goofy173

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

It looks like their online scanner is being updated and not available at this time. I'll use it as soon as it's put back online. coming soon: New, improved version of the Kaspersky Online Scanner The current Kaspersky Online Scanner is unavailable - we apologize for the inconvenience.

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

I'm wondering if there's something wrong with the server for the Virus Database for the ESET scan. When I run Eset, it downloads all the components fine, without proxy, but then when it gets to the database, in the same window, it eventually times out. I've tried everything in the proxy without any luck, and I know the proxy settings.

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

I'm still working on the ESET scanner. This is a business computer and it uses a proxy server and I've configured the online scanner for my proxy server but it still will not download the virus signature database even though the other stuff downloaded before that. Here's from your scanner. Results of screen317's Security Check version 0.99.5 Windows XP Service Pack 2 Out of date service pack!! Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Security Center service is not running! This report may not be accurate! ESET Online Scanner v3 Trend Micro OfficeScan Client WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware Malwarebytes' Anti-Malware Java 6 Update 5 Java 2 Runtime Environment, SE v1.4.2_10 Out of date Java installed! Adobe Flash Player 10.0.32.18 Adobe Reader 7.0.7 Out of date Adobe Reader installed! Mozilla Firefox (3.6.11) Firefox Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe Trend Micro OfficeScan Client pccntmon.exe Trend Micro OfficeScan Client ntrtscan.exe Trend Micro OfficeScan Client tmlisten.exe Trend Micro OfficeScan Client OfcPfwSvc.exe ```````````````````````````````` DNS Vulnerability Check: ``````````End of Log````````````

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

Forgot: File name:DataRefreshUI_2.2.3.1000.dll Submission date:2010-10-20 19:42:58 (UTC) Result:0/ 43 (0.0%)

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

Upon a quick check of google redirects, it seems to be fixed, but I'll leave that up to you to decide: File name: instsrv.exe Submission date: 2010-10-20 16:31:38 (UTC) Result: 0/ 43 (0.0%) File name: DataRefreshUI_2.2.3.0900.dll Submission date: 2010-10-20 16:28:49 (UTC) Result: 0/ 43 (0.0%) File name: DataRefreshUI_2.2.3.0900.dll Submission date: 2010-10-20 16:24:02 (UTC) Result: 0/ 43 (0.0%) File name: DataRefreshUI_2.2.3.0900.dll Submission date:2010-10-20 16:21:41 (UTC) Result: 0/ 43 (0.0%) 2010/10/20 12:34:05.0390 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59 2010/10/20 12:34:05.0390 ================================================================================ 2010/10/20 12:34:05.0390 SystemInfo: 2010/10/20 12:34:05.0390 2010/10/20 12:34:05.0390 OS Version: 5.1.2600 ServicePack: 2.0 2010/10/20 12:34:05.0390 Product type: Workstation 2010/10/20 12:34:05.0390 ComputerName: MIEBD1 2010/10/20 12:34:05.0390 UserName: MLZBB 2010/10/20 12:34:05.0390 Windows directory: C:\WINDOWS 2010/10/20 12:34:05.0390 System windows directory: C:\WINDOWS 2010/10/20 12:34:05.0390 Processor architecture: Intel x86 2010/10/20 12:34:05.0390 Number of processors: 2 2010/10/20 12:34:05.0390 Page size: 0x1000 2010/10/20 12:34:05.0390 Boot type: Normal boot 2010/10/20 12:34:05.0390 ================================================================================ 2010/10/20 12:34:05.0937 Initialize success 2010/10/20 12:34:10.0265 ================================================================================ 2010/10/20 12:34:10.0265 Scan started 2010/10/20 12:34:10.0265 Mode: Manual; 2010/10/20 12:34:10.0265 ================================================================================ 2010/10/20 12:34:13.0031 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 2010/10/20 12:34:13.0093 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/10/20 12:34:13.0140 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 2010/10/20 12:34:13.0156 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 2010/10/20 12:34:13.0203 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys 2010/10/20 12:34:13.0281 AegisP (9c4f555a3fa3239047f6cce65c9137bc) C:\WINDOWS\system32\DRIVERS\AegisP.sys 2010/10/20 12:34:13.0328 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys 2010/10/20 12:34:13.0359 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys 2010/10/20 12:34:13.0406 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 2010/10/20 12:34:13.0421 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 2010/10/20 12:34:13.0437 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 2010/10/20 12:34:13.0468 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 2010/10/20 12:34:13.0562 AlertDrv (cc2a21cf8675e7c6226065d2916b58de) C:\WINDOWS\system32\drivers\alertdrv.sys 2010/10/20 12:34:13.0609 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2010/10/20 12:34:13.0625 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys 2010/10/20 12:34:13.0656 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys 2010/10/20 12:34:13.0687 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 2010/10/20 12:34:13.0718 ApfiltrService (090880e9bf20f928bc341f96d27c019e) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/10/20 12:34:13.0750 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS 2010/10/20 12:34:13.0828 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 2010/10/20 12:34:13.0843 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 2010/10/20 12:34:13.0859 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 2010/10/20 12:34:13.0906 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/10/20 12:34:13.0937 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/10/20 12:34:14.0000 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/10/20 12:34:14.0031 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/10/20 12:34:14.0078 b57w2k (c0acd392ece55784884cc208aafa06ce) C:\WINDOWS\system32\DRIVERS\b57xp32.sys 2010/10/20 12:34:14.0156 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 2010/10/20 12:34:14.0218 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/10/20 12:34:14.0265 BlueletAudio (1d866faf96d7369a1817ab208c04cf55) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys 2010/10/20 12:34:14.0312 BlueletSCOAudio (8fc27b12a02b43947787f0ef1885df9b) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys 2010/10/20 12:34:14.0343 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys 2010/10/20 12:34:14.0390 Btcsrusb (d5d025b5f704817b42d13a3e443f7893) C:\WINDOWS\system32\Drivers\btcusb.sys 2010/10/20 12:34:14.0437 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\WINDOWS\system32\Drivers\vbtenum.sys 2010/10/20 12:34:14.0468 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\WINDOWS\system32\Drivers\BTHidMgr.sys 2010/10/20 12:34:14.0578 BTNetFilter (4f26303becbb7cc5ca8ff39593124cf2) C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys 2010/10/20 12:34:14.0671 BW2NDIS5 (71cb7616cb36d43ea787c41ab55fe458) C:\WINDOWS\system32\Drivers\BW2NDIS5.sys 2010/10/20 12:34:14.0703 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 2010/10/20 12:34:14.0734 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/10/20 12:34:14.0781 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 2010/10/20 12:34:14.0812 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/10/20 12:34:14.0843 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/10/20 12:34:14.0875 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/10/20 12:34:15.0000 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/10/20 12:34:15.0031 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys 2010/10/20 12:34:15.0078 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/10/20 12:34:15.0109 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 2010/10/20 12:34:15.0140 CVirtA (5c706c06c1279952d2cc1a609ca948bf) C:\WINDOWS\system32\DRIVERS\CVirtA.sys 2010/10/20 12:34:15.0187 CVPNDRVA (244b0408e9e20c734c97ce1e783d67ee) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 2010/10/20 12:34:15.0296 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 2010/10/20 12:34:15.0312 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 2010/10/20 12:34:15.0359 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/10/20 12:34:15.0421 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys 2010/10/20 12:34:15.0546 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys 2010/10/20 12:34:15.0578 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/10/20 12:34:15.0640 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 2010/10/20 12:34:15.0671 DNE (2eddbb3ef1dd5a28cb07c149d36e7286) C:\WINDOWS\system32\DRIVERS\dne2000.sys 2010/10/20 12:34:15.0718 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 2010/10/20 12:34:15.0796 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/10/20 12:34:15.0828 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys 2010/10/20 12:34:15.0953 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/10/20 12:34:15.0984 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys 2010/10/20 12:34:16.0078 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys 2010/10/20 12:34:16.0125 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2010/10/20 12:34:16.0156 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2010/10/20 12:34:16.0187 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/10/20 12:34:16.0218 FTDIBUS (b283f1bc1ff852bd232449a4b3e3ce63) C:\WINDOWS\system32\drivers\ebro_bus.sys 2010/10/20 12:34:16.0250 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/10/20 12:34:16.0296 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 2010/10/20 12:34:16.0375 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/10/20 12:34:16.0421 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2010/10/20 12:34:16.0468 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/10/20 12:34:16.0500 HMI (05cce90dcecc6138e21653c02b5e1abe) C:\WINDOWS\system32\drivers\hmiusb.sys 2010/10/20 12:34:16.0546 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 2010/10/20 12:34:16.0671 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys 2010/10/20 12:34:16.0734 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys 2010/10/20 12:34:16.0843 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/10/20 12:34:16.0875 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys 2010/10/20 12:34:16.0921 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys 2010/10/20 12:34:16.0968 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/10/20 12:34:17.0109 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 2010/10/20 12:34:17.0250 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/10/20 12:34:17.0296 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 2010/10/20 12:34:17.0328 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys 2010/10/20 12:34:17.0343 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/10/20 12:34:17.0375 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2010/10/20 12:34:17.0406 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/10/20 12:34:17.0421 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/10/20 12:34:17.0468 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/10/20 12:34:17.0578 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/10/20 12:34:17.0671 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/10/20 12:34:17.0703 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/10/20 12:34:17.0734 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/10/20 12:34:17.0750 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2010/10/20 12:34:17.0781 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys 2010/10/20 12:34:17.0890 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/10/20 12:34:17.0921 Lbd (52320254d74ea11b6f129e7df1016975) C:\WINDOWS\system32\DRIVERS\Lbd.sys 2010/10/20 12:34:17.0984 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 2010/10/20 12:34:18.0015 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/10/20 12:34:18.0062 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys 2010/10/20 12:34:18.0093 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/10/20 12:34:18.0187 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/10/20 12:34:18.0234 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/10/20 12:34:18.0265 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 2010/10/20 12:34:18.0296 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/10/20 12:34:18.0343 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/10/20 12:34:18.0453 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys 2010/10/20 12:34:18.0500 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/10/20 12:34:18.0515 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/10/20 12:34:18.0531 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/10/20 12:34:18.0562 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/10/20 12:34:18.0609 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys 2010/10/20 12:34:18.0656 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys 2010/10/20 12:34:18.0734 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/10/20 12:34:18.0750 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/10/20 12:34:18.0781 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/10/20 12:34:18.0796 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/10/20 12:34:18.0828 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/10/20 12:34:18.0859 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/10/20 12:34:18.0921 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys 2010/10/20 12:34:18.0968 NPF (243126da7ba441d7c7c3262dcf435a9c) C:\WINDOWS\system32\drivers\npf.sys 2010/10/20 12:34:19.0062 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys 2010/10/20 12:34:19.0125 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/10/20 12:34:19.0187 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/10/20 12:34:19.0328 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2010/10/20 12:34:19.0453 NWADI (09b767a235dce6e201793ae4c045ec6e) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys 2010/10/20 12:34:19.0500 NWDellModem (3494ca48eacbb2411727530191d0ff7c) C:\WINDOWS\system32\DRIVERS\nwdelmdm.sys 2010/10/20 12:34:19.0546 NWDellPort (3494ca48eacbb2411727530191d0ff7c) C:\WINDOWS\system32\DRIVERS\nwdelser.sys 2010/10/20 12:34:19.0578 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/10/20 12:34:19.0656 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/10/20 12:34:19.0703 odysseyIM4 (089a3b7c4bd14b47e70681ebe6e01d74) C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys 2010/10/20 12:34:19.0796 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys 2010/10/20 12:34:19.0828 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys 2010/10/20 12:34:19.0859 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/10/20 12:34:19.0890 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/10/20 12:34:20.0171 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/10/20 12:34:20.0265 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 2010/10/20 12:34:20.0296 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/10/20 12:34:20.0375 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 2010/10/20 12:34:20.0421 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 2010/10/20 12:34:20.0453 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/10/20 12:34:20.0484 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/10/20 12:34:20.0515 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/10/20 12:34:20.0562 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 2010/10/20 12:34:20.0578 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 2010/10/20 12:34:20.0593 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 2010/10/20 12:34:20.0609 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 2010/10/20 12:34:20.0640 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 2010/10/20 12:34:20.0687 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/10/20 12:34:20.0718 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/10/20 12:34:20.0781 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/10/20 12:34:20.0796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/10/20 12:34:20.0843 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/10/20 12:34:20.0875 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/10/20 12:34:20.0937 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2010/10/20 12:34:20.0984 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/10/20 12:34:21.0031 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/10/20 12:34:21.0109 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys 2010/10/20 12:34:21.0187 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/10/20 12:34:21.0203 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys 2010/10/20 12:34:21.0234 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys 2010/10/20 12:34:21.0312 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2010/10/20 12:34:21.0359 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys 2010/10/20 12:34:21.0390 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 2010/10/20 12:34:21.0421 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys 2010/10/20 12:34:21.0484 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/10/20 12:34:21.0531 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/10/20 12:34:21.0671 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys 2010/10/20 12:34:21.0734 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/10/20 12:34:21.0843 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys 2010/10/20 12:34:21.0875 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 2010/10/20 12:34:21.0890 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 2010/10/20 12:34:21.0906 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 2010/10/20 12:34:21.0921 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 2010/10/20 12:34:21.0968 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/10/20 12:34:22.0015 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/10/20 12:34:22.0078 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/10/20 12:34:22.0156 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/10/20 12:34:22.0187 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/10/20 12:34:22.0265 TmFilter (f5414683250a53617d11f72c35da33e7) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys 2010/10/20 12:34:22.0281 TmPreFilter (8c50129637b24641f73eb8e21bf3202b) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys 2010/10/20 12:34:22.0328 TM_CFW (866fdebc24d8f1a373968f4574248b82) C:\Program Files\Trend Micro\OfficeScan Client\tm_cfw.sys 2010/10/20 12:34:22.0421 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys 2010/10/20 12:34:22.0453 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys 2010/10/20 12:34:22.0484 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 2010/10/20 12:34:22.0546 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys 2010/10/20 12:34:22.0593 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/10/20 12:34:22.0656 USBCCID (ca16635aac61993a27ebeeb3f683fa8e) C:\WINDOWS\system32\DRIVERS\usbccid.sys 2010/10/20 12:34:22.0734 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/10/20 12:34:22.0765 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/10/20 12:34:22.0796 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/10/20 12:34:22.0843 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/10/20 12:34:22.0890 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2010/10/20 12:34:22.0921 VComm (51750b0539986186c6931fc40d171521) C:\WINDOWS\system32\DRIVERS\VComm.sys 2010/10/20 12:34:23.0000 VcommMgr (6d9c891c0a761afed1f3609c2e56f2b9) C:\WINDOWS\system32\Drivers\VcommMgr.sys 2010/10/20 12:34:23.0062 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys 2010/10/20 12:34:23.0109 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys 2010/10/20 12:34:23.0156 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys 2010/10/20 12:34:23.0187 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/10/20 12:34:23.0281 VSApiNt (9a48faea3a90888004d423b01398a14c) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys 2010/10/20 12:34:23.0375 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/10/20 12:34:23.0437 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/10/20 12:34:23.0484 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys 2010/10/20 12:34:23.0625 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 2010/10/20 12:34:23.0671 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/10/20 12:34:23.0718 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 2010/10/20 12:34:23.0750 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/10/20 12:34:23.0781 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/10/20 12:34:23.0828 \HardDisk0\MBR - detected Rootkit.Win32.TDSS.tdl4 (0) 2010/10/20 12:34:23.0843 ================================================================================ 2010/10/20 12:34:23.0843 Scan finished 2010/10/20 12:34:23.0843 ================================================================================ 2010/10/20 12:34:23.0843 Detected object count: 1 2010/10/20 12:34:56.0984 \HardDisk0\MBR - will be cured after reboot 2010/10/20 12:34:56.0984 Rootkit.Win32.TDSS.tdl4(\HardDisk0\MBR) - User select action: Cure 2010/10/20 12:35:01.0531 Deinitialize success

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

I don't' know if this means anything but after running Combofix, I had no internet. I rebooted. Still no internet. I had to restore my system back to yesterday to get internet back.

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

I zipped all 3 logs into attach.zip. Thanks. infect.zip

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

It's in the zip file.

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

Sorry. Getting a lot of network time outs. I refresh and the post doesn't show up, but then I come back later and the posts are there. Hopefully the zip file will be on this message. attach.zip

infected with pop ups and redirects - can't get GMER to complete

goofy173 replied to goofy173's topic in Resolved Malware Removal Logs

Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4052 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 10/15/2010 7:48:24 AM mbam-log-2010-10-15 (07-48-24).txt Scan type: Quick scan Objects scanned: 188508 Time elapsed: 16 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

Sign In

Posts

Joined

Last visited

Reputation

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

infected with pop ups and redirects - can't get GMER to complete

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information