Google redirect

Inactive
By rmhughes0711
Feb 12, 2011
Topic Status:
Not open for further replies.
  1. rmhughes0711

    rmhughes0711 Newcomer, in training Topic Starter Posts: 57

    Ran the fix but the online virus scan still failed with a "license expired" error. Thoughts?
  2. rmhughes0711

    rmhughes0711 Newcomer, in training Topic Starter Posts: 57

    Just wanted to make sure you weren't waiting on anything from me. Let me know. Thanks for your help!
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Actually, I was:
    • Download the file TDSSKiller.zip and save to the desktop.
      (If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.)
    • Right-click the tdsskiller.zip file> Select Extract All into a folder on the infected (or potentially infected) PC.
    • Double click on TDSSKiller.exe. to run the scan
    • When the scan is over, the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
    • Select the action Quarantine to quarantine detected objects.
      The default quarantine folder is in the system disk root folder, e.g.: C:\TDSSKiller_Quarantine\23.07.2010_15.31.43
    • After clicking Next, the utility applies selected actions and outputs the result.
    • A reboot is required after disinfection.
    Post log please.
  4. rmhughes0711

    rmhughes0711 Newcomer, in training Topic Starter Posts: 57

    I'm glad I asked! Here's the report.

    2011/03/08 13:44:46.0841 3776 TDSS rootkit removing tool 2.4.20.0 Mar 2 2011 10:44:30
    2011/03/08 13:44:47.0138 3776 ================================================================================
    2011/03/08 13:44:47.0138 3776 SystemInfo:
    2011/03/08 13:44:47.0138 3776
    2011/03/08 13:44:47.0138 3776 OS Version: 6.0.6002 ServicePack: 2.0
    2011/03/08 13:44:47.0138 3776 Product type: Workstation
    2011/03/08 13:44:47.0138 3776 ComputerName: LINDA-PC
    2011/03/08 13:44:47.0138 3776 UserName: Linda
    2011/03/08 13:44:47.0139 3776 Windows directory: C:\Windows
    2011/03/08 13:44:47.0139 3776 System windows directory: C:\Windows
    2011/03/08 13:44:47.0139 3776 Processor architecture: Intel x86
    2011/03/08 13:44:47.0139 3776 Number of processors: 2
    2011/03/08 13:44:47.0139 3776 Page size: 0x1000
    2011/03/08 13:44:47.0139 3776 Boot type: Normal boot
    2011/03/08 13:44:47.0139 3776 ================================================================================
    2011/03/08 13:44:56.0185 3776 Initialize success
    2011/03/08 13:45:13.0661 2464 ================================================================================
    2011/03/08 13:45:13.0661 2464 Scan started
    2011/03/08 13:45:13.0661 2464 Mode: Manual;
    2011/03/08 13:45:13.0661 2464 ================================================================================
    2011/03/08 13:45:15.0539 2464 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2011/03/08 13:45:15.0969 2464 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    2011/03/08 13:45:16.0411 2464 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    2011/03/08 13:45:16.0662 2464 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    2011/03/08 13:45:16.0967 2464 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    2011/03/08 13:45:17.0323 2464 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2011/03/08 13:45:17.0559 2464 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    2011/03/08 13:45:17.0889 2464 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2011/03/08 13:45:18.0075 2464 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    2011/03/08 13:45:18.0508 2464 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    2011/03/08 13:45:18.0985 2464 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    2011/03/08 13:45:19.0115 2464 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    2011/03/08 13:45:19.0378 2464 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    2011/03/08 13:45:19.0557 2464 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    2011/03/08 13:45:19.0813 2464 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    2011/03/08 13:45:19.0976 2464 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/03/08 13:45:20.0359 2464 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2011/03/08 13:45:20.0616 2464 b57nd60x (32795e299c3aba589a5e04c83d531cdf) C:\Windows\system32\DRIVERS\b57nd60x.sys
    2011/03/08 13:45:20.0988 2464 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2011/03/08 13:45:21.0166 2464 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    2011/03/08 13:45:21.0452 2464 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    2011/03/08 13:45:21.0559 2464 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2011/03/08 13:45:21.0605 2464 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2011/03/08 13:45:21.0898 2464 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2011/03/08 13:45:21.0980 2464 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2011/03/08 13:45:22.0062 2464 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2011/03/08 13:45:22.0234 2464 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2011/03/08 13:45:22.0360 2464 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
    2011/03/08 13:45:22.0558 2464 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2011/03/08 13:45:22.0785 2464 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
    2011/03/08 13:45:23.0055 2464 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
    2011/03/08 13:45:23.0435 2464 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
    2011/03/08 13:45:23.0672 2464 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys
    2011/03/08 13:45:23.0978 2464 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys
    2011/03/08 13:45:24.0245 2464 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys
    2011/03/08 13:45:24.0565 2464 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/03/08 13:45:24.0919 2464 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/03/08 13:45:25.0250 2464 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    2011/03/08 13:45:25.0327 2464 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2011/03/08 13:45:25.0558 2464 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    2011/03/08 13:45:25.0629 2464 cmderd (0346c4bcfbe97ddafb6d6106e3a5e577) C:\Windows\system32\DRIVERS\cmderd.sys
    2011/03/08 13:45:25.0709 2464 cmdGuard (8a4c864777b717ae45580c1e0de2c103) C:\Windows\system32\DRIVERS\cmdguard.sys
    2011/03/08 13:45:25.0809 2464 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    2011/03/08 13:45:25.0921 2464 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    2011/03/08 13:45:26.0277 2464 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    2011/03/08 13:45:26.0581 2464 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    2011/03/08 13:45:27.0279 2464 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2011/03/08 13:45:27.0494 2464 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2011/03/08 13:45:27.0659 2464 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    2011/03/08 13:45:27.0731 2464 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    2011/03/08 13:45:27.0777 2464 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    2011/03/08 13:45:27.0846 2464 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2011/03/08 13:45:27.0936 2464 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
    2011/03/08 13:45:28.0078 2464 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
    2011/03/08 13:45:28.0233 2464 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/03/08 13:45:28.0407 2464 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
    2011/03/08 13:45:28.0499 2464 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2011/03/08 13:45:28.0724 2464 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2011/03/08 13:45:28.0965 2464 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    2011/03/08 13:45:29.0175 2464 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    2011/03/08 13:45:29.0397 2464 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2011/03/08 13:45:29.0490 2464 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2011/03/08 13:45:29.0582 2464 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    2011/03/08 13:45:29.0757 2464 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2011/03/08 13:45:30.0040 2464 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2011/03/08 13:45:30.0160 2464 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/03/08 13:45:30.0532 2464 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2011/03/08 13:45:30.0884 2464 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
    2011/03/08 13:45:31.0011 2464 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/03/08 13:45:31.0306 2464 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    2011/03/08 13:45:31.0455 2464 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/03/08 13:45:31.0789 2464 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/03/08 13:45:31.0970 2464 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2011/03/08 13:45:32.0201 2464 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    2011/03/08 13:45:32.0403 2464 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/03/08 13:45:32.0578 2464 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    2011/03/08 13:45:32.0870 2464 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
    2011/03/08 13:45:33.0216 2464 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    2011/03/08 13:45:33.0541 2464 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/03/08 13:45:33.0816 2464 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\drivers\iastor.sys
    2011/03/08 13:45:34.0141 2464 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    2011/03/08 13:45:34.0627 2464 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
    2011/03/08 13:45:34.0780 2464 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2011/03/08 13:45:34.0861 2464 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
    2011/03/08 13:45:34.0954 2464 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
    2011/03/08 13:45:35.0034 2464 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/03/08 13:45:35.0113 2464 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/03/08 13:45:35.0583 2464 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    2011/03/08 13:45:35.0769 2464 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2011/03/08 13:45:35.0918 2464 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2011/03/08 13:45:35.0972 2464 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    2011/03/08 13:45:36.0164 2464 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/03/08 13:45:36.0435 2464 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2011/03/08 13:45:36.0471 2464 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2011/03/08 13:45:36.0503 2464 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/03/08 13:45:36.0715 2464 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    2011/03/08 13:45:37.0228 2464 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2011/03/08 13:45:37.0553 2464 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/03/08 13:45:37.0966 2464 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
    2011/03/08 13:45:38.0090 2464 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
    2011/03/08 13:45:38.0790 2464 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
    2011/03/08 13:45:39.0001 2464 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    2011/03/08 13:45:39.0178 2464 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    2011/03/08 13:45:39.0292 2464 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/03/08 13:45:39.0372 2464 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2011/03/08 13:45:39.0443 2464 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    2011/03/08 13:45:39.0588 2464 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    2011/03/08 13:45:39.0754 2464 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2011/03/08 13:45:39.0815 2464 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2011/03/08 13:45:39.0947 2464 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/03/08 13:45:40.0018 2464 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/03/08 13:45:40.0084 2464 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2011/03/08 13:45:40.0148 2464 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    2011/03/08 13:45:40.0215 2464 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2011/03/08 13:45:40.0295 2464 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2011/03/08 13:45:40.0372 2464 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2011/03/08 13:45:40.0438 2464 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/03/08 13:45:40.0498 2464 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/03/08 13:45:40.0684 2464 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/03/08 13:45:40.0748 2464 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
    2011/03/08 13:45:40.0839 2464 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    2011/03/08 13:45:40.0947 2464 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2011/03/08 13:45:41.0010 2464 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2011/03/08 13:45:41.0077 2464 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/03/08 13:45:41.0175 2464 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/03/08 13:45:41.0262 2464 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2011/03/08 13:45:41.0343 2464 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2011/03/08 13:45:41.0402 2464 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/03/08 13:45:41.0557 2464 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2011/03/08 13:45:41.0772 2464 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2011/03/08 13:45:41.0874 2464 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/03/08 13:45:41.0954 2464 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    2011/03/08 13:45:42.0048 2464 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/03/08 13:45:42.0124 2464 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/03/08 13:45:42.0222 2464 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/03/08 13:45:42.0328 2464 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2011/03/08 13:45:42.0411 2464 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    2011/03/08 13:45:42.0517 2464 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    2011/03/08 13:45:42.0946 2464 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
    2011/03/08 13:45:43.0189 2464 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    2011/03/08 13:45:43.0268 2464 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2011/03/08 13:45:43.0338 2464 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    2011/03/08 13:45:43.0515 2464 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2011/03/08 13:45:43.0701 2464 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    2011/03/08 13:45:43.0768 2464 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2011/03/08 13:45:43.0823 2464 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    2011/03/08 13:45:43.0898 2464 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    2011/03/08 13:45:43.0986 2464 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    2011/03/08 13:45:44.0430 2464 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
    2011/03/08 13:45:44.0533 2464 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
    2011/03/08 13:45:44.0595 2464 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    2011/03/08 13:45:44.0798 2464 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    2011/03/08 13:45:44.0968 2464 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2011/03/08 13:45:45.0087 2464 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    2011/03/08 13:45:45.0232 2464 PCDSRVC{E9D79540-57D5953E-06020101}_0 (92fddbed716bf5c3cb766101563cfce5) c:\program files\dell support center\pcdsrvc.pkms
    2011/03/08 13:45:45.0344 2464 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2011/03/08 13:45:45.0430 2464 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    2011/03/08 13:45:45.0539 2464 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2011/03/08 13:45:45.0826 2464 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2011/03/08 13:45:46.0102 2464 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/03/08 13:45:46.0164 2464 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    2011/03/08 13:45:46.0255 2464 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2011/03/08 13:45:46.0452 2464 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    2011/03/08 13:45:46.0723 2464 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2011/03/08 13:45:47.0009 2464 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2011/03/08 13:45:47.0405 2464 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/03/08 13:45:47.0703 2464 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/03/08 13:45:47.0770 2464 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/03/08 13:45:47.0888 2464 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/03/08 13:45:47.0966 2464 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/03/08 13:45:48.0019 2464 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/03/08 13:45:48.0084 2464 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/03/08 13:45:48.0247 2464 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    2011/03/08 13:45:48.0470 2464 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2011/03/08 13:45:48.0795 2464 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2011/03/08 13:45:49.0153 2464 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
    2011/03/08 13:45:49.0264 2464 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
    2011/03/08 13:45:49.0377 2464 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
    2011/03/08 13:45:49.0425 2464 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
    2011/03/08 13:45:49.0551 2464 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/03/08 13:45:49.0755 2464 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    2011/03/08 13:45:49.0795 2464 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    2011/03/08 13:45:49.0960 2464 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2011/03/08 13:45:50.0189 2464 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    2011/03/08 13:45:50.0405 2464 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/03/08 13:45:50.0608 2464 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    2011/03/08 13:45:50.0763 2464 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    2011/03/08 13:45:50.0961 2464 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2011/03/08 13:45:51.0270 2464 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    2011/03/08 13:45:51.0430 2464 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/03/08 13:45:51.0557 2464 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    2011/03/08 13:45:51.0619 2464 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    2011/03/08 13:45:51.0758 2464 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    2011/03/08 13:45:51.0981 2464 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    2011/03/08 13:45:52.0094 2464 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    2011/03/08 13:45:52.0369 2464 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2011/03/08 13:45:52.0544 2464 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2011/03/08 13:45:52.0784 2464 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
    2011/03/08 13:45:52.0784 2464 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    2011/03/08 13:45:52.0795 2464 sptd - detected Locked file (1)
    2011/03/08 13:45:52.0999 2464 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
    2011/03/08 13:45:53.0164 2464 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
    2011/03/08 13:45:53.0314 2464 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/03/08 13:45:53.0457 2464 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
    2011/03/08 13:45:53.0660 2464 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2011/03/08 13:45:53.0973 2464 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2011/03/08 13:45:54.0119 2464 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2011/03/08 13:45:54.0328 2464 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2011/03/08 13:45:54.0446 2464 SynTP (dd17b63f26430e179ef6bdef5ac735bd) C:\Windows\system32\DRIVERS\SynTP.sys
    2011/03/08 13:45:54.0810 2464 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2011/03/08 13:45:55.0110 2464 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/03/08 13:45:55.0378 2464 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2011/03/08 13:45:55.0580 2464 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
    2011/03/08 13:45:55.0770 2464 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2011/03/08 13:45:55.0997 2464 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2011/03/08 13:45:56.0083 2464 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2011/03/08 13:45:56.0143 2464 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2011/03/08 13:45:56.0392 2464 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/03/08 13:45:56.0444 2464 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2011/03/08 13:45:56.0489 2464 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/03/08 13:45:56.0765 2464 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    2011/03/08 13:45:56.0907 2464 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2011/03/08 13:45:57.0079 2464 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    2011/03/08 13:45:57.0241 2464 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    2011/03/08 13:45:57.0443 2464 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2011/03/08 13:45:57.0518 2464 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2011/03/08 13:45:57.0622 2464 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2011/03/08 13:45:57.0794 2464 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
    2011/03/08 13:45:57.0868 2464 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/03/08 13:45:58.0011 2464 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2011/03/08 13:45:58.0096 2464 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/03/08 13:45:58.0163 2464 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/03/08 13:45:58.0388 2464 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    2011/03/08 13:45:58.0465 2464 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/03/08 13:45:58.0582 2464 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/03/08 13:45:58.0681 2464 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/03/08 13:45:58.0749 2464 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/03/08 13:45:58.0940 2464 utm0mjuw (524d8d450622db4a7875b111c299a76b) C:\Windows\system32\Drivers\utm0mjuw.sys
    2011/03/08 13:45:59.0134 2464 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/03/08 13:45:59.0194 2464 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2011/03/08 13:45:59.0280 2464 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    2011/03/08 13:45:59.0349 2464 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    2011/03/08 13:45:59.0417 2464 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    2011/03/08 13:45:59.0532 2464 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2011/03/08 13:45:59.0695 2464 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2011/03/08 13:45:59.0869 2464 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2011/03/08 13:46:00.0027 2464 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    2011/03/08 13:46:00.0269 2464 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2011/03/08 13:46:00.0478 2464 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/03/08 13:46:00.0689 2464 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/03/08 13:46:00.0990 2464 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    2011/03/08 13:46:01.0086 2464 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
    2011/03/08 13:46:01.0282 2464 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    2011/03/08 13:46:01.0636 2464 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2011/03/08 13:46:01.0855 2464 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2011/03/08 13:46:01.0947 2464 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/03/08 13:46:02.0121 2464 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/03/08 13:46:02.0287 2464 ================================================================================
    2011/03/08 13:46:02.0287 2464 Scan finished
    2011/03/08 13:46:02.0287 2464 ================================================================================
    2011/03/08 13:46:02.0312 4356 Detected object count: 1
    2011/03/08 13:48:27.0511 4356 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
    2011/03/08 13:48:27.0511 4356 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    2011/03/08 13:48:27.0550 4356 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
    2011/03/08 13:48:27.0553 4356 Locked file(sptd) - User select action: Quarantine
  5. rmhughes0711

    rmhughes0711 Newcomer, in training Topic Starter Posts: 57

    Just checking in. Let me know if I need to be doing anything. Thanks for your help!!
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    What is the status of the system? Are you still getting the redirects? If yes, can you give me an example of the Domain? No links, please. Just name like searchalot.com, etc.

    Describe the redirects as clearly as possible.
  7. rmhughes0711

    rmhughes0711 Newcomer, in training Topic Starter Posts: 57

    No redirects are occurring at this point. I have antivirus turned back on and the system seems to be running as normal. If you feel you have seen everything you need to see, I am content. Let me know your thoughts.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    That's good news! I leave you with a clean system! Let's remove the tools we used:

    Removing all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      [​IMG]
    • Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.

    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
    • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
    • Go to Start > All Programs > Accessories > System Tools
    • Click "System Restore".
    • Choose "Create a Restore Point" on the first screen then click "Next".
    • Give the Restore Point a name> click "Create".
    • Go back and follow the path to > System Tools.
      [*]Choose Disc Cleanup
      [*]Click "OK" to select the partition or drive you want.
      [*]Click the "More Options" Tab.
      [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.


    Empty the Recycle Bin

    Let me know if you have any more questions.
  9. rmhughes0711

    rmhughes0711 Newcomer, in training Topic Starter Posts: 57

    Dude, you rock! Thanks for all your help with this. I'm not sure if Techspot does evaluations on their volunteers but if they do let me know so that I can give you a glowing recommendation! Thanks for everything!!!!!!
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Thank you! I appreciate that. Glad to help out. I'm leaving some suggestions to help you stay clean: Use any or all:

    Tips for added security and safer browsing:
    1. Browser Security Settings: Custom is fine if the user did the settings. Mine are Custom. Default is okay too, but sometimes too restrictive.
      This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features: Make Internet Explorer safer.
    2. Have layered Security:
      • Antivirus Software(only one):Both of the following programs are free and known to be good:
        [o]Avira-AntiVir-Personal-Free-Antivirus
        [o]Avast Free Version
      • Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
        [o]Comodo
        [o]Zone Alarm
      • Antispyware: I recommend all of the following:
        [o]Spywareblaster: SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
      [o]Download ZonedOut and save to your desktop. this replaces IE/Spyad and manages the Zones in Internet explorer. This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
      For IE7 and IE8, Windows 2000 thru Vista. No Windows 7 yet.
      IE/Spyad is not longer being supported. If you have this on your system, you should replace it with the following program. Make sure your IE8 is Up-to-date before adding sites to your restricted zone.
      Known issue: If you have "immunized" your computer with Spybot Search and Destroy, and use ZonedOut to "Remove All" restricted sites - ZonedOut will remove your trusted sites as well. Note that if you remove Spybot Search and Destroys Immunization the problem goes away...
      [o]Replace the Host Files
      MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
      [o]Google Toolbar Get the free google toolbar to help stop pop up windows.
    3. Stay current on updates:
      [o] Visit the Microsoft Download Sitefrequently. You should get All updates marked Critical and the current SP updates.
      [o]Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
      [o]Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
    4. Reset Cookies to prevent Tracking Cookies:
      [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
      [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
      I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
      AdBlock Plus
      Easy List
    5. Do regular Maintenance
      Remove Temporary Internet Files regularly:
      [o]ATF Cleaner by Atribune
      OR
      [o]TFC
      Disable and Enable System Restore:
      [o]See System Restore Guide This will help you understand what this is, why you need to clean and set restore points and what information is in them.
    6. Practice Safe Email Handling
      [o] Don't open email from anyone you don't know.
      [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
      [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
    Use a Site Advisor: I recommend The Web of Trust (WOT), an add-on safe surfing tool for your browser. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.Your online email account – Google Mail, Yahoo! Mail and Hotmail is also protected.

    Every time to do a search and the screen comes up with the sites, they will have the rating light. Green (2 shades), Amber/Yellow Caution, Red> not advised. A few sites haven't been rated and show as a blue flashlight. http://www.mywot.com/en/download

    From the "Rocking Dude" with pleasure.:cool:
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.