Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google problem


  • Please log in to reply
7 replies to this topic

#1 hiroshi

hiroshi

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:redmond,WA
  • Local time:06:15 PM

Posted 24 March 2011 - 06:36 PM

I have two computers, one with Windows XP and other with Windows 7. I'm on a network and both computers started have this problem after I tried to look up information starting with A140E. I scanned with Sybot, Malwarebytes, Ad-Aware and Norton. Everything comes up clean. What my computer does is sometimes when I try to search, nothing happens. When I try something like "I feel lucky" and dialog box comes up with " Our systems has detected unusual traffic from your computer network. this page checks to see if its really you sending the request, and not a reboot." Also " This page appears when google automatically detects request from your computer network which appears to be in violation of the (Term of service) the block will expire shortly after those request stop." This sounds to me like someone is using my network. How can one figure out if someone has hacked my network on a virus in my computer? Appreciate any help repairing this problem.

BC AdBot (Login to Remove)

 


#2 hiroshi

hiroshi
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:redmond,WA
  • Local time:06:15 PM

Posted 24 March 2011 - 06:42 PM

Forgot, If I use Yahoo.com both computers seem to work fine. This only happens when I use Google.com for searching. When I type in something and use the drop down box, it works. Only if I press SEARCH this happens.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:15 PM

Posted 24 March 2011 - 11:24 PM

Hello hirosh,please run these,post the logs and let me know if it got better.

Please read and follow all these instructions.
  • Please download GooredFix and save it to your Desktop.
  • Double-click GooredFix.exe to run it.
  • A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt).


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 hiroshi

hiroshi
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:redmond,WA
  • Local time:06:15 PM

Posted 26 March 2011 - 12:05 PM

ooredFix by jpshortstuff (03.07.10.1)
Log created at 18:41 on 25/03/2011 (Hiro)
Firefox version 3.6.16 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [15:05 09/10/2010]
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [02:54 27/12/2010]

C:\Documents and Settings\Hiro\Application Data\Mozilla\Firefox\Profiles\oc1jdrhw.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b} [15:07 03/09/2009]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [17:30 04/03/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [14:09 21/08/2009]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [17:24 08/11/2010]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\" [21:05 14/11/2010]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\" [21:05 14/11/2010]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [15:59 24/12/2010]

-=E.O.F=- This is from GooredFix.Notepad.





2011/03/26 10:03:19.0104 2960 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/26 10:03:19.0526 2960 ================================================================================
2011/03/26 10:03:19.0526 2960 SystemInfo:
2011/03/26 10:03:19.0526 2960
2011/03/26 10:03:19.0526 2960 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/26 10:03:19.0526 2960 Product type: Workstation
2011/03/26 10:03:19.0526 2960 ComputerName: HIROSHI
2011/03/26 10:03:19.0526 2960 UserName: Hiro
2011/03/26 10:03:19.0526 2960 Windows directory: C:\WINDOWS
2011/03/26 10:03:19.0526 2960 System windows directory: C:\WINDOWS
2011/03/26 10:03:19.0526 2960 Processor architecture: Intel x86
2011/03/26 10:03:19.0526 2960 Number of processors: 2
2011/03/26 10:03:19.0526 2960 Page size: 0x1000
2011/03/26 10:03:19.0526 2960 Boot type: Normal boot
2011/03/26 10:03:19.0526 2960 ================================================================================
2011/03/26 10:03:20.0151 2960 Initialize success
2011/03/26 10:03:23.0260 1604 ================================================================================
2011/03/26 10:03:23.0260 1604 Scan started
2011/03/26 10:03:23.0260 1604 Mode: Manual;
2011/03/26 10:03:23.0260 1604 ================================================================================
2011/03/26 10:03:24.0042 1604 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/26 10:03:24.0073 1604 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/26 10:03:24.0135 1604 ADIHdAudAddService (ab0d9669bab1009e48cc91117e59912b) C:\WINDOWS\system32\drivers\ADIHdAud.sys
2011/03/26 10:03:24.0198 1604 AEAudio (03be587e90c8b37c7ff1fe2e9c1d1c90) C:\WINDOWS\system32\drivers\AEAudio.sys
2011/03/26 10:03:24.0245 1604 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/26 10:03:24.0292 1604 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
This is from TDSSKiller.
WindowsXP/ I've looked in the Google forum and it appears others have this problem and seems there are no fixes for it.

#5 hiroshi

hiroshi
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:redmond,WA
  • Local time:06:15 PM

Posted 26 March 2011 - 12:10 PM

GooredFix by jpshortstuff (03.07.10.1)
Log created at 17:25 on 25/03/2011 (Hiroshi)
Firefox version 4.0 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [22:20 24/03/2011]

C:\Users\Hiroshi\Application Data\Mozilla\Firefox\Profiles\j0i9i96t.default\extensions\
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [18:13 11/02/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\" [19:00 11/02/2011]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\" [19:00 11/02/2011]

-=E.O.F=-




2011/03/25 17:27:43.0471 5476 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/25 17:27:43.0861 5476 ================================================================================
2011/03/25 17:27:43.0861 5476 SystemInfo:
2011/03/25 17:27:43.0861 5476
2011/03/25 17:27:43.0861 5476 OS Version: 6.1.7600 ServicePack: 0.0
2011/03/25 17:27:43.0861 5476 Product type: Workstation
2011/03/25 17:27:43.0861 5476 ComputerName: HIROSHISAN
2011/03/25 17:27:43.0861 5476 UserName: Hiroshi
2011/03/25 17:27:43.0861 5476 Windows directory: C:\windows
2011/03/25 17:27:43.0861 5476 System windows directory: C:\windows
2011/03/25 17:27:43.0861 5476 Running under WOW64
2011/03/25 17:27:43.0861 5476 Processor architecture: Intel x64
2011/03/25 17:27:43.0861 5476 Number of processors: 2
2011/03/25 17:27:43.0861 5476 Page size: 0x1000
2011/03/25 17:27:43.0861 5476 Boot type: Normal boot
2011/03/25 17:27:43.0861 5476 ================================================================================
2011/03/25 17:27:44.0688 5476 Initialize success
2011/03/25 17:27:47.0667 5812 ================================================================================
2011/03/25 17:27:47.0667 5812 Scan started
2011/03/25 17:27:47.0667 5812 Mode: Manual;
2011/03/25 17:27:47.0667 5812 ================================================================================
2011/03/25 17:27:48.0276 5812 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys
2011/03/25 17:27:48.0416 5812 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
2011/03/25 17:27:48.0463 5812 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
2011/03/25 17:27:48.0572 5812 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/03/25 17:27:48.0728 5812 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/03/25 17:27:48.0884 5812 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/03/25 17:27:49.0056 5812 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys
2011/03/25 17:27:49.0180 5812 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
2011/03/25 17:27:49.0336 5812 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
2011/03/25 17:27:49.0461 5812 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
2011/03/25 17:27:49.0508 5812 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/03/25 17:27:49.0773 5812 amdkmdag (aefaf27f1b7e52c705df4fb6c96732f6) C:\windows\system32\DRIVERS\atipmdag.sys
2011/03/25 17:27:50.0070 5812 amdkmdap (8149db73be27950ec72767a1193153a6) C:\windows\system32\DRIVERS\atikmpag.sys
2011/03/25 17:27:50.0194 5812 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/03/25 17:27:50.0241 5812 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\windows\system32\DRIVERS\amdsata.sys
2011/03/25 17:27:50.0350 5812 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/03/25 17:27:50.0491 5812 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\windows\system32\DRIVERS\amdxata.sys
2011/03/25 17:27:50.0631 5812 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
2011/03/25 17:27:50.0787 5812 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/03/25 17:27:50.0834 5812 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/03/25 17:27:50.0881 5812 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/03/25 17:27:51.0006 5812 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
2011/03/25 17:27:51.0333 5812 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
2011/03/25 17:27:51.0536 5812 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/03/25 17:27:51.0692 5812 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/03/25 17:27:51.0848 5812 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/03/25 17:27:52.0129 5812 BHDrvx64 (0163c18a9ebc4a76542790cec49f5120) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110309.001\BHDrvx64.sys
2011/03/25 17:27:52.0300 5812 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/03/25 17:27:52.0456 5812 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys
2011/03/25 17:27:52.0581 5812 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/03/25 17:27:52.0722 5812 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/03/25 17:27:52.0753 5812 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/03/25 17:27:52.0862 5812 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/03/25 17:27:52.0893 5812 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/03/25 17:27:52.0909 5812 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/03/25 17:27:52.0924 5812 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/03/25 17:27:53.0112 5812 ccHP (da66e851e76766d2c84502fe682ab175) C:\windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys
2011/03/25 17:27:53.0268 5812 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/03/25 17:27:53.0408 5812 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
2011/03/25 17:27:53.0548 5812 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/03/25 17:27:53.0626 5812 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/03/25 17:27:53.0782 5812 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/03/25 17:27:53.0923 5812 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
2011/03/25 17:27:53.0985 5812 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
2011/03/25 17:27:54.0110 5812 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/03/25 17:27:54.0266 5812 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/03/25 17:27:54.0391 5812 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/03/25 17:27:54.0562 5812 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys
2011/03/25 17:27:54.0703 5812 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/03/25 17:27:54.0828 5812 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/03/25 17:27:54.0984 5812 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/03/25 17:27:55.0155 5812 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
2011/03/25 17:27:55.0374 5812 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/03/25 17:27:55.0514 5812 eeCtrl (066108ae4c35835081598827a1a7d08d) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
2011/03/25 17:27:55.0701 5812 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/03/25 17:27:55.0842 5812 EraserUtilRebootDrv (12866876e3851f1e5d462b2a83e25578) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/03/25 17:27:55.0951 5812 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
2011/03/25 17:27:56.0122 5812 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/03/25 17:27:56.0278 5812 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/03/25 17:27:56.0341 5812 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/03/25 17:27:56.0466 5812 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/03/25 17:27:56.0512 5812 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/03/25 17:27:56.0544 5812 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/03/25 17:27:56.0668 5812 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
2011/03/25 17:27:56.0824 5812 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/03/25 17:27:56.0871 5812 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/03/25 17:27:57.0012 5812 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/03/25 17:27:57.0058 5812 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/03/25 17:27:57.0183 5812 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/25 17:27:57.0355 5812 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/03/25 17:27:57.0495 5812 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
2011/03/25 17:27:57.0651 5812 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/03/25 17:27:57.0698 5812 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/03/25 17:27:57.0823 5812 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/03/25 17:27:57.0854 5812 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/03/25 17:27:57.0994 5812 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
2011/03/25 17:27:58.0150 5812 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/03/25 17:27:58.0322 5812 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
2011/03/25 17:27:58.0447 5812 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
2011/03/25 17:27:58.0603 5812 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
2011/03/25 17:27:58.0743 5812 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys
2011/03/25 17:27:59.0008 5812 IDSVia64 (6f9b281bc4afff5fe784d7da699d347f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110325.001\IDSvia64.sys
2011/03/25 17:27:59.0149 5812 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/03/25 17:27:59.0352 5812 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\windows\system32\drivers\RTKVHD64.sys
2011/03/25 17:27:59.0492 5812 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
2011/03/25 17:27:59.0648 5812 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/03/25 17:27:59.0788 5812 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/03/25 17:27:59.0929 5812 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/03/25 17:27:59.0960 5812 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/03/25 17:28:00.0132 5812 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/03/25 17:28:00.0256 5812 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
2011/03/25 17:28:00.0288 5812 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
2011/03/25 17:28:00.0428 5812 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
2011/03/25 17:28:00.0553 5812 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
2011/03/25 17:28:00.0600 5812 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
2011/03/25 17:28:00.0693 5812 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
2011/03/25 17:28:00.0771 5812 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/03/25 17:28:00.0943 5812 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/03/25 17:28:01.0114 5812 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys
2011/03/25 17:28:01.0270 5812 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/03/25 17:28:01.0489 5812 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/03/25 17:28:01.0801 5812 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/03/25 17:28:02.0082 5812 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/03/25 17:28:02.0238 5812 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/03/25 17:28:02.0284 5812 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/03/25 17:28:02.0331 5812 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/03/25 17:28:02.0456 5812 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/03/25 17:28:02.0612 5812 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/03/25 17:28:02.0643 5812 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
2011/03/25 17:28:02.0784 5812 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/03/25 17:28:02.0908 5812 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
2011/03/25 17:28:03.0049 5812 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\windows\system32\DRIVERS\MpFilter.sys
2011/03/25 17:28:03.0189 5812 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
2011/03/25 17:28:03.0330 5812 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\windows\system32\DRIVERS\MpNWMon.sys
2011/03/25 17:28:03.0439 5812 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/03/25 17:28:03.0501 5812 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
2011/03/25 17:28:03.0517 5812 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/03/25 17:28:03.0548 5812 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/03/25 17:28:03.0642 5812 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/03/25 17:28:03.0673 5812 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\windows\system32\DRIVERS\msahci.sys
2011/03/25 17:28:03.0704 5812 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
2011/03/25 17:28:03.0813 5812 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/03/25 17:28:03.0876 5812 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/03/25 17:28:03.0891 5812 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
2011/03/25 17:28:04.0016 5812 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/03/25 17:28:04.0188 5812 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/03/25 17:28:04.0359 5812 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/03/25 17:28:04.0515 5812 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
2011/03/25 17:28:04.0671 5812 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
2011/03/25 17:28:04.0718 5812 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/03/25 17:28:04.0843 5812 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/03/25 17:28:04.0983 5812 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/03/25 17:28:05.0186 5812 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/03/25 17:28:05.0389 5812 NAVENG (7be93dbb02b66e72872ff76d8a92e662) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110325.020\ENG64.SYS
2011/03/25 17:28:05.0498 5812 NAVEX15 (be99edbba322ca59b3f2fe17b9bf987a) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110325.020\EX64.SYS
2011/03/25 17:28:05.0685 5812 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
2011/03/25 17:28:05.0841 5812 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/03/25 17:28:05.0982 5812 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/03/25 17:28:06.0122 5812 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
2011/03/25 17:28:06.0262 5812 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
2011/03/25 17:28:06.0387 5812 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
2011/03/25 17:28:06.0543 5812 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/03/25 17:28:06.0684 5812 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
2011/03/25 17:28:06.0855 5812 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/03/25 17:28:06.0996 5812 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2011/03/25 17:28:07.0198 5812 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/03/25 17:28:07.0386 5812 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/03/25 17:28:07.0448 5812 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys
2011/03/25 17:28:07.0588 5812 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/03/25 17:28:07.0760 5812 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys
2011/03/25 17:28:07.0885 5812 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys
2011/03/25 17:28:08.0025 5812 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
2011/03/25 17:28:08.0181 5812 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
2011/03/25 17:28:08.0353 5812 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/03/25 17:28:08.0493 5812 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
2011/03/25 17:28:08.0665 5812 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys
2011/03/25 17:28:08.0696 5812 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
2011/03/25 17:28:08.0805 5812 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/03/25 17:28:08.0946 5812 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/03/25 17:28:09.0102 5812 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/03/25 17:28:09.0258 5812 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
2011/03/25 17:28:09.0476 5812 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
2011/03/25 17:28:09.0601 5812 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/03/25 17:28:09.0804 5812 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
2011/03/25 17:28:09.0882 5812 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/03/25 17:28:10.0038 5812 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/03/25 17:28:10.0084 5812 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/03/25 17:28:10.0100 5812 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/03/25 17:28:10.0225 5812 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/03/25 17:28:10.0365 5812 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/03/25 17:28:10.0506 5812 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/03/25 17:28:10.0724 5812 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/03/25 17:28:10.0864 5812 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
2011/03/25 17:28:11.0005 5812 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/03/25 17:28:11.0130 5812 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/03/25 17:28:11.0270 5812 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/03/25 17:28:11.0301 5812 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/03/25 17:28:11.0317 5812 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
2011/03/25 17:28:11.0488 5812 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys
2011/03/25 17:28:11.0613 5812 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\windows\system32\drivers\regi.sys
2011/03/25 17:28:11.0800 5812 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/03/25 17:28:11.0925 5812 RSUSBSTOR (907c4464381b5ebdfdc60f6c7d0dedfc) C:\windows\system32\Drivers\RtsUStor.sys
2011/03/25 17:28:12.0081 5812 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys
2011/03/25 17:28:12.0222 5812 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\windows\system32\DRIVERS\Rt64win7.sys
2011/03/25 17:28:12.0378 5812 RTL8192Ce (ffc748d848740d1bc8f330a8879c2674) C:\windows\system32\DRIVERS\rtl8192Ce.sys
2011/03/25 17:28:12.0518 5812 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
2011/03/25 17:28:12.0705 5812 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
2011/03/25 17:28:12.0877 5812 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/03/25 17:28:13.0064 5812 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/03/25 17:28:13.0204 5812 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/03/25 17:28:13.0236 5812 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/03/25 17:28:13.0282 5812 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
2011/03/25 17:28:13.0298 5812 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
2011/03/25 17:28:13.0314 5812 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
2011/03/25 17:28:13.0329 5812 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/03/25 17:28:13.0470 5812 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/03/25 17:28:13.0610 5812 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/03/25 17:28:13.0766 5812 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/03/25 17:28:13.0953 5812 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/03/25 17:28:14.0218 5812 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\windows\System32\Drivers\N360x64\0403000.005\SRTSP64.SYS
2011/03/25 17:28:14.0390 5812 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\windows\system32\drivers\N360x64\0403000.005\SRTSPX64.SYS
2011/03/25 17:28:14.0530 5812 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\windows\system32\DRIVERS\srv.sys
2011/03/25 17:28:14.0686 5812 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\windows\system32\DRIVERS\srv2.sys
2011/03/25 17:28:14.0842 5812 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\windows\system32\DRIVERS\srvnet.sys
2011/03/25 17:28:14.0998 5812 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/03/25 17:28:15.0154 5812 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
2011/03/25 17:28:15.0264 5812 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS
2011/03/25 17:28:15.0544 5812 SymEFA (42c952d131eff724a9959bb6d78c1b63) C:\windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS
2011/03/25 17:28:15.0700 5812 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2011/03/25 17:28:15.0888 5812 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS
2011/03/25 17:28:16.0075 5812 SYMTDIv (8abb6e5b7d75cd3f0a988695d0d9186a) C:\windows\System32\Drivers\N360x64\0403000.005\SYMTDIV.SYS
2011/03/25 17:28:16.0246 5812 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys
2011/03/25 17:28:16.0496 5812 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\drivers\tcpip.sys
2011/03/25 17:28:16.0761 5812 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\DRIVERS\tcpip.sys
2011/03/25 17:28:16.0886 5812 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
2011/03/25 17:28:17.0042 5812 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
2011/03/25 17:28:17.0182 5812 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/03/25 17:28:17.0323 5812 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/03/25 17:28:17.0354 5812 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
2011/03/25 17:28:17.0463 5812 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
2011/03/25 17:28:17.0728 5812 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/03/25 17:28:17.0869 5812 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
2011/03/25 17:28:17.0994 5812 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
2011/03/25 17:28:18.0087 5812 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
2011/03/25 17:28:18.0196 5812 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/03/25 17:28:18.0321 5812 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
2011/03/25 17:28:18.0477 5812 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
2011/03/25 17:28:18.0618 5812 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
2011/03/25 17:28:18.0758 5812 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/03/25 17:28:18.0898 5812 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys
2011/03/25 17:28:19.0054 5812 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
2011/03/25 17:28:19.0179 5812 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\windows\system32\DRIVERS\usbehci.sys
2011/03/25 17:28:19.0351 5812 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\windows\system32\DRIVERS\usbhub.sys
2011/03/25 17:28:19.0476 5812 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys
2011/03/25 17:28:19.0522 5812 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/03/25 17:28:19.0632 5812 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/03/25 17:28:19.0663 5812 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys
2011/03/25 17:28:19.0803 5812 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\system32\Drivers\usbvideo.sys
2011/03/25 17:28:19.0959 5812 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
2011/03/25 17:28:20.0100 5812 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/03/25 17:28:20.0131 5812 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/03/25 17:28:20.0178 5812 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
2011/03/25 17:28:20.0271 5812 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
2011/03/25 17:28:20.0427 5812 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
2011/03/25 17:28:20.0552 5812 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
2011/03/25 17:28:20.0614 5812 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
2011/03/25 17:28:20.0739 5812 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/03/25 17:28:20.0786 5812 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/03/25 17:28:20.0911 5812 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/03/25 17:28:20.0989 5812 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/03/25 17:28:21.0098 5812 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/25 17:28:21.0129 5812 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
2011/03/25 17:28:21.0160 5812 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/03/25 17:28:21.0207 5812 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/03/25 17:28:21.0363 5812 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/03/25 17:28:21.0394 5812 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/03/25 17:28:21.0550 5812 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/03/25 17:28:21.0722 5812 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/03/25 17:28:21.0784 5812 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
2011/03/25 17:28:21.0816 5812 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/03/25 17:28:21.0878 5812 ================================================================================
2011/03/25 17:28:21.0878 5812 Scan finished


TDSS also found no threats.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:15 PM

Posted 26 March 2011 - 06:19 PM

Thanks for reposting.. Your router is hijacked by trojan DNS-hijacker.

  • Please read this: Malware Silently Alters Wireless Router Settings

  • Then reset your router to it's factory default settings:

    "If your machine has been infected by one of these Zlob/DNSchanger Trojans, and your router settings have been altered, I would strongly recommend that you reset the router to its default configuration. Usually, this can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds)"


  • This is the difficult part.
    First get to the routers server. To do that open Internet Explorer and type http:\\192.168.1.1 in the address bar and click Enter. You get the log in window.
    Fill in the password you have already found and you will get the configuration page.
    Configure the router to allow you to connect to your ISP server. In some routers it is done by a setup wizard. But you have to fill in the log in password your ISP has initially given to you.
    You can also call your ISP if you don't have your initial password.
    Don't forget to change the routers default password and set a strong password. Note down the password and keep it somewhere for future reference.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 hiroshi

hiroshi
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:redmond,WA
  • Local time:06:15 PM

Posted 30 March 2011 - 02:55 PM

Can't seem to find anyone that knows about this problem. Not sure what to delete. I finally changed my homepage to Yahoo.com and reset my router with a new user ID and password and connection code my daughter helped me with. Since it was my router that was hijacked, now all my other hard drives are working O.K. even using Google as a home page. Thanks much for your time in helping me.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:15 PM

Posted 30 March 2011 - 03:52 PM

Ok, let's just do the part in the quote box for now then...

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users