Hello and thank you for reading my post.
I'm having problems with my work machine here. Normally I use Firefox for all internet browsing however over the last few weeks I've had IE windows pop up while I'm using Firefox. Occasionally I've been redirected from websites. I'm pretty sure I've picked up some sort of virus. I've hopefully following the instructions properly and have attached the following logs. I should note that this computer runs "F-PROT Antivirus" but I temporarily disabled it while completing steps 2-5 (it found no errors).
Thanks again.
I will break up my logs between posts.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7749
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/19/2011 11:53:40 AM
mbam-log-2011-09-19 (11-53-40).txt
Scan type: Quick scan
Objects scanned: 209803
Time elapsed: 16 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I'm having problems with my work machine here. Normally I use Firefox for all internet browsing however over the last few weeks I've had IE windows pop up while I'm using Firefox. Occasionally I've been redirected from websites. I'm pretty sure I've picked up some sort of virus. I've hopefully following the instructions properly and have attached the following logs. I should note that this computer runs "F-PROT Antivirus" but I temporarily disabled it while completing steps 2-5 (it found no errors).
Thanks again.
I will break up my logs between posts.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7749
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/19/2011 11:53:40 AM
mbam-log-2011-09-19 (11-53-40).txt
Scan type: Quick scan
Objects scanned: 209803
Time elapsed: 16 minute(s), 9 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)