Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus / Malware Help Request


  • Please log in to reply
10 replies to this topic

#1 Del_RFC

Del_RFC

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 11 July 2011 - 02:12 PM

Hi,

I am running Windows7 and have run into a pretty tricky redirect virus to cure.

Essentially when I search via Google when I select a result I am very ofter redirected to another website. The most common seems to be Gomeo. When I use the back button then select the result for the second time the link completes correctly.

I have tried AVG, Malwarebytes and Superantispyware all to no avail.

Any help would be much appreciated.

Del

Edited by Del_RFC, 11 July 2011 - 02:12 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:39 PM

Posted 11 July 2011 - 02:39 PM

Hello, I moved this to te Am I Infected forum. (This one requires a DDS log)
Let's do these and see how you are.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.



Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal Instructions

If it finds something make sure Cure is selected
Next click Continue then Reboot now
A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Del_RFC

Del_RFC
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 11 July 2011 - 04:25 PM

2011/07/11 22:24:20.0270 7180 TDSS rootkit removing tool 2.5.9.0 Jul 1 2011 18:45:21
2011/07/11 22:24:20.0515 7180 ================================================================================
2011/07/11 22:24:20.0515 7180 SystemInfo:
2011/07/11 22:24:20.0515 7180
2011/07/11 22:24:20.0515 7180 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/11 22:24:20.0515 7180 Product type: Workstation
2011/07/11 22:24:20.0515 7180 ComputerName: DEREK-PC
2011/07/11 22:24:20.0515 7180 UserName: Derek
2011/07/11 22:24:20.0515 7180 Windows directory: C:\Windows
2011/07/11 22:24:20.0515 7180 System windows directory: C:\Windows
2011/07/11 22:24:20.0515 7180 Processor architecture: Intel x86
2011/07/11 22:24:20.0515 7180 Number of processors: 2
2011/07/11 22:24:20.0515 7180 Page size: 0x1000
2011/07/11 22:24:20.0515 7180 Boot type: Normal boot
2011/07/11 22:24:20.0515 7180 ================================================================================
2011/07/11 22:24:21.0108 7180 Initialize success
2011/07/11 22:24:26.0717 7364 ================================================================================
2011/07/11 22:24:26.0717 7364 Scan started
2011/07/11 22:24:26.0717 7364 Mode: Manual;
2011/07/11 22:24:26.0717 7364 ================================================================================
2011/07/11 22:24:27.0498 7364 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/07/11 22:24:27.0594 7364 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/07/11 22:24:27.0682 7364 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/07/11 22:24:27.0864 7364 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/07/11 22:24:27.0962 7364 ADIHdAudAddService (fb9ece3f7b8a03e474e611031ad4cd23) C:\Windows\system32\drivers\ADIHdAud.sys
2011/07/11 22:24:28.0191 7364 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/11 22:24:28.0238 7364 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/11 22:24:28.0300 7364 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/11 22:24:28.0550 7364 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/07/11 22:24:28.0675 7364 AgereSoftModem (3712986cc3abf0dc656b43525b9d1279) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/07/11 22:24:28.0815 7364 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/07/11 22:24:28.0893 7364 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/07/11 22:24:29.0065 7364 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/07/11 22:24:29.0127 7364 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/07/11 22:24:29.0189 7364 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/07/11 22:24:29.0345 7364 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/11 22:24:29.0392 7364 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/11 22:24:29.0455 7364 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/07/11 22:24:29.0611 7364 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/11 22:24:29.0657 7364 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/07/11 22:24:29.0735 7364 anodlwf (48e008cf2edcf8fc91a9d3507865a51d) C:\Windows\system32\DRIVERS\anodlwf.sys
2011/07/11 22:24:29.0907 7364 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/07/11 22:24:30.0001 7364 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/07/11 22:24:30.0047 7364 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/11 22:24:30.0297 7364 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/11 22:24:30.0391 7364 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/07/11 22:24:30.0531 7364 avgio (6a646c46b9415e13095aa9b352040a7a) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/07/11 22:24:30.0682 7364 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
2011/07/11 22:24:30.0750 7364 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
2011/07/11 22:24:30.0816 7364 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/11 22:24:30.0944 7364 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\Windows\System32\Drivers\avgtdix.sys
2011/07/11 22:24:30.0998 7364 avipbb (452e382340bb0c5e694ed9d3625356d0) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/11 22:24:31.0173 7364 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/07/11 22:24:31.0227 7364 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/07/11 22:24:31.0301 7364 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/07/11 22:24:31.0459 7364 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/11 22:24:31.0513 7364 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/11 22:24:31.0558 7364 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/11 22:24:31.0582 7364 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/11 22:24:31.0738 7364 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/07/11 22:24:31.0785 7364 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/11 22:24:31.0816 7364 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/11 22:24:31.0863 7364 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/11 22:24:32.0019 7364 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/07/11 22:24:32.0097 7364 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/11 22:24:32.0128 7364 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2011/07/11 22:24:32.0284 7364 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys
2011/07/11 22:24:32.0331 7364 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys
2011/07/11 22:24:32.0456 7364 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/11 22:24:32.0565 7364 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/11 22:24:32.0684 7364 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/11 22:24:32.0782 7364 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/07/11 22:24:32.0918 7364 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/11 22:24:33.0003 7364 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/07/11 22:24:33.0087 7364 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/07/11 22:24:33.0189 7364 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/11 22:24:33.0307 7364 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/07/11 22:24:33.0389 7364 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/11 22:24:33.0502 7364 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/07/11 22:24:33.0705 7364 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/07/11 22:24:33.0767 7364 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/07/11 22:24:33.0954 7364 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/07/11 22:24:34.0017 7364 dtsoftbus01 (b672b993207dd5e2f73fcda8c0427b0f) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/07/11 22:24:34.0110 7364 DXGKrnl (c94b6c3cc628179cb9b9061c19888b99) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/11 22:24:34.0329 7364 e1express (9636e42b3114b66ce6edfb34b9d8e81b) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/07/11 22:24:34.0509 7364 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/07/11 22:24:34.0815 7364 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/11 22:24:34.0854 7364 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/07/11 22:24:34.0937 7364 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/07/11 22:24:34.0996 7364 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/07/11 22:24:35.0146 7364 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/11 22:24:35.0224 7364 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/07/11 22:24:35.0255 7364 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/07/11 22:24:35.0317 7364 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/11 22:24:35.0458 7364 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/07/11 22:24:35.0536 7364 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/07/11 22:24:35.0567 7364 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/11 22:24:35.0629 7364 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/11 22:24:35.0801 7364 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/11 22:24:35.0894 7364 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/07/11 22:24:36.0035 7364 HBtnKey (93aee3434935fc2f805fefd8dc5ed1b4) C:\Windows\system32\DRIVERS\cpqbttn.sys
2011/07/11 22:24:36.0097 7364 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/11 22:24:36.0156 7364 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/11 22:24:36.0210 7364 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/11 22:24:36.0342 7364 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/11 22:24:36.0406 7364 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/11 22:24:36.0459 7364 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/11 22:24:36.0646 7364 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2011/07/11 22:24:36.0728 7364 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/07/11 22:24:36.0781 7364 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2011/07/11 22:24:36.0915 7364 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys
2011/07/11 22:24:36.0997 7364 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/07/11 22:24:37.0040 7364 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/11 22:24:37.0196 7364 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/11 22:24:37.0290 7364 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/11 22:24:37.0446 7364 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/07/11 22:24:37.0695 7364 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/07/11 22:24:37.0976 7364 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/11 22:24:38.0054 7364 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/07/11 22:24:38.0117 7364 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/11 22:24:38.0179 7364 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/11 22:24:38.0319 7364 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/07/11 22:24:38.0382 7364 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/07/11 22:24:38.0444 7364 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/07/11 22:24:38.0585 7364 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/07/11 22:24:38.0631 7364 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/11 22:24:38.0709 7364 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/11 22:24:38.0850 7364 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/11 22:24:38.0912 7364 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/11 22:24:38.0959 7364 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/11 22:24:39.0177 7364 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/11 22:24:39.0271 7364 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/11 22:24:39.0318 7364 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/11 22:24:39.0458 7364 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/11 22:24:39.0505 7364 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/11 22:24:39.0567 7364 ltbb (e6d35f3aa51a65eb35c1f2340154a25e) C:\Windows\system32\drivers\ncicntk.sys
2011/07/11 22:24:39.0726 7364 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/07/11 22:24:39.0792 7364 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\Windows\system32\DRIVERS\lvrs.sys
2011/07/11 22:24:40.0069 7364 LVUVC (3703406af0726badd24c5e552493e5b1) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/07/11 22:24:40.0270 7364 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/11 22:24:40.0341 7364 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/11 22:24:40.0399 7364 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/07/11 22:24:40.0450 7364 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/11 22:24:40.0597 7364 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/11 22:24:40.0654 7364 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/11 22:24:40.0697 7364 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/07/11 22:24:40.0838 7364 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/07/11 22:24:40.0869 7364 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/11 22:24:40.0947 7364 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/07/11 22:24:40.0994 7364 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/11 22:24:41.0041 7364 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/11 22:24:41.0181 7364 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/11 22:24:41.0228 7364 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/07/11 22:24:41.0275 7364 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/07/11 22:24:41.0368 7364 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/07/11 22:24:41.0431 7364 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/11 22:24:41.0509 7364 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/07/11 22:24:41.0602 7364 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/11 22:24:41.0730 7364 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/11 22:24:41.0787 7364 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/07/11 22:24:41.0842 7364 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/07/11 22:24:41.0894 7364 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/11 22:24:42.0060 7364 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/07/11 22:24:42.0106 7364 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/11 22:24:42.0153 7364 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/07/11 22:24:42.0226 7364 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/11 22:24:42.0400 7364 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/07/11 22:24:42.0558 7364 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/11 22:24:42.0605 7364 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/11 22:24:42.0658 7364 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/11 22:24:42.0792 7364 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/11 22:24:42.0838 7364 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/07/11 22:24:42.0901 7364 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/11 22:24:42.0948 7364 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/11 22:24:43.0166 7364 netr28u (a503a03ebd988483acd723166470bca2) C:\Windows\system32\DRIVERS\Dnetr28u.sys
2011/07/11 22:24:43.0478 7364 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
2011/07/11 22:24:43.0681 7364 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/11 22:24:43.0743 7364 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/07/11 22:24:43.0806 7364 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/11 22:24:43.0899 7364 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/07/11 22:24:44.0040 7364 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/07/11 22:24:44.0102 7364 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/07/11 22:24:44.0149 7364 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/07/11 22:24:44.0305 7364 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/07/11 22:24:44.0336 7364 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/11 22:24:44.0445 7364 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/07/11 22:24:44.0586 7364 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/07/11 22:24:44.0632 7364 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/07/11 22:24:44.0710 7364 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/07/11 22:24:44.0773 7364 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/07/11 22:24:44.0913 7364 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/11 22:24:44.0960 7364 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/07/11 22:24:45.0022 7364 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/07/11 22:24:45.0383 7364 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/11 22:24:45.0423 7364 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/07/11 22:24:45.0506 7364 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/11 22:24:45.0573 7364 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/07/11 22:24:45.0751 7364 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/11 22:24:45.0918 7364 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/11 22:24:45.0972 7364 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/11 22:24:46.0021 7364 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/11 22:24:46.0114 7364 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/11 22:24:46.0273 7364 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/11 22:24:46.0339 7364 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/11 22:24:46.0374 7364 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/11 22:24:46.0530 7364 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/11 22:24:46.0577 7364 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/11 22:24:46.0608 7364 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/11 22:24:46.0670 7364 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/11 22:24:46.0840 7364 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/11 22:24:46.0880 7364 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/07/11 22:24:46.0947 7364 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/07/11 22:24:47.0129 7364 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/07/11 22:24:47.0278 7364 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/11 22:24:47.0426 7364 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/07/11 22:24:47.0474 7364 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2011/07/11 22:24:47.0532 7364 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2011/07/11 22:24:47.0676 7364 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/07/11 22:24:47.0742 7364 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/11 22:24:47.0844 7364 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/11 22:24:48.0031 7364 Ser2pl (c3179f6f180a435dfc485fdeaef12af6) C:\Windows\system32\DRIVERS\ser2pl.sys
2011/07/11 22:24:48.0078 7364 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/11 22:24:48.0125 7364 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/07/11 22:24:48.0281 7364 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/11 22:24:48.0375 7364 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/07/11 22:24:48.0421 7364 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/07/11 22:24:48.0468 7364 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/07/11 22:24:48.0499 7364 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/11 22:24:48.0671 7364 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/07/11 22:24:48.0718 7364 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/11 22:24:48.0765 7364 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/11 22:24:48.0921 7364 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/07/11 22:24:49.0045 7364 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\Windows\system32\DRIVERS\sonypvs1.sys
2011/07/11 22:24:49.0092 7364 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/07/11 22:24:49.0279 7364 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/07/11 22:24:49.0467 7364 srv (2ba4ebc7dfba845a1edbe1f75913be33) C:\Windows\system32\DRIVERS\srv.sys
2011/07/11 22:24:49.0513 7364 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/11 22:24:49.0576 7364 srvnet (b5665baa2120b8a54e22e9cd07c05106) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/11 22:24:49.0716 7364 ssmdrv (654dfea96bc82b4acda4f37e5e4a3bbf) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/07/11 22:24:49.0794 7364 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/11 22:24:49.0872 7364 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/11 22:24:50.0059 7364 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
2011/07/11 22:24:50.0231 7364 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
2011/07/11 22:24:50.0430 7364 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/11 22:24:50.0621 7364 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/11 22:24:50.0670 7364 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/07/11 22:24:50.0710 7364 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/07/11 22:24:50.0753 7364 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/11 22:24:50.0798 7364 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/11 22:24:51.0008 7364 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/11 22:24:51.0084 7364 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/11 22:24:51.0135 7364 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/11 22:24:51.0281 7364 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/11 22:24:51.0367 7364 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/07/11 22:24:51.0414 7364 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/11 22:24:51.0554 7364 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/11 22:24:51.0648 7364 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
2011/07/11 22:24:51.0788 7364 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/07/11 22:24:51.0851 7364 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/11 22:24:51.0901 7364 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/11 22:24:52.0043 7364 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/11 22:24:52.0107 7364 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/11 22:24:52.0145 7364 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/11 22:24:52.0186 7364 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/11 22:24:52.0343 7364 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/11 22:24:52.0403 7364 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/11 22:24:52.0445 7364 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/11 22:24:52.0627 7364 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/07/11 22:24:52.0695 7364 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/11 22:24:52.0743 7364 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/07/11 22:24:52.0792 7364 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/07/11 22:24:52.0947 7364 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/07/11 22:24:52.0979 7364 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/07/11 22:24:53.0025 7364 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/07/11 22:24:53.0057 7364 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/07/11 22:24:53.0103 7364 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/07/11 22:24:53.0259 7364 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/11 22:24:53.0322 7364 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/11 22:24:53.0369 7364 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/07/11 22:24:53.0525 7364 VWiFiFlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/07/11 22:24:53.0587 7364 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/07/11 22:24:53.0649 7364 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/11 22:24:53.0696 7364 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/11 22:24:53.0727 7364 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/11 22:24:53.0940 7364 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/07/11 22:24:54.0002 7364 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/11 22:24:54.0245 7364 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/11 22:24:54.0312 7364 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/07/11 22:24:54.0466 7364 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/11 22:24:54.0619 7364 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/11 22:24:54.0750 7364 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/11 22:24:54.0851 7364 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/07/11 22:24:55.0014 7364 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/11 22:24:55.0154 7364 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/11 22:24:55.0201 7364 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
2011/07/11 22:24:55.0248 7364 Boot (0x1200) (77b0290f26155d04009f1d58c7dfdaa3) \Device\Harddisk0\DR0\Partition0
2011/07/11 22:24:55.0294 7364 Boot (0x1200) (e3fe04cf4134c627867f8d3650de4ec7) \Device\Harddisk0\DR0\Partition1
2011/07/11 22:24:55.0326 7364 Boot (0x1200) (95bef92b9bb9960eaa5361dcbf3ffe1f) \Device\Harddisk1\DR1\Partition0
2011/07/11 22:24:55.0357 7364 ================================================================================
2011/07/11 22:24:55.0357 7364 Scan finished
2011/07/11 22:24:55.0357 7364 ================================================================================
2011/07/11 22:24:55.0388 9888 Detected object count: 0
2011/07/11 22:24:55.0388 9888 Actual detected object count: 0

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:39 PM

Posted 11 July 2011 - 05:48 PM

I take it you still redirect.
Are you using FireFox?
Are you on a router,are other PC's on it and if so do they redirect?

In the meantime... Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Del_RFC

Del_RFC
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 12 July 2011 - 01:51 PM

Still redirecting.

Browser - Google Chrome.

I am on a router but cannot check other pc as my son is on holiday.

Ran Goored.exe resulting report below:-


GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:49 on 12/07/2011 (Derek)
Firefox version [Unable to determine]

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [03:16 01/01/2010]
"{3ED591BC-7CC7-495B-A526-B2431356EDC1}"="C:\Program Files\Ad Muncher\FirefoxExtension_2.0" [05:20 03/07/2010]

---------- Old Logs ----------
GooredFix[18.46.22_12-07-2011].txt

-=E.O.F=-

Edited by Del_RFC, 12 July 2011 - 01:51 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:39 PM

Posted 12 July 2011 - 02:16 PM

lets run this then.

Please download the Kaspersky Virus Removal Tool save to your Desktop.
Be sure to print out and read the instructions provided in How to use Kaspersky virus removal tool.
  • Double-click the setup file (i.e. setup_7.0.0.290_24.06.2009_12-58.exe) to install the utility.
  • If using Vista, right-click on it and Run As Administrator.
    If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
    .
  • Click Next to continue.
  • It will install by default to your desktop folder. Click Next.
  • Click Ok at the prompt for scanning in Safe Mode if you booted into safe mode.
  • A box will open with a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.
  • System Memory
  • Startup Objects
  • Disk Boot Sectors
  • My Computer
  • Any other drives (except CD-ROM drives)
  • Click on the Scan button.
  • If malware is detected, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • In the window that opens, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • In the Scan window click the Reports button, name the report AVPT.txt and select Save to file.
  • This tool should uninstall when you close it so please save the report log before closing.
  • When done, close the Kaspersky Virus Removal Tool.
  • You will be prompted if you want to uninstall the program. Click Yes.
  • You will then be prompted that to complete the uninstallation, the computer must be restarted. Select Yes to restart the system.
  • Copy and paste only the first part of the report (Detected) in your next reply. Do not include the longer list marked Events.
-- If you cannot run the Kaspersky AVP Removal Tool in normal mode, then try using it in "safe mode".
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Del_RFC

Del_RFC
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 12 July 2011 - 02:33 PM

Initial link takes me to a russian site. When translated it offer no downnload options.

I searched via google and found this page with download button.
http://www.kaspersky.com/antivirus-removal-tool?form=1#

Problem is the download will not start no matter what I do.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:39 PM

Posted 12 July 2011 - 02:43 PM

Try EXE HELPER
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).




If it is launching the infection rather than the desired program. To fix this we must first download a Registry file that will fix these changes. From a clean computer, please download the following file and save it to a removable media such as a CD/DVD, external Drive, or USB flash drive.

FixNCR.reg

insert the removable device into the infected computer and open the folder the drive letter associated with it. You should now see the FixNCR.reg file that you had downloaded onto it. Double-click on the FixNCR.reg file to fix the Registry on your infected computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Del_RFC

Del_RFC
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 12 July 2011 - 02:59 PM

exeHelper by Raktor
Build 20100414
Run at 20:56:43 on 07/12/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Unfortunately id do not have access to a clean PC at this point to run fixncr.reg

#10 Del_RFC

Del_RFC
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 12 July 2011 - 03:35 PM

FixNCR.reg now downloaded from clean PC, loaded to pendrive and run on my machine here.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:39 PM

Posted 12 July 2011 - 07:27 PM

Try Kaspersky now.

If no joy then we need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users