Hi guys, having google re-direct issues for the past week. Below are my logs as stated in the 7 steps guidelines:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7035
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7/20/2011 12:36:06 PM
mbam-log-2011-07-20 (12-36-06).txt
Scan type: Quick scan
Objects scanned: 219664
Time elapsed: 6 minute(s), 24 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\mohany.anwar\favorites\antivirus scan.url (Rogue.Link) -> Quarantined and deleted successfully.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-07-20 12:46:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FBEO
Running: nd04o535.exe; Driver: C:\DOCUME~1\MOHANY~1.ANW\LOCALS~1\Temp\uglyrpog.sys
---- System - GMER 1.0.15 ----
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xB9DA90C0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xB9DA90D4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xB9DA9100]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB9DA9156]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xB9DA90AC]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xB9DA9084]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xB9DA9098]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xB9DA90EA]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xB9DA912C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xB9DA9116]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xB9DA9180]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xB9DA916C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xB9DA9140]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- Threads - GMER 1.0.15 ----
Thread System [4:180] 8A480E7A
Thread System [4:184] 8A483008
---- EOF - GMER 1.0.15 ----
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7035
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7/20/2011 12:36:06 PM
mbam-log-2011-07-20 (12-36-06).txt
Scan type: Quick scan
Objects scanned: 219664
Time elapsed: 6 minute(s), 24 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\mohany.anwar\favorites\antivirus scan.url (Rogue.Link) -> Quarantined and deleted successfully.
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-07-20 12:46:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FBEO
Running: nd04o535.exe; Driver: C:\DOCUME~1\MOHANY~1.ANW\LOCALS~1\Temp\uglyrpog.sys
---- System - GMER 1.0.15 ----
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xB9DA90C0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xB9DA90D4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xB9DA9100]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB9DA9156]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xB9DA90AC]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xB9DA9084]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xB9DA9098]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xB9DA90EA]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xB9DA912C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xB9DA9116]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xB9DA9180]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xB9DA916C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xB9DA9140]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
---- Threads - GMER 1.0.15 ----
Thread System [4:180] 8A480E7A
Thread System [4:184] 8A483008
---- EOF - GMER 1.0.15 ----