Unipophidden - Unable to remove please help!

[Nic79]

[Files/Folders - Modified Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/03/09 20:55:16 | 00,661,370 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/03/09 20:36:54 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/03/09 20:36:48 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/03/09 20:36:46 | 67,060,1216 | -HS- | M] ()
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/03/09 18:42:45 | 01,048,576 | -H-- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/03/09 18:42:23 | 00,000,178 | -HS- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/03/09 18:42:10 | 03,224,504 | -H-- | M] ()
Computer scan log.rtf -> %UserProfile%\My Documents\Computer scan log.rtf -> [2009/03/09 18:42:03 | 00,055,740 | ---- | M] ()
RSIT.exe -> %UserProfile%\Desktop\RSIT.exe -> [2009/03/09 18:33:34 | 00,781,851 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/03/09 17:39:35 | 00,002,206 | ---- | M] ()
Acrobat.com.lnk -> %AllUsersProfile%\Desktop\Acrobat.com.lnk -> [2009/03/08 09:11:49 | 00,000,734 | ---- | M] ()
Adobe Reader 9.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 9.lnk -> [2009/03/08 09:10:01 | 00,001,729 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/03/07 14:58:29 | 00,000,696 | ---- | M] ()
Outback Voucher.rtf -> %UserProfile%\My Documents\Outback Voucher.rtf -> [2009/03/03 17:15:23 | 02,558,279 | ---- | M] ()
ERUNT AutoBackup.lnk -> %UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2009/03/02 18:00:30 | 00,000,767 | ---- | M] ()
NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [2009/03/02 18:00:23 | 00,000,611 | ---- | M] ()
ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2009/03/02 18:00:23 | 00,000,592 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/02 17:59:47 | 00,001,734 | ---- | M] ()
Ad-Aware Update (Weekly).job -> %SystemRoot%\tasks\Ad-Aware Update (Weekly).job -> [2009/03/01 19:52:53 | 00,000,472 | ---- | M] ()
lsdelete.exe -> %SystemRoot%\System32\lsdelete.exe -> [2009/03/01 19:51:58 | 00,015,688 | ---- | M] ()
Lbd.sys -> %SystemRoot%\System32\drivers\Lbd.sys -> [2009/03/01 19:51:47 | 00,064,160 | ---- | M] (Lavasoft AB)
Ad-Aware.lnk -> %AllUsersProfile%\Desktop\Ad-Aware.lnk -> [2009/03/01 19:47:07 | 00,000,867 | ---- | M] ()
Spybot - Search & Destroy.lnk -> %UserProfile%\Desktop\Spybot - Search & Destroy.lnk -> [2009/03/01 19:36:31 | 00,000,933 | ---- | M] ()
User's Guide.lnk -> %AllUsersProfile%\Desktop\User's Guide.lnk -> [2009/02/28 19:41:02 | 00,001,751 | ---- | M] ()
FinePixViewer S.lnk -> %AllUsersProfile%\Desktop\FinePixViewer S.lnk -> [2009/02/28 19:41:02 | 00,001,644 | ---- | M] ()
Exif Launcher S.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Exif Launcher S.lnk -> [2009/02/28 19:41:02 | 00,000,741 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/02/28 17:54:56 | 00,001,374 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/02/28 16:50:31 | 00,004,617 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/02/28 16:50:31 | 00,004,232 | ---- | M] ()
World of Warcraft.lnk -> %AllUsersProfile%\Desktop\World of Warcraft.lnk -> [2009/02/28 15:28:24 | 00,000,711 | ---- | M] ()
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009/02/28 01:13:35 | 00,000,074 | -HS- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/02/28 01:13:26 | 00,090,296 | ---- | M] ()
rp_skt32.sys -> %SystemRoot%\System32\drivers\rp_skt32.sys -> [2009/02/27 21:12:52 | 00,053,192 | ---- | M] (Radialpoint Inc.)
Virgin Broadband PCguard.lnk -> %AllUsersProfile%\Desktop\Virgin Broadband PCguard.lnk -> [2009/02/27 21:02:44 | 00,001,821 | ---- | M] ()
nsreg.dat -> %SystemRoot%\nsreg.dat -> [2009/02/27 20:57:59 | 00,000,000 | ---- | M] ()
Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2009/02/27 20:57:53 | 00,001,602 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/02/27 20:55:15 | 00,012,328 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/02/27 20:52:26 | 00,356,120 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/02/27 20:52:26 | 00,311,934 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/02/27 20:52:26 | 00,040,196 | ---- | M] ()
REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [2009/02/27 20:49:21 | 00,008,192 | ---- | M] ()
$winnt$.inf -> %SystemRoot%\System32\$winnt$.inf -> [2009/02/27 20:48:25 | 00,000,261 | ---- | M] ()
desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009/02/27 20:43:56 | 00,000,084 | -HS- | M] ()
desktop.ini -> %AllUsersProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009/02/27 20:43:56 | 00,000,084 | -HS- | M] ()
CONFIG.NT -> %SystemRoot%\System32\CONFIG.NT -> [2009/02/27 20:43:53 | 00,002,577 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2009/02/27 20:43:53 | 00,000,477 | ---- | M] ()
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2009/02/27 20:43:53 | 00,000,000 | RHS- | M] ()
IO.SYS -> %SystemDrive%\IO.SYS -> [2009/02/27 20:43:53 | 00,000,000 | RHS- | M] ()
control.ini -> %SystemRoot%\control.ini -> [2009/02/27 20:43:53 | 00,000,000 | ---- | M] ()
CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [2009/02/27 20:43:53 | 00,000,000 | ---- | M] ()
AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [2009/02/27 20:43:53 | 00,000,000 | ---- | M] ()
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2009/02/27 20:43:44 | 00,316,640 | ---- | M] ()
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009/02/27 20:43:43 | 00,023,392 | ---- | M] ()
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009/02/27 20:43:43 | 00,016,832 | ---- | M] ()
ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [2009/02/27 20:43:32 | 00,004,161 | ---- | M] ()
WindowsLogon.manifest -> %SystemRoot%\System32\WindowsLogon.manifest -> [2009/02/27 20:42:07 | 00,000,488 | RH-- | M] ()
logonui.exe.manifest -> %SystemRoot%\System32\logonui.exe.manifest -> [2009/02/27 20:42:07 | 00,000,488 | RH-- | M] ()
wuaucpl.cpl.manifest -> %SystemRoot%\System32\wuaucpl.cpl.manifest -> [2009/02/27 20:41:57 | 00,000,749 | RH-- | M] ()
WindowsShell.Manifest -> %SystemRoot%\WindowsShell.Manifest -> [2009/02/27 20:41:57 | 00,000,749 | RH-- | M] ()
sapi.cpl.manifest -> %SystemRoot%\System32\sapi.cpl.manifest -> [2009/02/27 20:41:57 | 00,000,749 | RH-- | M] ()
nwc.cpl.manifest -> %SystemRoot%\System32\nwc.cpl.manifest -> [2009/02/27 20:41:57 | 00,000,749 | RH-- | M] ()
ncpa.cpl.manifest -> %SystemRoot%\System32\ncpa.cpl.manifest -> [2009/02/27 20:41:57 | 00,000,749 | RH-- | M] ()
cdplayer.exe.manifest -> %SystemRoot%\System32\cdplayer.exe.manifest -> [2009/02/27 20:41:57 | 00,000,749 | RH-- | M] ()
emptyregdb.dat -> %SystemRoot%\System32\emptyregdb.dat -> [2009/02/27 20:39:27 | 00,021,640 | ---- | M] ()
vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [2009/02/27 20:39:10 | 00,000,037 | ---- | M] ()
vb.ini -> %SystemRoot%\vb.ini -> [2009/02/27 20:39:10 | 00,000,036 | ---- | M] ()
boot.ini -> %SystemDrive%\boot.ini -> [2009/02/27 20:36:33 | 00,000,211 | -HS- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2009/02/27 20:27:26 | 00,000,231 | ---- | M] ()
desktop.ini -> %AppData%\desktop.ini -> [2009/02/27 20:26:57 | 00,000,062 | -HS- | M] ()
desktop.ini -> %AllUsersProfile%\Documents\desktop.ini -> [2009/02/27 20:26:57 | 00,000,062 | -HS- | M] ()
desktop.ini -> %AllUsersProfile%\Application Data\desktop.ini -> [2009/02/27 20:26:57 | 00,000,062 | -HS- | M] ()
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/02/11 20:56:18 | 21,244,872 | ---- | M] (Microsoft Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
< End of report >


I really hope this helps :(

Thanks Nicola

[peku006]

Hi Nicola

I have ''unipopuphidden'' coming up on my computer.....it slows my internet down drastically and I do not seem to be able to remove it

Could you please describe your "unipopuphidden'' problem?
Can you tell me which program finds ''unipopuphidden'' and where it is located?

I do not see anything that does not look OK, except for few items in your event log, I am not quite sure what they mean,
but one of them obviously means that you need to update the Bios:
ACPI BIOS is attempting to read from an illegal IO port address (0xcfc), which lies in the 0xcf8 - 0xcff

System event log

Computer Name: MACHINENAME
Event Code: 4
Message: AMLI: ACPI BIOS is attempting to read from an illegal IO port address (0xcfc), which lies in the 0xcf8 - 0xcff protected
address range. This could lead to system instability. Please contact your system vendor for technical assistance.

Record Number: 4
Source Name: ACPI
Time Written: 20090227202632.000000+000
Event Type: error
User:

Computer Name: MACHINENAME
Event Code: 5
Message: AMLI: ACPI BIOS is attempting to write to an illegal IO port address (0xcf8), which lies in the 0xcf8 - 0xcff protected
address range. This could lead to system instability. Please contact your system vendor for technical assistance.

Thanks peku006

[Nic79]

Thanks for letting me know about the bios needing updating....thankfully I'm getting a new board, chip and graphics card in a couple of weeks so this should no longer be a problem.

As for the virus, if the internet is going very slow I restart my PC to try and clear it....on shutdown a end program file appears and slows down the shutdown or does not let me shutdown the pc!

I have been doing a little bit of investigating this end and I think it may be a problem with Virgin Broadband PC Guard....I have contacted Virgin and will let you know what they come up with when I hear back from them!

Again thanks for all your help so far, fantastic service!

Nicola

[peku006]

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.