Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Redirecting Problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Redirecting Problem

Unread postby seth8888 » May 20th, 2010, 12:24 pm

And here is the RSIT log.txt

Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 13 GB (26%) free of 51 GB
Total RAM: 2037 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:23:06 PM, on 20/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\igfxext.exe
C:\Users\Noob\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Noob\Desktop\RSIT.exe
C:\Program Files\trend micro\Noob.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.ca.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.ca.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.1.0.32\IPSBHO.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

--
End of file - 7288 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll [2010-03-25 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.1.0.32\IPSBHO.DLL [2009-11-16 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-01-03 312368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-05 142896]
{52836EB0-631A-47B1-94A6-61F9D9112DAE} - Veoh Video Compass - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll [2009-02-13 404216]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2009-04-03 429816]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll [2010-03-25 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-05 525360]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-22 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-22 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-22 133656]
"SetPanel"=C:\Acer\APanel\APanel.cmd []
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-01-04 768520]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2008-01-22 200704]
"Acer Product Registration"=C:\Program Files\Acer\Acer Registration\ACE1.exe [2007-11-26 3387392]
"Acer Assist Launcher"=C:\Program Files\Acer\Acer Assist\launcher.exe [2007-11-19 1261568]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-07-21 159744]
"eRecoveryService"= []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-07-25 563984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-07-25 2027792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
C:\Acer\AcerTour\Reminder.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-20 125952]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-01-22 200704]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-05-20 12:13:33 ----D---- C:\_OTM
2010-05-18 16:50:22 ----D---- C:\rsit
2010-05-17 15:14:46 ----A---- C:\Windows\ntbtlog.txt
2010-05-17 12:16:42 ----D---- C:\Windows\Minidump
2010-05-17 03:11:19 ----D---- C:\Program Files\Windows Portable Devices
2010-05-17 03:06:25 ----A---- C:\Windows\system32\UIAnimation.dll
2010-05-17 03:06:23 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-05-17 03:06:22 ----A---- C:\Windows\system32\UIRibbon.dll
2010-05-17 03:05:33 ----A---- C:\Windows\system32\WMPhoto.dll
2010-05-17 03:05:31 ----A---- C:\Windows\system32\cdd.dll
2010-05-17 03:05:29 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-05-17 03:05:29 ----A---- C:\Windows\system32\d3d10warp.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-05-17 03:05:28 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\dxdiagn.dll
2010-05-17 03:05:28 ----A---- C:\Windows\system32\dxdiag.exe
2010-05-17 03:05:28 ----A---- C:\Windows\system32\d2d1.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\xpsservices.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\XpsPrint.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\OpcServices.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\FntCache.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\DWrite.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\d3d11.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\d3d10level9.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\d3d10core.dll
2010-05-17 03:05:27 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-05-17 03:05:26 ----A---- C:\Windows\system32\dxgi.dll
2010-05-17 03:05:26 ----A---- C:\Windows\system32\d3d10_1.dll
2010-05-17 03:05:26 ----A---- C:\Windows\system32\d3d10.dll
2010-05-17 03:04:42 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-05-17 03:04:41 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-05-17 03:04:41 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-05-17 03:04:35 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-05-17 03:04:30 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-05-17 03:04:30 ----A---- C:\Windows\system32\wpdshext.dll
2010-05-17 03:04:30 ----A---- C:\Windows\system32\wpd_ci.dll
2010-05-17 03:04:29 ----A---- C:\Windows\system32\WPDSp.dll
2010-05-17 03:04:29 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-05-17 03:04:29 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-05-17 03:04:29 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-05-17 03:04:29 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-05-17 03:02:49 ----A---- C:\Windows\system32\oleaccrc.dll
2010-05-17 03:02:48 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-05-17 03:02:48 ----A---- C:\Windows\system32\oleacc.dll
2010-05-16 23:12:16 ----D---- C:\MGADiagToolOutput
2010-05-16 23:10:54 ----D---- C:\ProgramData\Office Genuine Advantage
2010-05-16 22:41:47 ----D---- C:\Program Files\Gravity
2010-05-16 11:38:50 ----A---- C:\Windows\system32\gameux.dll
2010-05-16 11:38:49 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-05-16 11:38:48 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-05-15 19:44:08 ----SHD---- C:\Config.Msi
2010-05-15 18:32:38 ----D---- C:\Windows\system32\eu-ES
2010-05-15 18:32:38 ----D---- C:\Windows\system32\ca-ES
2010-05-15 18:32:36 ----D---- C:\Windows\system32\vi-VN
2010-05-15 17:08:11 ----D---- C:\Windows\system32\N360_BACKUP
2010-05-15 14:06:41 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-05-15 14:06:38 ----DC---- C:\Windows\system32\DRVSTORE
2010-05-15 14:06:33 ----D---- C:\Program Files\Symantec
2010-05-15 14:04:45 ----D---- C:\Program Files\Norton 360
2010-05-13 03:05:18 ----A---- C:\Windows\system32\MRT.INI
2010-05-13 02:31:00 ----D---- C:\Program Files\Trend Micro
2010-05-12 21:38:34 ----D---- C:\Users\Noob\AppData\Roaming\Malwarebytes
2010-05-12 21:38:21 ----D---- C:\ProgramData\Malwarebytes
2010-05-12 21:38:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-12 11:54:06 ----A---- C:\Windows\system32\inetcomm.dll

======List of files/folders modified in the last 1 months======

2010-05-20 12:20:18 ----D---- C:\Windows\system32\inetsrv
2010-05-20 12:18:31 ----SHD---- C:\System Volume Information
2010-05-20 12:18:27 ----D---- C:\Windows\Temp
2010-05-20 12:16:48 ----D---- C:\Windows\Prefetch
2010-05-20 12:16:09 ----D---- C:\Windows
2010-05-20 12:13:42 ----RD---- C:\Program Files
2010-05-20 12:13:42 ----D---- C:\Windows\System32
2010-05-20 12:08:28 ----D---- C:\Windows\inf
2010-05-20 12:08:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-19 16:24:01 ----D---- C:\Windows\system32\drivers
2010-05-19 12:55:35 ----D---- C:\Windows\tracing
2010-05-17 15:16:27 ----D---- C:\Windows\system32\catroot2
2010-05-17 14:58:55 ----D---- C:\Windows\rescache
2010-05-17 11:43:40 ----D---- C:\Windows\system32\Tasks
2010-05-17 03:15:51 ----D---- C:\Windows\Microsoft.NET
2010-05-17 03:11:21 ----D---- C:\Windows\system32\en-US
2010-05-17 03:11:18 ----D---- C:\Windows\system32\wbem
2010-05-17 03:11:14 ----D---- C:\Windows\system32\zh-TW
2010-05-17 03:11:14 ----D---- C:\Windows\system32\zh-HK
2010-05-17 03:11:14 ----D---- C:\Windows\system32\uk-UA
2010-05-17 03:11:14 ----D---- C:\Windows\system32\tr-TR
2010-05-17 03:11:14 ----D---- C:\Windows\system32\th-TH
2010-05-17 03:11:14 ----D---- C:\Windows\system32\sv-SE
2010-05-17 03:11:14 ----D---- C:\Windows\system32\sr-Latn-CS
2010-05-17 03:11:14 ----D---- C:\Windows\system32\sl-SI
2010-05-17 03:11:14 ----D---- C:\Windows\system32\sk-SK
2010-05-17 03:11:14 ----D---- C:\Windows\system32\pt-PT
2010-05-17 03:11:14 ----D---- C:\Windows\system32\pt-BR
2010-05-17 03:11:14 ----D---- C:\Windows\system32\pl-PL
2010-05-17 03:11:14 ----D---- C:\Windows\system32\nl-NL
2010-05-17 03:11:14 ----D---- C:\Windows\system32\lv-LV
2010-05-17 03:11:14 ----D---- C:\Windows\system32\lt-LT
2010-05-17 03:11:14 ----D---- C:\Windows\system32\ko-KR
2010-05-17 03:11:14 ----D---- C:\Windows\system32\it-IT
2010-05-17 03:11:14 ----D---- C:\Windows\system32\hu-HU
2010-05-17 03:11:14 ----D---- C:\Windows\system32\hr-HR
2010-05-17 03:11:14 ----D---- C:\Windows\system32\he-IL
2010-05-17 03:11:14 ----D---- C:\Windows\system32\fr-FR
2010-05-17 03:11:14 ----D---- C:\Windows\system32\fi-FI
2010-05-17 03:11:14 ----D---- C:\Windows\system32\et-EE
2010-05-17 03:11:14 ----D---- C:\Windows\system32\es-ES
2010-05-17 03:11:14 ----D---- C:\Windows\system32\el-GR
2010-05-17 03:11:14 ----D---- C:\Windows\system32\de-DE
2010-05-17 03:11:14 ----D---- C:\Windows\system32\cs-CZ
2010-05-17 03:11:14 ----D---- C:\Windows\system32\bg-BG
2010-05-17 03:11:13 ----D---- C:\Windows\system32\zh-CN
2010-05-17 03:11:13 ----D---- C:\Windows\system32\ru-RU
2010-05-17 03:11:13 ----D---- C:\Windows\system32\ro-RO
2010-05-17 03:11:13 ----D---- C:\Windows\system32\nb-NO
2010-05-17 03:11:13 ----D---- C:\Windows\system32\ja-JP
2010-05-17 03:11:13 ----D---- C:\Windows\system32\da-DK
2010-05-17 03:11:13 ----D---- C:\Windows\system32\ar-SA
2010-05-17 03:11:10 ----D---- C:\Windows\AppPatch
2010-05-17 03:06:49 ----D---- C:\Windows\winsxs
2010-05-17 03:06:46 ----D---- C:\Windows\system32\catroot
2010-05-17 02:01:29 ----SD---- C:\Windows\Downloaded Program Files
2010-05-16 23:10:54 ----HD---- C:\ProgramData
2010-05-16 21:57:51 ----D---- C:\Windows\Logs
2010-05-15 19:44:24 ----SHD---- C:\Windows\Installer
2010-05-15 18:57:05 ----RSD---- C:\Windows\assembly
2010-05-15 18:45:27 ----SHD---- C:\Boot
2010-05-15 18:34:40 ----D---- C:\Program Files\Windows Calendar
2010-05-15 18:34:39 ----D---- C:\Program Files\Windows Mail
2010-05-15 18:34:39 ----D---- C:\Program Files\Movie Maker
2010-05-15 18:34:38 ----D---- C:\Program Files\Windows Sidebar
2010-05-15 18:34:38 ----D---- C:\Program Files\Windows Media Player
2010-05-15 18:34:38 ----D---- C:\Program Files\Internet Explorer
2010-05-15 18:34:37 ----D---- C:\Program Files\Windows Collaboration
2010-05-15 18:34:36 ----D---- C:\Program Files\Windows Journal
2010-05-15 18:34:34 ----D---- C:\Program Files\Windows Photo Gallery
2010-05-15 18:34:34 ----D---- C:\Program Files\Common Files\System
2010-05-15 18:34:29 ----D---- C:\Program Files\Windows Defender
2010-05-15 18:34:28 ----D---- C:\Windows\servicing
2010-05-15 18:34:28 ----D---- C:\Windows\ehome
2010-05-15 18:34:16 ----D---- C:\Windows\system32\XPSViewer
2010-05-15 18:34:16 ----D---- C:\Windows\IME
2010-05-15 18:34:05 ----D---- C:\Windows\system32\oobe
2010-05-15 18:34:05 ----D---- C:\Windows\system32\migration
2010-05-15 18:33:59 ----D---- C:\Windows\system32\setup
2010-05-15 18:33:59 ----D---- C:\Windows\system32\AdvancedInstallers
2010-05-15 18:33:58 ----D---- C:\Windows\system32\SLUI
2010-05-15 18:33:57 ----D---- C:\Windows\system32\en
2010-05-15 18:33:56 ----D---- C:\Windows\system32\manifeststore
2010-05-15 18:33:46 ----D---- C:\Windows\system32\migwiz
2010-05-15 18:32:50 ----RSD---- C:\Windows\Fonts
2010-05-15 18:32:36 ----D---- C:\Windows\system32\Boot
2010-05-15 18:27:30 ----D---- C:\Windows\system32\RTCOM
2010-05-15 14:28:26 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-05-15 14:04:45 ----D---- C:\ProgramData\Norton
2010-05-15 14:04:43 ----D---- C:\ProgramData\NortonInstaller
2010-05-15 14:00:57 ----D---- C:\Program Files\Norton Internet Security
2010-05-12 20:55:41 ----D---- C:\Program Files\Mozilla Firefox
2010-05-06 10:36:38 ----N---- C:\Windows\system32\MpSigStub.exe
2010-04-30 14:51:06 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100429.001\BHDrvx86.sys [2010-04-29 537136]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\N360\0401000.020\ccHPx86.sys [2010-02-25 501888]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-05-15 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100513.002\IDSvix86.sys [2009-11-16 343088]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\0401000.020\SRTSPX.SYS [2010-02-26 43696]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\0401000.020\Ironx86.SYS [2010-02-26 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\0401000.020\SYMTDIV.SYS [2009-11-21 340016]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]
R2 RMCAST;RMCAST (Pgm) Protocol Driver; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 8704]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2007-03-09 1163616]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-12-11 163376]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-15 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-22 2016256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-07-18 25624]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2008-01-20 126976]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100520.002\NAVENG.SYS [2010-05-15 85552]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100520.002\NAVEX15.SYS [2010-05-15 1347504]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-03-20 6144]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\0401000.020\SRTSP.SYS [2010-02-26 325680]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-05-15 124976]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-30 743424]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-26 984064]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-26 208384]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-07-20 2109592]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-07-20 2142488]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2009-04-30 495768]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-26 660480]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-05 497712]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2008-01-20 13824]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-07-20 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-07-20 137752]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2006-11-02 8704]
R2 MSMQTriggers;@mqutil.dll,-6203; C:\Windows\system32\mqtgsvc.exe [2009-04-11 125952]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe [2010-02-25 126392]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-07-20 141848]
S3 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]
S3 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-03 266343]
S4 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-01-30 386560]

-----------------EOF-----------------
seth8888
Active Member
 
Posts: 12
Joined: May 13th, 2010, 2:28 am
Advertisement
Register to Remove

Re: Redirecting Problem

Unread postby Cypher » May 20th, 2010, 12:40 pm

Hi seth8888.
You're logs look good how is you're PC performing?
Lets get one more scan to make sure there are no leftovers remaining.


Temp File Cleaner

  • Please download TFC and save it to your desktop.
  • Save any unsaved work. TFC will close all open application windows.
  • Right-click TFC.exe And select " Run as administrator " to run it.
  • If prompted, click Yes to reboot.
  • NOTE: Save your work.TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer than a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

Next.

Disable Norton 360

  • Right-click the Norton 360 icon in the system tray and select Open Tasks and
    Settings Window.

  • On the right side, under Settings, click on Change advanced settings.
  • Next, click on the Virus & Spyware Protection Settings.
  • Uncheck Turn on Auto-Protect and select Apply.
  • You will be asked to select a time for Norton to reactivate.
  • Choose Until I turn it back on.
  • Note: Don't forget to Re-enable it after the below scan.

Next.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • Please go Here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Logs/Information to Post in your Next Reply

  • ESET log
  • Please give me an update on your computers performance, any more pop-ups or redirects?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Redirecting Problem

Unread postby seth8888 » May 20th, 2010, 11:37 pm

No, i haven't received anymore pop-ups or redirections anymore. My computer has also seemed to sped up a little bit, and freed up about almost nearly 3 gigabytes worth of space(i believe,i may be exaggerating). So far everything looks good.

Here is the ESET log.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=d714ca8c7cd7c049a2e61b01f03fbde0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-05-21 01:47:57
# local_time=2010-05-20 09:47:57 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=3589 16777213 100 86 0 37671255 0 0
# compatibility_mode=5892 16776574 100 100 0 111000488 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=133092
# found=0
# cleaned=0
# scan_time=13517
seth8888
Active Member
 
Posts: 12
Joined: May 13th, 2010, 2:28 am

Re: Redirecting Problem

Unread postby Cypher » May 21st, 2010, 5:03 am

Hi seth8888 your latest set of logs appear to be clean! :)
This is my general post for when your logs show no more signs of malware.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

DeFogger

To re-enable your Emulation drivers.
Right click DeFogger And select " Run as administrator " to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.

Next

Clean up with OTM

  • Right-click OTM.exe And select " Run as administrator " to run it. If Windows UAC prompts you, please allow it.
    , This tool will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTMoveIt3 as this step will require a reboot
  • On the OTM main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.


Next.

Create a new, clean System Restore point

  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection > Creat.
  • Give this restore point a descriptive name and click Create.
  • Click Apply and OK.

Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush infected System Restore points

  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection.
  • untick the box labeled Vista C: an click Turn off system restore.
  • Click Apply and OK.
  • Restart your computer.


Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.


Now we needed to deal with security vulnerabilities

You have Vista SP1 installed you should install SP2 now as it contains vital security updates for you're PC.



Install internet explorer 8

You can find information and install IE 8 from Here



Here are some free programs I recommend that could help you improve your computer's security.

Install SiteAdvisor
SiteAdvisor is a toolbar for Microsoft Internet Explorer and Mozilla Firefox which alerts you if you're about to enter a potentially dangerous website.
You can find more information and download it from Here

Install WinPatrol
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
For more information, please visit HERE

MVPS Hosts

Install MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update > Check for updates.
To update Office
Open up any Office program.
Go to Help > Check for Updates

Read some information HERE On how to prevent Malware

Is your pc running slow?
Read What to do if your Computer is running slowly

I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe surfing!
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Redirecting Problem

Unread postby seth8888 » May 21st, 2010, 12:36 pm

Yes, i have read your latest post and finished up with the clean up. Thanks so much for your help! my computer is now malware free and running smoothly. I have no other questions, so you can go ahead and close this post now, and again, thank you for your time and help! keep up the good work!
seth8888
Active Member
 
Posts: 12
Joined: May 13th, 2010, 2:28 am

Re: Redirecting Problem

Unread postby Cypher » May 21st, 2010, 12:43 pm

You're most welcome seth :)
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Redirecting Problem

Unread postby jmw3 » May 21st, 2010, 7:14 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 505 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware