Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Unable to remove Redirect Virus, also computer slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unable to remove Redirect Virus, also computer slow

Unread postby Sheila225 » September 18th, 2014, 1:21 pm

I've had lots of problems since July including Windows update not working (that one has been fixed), strange changes to font sizes (both in browser and a few applications) without any action on my part. But the latest is the Redirect virus which shows up in any browser I use, and typically sends me to a Google home page in Hong Kong or Canada. I've run Hijackthis (but don't really know how to proceed with results) and recently was told to run Combofix - but again I got a log which I was unable to decipher. The instructions listed a number of websites where I could get help - and this was one of them.

But I have read the instructions and am only providing you with the information which is required. Thanks in advance for any help you can provide.
Sheila

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 11.20.2
Run by Sheena at 13:05:01 on 2014-09-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4008.1699 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\CISVC.EXE
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\HPSIsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\lotus\organize\org32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVAST Software\Avast\OpenVpn\openvpn.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com
uProxyOverride = <local>;192.168.*.*
uSearchAssistant = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
dRun: [Bomgar_Cleanup_ZD394525676] cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x53fe7719" & reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD394525676 /f
dRun: [Bomgar_Cleanup_ZD425722671] cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x53fea692" & reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD425722671 /f
StartupFolder: C:\Users\Sheena\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\S10PAS~1.LNK - C:\Program Files (x86)\S10 Password Vault\S10PasswordVault.exe
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: S10 Autologin - C:\Program Files (x86)\S10 Password Vault\AutologinIE.htm
IE: S10 Autotype... - C:\Program Files (x86)\S10 Password Vault\AutotypeIE.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1 71.250.0.12
TCP: Interfaces\{146CE239-05E6-4C5A-80AA-5ABC0C9AA68B} : DHCPNameServer = 192.168.1.1 71.250.0.12
TCP: Interfaces\{146CE239-05E6-4C5A-80AA-5ABC0C9AA68B}\2505C4055726C69636 : DHCPNameServer = 10.10.89.10
TCP: Interfaces\{146CE239-05E6-4C5A-80AA-5ABC0C9AA68B}\7594E4F556031316 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{8B2C3573-37A6-4599-9165-A76B2725CDA3} : DHCPNameServer = 77.234.40.79
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-7-1 448400]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-3-13 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-3-13 224896]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2014-3-13 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-3-13 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-3-13 427360]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-28 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-3-13 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-3-13 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-1 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-7-1 106488]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2013-10-15 311184]
R2 HPSIService;HP SI Service;C:\Windows\System32\HPSIsvc.exe [2012-8-26 127800]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-16 1809720]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2014-4-8 137528]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-20 2655768]
R3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\drivers\aswTap.sys [2014-7-1 44640]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-20 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 76912]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-14 25816]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2013-2-25 2426672]
S2 !SASCORE;SAS Core Service;"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" --> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-8-7 438616]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-16 860472]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-8-11 44032]
S3 Blackberry Device Manager;Blackberry Device Manager;C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-1-18 577536]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-3-31 170792]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-11 111616]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-16 63704]
S3 mvusbews;USB EWS Device;C:\Windows\System32\drivers\mvusbews.sys [2012-12-24 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-25 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 Tific System Service;Tific System Service;C:\Program Files (x86)\Common Files\Tific\Tific Client G1\Tific System Service.exe [2014-8-27 1700648]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-14 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-25 30208]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-26 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2014-9-9 65657]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-09-18 16:06:01 -------- d-sh--w- C:\$RECYCLE.BIN
2014-09-18 15:51:38 98816 ----a-w- C:\Windows\sed.exe
2014-09-18 15:51:38 256000 ----a-w- C:\Windows\PEV.exe
2014-09-18 15:51:38 208896 ----a-w- C:\Windows\MBR.exe
2014-09-16 21:15:55 -------- d-----w- C:\Windows\CheckSur
2014-09-16 20:03:54 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1312142E-4FBE-4A8E-B12C-7EE9D84F6428}\mpengine.dll
2014-09-14 13:02:36 -------- d-----w- C:\Users\Sheena\AppData\Local\Google
2014-09-14 13:00:46 -------- d-----w- C:\Users\Sheena\AppData\Local\Deployment
2014-09-11 15:57:00 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-11 15:57:00 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-11 15:52:25 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-11 15:52:21 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-11 15:51:43 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-11 15:51:37 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-11 15:50:51 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-11 15:50:50 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-11 15:50:49 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-11 15:50:45 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-11 15:50:45 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-11 15:50:39 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-11 15:50:36 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-09-10 01:34:51 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-09 15:42:52 -------- d-----w- C:\ProgramData\Motorola
2014-09-09 15:39:24 -------- d-----w- C:\Users\Sheena\AppData\Roaming\Motorola Mobility
2014-09-09 15:39:02 -------- d-----w- C:\Program Files (x86)\Motorola Mobility
2014-09-09 15:39:02 -------- d-----w- C:\Program Files (x86)\Motorola
2014-09-09 15:39:02 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap
2014-09-09 15:37:44 -------- d-----w- C:\Program Files\Motorola Mobility LLC
2014-09-09 15:37:41 -------- d-----w- C:\Program Files\Common Files\Motorola Shared
2014-09-09 15:34:59 -------- d-----w- C:\Users\Sheena\AppData\Roaming\Motorola
2014-08-29 23:24:52 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin7.dll
2014-08-29 23:24:52 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin6.dll
2014-08-28 14:26:32 -------- d-----w- C:\Users\Sheena\AppData\Local\Little_Apps
2014-08-28 14:22:12 -------- d-----w- C:\Users\Sheena\AppData\Roaming\BlueSprig
2014-08-28 14:08:09 -------- d-----w- C:\Windows\ERUNT
2014-08-28 14:05:03 -------- d-----w- C:\ProgramData\HitmanPro
2014-08-28 03:48:38 -------- d-----w- C:\Remote-Service
2014-08-28 01:31:25 -------- d-----w- C:\Users\Sheena\AppData\Roaming\Tific
2014-08-28 01:31:25 -------- d-----w- C:\Users\Sheena\AppData\Local\Tific
2014-08-28 01:31:24 -------- d-----w- C:\Program Files (x86)\Tific
2014-08-28 01:31:23 -------- d-----w- C:\Program Files (x86)\Common Files\Tific
2014-08-28 00:31:49 -------- d-----w- C:\Diag-Advisor
2014-08-27 19:16:21 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-27 19:16:21 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-27 19:16:21 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-27 15:59:13 -------- d-----w- C:\CSV
2014-08-23 05:17:06 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-08-23 04:17:51 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-19 19:48:07 -------- d-----w- C:\Users\Sheena\AppData\Local\Adobe
.
==================== Find3M ====================
.
2014-09-13 16:40:01 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-13 05:13:44 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-13 05:13:44 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-25 10:53:42 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-07-04 16:26:36 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2014-07-01 17:37:51 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-07-01 17:37:50 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-01 17:37:50 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-01 17:37:50 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-07-01 17:37:50 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-07-01 17:37:50 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-07-01 17:37:50 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-07-01 17:37:49 43152 ----a-w- C:\Windows\avastSS.scr
2014-07-01 17:37:37 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-07-01 17:37:33 44640 ----a-w- C:\Windows\System32\drivers\aswTap.sys
2014-07-01 17:37:31 448400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-06-30 22:24:50 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-06-30 22:14:53 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
.
============= FINISH: 13:05:17.82 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/24/2012 10:37:10 PM
System Uptime: 9/18/2014 12:03:08 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K73E
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz | CPU 1 | 2300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 195 GiB total, 110.372 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 245 GiB total, 224.546 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SASDIFSV
Device ID: ROOT\LEGACY_SASDIFSV\0000
Manufacturer:
Name: SASDIFSV
PNP Device ID: ROOT\LEGACY_SASDIFSV\0000
Service: SASDIFSV
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SASKUTIL
Device ID: ROOT\LEGACY_SASKUTIL\0000
Manufacturer:
Name: SASKUTIL
PNP Device ID: ROOT\LEGACY_SASKUTIL\0000
Service: SASKUTIL
.
==== System Restore Points ===================
.
RP294: 9/11/2014 11:53:52 AM - Windows Update
RP295: 9/13/2014 4:49:54 PM - Removed Google Drive
RP296: 9/13/2014 4:51:49 PM - Removed Google Drive
RP297: 9/13/2014 5:31:20 PM - Quitado Control ActiveX de Windows Live Mesh para conexiones remotas
RP298: 9/13/2014 5:31:58 PM - Removed Contrôle ActiveX Windows Live Mesh pour connexions à distance
RP299: 9/14/2014 8:48:20 AM - Windows Update
RP300: 9/16/2014 5:14:57 PM - Windows Update
RP301: 9/18/2014 11:51:44 AM - ComboFix created restore point
.
==== Installed Programs ======================
.
Adobe Digital Editions 3.0
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Help Center 2.1
Adobe PDF iFilter 11 for 64-bit platforms
Adobe Photoshop Elements 5.0
Adobe Reader X (10.1.10)
Alcor Micro USB Card Reader
Amazon Cloud Player
Amazon Kindle
ANT Drivers Installer x64
Apple Application Support
Apple Software Update
ArkivMusic
ASUS AI Recovery
ASUS Power4Gear Hybrid
AsusScr_K3 Series_ENG_Basic
ATK Package
avast! Internet Security
BlackBerry Desktop Software 7.1
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CNN.com Desktop Alerter 1.0
Contrôle ActiveX Windows Live Mesh pour connexions à distance
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD 10
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DietPower 4.4
doPDF 7.3 printer
Dragon NaturallySpeaking 12
DriverDoc
Dropbox
Duplicate File Finder
EasyBloom Companion
Elevated Installer
ETDWare PS/2-X64 8.1.5.0_WHQL
Family Tree Maker 2012
Free Studio version 2013
Frostbow Collection Manager 3
Frostbow Home Inventory 5 Lite
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Garmin BaseCamp
Garmin City Navigator NorthAmerica NT 2013.30 Update
Garmin Communicator Plugin
Garmin Communicator Plugin x64
Garmin Express
Garmin Express Tray
Garmin POI Loader
Garmin USB Drivers
Google Chrome
Google Update Helper
HitmanPro 3.7
HP LaserJet Professional P1100-P1560-P1600 Series
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Turbo Boost Technology Monitor 2.0
iom Driver
iom Grapher
J2SE Runtime Environment 5.0 Update 1
Java 7 Update 67
Java 7 Update 67 (64-bit)
Java 8 Update 20
Java 8 Update 20 (64-bit)
Java Auto Updater
Kyodai Mahjongg 2006 v1.42
Lotus Organizer 97 GS
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft HealthVault Connection Center
Microsoft HealthVault Connection Center Configuration
Microsoft Mouse and Keyboard Center
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mindfulness Academy
Motorola Mobile Drivers Installation 6.3.0
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Nuance PDF Reader
OutlookTools 2
PhotoScape
PreReq
PrintProjects
Quick Connect
Quicken 2012
Quicken WillMaker Plus 2014
QuickTime
Ralink RT2860 Wireless LAN Card
Realtek High Definition Audio Driver
S10 Password Vault 4.1
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SketchUp 2013
SketchUp Viewer
Skype™ 6.16
Synaptics Pointing Device Driver
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wnjiper
TurboTax 2012 wrapper
TurboTax 2013
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wnjiper
TurboTax 2013 wrapper
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition
Verizon Software Upgrade Assistant
Verizon Wireless Software Upgrade Assistant for Motorola
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Encoder 9 Series
WinFlash
WinUtilities Professional Edition 11.14
.
==== Event Viewer Messages From Past Week ========
.
9/18/2014 12:06:47 PM, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: The specified module could not be found.
9/18/2014 12:04:55 PM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
9/18/2014 12:04:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
9/18/2014 12:04:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.
9/18/2014 12:04:28 PM, Error: Service Control Manager [7000] - The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/18/2014 12:03:54 PM, Error: Service Control Manager [7000] - The SAS Core Service service failed to start due to the following error: The system cannot find the file specified.
9/18/2014 12:02:20 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
9/18/2014 11:54:02 AM, Error: Service Control Manager [7034] - The Adobe Active File Monitor V5 service terminated unexpectedly. It has done this 1 time(s).
9/16/2014 11:51:41 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 252.
9/13/2014 12:40:01 PM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 2 time(s).
9/13/2014 12:31:06 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user SHEILA-2ASUS\Sheena SID (S-1-5-21-1032800967-415441068-2686936699-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/12/2014 11:08:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Definition Update for Windows Defender - KB915597 (Definition 1.183.2261.0).
9/11/2014 2:56:05 PM, Error: Service Control Manager [7031] - The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
.
==== End Of File ===========================
Sheila225
Active Member
 
Posts: 1
Joined: September 18th, 2014, 1:14 pm
Advertisement
Register to Remove

Re: Unable to remove Redirect Virus, also computer slow

Unread postby MWR 3 day Mod » September 22nd, 2014, 10:30 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Unable to remove Redirect Virus, also computer slow

Unread postby wannabeageek » September 22nd, 2014, 11:22 pm

Checking over your logs. Be back in a few.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Unable to remove Redirect Virus, also computer slow

Unread postby wannabeageek » September 22nd, 2014, 11:32 pm

Hello Sheila225, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start





Please post all files ending in .txt from this folder:
C:\qoobox
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Unable to remove Redirect Virus, also computer slow

Unread postby NonSuch » September 27th, 2014, 6:13 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware