-
still redirecting
it's still redirecting me
-
Hey,
Lets dig deeper
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
- Ensure all Firefox windows are closed.
- To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
- When prompted to run the scan, click Yes.
- GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
Then try aswMBR again, even if safemode if needed
To Enter Safemode
- Go to Start> Shut off your Computer> Restart
- As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu. - Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
- Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode
Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
-
goored log
GooredFix by jpshortstuff (03.07.10.1)
Log created at 11:54 on 14/01/2012 (Holly)
Firefox version 8.0 (en-US)
========== GooredScan ==========
========== GooredLog ==========
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [22:58 27/05/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [22:55 27/05/2011]
C:\Users\Holly\Application Data\Mozilla\Firefox\Profiles\7b5zwuw5.default\extensions\
{87934c42-161d-45bc-8cef-ef18abe2a30c} [21:05 02/01/2012]
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(none)
-=E.O.F=-
-
aswMBR won't run even in Safe mode
I ran Goored Fix in Safe mode (was that a mistake?)
Now i tried to run aswMBR and it doesn't appear to do anything.
When I go to talk manager the following processes are running:
csrss.exe
ctfmon.exe
explorer.exe
taskmgr.exe
winlogon.exe
The memory number for explorer keeps climbing. The others all stay the same.
-Scott
-
-
Run this program please
Please download TDSSKiller.zip- Extract it to your desktop
- Double click TDSSKiller.exe
- Press Start Scan
- Only if Malicious objects are found then ensure Cure is selected
- Then click Continue > Reboot now
- Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)
-
this one does not run either.
-
-
MBR text
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1545
Logical Drives Mask: 0x0000000c
Kernel Drivers (total 152):
0x01C1F000 \SystemRoot\system32\ntoskrnl.exe
0x02208000 \SystemRoot\system32\hal.dll
0x00BBA000 \SystemRoot\system32\kdcom.dll
0x00CF9000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D48000 \SystemRoot\system32\PSHED.dll
0x00D5C000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00EC6000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F6A000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F79000 \SystemRoot\system32\drivers\ACPI.sys
0x00FD0000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FD9000 \SystemRoot\system32\drivers\msisadrv.sys
0x00E00000 \SystemRoot\system32\drivers\pci.sys
0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys
0x0108C000 \SystemRoot\System32\drivers\volmgrx.sys
0x010E8000 \SystemRoot\System32\drivers\mountmgr.sys
0x01259000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01375000 \SystemRoot\system32\drivers\amdxata.sys
0x01380000 \SystemRoot\system32\drivers\fltmgr.sys
0x013CC000 \SystemRoot\system32\drivers\fileinfo.sys
0x013E0000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01413000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01102000 \SystemRoot\System32\Drivers\msrpc.sys
0x015B6000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01160000 \SystemRoot\System32\Drivers\cng.sys
0x015D1000 \SystemRoot\System32\drivers\pcw.sys
0x015E2000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01611000 \SystemRoot\system32\drivers\ndis.sys
0x01704000 \SystemRoot\system32\drivers\NETIO.SYS
0x01764000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01862000 \SystemRoot\System32\drivers\tcpip.sys
0x01A66000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AB0000 \SystemRoot\system32\drivers\volsnap.sys
0x01B04000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B3E000 \SystemRoot\System32\Drivers\mup.sys
0x01B50000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B59000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B93000 \SystemRoot\system32\DRIVERS\disk.sys
0x01BA9000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02D56000 \SystemRoot\System32\Drivers\Null.SYS
0x02D5F000 \SystemRoot\System32\Drivers\Beep.SYS
0x02D66000 \SystemRoot\System32\drivers\vga.sys
0x02D74000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02D99000 \SystemRoot\System32\drivers\watchdog.sys
0x02DA9000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02DB2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02DBD000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02DCE000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02DF0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01000000 \SystemRoot\system32\drivers\afd.sys
0x01800000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02C00000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x02C0B000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0178F000 \SystemRoot\system32\DRIVERS\pacer.sys
0x01845000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02C14000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01200000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x01BE7000 \SystemRoot\system32\drivers\nsiproxy.sys
0x017B5000 \SystemRoot\System32\Drivers\dfsc.sys
0x017D3000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x01BF3000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x02EBF000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x02F15000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x02F26000 \SystemRoot\system32\drivers\HDAudBus.sys
0x032F5000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x0359D000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x03200000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x03264000 \SystemRoot\system32\drivers\i8042prt.sys
0x03282000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x032CD000 \SystemRoot\system32\drivers\mouclass.sys
0x032DC000 \SystemRoot\system32\drivers\kbdclass.sys
0x035AA000 \SystemRoot\system32\drivers\cdrom.sys
0x035D4000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x035E1000 \SystemRoot\system32\drivers\wmiacpi.sys
0x035EA000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x02F4A000 \SystemRoot\system32\drivers\CompositeBus.sys
0x02F5A000 \SystemRoot\system32\drivers\mssmbios.sys
0x02F65000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x02F7B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x02F9F000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x02FAB000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x02FDA000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x02E00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x02E21000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x02E3B000 \SystemRoot\system32\drivers\termdd.sys
0x035FB000 \SystemRoot\system32\drivers\swenum.sys
0x02E4F000 \SystemRoot\system32\drivers\ks.sys
0x02E92000 \SystemRoot\system32\drivers\umbus.sys
0x0307A000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x030D4000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x030E9000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02C23000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x030F7000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00040000 \SystemRoot\System32\win32k.sys
0x0310A000 \SystemRoot\System32\drivers\Dxapi.sys
0x03116000 \SystemRoot\System32\Drivers\RtsUStor.sys
0x03150000 \SystemRoot\System32\Drivers\USBD.SYS
0x00530000 \SystemRoot\System32\drivers\dxg.sys
0x00640000 \SystemRoot\System32\TSDDD.dll
0x00830000 \SystemRoot\System32\framebuf.dll
0x03152000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0316F000 \SystemRoot\system32\drivers\WudfPf.sys
0x03190000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x031E3000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03000000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0301E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03036000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x05E1D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x05E6B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x76E40000 \Windows\System32\ntdll.dll
0x47740000 \Windows\System32\smss.exe
0xFF160000 \Windows\System32\apisetschema.dll
0xFF3C0000 \Windows\System32\autochk.exe
0xFF140000 \Windows\System32\nsi.dll
0xFF0A0000 \Windows\System32\msvcrt.dll
0xFF030000 \Windows\System32\gdi32.dll
0xFEF50000 \Windows\System32\advapi32.dll
0xFEED0000 \Windows\System32\difxapi.dll
0xFECF0000 \Windows\System32\setupapi.dll
0xFEC70000 \Windows\System32\shlwapi.dll
0xFEBD0000 \Windows\System32\comdlg32.dll
0x77010000 \Windows\System32\psapi.dll
0xFEB00000 \Windows\System32\usp10.dll
0xFEAD0000 \Windows\System32\imm32.dll
0xFE9A0000 \Windows\System32\rpcrt4.dll
0xFE8C0000 \Windows\System32\oleaut32.dll
0xFDB30000 \Windows\System32\shell32.dll
0x76CF0000 \Windows\System32\urlmon.dll
0xFD920000 \Windows\System32\ole32.dll
0xFD900000 \Windows\System32\sechost.dll
0xFD8A0000 \Windows\System32\Wldap32.dll
0xFD890000 \Windows\System32\lpk.dll
0x76BD0000 \Windows\System32\kernel32.dll
0xFD780000 \Windows\System32\msctf.dll
0x76AD0000 \Windows\System32\user32.dll
0xFD730000 \Windows\System32\ws2_32.dll
0xFD710000 \Windows\System32\imagehlp.dll
0x768C0000 \Windows\System32\iertutil.dll
0x77000000 \Windows\System32\normaliz.dll
0x76760000 \Windows\System32\wininet.dll
0xFD670000 \Windows\System32\clbcatq.dll
0xFD500000 \Windows\System32\crypt32.dll
0xFD460000 \Windows\System32\comctl32.dll
0xFD440000 \Windows\System32\devobj.dll
0xFD400000 \Windows\System32\wintrust.dll
0xFD3C0000 \Windows\System32\cfgmgr32.dll
0xFD350000 \Windows\System32\KernelBase.dll
0xFD340000 \Windows\System32\msasn1.dll
Processes (total 28):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
372 csrss.exe
420 C:\Windows\System32\wininit.exe
428 csrss.exe
488 C:\Windows\System32\services.exe
496 C:\Windows\System32\lsass.exe
504 C:\Windows\System32\lsm.exe
544 C:\Windows\System32\winlogon.exe
632 C:\Windows\System32\svchost.exe
708 C:\Windows\System32\svchost.exe
796 C:\Windows\System32\svchost.exe
844 C:\Windows\System32\svchost.exe
912 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\svchost.exe
984 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1136 C:\Windows\explorer.exe
1360 C:\Windows\System32\ctfmon.exe
1864 C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
1888 C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
1736 C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
1900 C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
1992 C:\Windows\System32\svchost.exe
1920 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1700 C:\Users\Holly\Desktop\MBRCheck.exe
1264 C:\Windows\System32\conhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`b4400000 (NTFS)
PhysicalDrive0 Model Number: TOSHIBAMK3265GSX, Rev: GJ003D
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
-
gmer found nothing
GMER found nothing and the log file is empty
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
