0984 5092 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/29 20:46:49.0031 5092 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/29 20:46:49.0062 5092 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/08/29 20:46:49.0078 5092 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/08/29 20:46:49.0093 5092 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/08/29 20:46:49.0109 5092 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/08/29 20:46:49.0140 5092 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/08/29 20:46:49.0171 5092 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/08/29 20:46:49.0203 5092 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/08/29 20:46:49.0218 5092 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/08/29 20:46:49.0234 5092 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/08/29 20:46:49.0265 5092 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/08/29 20:46:49.0281 5092 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/08/29 20:46:49.0312 5092 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/08/29 20:46:49.0328 5092 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/08/29 20:46:49.0359 5092 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/29 20:46:49.0375 5092 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/29 20:46:49.0421 5092 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/29 20:46:49.0453 5092 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/29 20:46:49.0500 5092 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/29 20:46:49.0531 5092 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/08/29 20:46:49.0546 5092 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/29 20:46:49.0562 5092 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/08/29 20:46:49.0593 5092 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/29 20:46:49.0593 5092 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/29 20:46:49.0640 5092 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/29 20:46:49.0671 5092 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/08/29 20:46:49.0718 5092 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/08/29 20:46:49.0750 5092 cpuz134 (75fa19142531cbf490770c2988a7db64) C:\WINDOWS\system32\drivers\cpuz134_x32.sys
2011/08/29 20:46:49.0781 5092 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/08/29 20:46:49.0796 5092 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/08/29 20:46:49.0812 5092 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/29 20:46:49.0859 5092 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/29 20:46:49.0890 5092 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/29 20:46:49.0906 5092 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/29 20:46:49.0937 5092 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/29 20:46:49.0968 5092 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/08/29 20:46:49.0984 5092 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/29 20:46:50.0000 5092 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/08/29 20:46:50.0046 5092 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/29 20:46:50.0078 5092 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/29 20:46:50.0093 5092 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/29 20:46:50.0140 5092 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/29 20:46:50.0156 5092 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/29 20:46:50.0171 5092 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/29 20:46:50.0218 5092 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/29 20:46:50.0250 5092 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/29 20:46:50.0312 5092 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/29 20:46:50.0359 5092 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/29 20:46:50.0390 5092 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/29 20:46:50.0421 5092 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/08/29 20:46:50.0468 5092 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/29 20:46:50.0484 5092 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/29 20:46:50.0515 5092 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/08/29 20:46:50.0562 5092 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/29 20:46:50.0593 5092 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/08/29 20:46:50.0609 5092 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/08/29 20:46:50.0640 5092 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/29 20:46:50.0656 5092 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/29 20:46:50.0687 5092 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/08/29 20:46:50.0859 5092 IntcAzAudAddService (eb5608fd4f2961517ac9f5cac88b023b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/29 20:46:51.0140 5092 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/08/29 20:46:51.0203 5092 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/29 20:46:51.0250 5092 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/29 20:46:51.0296 5092 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/29 20:46:51.0343 5092 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/29 20:46:51.0406 5092 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/29 20:46:51.0437 5092 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/29 20:46:51.0468 5092 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/29 20:46:51.0484 5092 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/29 20:46:51.0531 5092 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/29 20:46:51.0546 5092 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/29 20:46:51.0562 5092 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/29 20:46:51.0593 5092 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/29 20:46:51.0640 5092 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/29 20:46:51.0656 5092 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/29 20:46:51.0671 5092 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/29 20:46:51.0703 5092 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/29 20:46:51.0703 5092 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/29 20:46:51.0718 5092 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/08/29 20:46:51.0734 5092 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/29 20:46:51.0781 5092 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/29 20:46:51.0796 5092 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/29 20:46:51.0828 5092 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/29 20:46:51.0859 5092 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/29 20:46:51.0859 5092 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/29 20:46:51.0875 5092 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/29 20:46:51.0890 5092 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/29 20:46:51.0906 5092 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/29 20:46:51.0937 5092 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/29 20:46:51.0953 5092 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/29 20:46:51.0968 5092 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/29 20:46:52.0015 5092 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/29 20:46:52.0031 5092 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/29 20:46:52.0062 5092 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/29 20:46:52.0109 5092 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/08/29 20:46:52.0140 5092 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/08/29 20:46:52.0156 5092 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/29 20:46:52.0187 5092 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/29 20:46:52.0234 5092 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/29 20:46:52.0390 5092 nv (61bf339927f7a02c395f89fd8ad7ccfb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/29 20:46:52.0500 5092 NVENETFD (d314fe034d68c09d412727886e24f5fb) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/08/29 20:46:52.0515 5092 nvgts (a0b3f3a5049931657164f0ffcf0b208e) C:\WINDOWS\system32\drivers\nvgts.sys
2011/08/29 20:46:52.0546 5092 nvnetbus (f99fbb623ed78367574ee461b5b32c2c) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/08/29 20:46:52.0578 5092 NVR0Dev (812f257ed1cd53fcb1f9f9cc910f4809) C:\WINDOWS\nvoclock.sys
2011/08/29 20:46:52.0593 5092 nvrd32 (c9128fe14e5c1e55710781b5c276f2ed) C:\WINDOWS\system32\drivers\nvrd32.sys
2011/08/29 20:46:52.0625 5092 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/29 20:46:52.0640 5092 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/29 20:46:52.0656 5092 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/08/29 20:46:52.0687 5092 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/29 20:46:52.0703 5092 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/29 20:46:52.0718 5092 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/29 20:46:52.0750 5092 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/29 20:46:52.0765 5092 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/29 20:46:52.0796 5092 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/29 20:46:52.0828 5092 PCTCore (8f93fb300deac55c553c2255f1d0342d) C:\WINDOWS\system32\drivers\PCTCore.sys
2011/08/29 20:46:52.0859 5092 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys
2011/08/29 20:46:52.0890 5092 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys
2011/08/29 20:46:52.0921 5092 pctgntdi (d01c7ecb9a1de9c6615326c8b3f3a013) C:\WINDOWS\system32\drivers\pctgntdi.sys
2011/08/29 20:46:52.0968 5092 pctplsg (95d9c7ef0e391bee16505536825d4863) C:\WINDOWS\system32\drivers\pctplsg.sys
2011/08/29 20:46:53.0015 5092 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/08/29 20:46:53.0031 5092 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/08/29 20:46:53.0109 5092 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/29 20:46:53.0125 5092 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/29 20:46:53.0140 5092 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/29 20:46:53.0156 5092 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/29 20:46:53.0187 5092 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/08/29 20:46:53.0203 5092 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/08/29 20:46:53.0218 5092 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/08/29 20:46:53.0234 5092 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/08/29 20:46:53.0250 5092 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/08/29 20:46:53.0281 5092 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/29 20:46:53.0312 5092 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/29 20:46:53.0328 5092 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/29 20:46:53.0343 5092 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/29 20:46:53.0375 5092 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/29 20:46:53.0406 5092 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/29 20:46:53.0406 5092 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/29 20:46:53.0453 5092 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/29 20:46:53.0500 5092 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/29 20:46:53.0562 5092 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/29 20:46:53.0578 5092 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/29 20:46:53.0609 5092 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/29 20:46:53.0656 5092 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/29 20:46:53.0703 5092 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/08/29 20:46:53.0718 5092 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/08/29 20:46:53.0750 5092 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/29 20:46:53.0765 5092 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/29 20:46:53.0812 5092 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/29 20:46:53.0859 5092 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
2011/08/29 20:46:53.0890 5092 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/29 20:46:53.0906 5092 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/29 20:46:53.0937 5092 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/08/29 20:46:53.0953 5092 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/08/29 20:46:53.0968 5092 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/08/29 20:46:54.0000 5092 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/08/29 20:46:54.0031 5092 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/29 20:46:54.0093 5092 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/29 20:46:54.0125 5092 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/29 20:46:54.0140 5092 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/29 20:46:54.0156 5092 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/29 20:46:54.0171 5092 TfFsMon (f8f242be50c36628372f361d24541521) C:\WINDOWS\system32\drivers\TfFsMon.sys
2011/08/29 20:46:54.0203 5092 TfNetMon (17747052db3cf94712b599c3c0cdd6fb) C:\WINDOWS\system32\drivers\TfNetMon.sys
2011/08/29 20:46:54.0234 5092 TfSysMon (a5899ef04f22ffdd4872214d8607cdaa) C:\WINDOWS\system32\drivers\TfSysMon.sys
2011/08/29 20:46:54.0265 5092 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/08/29 20:46:54.0281 5092 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/29 20:46:54.0296 5092 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/08/29 20:46:54.0343 5092 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/29 20:46:54.0390 5092 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/29 20:46:54.0421 5092 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/29 20:46:54.0437 5092 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/29 20:46:54.0453 5092 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/29 20:46:54.0468 5092 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/29 20:46:54.0484 5092 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/08/29 20:46:54.0500 5092 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/29 20:46:54.0515 5092 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/29 20:46:54.0531 5092 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/29 20:46:54.0546 5092 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/29 20:46:54.0578 5092 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/29 20:46:54.0609 5092 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/08/29 20:46:54.0625 5092 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/29 20:46:54.0640 5092 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/29 20:46:54.0687 5092 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/29 20:46:54.0718 5092 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/29 20:46:54.0765 5092 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/08/29 20:46:54.0796 5092 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/29 20:46:54.0843 5092 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/29 20:46:54.0875 5092 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
2011/08/29 20:46:54.0875 5092 Boot (0x1200) (2b82ef23545e463e435981a2a088be3f) \Device\Harddisk0\DR0\Partition0
2011/08/29 20:46:54.0875 5092 ================================================================================
2011/08/29 20:46:54.0875 5092 Scan finished
2011/08/29 20:46:54.0875 5092 ================================================================================
2011/08/29 20:46:54.0890 5160 Detected object count: 0
2011/08/29 20:46:54.0890 5160 Actual detected object count: 0

Report •

#3
August 29, 2011 at 21:16:45
jnnyprry,

Please download Malwarebytes Anti-Malware:
http://www.bleepingcomputer.com/dow...

[*]Save it to your Desktop.
[*]Make sure you are connected to the Internet.
[*]Double-click on mbam-setup.exe to install the program.
[*]When the installation begins, follow the prompts and do not make changes to the settings.
[*]When the installation is finished, leave both of these checked:
--Update Malwarebytes' Anti-Malware
--Launch Malwarebytes' Anti-Malware

[*]Then click 'Finish'

MBAM automatically starts and you are asked to update the program.
[*]If an update is found, the program automatically updates.
[*]Press the ‘OK’ button to close the box and continue.

On the Scanner tab:
[*]Select the ‘Perform Full Scan’ option.
[*]Then, click on the ‘Scan’ button.
[*]If asked to select the drives to scan, leave ‘all the drives’ selected and click on the ‘Start Scan’ button.
[*]When the scan is finished, a message appears "The scan completed successfully. Click 'Show Results' to display all entries found".
[*]Click ‘OK’ to close the message and continue with the removal process.

Back at the main Scanner screen:
[*]Click on ‘Show Results’ button to see a list of any malware found.
[*]Make sure everything is checked, and click ‘Remove Selected‘.
[*]When removal is completed, a log opens in Notepad.
[*]The log is automatically saved and can be viewed by clicking the ‘Logs’ tab.

Note: If MBAM encounters a file that is difficult to remove, you are asked to reboot the computer. Please do so immediately. Failure to reboot prevents MBAM from removing the malware.

Please copy/paste the contents of the ‘MBAM report’ in your reply, and exit MBAM.

Thanks

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

Related Solutions

#4
August 29, 2011 at 23:16:58
Quite a few things were found in that scan. It did give me a message that I needed to reboot, which I did. Here is the report:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7607

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

8/29/2011 11:23:03 PM
mbam-log-2011-08-29 (23-23-03).txt

Scan type: Full scan (C:\|D:\|E:\|H:\|)
Objects scanned: 434723
Time elapsed: 1 hour(s), 39 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\system32\wscuih.dll (Trojan.FakeMS) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\KYQ8ZBOAXR (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\wscuih.dll (Trojan.FakeMS) -> Delete on reboot.
c:\documents and settings\David\my documents\downloads\adobe illustrator cs4\Key\adobe-master-cs4-keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\Jen\application data\Adobe\plugs\kb45993734.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\proxybridgeui.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\RP1\A0000004.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\RP1\A0000005.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\RP1\A0001007.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\RP2\A0002007.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\RP2\A0003005.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\WINDOWS\pc2plrt.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\WINDOWS\Vkamaa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Vkamab.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Jen\application data\microsoft\internet explorer\quick launch\zentom system guard.lnk (Rogue.ZentomSystemGuard) -> Quarantined and deleted successfully.


Report •

#5
September 3, 2011 at 14:29:41
The Malwarebytes scan you had me do in August, found several issues. But I still continue to have the problem. I ran Malwarebytes again today, and the scan is below...nothing was found.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7607

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

9/3/2011 12:42:05 PM
mbam-log-2011-09-03 (12-42-05).txt

Scan type: Full scan (C:\|D:\|E:\|H:\|)
Objects scanned: 434315
Time elapsed: 1 hour(s), 29 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Report •

#6
September 4, 2011 at 08:50:22
jnnyprry,

My apology for the late reply. Somehow lost track of your topic in my notifications.


Please run the following tool, it will give information on what is going on with your system:

Download DDS from one of these locations:
http://download.bleepingcomputer.co...

http://download.bleepingcomputer.co...

Save to your Desktop

Right-click the dds file, and select: Run as Administrator

When done, DDS opens two logs:
-DDS.txt
-Attach.txt

Save both reports to your Desktop.

Since these reports are large, please go to the Uploading website:
http://uploading.com/files/upload/

In: 'Select files to upload', click 'Browse', and 'Look in' the Desktop.

Select the DDS.txt, and click on 'Open'
You will see the following:
"Your file has been uploaded successfully: (Name and size of the file)"

Please copy the 'Download link'.

Do the same uploading for the Attach.txt.

Please copy the 'Download link', for each report, and provide them in your reply.

Thanks!

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#7
September 4, 2011 at 16:09:11
http://uploading.com/files/4mdf5aea...

Something happened after I pasted both links and submitted this follow up the first time, and I don't see my response here. Reposting, and I have the attach file link still available to paste here. Please let me know if I need to re-upload the other file in order to be able to provide you with the link


Report •

#8
September 4, 2011 at 19:51:23
jnnyprry,

Do need the DDS.txt

Only got the Attach.txt

Please upload.

Thanks

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#9
September 4, 2011 at 21:47:20
http://uploading.com/files/5m852adf...

That is the DDS file.

Thanks


Report •

#10
September 5, 2011 at 09:35:40
jnnyprry,

Thanks for uploading the info.

Let's see if this one nails 'whatever' is causing the redirections...

Please download ComboFix:
http://download.bleepingcomputer.co...

Save ComboFix.exe to your Desktop!!

Please disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with the running of CF.

Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link: http://www.bleepingcomputer.com/for...

XP - Double-click on ComboFix.exe to run the program.
Follow the prompts.

XP users (only) - install the Recovery Console when presented the option!!

Click on ‘Yes‘, to continue scanning for malware.

When finished, CF produces a report.

Since this report can also be quite large, once again, please go to the ‘Uploading’ website:
http://uploading.com/files/upload/

In: Select files to upload, click 'Browse', and 'Look in' the Desktop.
Select the ComboFix report, and click on 'Open'

You will see the following:
“Your file has been uploaded successfully: (Name and size of the file)”

Please copy the 'Download link', and provide it in your reply.

Thanks!

Notes:

1.Do not mouse-click the ComboFix window while it is running.
This action may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.

3. CF disconnects your machine from the internet. However, the connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#11
September 5, 2011 at 10:28:38
File uploaded
Name: ComboFix_jnnyprry_log.txt
File Link: http://uploading.com/files/6e875e46...

Thank you for all your help thus far. I am incredibly "non-techie", and your instructions and help have been very easy to follow.


Report •

#12
September 6, 2011 at 18:57:59
jnnyprry,

No need to be a 'techie'! Obviously, you are a methodical person that has no aversion to using instructions.

Please give an update as to how the system is running. Are you still having redirections?

Got a little swamped with work, so, will take a look at the uploaded ComboFix you provided, and will get back with you tomorrow.

Thank you for your patience.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#13
September 6, 2011 at 22:30:53
I tried several Google searches tonight, and clicked on various links that each search brought up. All seemed to work correctly, and there were no issues with redirects. Fingers crossed.

Report •

#14
September 7, 2011 at 16:41:39
jnnyprry,

Check out the info you uploaded, and cannot see any malware jumping out at me.

Let's do a couple of tasks...

Please download TFC (Temporary File Cleaner) to your Desktop.
Save any work in progress!! TFC closes all open applications and will remove any unsaved work.

Double-click TFC.exe to run the program.
If prompted, click Yes to reboot.


Next, download Security Check:
http://screen317.changelog.fr/Secur...

Save to the Desktop.
Double click SecurityCheck.exe and follow the on-screen instructions (in the black box.)

When done, a Notepad document opens automatically: checkup.txt
Please post the contents of checkup.txt in your reply.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#15
September 14, 2011 at 22:22:46
Hi there...I went out of town on business for two days, and had to stay longer. Just back today, and I ran the two things mentioned above, below are the results of the checkup.txt scan. I did several google searches tonight, and all worked perfectly, by the way.

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 7 [color=red][b]Out of date![/b][/color]
[b]``````````````````````````````
[u]Antivirus/Firewall Check:[/u][/b]
Windows Firewall Enabled!
Antivirus up to date!
[b]```````````````````````````````
[u]Anti-malware/Other Utilities Check:[/u][/b]
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner (remove only)
Java(TM) 6 Update 22
Java(TM) 6 Update 5
[color=red][b]Out of date Java installed![/b][/color]
Adobe Flash Player 10.3.183.7
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..) [color=red][b]Firefox Out of Date![/b][/color]
[b]````````````````````````````````
Process Check:
[u]objlist.exe by Laurent[/u][/b]
ThreatFire TFService.exe
[b]``````````End of Log````````````[/b]


Report •

#16
September 16, 2011 at 21:06:31
If your computer is operating correctly, please uninstall ComboFix as follows:

Go to Start > Run, and in the 'Open' field type (or copy/paste):

combofix /uninstall

(Note there is a space between combofix and /uninstall)
Click: OK

This will uninstall ComboFix and delete its quarantine folder. It will also implement some cleanup procedures, remove old System Restore Points which may contain previous infections, and create a clean System Restore Point.

When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled.

You can now delete the ComboFix program icon from your Desktop, if still there.

~~~~
Please verify the version of Java you have installed.
http://www.java.com/en/download/ins...

If your version of Java is outdated, it needs to be updated to eliminate security vulnerabilities.

When done, uninstall older versions:
http://www.java.com/en/download/uni...


Also update the following:

>>Internet Explorer 7 - Out of date!

>>Adobe Reader 9.1
Out of date Adobe Reader installed!

>>Mozilla Firefox (x86 en-US..) Firefox Out of Date!

~~~~
Please consider running the following to prevent future infections...

Malware is normally installed through vulnerabilities found in out-dated and insecure programs on a computer. You can use the Secunia Personal Software Inspector to scan for vulnerable programs on your computer :
http://secunia.com/vulnerability_sc...

A tutorial on how to use the Secunia Personal Software Inspector to scan for vulnerable programs is found at the following link: http://www.bleepingcomputer.com/tut...

Surf safely, jnnyprry!!

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

Ask Question