Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Links Redirected


  • Please log in to reply
7 replies to this topic

#1 Fleetwolf90

Fleetwolf90

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:17 PM

Posted 23 September 2010 - 10:12 AM

When I use any search engine, the links are redirected to various advertisements. I've scnned with Malwarebytes and it does not find any malware. Please advise.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,941 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:17 PM

Posted 23 September 2010 - 02:08 PM

Please post the results of your last MBAM scan for review (even if nothing was found).

To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.
  • Click the Logs Tab at the top.
    • The log will be named by the date of scan in the following format: mbam-log-date(time).txt
      -- If you have previously used MBAM, there may be several logs showing in the list.
  • Click on the log name to highlight it.
  • Go to the bottom and click on Open.
  • The log should automatically open in notepad as a text file.
  • Go to Edit and choose Select all.
  • Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.
  • Come back to this thread, click Add Reply, then right-click and choose Paste.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Logs are saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs



Please follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKiller
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • When the program opens, click the Start Scan button.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure is selected, then click Continue > Reboot now to finish the cleaning process. <- Important!!
    Note: If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:17 PM

Posted 23 September 2010 - 03:00 PM

Thanks for your response. Here are the two logs you requested.



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4676

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/23/2010 10:30:59 AM
mbam-log-2010-09-23 (10-30-59).txt

Scan type: Quick scan
Objects scanned: 162926
Time elapsed: 6 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2010/09/23 15:59:16.0383 ================================================================================
2010/09/23 15:59:16.0383 SystemInfo:
2010/09/23 15:59:16.0383
2010/09/23 15:59:16.0383 OS Version: 6.1.7600 ServicePack: 0.0
2010/09/23 15:59:16.0383 Product type: Workstation
2010/09/23 15:59:16.0383 ComputerName: USDMA0281XYZ
2010/09/23 15:59:16.0383 UserName: dmamee
2010/09/23 15:59:16.0383 Windows directory: C:\Windows
2010/09/23 15:59:16.0383 System windows directory: C:\Windows
2010/09/23 15:59:16.0383 Processor architecture: Intel x86
2010/09/23 15:59:16.0383 Number of processors: 4
2010/09/23 15:59:16.0383 Page size: 0x1000
2010/09/23 15:59:16.0383 Boot type: Normal boot
2010/09/23 15:59:16.0383 ================================================================================
2010/09/23 15:59:16.0835 Initialize success
2010/09/23 15:59:18.0895 ================================================================================
2010/09/23 15:59:18.0895 Scan started
2010/09/23 15:59:18.0895 Mode: Manual;
2010/09/23 15:59:18.0895 ================================================================================
2010/09/23 15:59:19.0659 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/09/23 15:59:19.0737 Accelerometer (4df5e6215a102a192b2b6dbb61f2fba5) C:\Windows\system32\DRIVERS\Accelerometer.sys
2010/09/23 15:59:19.0800 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2010/09/23 15:59:19.0846 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/09/23 15:59:19.0924 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/09/23 15:59:19.0987 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2010/09/23 15:59:20.0081 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2010/09/23 15:59:20.0221 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2010/09/23 15:59:20.0315 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
2010/09/23 15:59:20.0549 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2010/09/23 15:59:20.0627 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2010/09/23 15:59:20.0720 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2010/09/23 15:59:20.0751 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2010/09/23 15:59:20.0798 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2010/09/23 15:59:20.0845 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2010/09/23 15:59:20.0861 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2010/09/23 15:59:20.0892 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2010/09/23 15:59:20.0923 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/09/23 15:59:20.0986 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2010/09/23 15:59:21.0001 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2010/09/23 15:59:21.0110 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2010/09/23 15:59:21.0142 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2010/09/23 15:59:21.0204 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/23 15:59:21.0266 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2010/09/23 15:59:21.0360 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2010/09/23 15:59:21.0532 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/09/23 15:59:21.0610 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2010/09/23 15:59:21.0703 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/09/23 15:59:21.0797 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/23 15:59:21.0828 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/09/23 15:59:21.0859 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/09/23 15:59:21.0891 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2010/09/23 15:59:21.0922 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/09/23 15:59:21.0953 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/09/23 15:59:21.0969 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/09/23 15:59:22.0047 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/09/23 15:59:22.0109 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/09/23 15:59:22.0156 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2010/09/23 15:59:22.0234 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2010/09/23 15:59:22.0343 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2010/09/23 15:59:22.0390 btwaudio (ce5833c144ca6623bcbde93b188aa850) C:\Windows\system32\drivers\btwaudio.sys
2010/09/23 15:59:22.0437 btwavdt (af9148c3e844131ac954cb53ff43d971) C:\Windows\system32\DRIVERS\btwavdt.sys
2010/09/23 15:59:22.0515 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
2010/09/23 15:59:22.0577 btwrchid (480b3d195854b2e55299cddddc50bcf9) C:\Windows\system32\DRIVERS\btwrchid.sys
2010/09/23 15:59:22.0655 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/23 15:59:22.0702 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/23 15:59:22.0749 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2010/09/23 15:59:22.0842 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2010/09/23 15:59:22.0874 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/09/23 15:59:22.0905 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2010/09/23 15:59:22.0920 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2010/09/23 15:59:23.0014 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2010/09/23 15:59:23.0092 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/09/23 15:59:23.0154 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/09/23 15:59:23.0201 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2010/09/23 15:59:23.0310 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
2010/09/23 15:59:23.0404 CVPNDRVA (18994842386fd3039279d7865740abbd) C:\Windows\system32\Drivers\CVPNDRVA.sys
2010/09/23 15:59:23.0466 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2010/09/23 15:59:23.0498 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2010/09/23 15:59:23.0544 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2010/09/23 15:59:23.0622 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
2010/09/23 15:59:23.0669 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2010/09/23 15:59:23.0716 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/23 15:59:23.0841 e1kexpress (034fa3a00fff4f68dd9f6d3793392274) C:\Windows\system32\DRIVERS\e1k6232.sys
2010/09/23 15:59:23.0935 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2010/09/23 15:59:24.0200 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2010/09/23 15:59:24.0231 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2010/09/23 15:59:24.0262 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2010/09/23 15:59:24.0293 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2010/09/23 15:59:24.0371 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/23 15:59:24.0434 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2010/09/23 15:59:24.0465 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2010/09/23 15:59:24.0512 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/23 15:59:24.0527 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2010/09/23 15:59:24.0574 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2010/09/23 15:59:24.0606 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/23 15:59:24.0621 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
2010/09/23 15:59:24.0652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/09/23 15:59:24.0684 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/09/23 15:59:24.0762 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2010/09/23 15:59:24.0840 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2010/09/23 15:59:24.0933 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/23 15:59:24.0980 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
2010/09/23 15:59:25.0011 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/09/23 15:59:25.0027 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2010/09/23 15:59:25.0074 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2010/09/23 15:59:25.0136 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/23 15:59:25.0230 hpdskflt (e1d82f0c8456abb03b7df5d623ca47d1) C:\Windows\system32\DRIVERS\hpdskflt.sys
2010/09/23 15:59:25.0276 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2010/09/23 15:59:25.0370 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/09/23 15:59:25.0432 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2010/09/23 15:59:25.0464 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2010/09/23 15:59:25.0495 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/23 15:59:25.0542 iaStor (01446278d4563b3013c92830ae6cbb26) C:\Windows\system32\DRIVERS\iaStor.sys
2010/09/23 15:59:25.0557 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/09/23 15:59:25.0620 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2010/09/23 15:59:25.0667 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\Windows\system32\DRIVERS\Impcd.sys
2010/09/23 15:59:25.0713 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2010/09/23 15:59:25.0745 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/23 15:59:25.0760 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/23 15:59:25.0791 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/09/23 15:59:25.0823 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2010/09/23 15:59:25.0869 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2010/09/23 15:59:25.0916 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2010/09/23 15:59:25.0947 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/23 15:59:25.0994 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/23 15:59:26.0025 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/23 15:59:26.0088 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/23 15:59:26.0166 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2010/09/23 15:59:26.0228 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/23 15:59:26.0306 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/09/23 15:59:26.0337 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/09/23 15:59:26.0369 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/09/23 15:59:26.0384 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/09/23 15:59:26.0415 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2010/09/23 15:59:26.0462 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2010/09/23 15:59:26.0478 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/09/23 15:59:26.0556 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2010/09/23 15:59:26.0603 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/23 15:59:26.0634 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/23 15:59:26.0665 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/23 15:59:26.0696 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2010/09/23 15:59:26.0712 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2010/09/23 15:59:26.0743 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/23 15:59:26.0790 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2010/09/23 15:59:26.0868 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/23 15:59:26.0930 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/23 15:59:26.0993 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/23 15:59:27.0040 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2010/09/23 15:59:27.0055 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2010/09/23 15:59:27.0133 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2010/09/23 15:59:27.0149 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2010/09/23 15:59:27.0180 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/09/23 15:59:27.0242 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/23 15:59:27.0274 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/23 15:59:27.0289 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2010/09/23 15:59:27.0305 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2010/09/23 15:59:27.0352 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/23 15:59:27.0399 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2010/09/23 15:59:27.0430 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/09/23 15:59:27.0445 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2010/09/23 15:59:27.0523 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/23 15:59:27.0601 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2010/09/23 15:59:27.0679 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/09/23 15:59:27.0711 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/23 15:59:27.0742 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/23 15:59:27.0773 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/23 15:59:27.0804 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2010/09/23 15:59:27.0851 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/23 15:59:27.0882 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/23 15:59:28.0069 NETw5s32 (5b2dfa9c5c02ddf2a113cc0f551b59df) C:\Windows\system32\DRIVERS\NETw5s32.sys
2010/09/23 15:59:28.0366 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/09/23 15:59:28.0444 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2010/09/23 15:59:28.0460 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/23 15:59:28.0506 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2010/09/23 15:59:28.0647 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2010/09/23 15:59:28.0725 nusb3hub (68c890ddb21028cb1ea5551b47b29e1b) C:\Windows\system32\DRIVERS\nusb3hub.sys
2010/09/23 15:59:28.0803 nusb3xhc (2cf970c1a9e05d3b91039c2dd4471c0e) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2010/09/23 15:59:28.0912 NVHDA (8571011b62ce0207fa1dc95d88308f1d) C:\Windows\system32\drivers\nvhda32v.sys
2010/09/23 15:59:29.0130 nvlddmkm (eb90a8689d5569b82f57c6a23701e2a3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/09/23 15:59:29.0443 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/09/23 15:59:29.0474 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2010/09/23 15:59:29.0521 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/09/23 15:59:29.0552 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/23 15:59:29.0630 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2010/09/23 15:59:29.0645 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2010/09/23 15:59:29.0692 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2010/09/23 15:59:29.0723 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2010/09/23 15:59:29.0786 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2010/09/23 15:59:29.0801 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/09/23 15:59:29.0848 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2010/09/23 15:59:29.0911 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2010/09/23 15:59:30.0020 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/23 15:59:30.0051 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2010/09/23 15:59:30.0114 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/23 15:59:30.0145 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
2010/09/23 15:59:30.0207 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2010/09/23 15:59:30.0332 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/09/23 15:59:30.0363 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/23 15:59:30.0394 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/23 15:59:30.0441 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/09/23 15:59:30.0457 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/23 15:59:30.0504 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/23 15:59:30.0535 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/23 15:59:30.0582 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/23 15:59:30.0675 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/09/23 15:59:30.0706 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/23 15:59:30.0738 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2010/09/23 15:59:30.0784 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/23 15:59:30.0800 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2010/09/23 15:59:30.0831 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2010/09/23 15:59:30.0894 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2010/09/23 15:59:30.0956 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/09/23 15:59:31.0050 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/09/23 15:59:31.0097 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/09/23 15:59:31.0128 rismc32 (470fc46e2989f6606043c1c5365b15fd) C:\Windows\system32\DRIVERS\rismc32.sys
2010/09/23 15:59:31.0143 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/09/23 15:59:31.0237 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/23 15:59:31.0284 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/09/23 15:59:31.0346 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/09/23 15:59:31.0377 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2010/09/23 15:59:31.0455 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
2010/09/23 15:59:31.0502 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/09/23 15:59:31.0565 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2010/09/23 15:59:31.0596 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2010/09/23 15:59:31.0627 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2010/09/23 15:59:31.0658 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/09/23 15:59:31.0689 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/09/23 15:59:31.0705 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/09/23 15:59:31.0721 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/09/23 15:59:31.0767 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2010/09/23 15:59:31.0814 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/09/23 15:59:31.0830 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/09/23 15:59:31.0877 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2010/09/23 15:59:31.0986 SNP2UVC (4d8a49526aa035b1a8ff3fe6807783f5) C:\Windows\system32\DRIVERS\snp2uvc.sys
2010/09/23 15:59:32.0095 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2010/09/23 15:59:32.0158 srv (dd0dd124d95390fdffa7fb6283923ed4) C:\Windows\system32\DRIVERS\srv.sys
2010/09/23 15:59:32.0220 srv2 (59ef6d9c690e89d51b0692ccb13a06fc) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/23 15:59:32.0267 srvnet (08f28676802b58138e48a2b40caf6204) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/23 15:59:32.0345 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2010/09/23 15:59:32.0392 STHDA (b205de6202b6a019403cf6395d047ca8) C:\Windows\system32\DRIVERS\stwrt.sys
2010/09/23 15:59:32.0454 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/09/23 15:59:32.0485 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2010/09/23 15:59:32.0516 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/23 15:59:32.0594 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\Windows\system32\DRIVERS\SynTP.sys
2010/09/23 15:59:32.0704 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2010/09/23 15:59:32.0828 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/23 15:59:32.0860 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/23 15:59:32.0891 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2010/09/23 15:59:32.0922 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2010/09/23 15:59:32.0938 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/23 15:59:32.0969 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/23 15:59:33.0063 tmactmon (ca9e9c2c04a198ed345c1752222a5f3e) C:\Windows\system32\DRIVERS\tmactmon.sys
2010/09/23 15:59:33.0141 tmcomm (a3d20789b3ff0576a29462bef25bcfcc) C:\Windows\system32\DRIVERS\tmcomm.sys
2010/09/23 15:59:33.0187 tmevtmgr (21f215e54770c4bf93efaf63f58fe57e) C:\Windows\system32\DRIVERS\tmevtmgr.sys
2010/09/23 15:59:33.0265 TmFilter (3e615f370f0c7db414b6bcd1c18399d4) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys
2010/09/23 15:59:33.0390 TmPreFilter (c7c7959ec0940e0eddfc881fed8ec214) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys
2010/09/23 15:59:33.0484 tmtdi (0d943f6afa8bd3cfc6fdb5d5a5c17e91) C:\Windows\system32\DRIVERS\tmtdi.sys
2010/09/23 15:59:33.0546 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
2010/09/23 15:59:33.0640 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/23 15:59:33.0687 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/23 15:59:33.0718 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2010/09/23 15:59:33.0780 udfs (2efee45a340e1590e37c2f2bac16d051) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/23 15:59:33.0874 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/09/23 15:59:33.0952 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/23 15:59:33.0968 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2010/09/23 15:59:34.0014 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/23 15:59:34.0030 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2010/09/23 15:59:34.0061 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/23 15:59:34.0092 usbhub (0db84eda895894ba222e27acf597c806) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/23 15:59:34.0139 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2010/09/23 15:59:34.0202 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2010/09/23 15:59:34.0248 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/23 15:59:34.0295 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/23 15:59:34.0342 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
2010/09/23 15:59:34.0389 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/09/23 15:59:34.0420 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/23 15:59:34.0451 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2010/09/23 15:59:34.0467 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/09/23 15:59:34.0498 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2010/09/23 15:59:34.0529 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2010/09/23 15:59:34.0560 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2010/09/23 15:59:34.0592 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2010/09/23 15:59:34.0623 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/09/23 15:59:34.0654 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/09/23 15:59:34.0670 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2010/09/23 15:59:34.0701 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2010/09/23 15:59:34.0841 VSApiNt (60dfbc34228ca36221b03460789f5d4e) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys
2010/09/23 15:59:34.0935 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/09/23 15:59:34.0982 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/09/23 15:59:35.0044 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/09/23 15:59:35.0107 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2010/09/23 15:59:35.0153 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/23 15:59:35.0200 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/23 15:59:35.0231 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2010/09/23 15:59:35.0278 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/23 15:59:35.0419 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/09/23 15:59:35.0465 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2010/09/23 15:59:35.0543 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUSB.sys
2010/09/23 15:59:35.0559 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/23 15:59:35.0606 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/23 15:59:35.0637 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2010/09/23 15:59:35.0684 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/09/23 15:59:35.0762 ================================================================================
2010/09/23 15:59:35.0762 Scan finished
2010/09/23 15:59:35.0762 ================================================================================
2010/09/23 15:59:52.0894 Deinitialize success

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,941 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:17 PM

Posted 23 September 2010 - 05:44 PM

Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders (temp, IE temp, Java, FF, Opera, Chrome, Safari) for all user accounts including:
    • Administrator.
    • All Users.
    • LocalService.
    • NetworkService.
    • and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

Please download and scan with SUPERAntiSpyware Free
-- If you already use SUPERAntispyware, make sure you are using the most current version as it is frequently updated.
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • Follow these instructions: How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
-- If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner (listed under Popular Links) instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Please perform a scan with Eset Online Anti-virus Scanner.
  • This scan requires Internet Explorer to work. If using a different browser, you will be given the option to download and use the ESET Smart Installer.
  • Vista/Windows 7 users need to run Internet Explorer as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Check Remove found threats and Scan potentially unwanted applications. (If given the option, choose "Quarantine" instead of delete.)
  • Click the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • If offered the option to get information or buy software at any point, just close the window.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply.
Note: A log.txt file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.
If you did not save the ESETScan log, click Posted Image > Run..., then type or copy and paste everything in the code box below into the Open dialogue box:

C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Click Ok and the scan results will open in Notepad.
  • Copy and paste the contents of log.txt in your next reply.
-- Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:17 PM

Posted 24 September 2010 - 11:35 AM

I followed all of all your recommened actions and posted the two logs below. I audited the some google links and the redirect problem no longer exists. I will keep monitoring the performance. Thanks for your assistance!!


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/24/2010 at 09:44 AM

Application Version : 4.43.1000

Core Rules Database Version : 5570
Trace Rules Database Version: 3382

Scan type : Complete Scan
Total Scan Time : 00:22:59

Memory items scanned : 770
Memory threats detected : 0
Registry items scanned : 11294
Registry threats detected : 0
File items scanned : 20867
File threats detected : 240

Rogue.AntiMalwareDoctor
C:\Users\dmamee\AppData\Roaming\8B9619F19D954465D956BDA5174F3B5E

Adware.Tracking Cookie
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@bs.serving-sys[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@statse.webtrendslive[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@specificmedia[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@advertise[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@hitbox[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@advertising[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ru4[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@serving-sys[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ads.undertone[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@interclick[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@at.atwola[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@content.yieldmanager[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@questionmarket[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@2o7[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@tacoda[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@imrworldwide[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ads.pointroll[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@zedo[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@invitemedia[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ad.yieldmanager[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@view.atdmt[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@pointroll[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@specificclick[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@overture[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@collective-media[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@apmebf[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ehg-eset.hitbox[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@insightexpressai[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@atdmt[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@cbcnewmedia.112.2o7[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ad.wsod[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@a1.interclick[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@adbrite[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@ads.bleepingcomputer[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@content.yieldmanager[3].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@doubleclick[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@media6degrees[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@mediaplex[1].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@revsci[2].txt
C:\Users\dmamee\AppData\Roaming\Microsoft\Windows\Cookies\Low\dmamee@yieldmanager[1].txt
cdn.eyewonder.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
content.oddcast.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
convoad.technoratimedia.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
crackle.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
media-glam.pictela.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
media.entertonement.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
media.heavy.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
media.mtvnservices.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
media.scanscout.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
media1.break.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
msnbcmedia.msn.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
objects.tremormedia.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
s0.2mdn.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
secure-us.imrworldwide.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
static.sexsearchcom.com [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X6UDP5DX ]
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bs.serving-sys[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@cdn1.trafficmp[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mediabrandsww[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@apmebf[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@burstnet[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@keenfind[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adecn[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mediaplex[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@collective-media[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@collective-media[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@sportingnews.122.2o7[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@serving-sys[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@atdmt[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@atdmt[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ru4[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@serving-sys[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@apmebf[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@casalemedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@insightexpressai[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@www.burstnet[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[7].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mediaplex[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@serving-sys[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@serving-sys[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@serving-sys[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clicks.keenfind[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@xml.trafficengine[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ru4[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@insightexpressai[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[8].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@www.burstnet[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@revsci[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.lycos[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@a1.interclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@at.atwola[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bs.serving-sys[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@network.realmedia[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.candystand[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media.adfrontiers[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@trafficmp[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[9].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@tacoda[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bizzclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@digitalentertainment.122.2o7[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@revsci[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@interclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[8].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@fastclick[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.pointroll[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@collective-media[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertising[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificclick[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@enhance[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mediaplex[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bs.serving-sys[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.addynamix[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@www.burstbeacon[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@amex-insights[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@apmebf[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificmedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bizzclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@network.realmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@counter.surfcounters[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@dc.tremormedia[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clickpayz10.91456.searchtigo[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.lycos[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertising[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@network.realmedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.lycos[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@dc.tremormedia[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[8].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[7].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@xml.titusmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[7].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@zedo[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ru4[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@zedo[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@xml.titusmedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[8].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adecn[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bizzclick[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bs.serving-sys[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.pointroll[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bs.serving-sys[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.pubmatic[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@burstnet[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adecn[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@dc.tremormedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@www.burstnet[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@zedo[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ru4[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@tribalfusion[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[7].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@zedo[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[8].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.lycos[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@eyewonder[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@network.realmedia[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertising[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bs.serving-sys[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[8].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@apmebf[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@gotacha.rotator.hadj7.adjuggler[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ads.gossipcenter[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificclick[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[9].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adserver.adtechus[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ru4[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bridge2.admarketplace[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@fastclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@a1.interclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adserver.adtechus[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@trafficmp[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@xml.trafficengine[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@insightexpressai[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@admarketplace[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@click.fastpartner[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@n-traffic[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@imrworldwide[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@atdmt[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@www.burstnet[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[9].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@serving-sys[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[7].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clickpayz2.91462.searchtigo[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@content.yieldmanager[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@zedo[1].txt


Eset log file:

C:\Users\dmamee\AppData\Roaming\mssvpa.dll a variant of Win32/Kryptik.GND trojan cleaned by deleting (after the next restart) - quarantined

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,941 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:17 PM

Posted 24 September 2010 - 11:47 AM

Not a problem.

We still have another step to do if there are no further problems so be sure to get back with me as soon as you can and give an update.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Fleetwolf90

Fleetwolf90
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:17 PM

Posted 24 September 2010 - 02:57 PM

All search engine links (and everything else) have been working correctly all day.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,941 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:17 PM

Posted 24 September 2010 - 03:48 PM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users