Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

browser cannot access google/bing


  • Please log in to reply
7 replies to this topic

#1 mt34

mt34

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:01 PM

Posted 13 October 2011 - 08:44 AM

Internet browsers (iexplore, firefox) on my computer have been rendered incapable of accessing certain specific sites, most notably Google and Bing.

Browsers on other computers on the same network do not have this problem.

Could someone help?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 13 October 2011 - 12:56 PM

Hello lets see what we can find.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware


Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode

<<><<><><><><><><><><><><><><><><><><><><><>
Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Post back the 3 logs and let me know.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mt34

mt34
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:01 PM

Posted 13 October 2011 - 03:43 PM

I'm posting the 3 logs below.



MiniToolBox by Farbar
Ran by Matt (administrator) on 13-10-2011 at 14:04:17
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "localhost"
"network.proxy.socks", "127.0.0.1"
"network.proxy.socks_port", 2345
"network.proxy.socks_version", 4
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost




Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7939

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

10/13/2011 2:23:41 PM
mbam-log-2011-10-13 (14-23-41).txt

Scan type: Quick scan
Objects scanned: 207515
Time elapsed: 12 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\Matt\local settings\temp\5576.sys (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\Recycle.Bin\b6232f3a146.exe (Trojan.Spyeyes) -> Quarantined and deleted successfully.







SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/13/2011 at 04:27 PM

Application Version : 5.0.1132

Core Rules Database Version : 7793
Trace Rules Database Version: 5605

Scan type : Complete Scan
Total Scan Time : 01:45:19

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 710
Memory threats detected : 0
Registry items scanned : 39661
Registry threats detected : 0
File items scanned : 97209
File threats detected : 61

Adware.Tracking Cookie
.chitika.net [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\19EZQOYZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\19EZQOYZ.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\19EZQOYZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\19EZQOYZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\19EZQOYZ.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.bellglobemediapublishing.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.cmp.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\MATT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S3RBCDLV.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP260\A0033949.EXE

Trojan.Agent/Gen-FakeAlert[Local]
C:\VISUAL STUDIO PROJECTS\DATA\BRAIN\CORTEX\RECOMPUTEKEYS.EXE
C:\VISUAL STUDIO PROJECTS\DATA\GRAF\RESAMPLED\RECOMPUTEKEYS.EXE
C:\VISUAL STUDIO PROJECTS\DATA\OXFORD\FACES\RESAMPLED\RECOMPUTEKEYS.EXE
C:\VISUAL STUDIO PROJECTS\DATA\PEOPLE\CMU_TEST_SET_II\PROF\PROFILE_IMAGES\MODELRECOGNITION.EXE
C:\VISUAL STUDIO PROJECTS\DATA\PEOPLE\FERRET\MODELRECOGNITION.EXE

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 13 October 2011 - 09:33 PM

So any better now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 mt34

mt34
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:01 PM

Posted 13 October 2011 - 09:52 PM

No, I still have the same problem - no access to google or bing from my browser.

It seems there is a problem with the IP address look up for certain sites.

For example, if I ping google.com from the affected computer, it seems an incorrect IP address is used/accessed. When I ping google.com from unaffected computers, a different (correct?) IP address is resolved. If I insert the correct google.com IP address into a browser on the affected computer, I am able to access google.com.

Please let me know your thoughts, Matt

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 13 October 2011 - 10:26 PM

Ok then lets clear everything.

First run
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.6.4.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


Change your DNS Servers:
  • Go to Posted Image > Run... and in the open box, type: cmd
  • Press OK or Hit Enter.
  • At the command prompt, type or copy/paste: ipconfig /flushdns
  • Hit Enter.
  • You will get a confirmation that the flush was successful.
  • Close the command box.

Clear my web browser's cache

Clear the Java cache

Edited by boopme, 13 October 2011 - 10:27 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 mt34

mt34
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:01 PM

Posted 13 October 2011 - 10:41 PM

I've included the log file below. It seems like TDSSKiller.exe has fixed the problem. After rebooting, I'm able to access google once again. Thank you very much.


23:30:36.0453 5956 TDSS rootkit removing tool 2.6.8.0 Oct 12 2011 07:30:54
23:30:36.0750 5956 ============================================================
23:30:36.0750 5956 Current date / time: 2011/10/13 23:30:36.0750
23:30:36.0750 5956 SystemInfo:
23:30:36.0750 5956
23:30:36.0750 5956 OS Version: 5.1.2600 ServicePack: 3.0
23:30:36.0750 5956 Product type: Workstation
23:30:36.0750 5956 ComputerName: DH5Z3ZH1
23:30:36.0750 5956 UserName: Matt
23:30:36.0750 5956 Windows directory: C:\WINDOWS
23:30:36.0750 5956 System windows directory: C:\WINDOWS
23:30:36.0750 5956 Processor architecture: Intel x86
23:30:36.0750 5956 Number of processors: 4
23:30:36.0750 5956 Page size: 0x1000
23:30:36.0750 5956 Boot type: Normal boot
23:30:36.0750 5956 ============================================================
23:30:37.0171 5956 Initialize success
23:30:43.0500 4344 ============================================================
23:30:43.0500 4344 Scan started
23:30:43.0500 4344 Mode: Manual;
23:30:43.0500 4344 ============================================================
23:30:43.0671 4344 2b0d70d8 - ok
23:30:43.0687 4344 Abiosdsk - ok
23:30:43.0718 4344 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
23:30:43.0718 4344 abp480n5 - ok
23:30:43.0750 4344 ACPI (d8fb7d1c3f5bfa3f53fe9cc6367e9e99) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:30:43.0750 4344 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d8fb7d1c3f5bfa3f53fe9cc6367e9e99, Fake md5: 8fd99680a539792a30e97944fdaecf17
23:30:43.0750 4344 ACPI ( Virus.Win32.Rloader.a ) - infected
23:30:43.0750 4344 ACPI - detected Virus.Win32.Rloader.a (0)
23:30:43.0765 4344 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
23:30:43.0765 4344 ACPIEC - ok
23:30:43.0812 4344 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
23:30:43.0812 4344 adpu160m - ok
23:30:43.0875 4344 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:30:43.0875 4344 aec - ok
23:30:43.0921 4344 AESTAud (20f078136f3bdc4c0405c0527b769303) C:\WINDOWS\system32\drivers\AESTAud.sys
23:30:43.0921 4344 AESTAud - ok
23:30:43.0984 4344 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:30:44.0000 4344 AFD - ok
23:30:44.0015 4344 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
23:30:44.0015 4344 agp440 - ok
23:30:44.0031 4344 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
23:30:44.0031 4344 agpCPQ - ok
23:30:44.0046 4344 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
23:30:44.0046 4344 Aha154x - ok
23:30:44.0062 4344 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
23:30:44.0062 4344 aic78u2 - ok
23:30:44.0078 4344 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
23:30:44.0078 4344 aic78xx - ok
23:30:44.0125 4344 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
23:30:44.0125 4344 AliIde - ok
23:30:44.0140 4344 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
23:30:44.0140 4344 alim1541 - ok
23:30:44.0156 4344 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
23:30:44.0156 4344 amdagp - ok
23:30:44.0171 4344 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
23:30:44.0187 4344 amsint - ok
23:30:44.0218 4344 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:30:44.0218 4344 Arp1394 - ok
23:30:44.0234 4344 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
23:30:44.0234 4344 asc - ok
23:30:44.0250 4344 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
23:30:44.0250 4344 asc3350p - ok
23:30:44.0281 4344 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
23:30:44.0281 4344 asc3550 - ok
23:30:44.0343 4344 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:30:44.0343 4344 AsyncMac - ok
23:30:44.0343 4344 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:30:44.0359 4344 atapi - ok
23:30:44.0375 4344 Atdisk - ok
23:30:44.0390 4344 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:30:44.0390 4344 Atmarpc - ok
23:30:44.0406 4344 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:30:44.0406 4344 audstub - ok
23:30:44.0468 4344 b57w2k (58911390115465bf6d8048f21f48655a) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
23:30:44.0468 4344 b57w2k - ok
23:30:44.0531 4344 BCM43XX (9208c78bd9283f79a30252ad954c77a2) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
23:30:44.0546 4344 BCM43XX - ok
23:30:44.0562 4344 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys
23:30:44.0562 4344 BCMWLNPF - ok
23:30:44.0578 4344 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:30:44.0578 4344 Beep - ok
23:30:44.0640 4344 btaudio (f688bbbe8e3e7e03e35caabd66616ddb) C:\WINDOWS\system32\drivers\btaudio.sys
23:30:44.0656 4344 btaudio - ok
23:30:44.0687 4344 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
23:30:44.0687 4344 BTDriver - ok
23:30:44.0734 4344 BTKRNL (38a3331e2f690d4cdc9de0604b9416e5) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
23:30:44.0750 4344 BTKRNL - ok
23:30:44.0765 4344 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
23:30:44.0781 4344 BTWDNDIS - ok
23:30:44.0796 4344 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
23:30:44.0796 4344 btwhid - ok
23:30:44.0812 4344 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
23:30:44.0812 4344 btwmodem - ok
23:30:44.0859 4344 BTWUSB (d5af663711660d32ec230c6aaf7b6b83) C:\WINDOWS\system32\Drivers\btwusb.sys
23:30:44.0859 4344 BTWUSB - ok
23:30:44.0906 4344 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
23:30:44.0921 4344 cbidf - ok
23:30:44.0921 4344 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:30:44.0921 4344 cbidf2k - ok
23:30:44.0968 4344 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:30:44.0968 4344 CCDECODE - ok
23:30:45.0000 4344 CCIDFILTER (d006b6a67b8daed85e6d91783e9b45d6) C:\WINDOWS\system32\DRIVERS\ccidflt.sys
23:30:45.0000 4344 CCIDFILTER - ok
23:30:45.0015 4344 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
23:30:45.0015 4344 cd20xrnt - ok
23:30:45.0031 4344 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:30:45.0031 4344 Cdaudio - ok
23:30:45.0062 4344 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:30:45.0062 4344 Cdfs - ok
23:30:45.0078 4344 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:30:45.0078 4344 Cdrom - ok
23:30:45.0093 4344 Changer - ok
23:30:45.0125 4344 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:30:45.0125 4344 CmBatt - ok
23:30:45.0140 4344 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
23:30:45.0140 4344 CmdIde - ok
23:30:45.0156 4344 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:30:45.0156 4344 Compbatt - ok
23:30:45.0171 4344 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
23:30:45.0187 4344 Cpqarray - ok
23:30:45.0234 4344 cvusbdrv (dc6429fbc73b0b0b38cc5386c8a607ed) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
23:30:45.0234 4344 cvusbdrv - ok
23:30:45.0265 4344 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
23:30:45.0281 4344 dac2w2k - ok
23:30:45.0296 4344 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
23:30:45.0296 4344 dac960nt - ok
23:30:45.0312 4344 DgiVecp - ok
23:30:45.0328 4344 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:30:45.0328 4344 Disk - ok
23:30:45.0359 4344 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
23:30:45.0359 4344 DLABMFSM - ok
23:30:45.0390 4344 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
23:30:45.0390 4344 DLABOIOM - ok
23:30:45.0390 4344 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
23:30:45.0406 4344 DLACDBHM - ok
23:30:45.0406 4344 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
23:30:45.0406 4344 DLADResM - ok
23:30:45.0437 4344 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
23:30:45.0437 4344 DLAIFS_M - ok
23:30:45.0453 4344 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
23:30:45.0453 4344 DLAOPIOM - ok
23:30:45.0468 4344 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
23:30:45.0468 4344 DLAPoolM - ok
23:30:45.0484 4344 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
23:30:45.0484 4344 DLARTL_M - ok
23:30:45.0500 4344 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
23:30:45.0500 4344 DLAUDFAM - ok
23:30:45.0515 4344 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
23:30:45.0515 4344 DLAUDF_M - ok
23:30:45.0546 4344 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
23:30:45.0562 4344 dmboot - ok
23:30:45.0578 4344 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
23:30:45.0578 4344 dmio - ok
23:30:45.0593 4344 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:30:45.0593 4344 dmload - ok
23:30:45.0640 4344 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:30:45.0640 4344 DMusic - ok
23:30:45.0656 4344 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
23:30:45.0656 4344 dpti2o - ok
23:30:45.0687 4344 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:30:45.0687 4344 drmkaud - ok
23:30:45.0703 4344 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
23:30:45.0703 4344 DRVMCDB - ok
23:30:45.0718 4344 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
23:30:45.0718 4344 DRVNDDM - ok
23:30:45.0796 4344 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:30:45.0796 4344 Fastfat - ok
23:30:45.0843 4344 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
23:30:45.0843 4344 Fdc - ok
23:30:45.0859 4344 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
23:30:45.0875 4344 Fips - ok
23:30:45.0890 4344 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
23:30:45.0890 4344 Flpydisk - ok
23:30:45.0906 4344 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:30:45.0906 4344 FltMgr - ok
23:30:45.0921 4344 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:30:45.0937 4344 Fs_Rec - ok
23:30:45.0937 4344 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:30:45.0937 4344 Ftdisk - ok
23:30:45.0984 4344 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
23:30:45.0984 4344 GEARAspiWDM - ok
23:30:46.0000 4344 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:30:46.0000 4344 Gpc - ok
23:30:46.0031 4344 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:30:46.0031 4344 HDAudBus - ok
23:30:46.0062 4344 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:30:46.0062 4344 hidusb - ok
23:30:46.0093 4344 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
23:30:46.0093 4344 hpn - ok
23:30:46.0156 4344 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:30:46.0156 4344 HTTP - ok
23:30:46.0171 4344 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
23:30:46.0171 4344 i2omgmt - ok
23:30:46.0218 4344 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
23:30:46.0218 4344 i2omp - ok
23:30:46.0250 4344 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:30:46.0250 4344 i8042prt - ok
23:30:46.0281 4344 iaStor (692830b048aacd7e0d6ededf098acc01) C:\WINDOWS\system32\drivers\iaStor.sys
23:30:46.0296 4344 iaStor - ok
23:30:46.0328 4344 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:30:46.0328 4344 Imapi - ok
23:30:46.0343 4344 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
23:30:46.0343 4344 ini910u - ok
23:30:46.0375 4344 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
23:30:46.0375 4344 IntelIde - ok
23:30:46.0375 4344 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:30:46.0375 4344 intelppm - ok
23:30:46.0406 4344 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:30:46.0406 4344 Ip6Fw - ok
23:30:46.0421 4344 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:30:46.0421 4344 IpFilterDriver - ok
23:30:46.0437 4344 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:30:46.0437 4344 IpInIp - ok
23:30:46.0468 4344 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:30:46.0468 4344 IpNat - ok
23:30:46.0500 4344 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:30:46.0500 4344 IPSec - ok
23:30:46.0531 4344 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:30:46.0531 4344 IRENUM - ok
23:30:46.0562 4344 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:30:46.0562 4344 isapnp - ok
23:30:46.0593 4344 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:30:46.0593 4344 Kbdclass - ok
23:30:46.0609 4344 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:30:46.0609 4344 kbdhid - ok
23:30:46.0640 4344 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:30:46.0640 4344 kmixer - ok
23:30:46.0671 4344 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:30:46.0671 4344 KSecDD - ok
23:30:46.0687 4344 lbrtfdc - ok
23:30:46.0734 4344 LHidFilt (ea57f9a93042d53256db4e2222b93b37) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:30:46.0734 4344 LHidFilt - ok
23:30:46.0765 4344 LMouFilt (8bd61e1f686d352b318b025524542128) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:30:46.0765 4344 LMouFilt - ok
23:30:46.0812 4344 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
23:30:46.0812 4344 MBAMProtector - ok
23:30:46.0843 4344 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:30:46.0859 4344 mnmdd - ok
23:30:46.0890 4344 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
23:30:46.0890 4344 Modem - ok
23:30:46.0906 4344 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:30:46.0906 4344 Mouclass - ok
23:30:46.0937 4344 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:30:46.0937 4344 mouhid - ok
23:30:46.0953 4344 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:30:46.0953 4344 MountMgr - ok
23:30:46.0984 4344 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
23:30:47.0000 4344 MpFilter - ok
23:30:47.0109 4344 MpKsl256f66ea (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A08CF674-E1DE-457C-ADF4-162051D87742}\MpKsl256f66ea.sys
23:30:47.0109 4344 MpKsl256f66ea - ok
23:30:47.0156 4344 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
23:30:47.0156 4344 mraid35x - ok
23:30:47.0187 4344 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:30:47.0187 4344 MRxDAV - ok
23:30:47.0343 4344 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:30:47.0343 4344 MRxSmb - ok
23:30:47.0375 4344 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:30:47.0375 4344 Msfs - ok
23:30:47.0437 4344 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:30:47.0437 4344 MSKSSRV - ok
23:30:47.0468 4344 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:30:47.0468 4344 MSPCLOCK - ok
23:30:47.0500 4344 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:30:47.0500 4344 MSPQM - ok
23:30:47.0515 4344 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:30:47.0515 4344 mssmbios - ok
23:30:47.0546 4344 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
23:30:47.0546 4344 MSTEE - ok
23:30:47.0578 4344 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:30:47.0578 4344 Mup - ok
23:30:47.0593 4344 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:30:47.0609 4344 NABTSFEC - ok
23:30:47.0625 4344 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:30:47.0625 4344 NDIS - ok
23:30:47.0640 4344 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:30:47.0640 4344 NdisIP - ok
23:30:47.0703 4344 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:30:47.0703 4344 NdisTapi - ok
23:30:47.0718 4344 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:30:47.0734 4344 Ndisuio - ok
23:30:47.0750 4344 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:30:47.0750 4344 NdisWan - ok
23:30:47.0796 4344 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:30:47.0796 4344 NDProxy - ok
23:30:47.0796 4344 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:30:47.0796 4344 NetBIOS - ok
23:30:47.0828 4344 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:30:47.0828 4344 NetBT - ok
23:30:47.0859 4344 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:30:47.0859 4344 NIC1394 - ok
23:30:47.0890 4344 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:30:47.0890 4344 Npfs - ok
23:30:47.0937 4344 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:30:47.0968 4344 Ntfs - ok
23:30:47.0984 4344 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:30:48.0000 4344 Null - ok
23:30:48.0109 4344 nv (4c51de2d153bef6dfb30f9f375f5b3ad) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:30:48.0203 4344 nv - ok
23:30:48.0234 4344 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:30:48.0234 4344 NwlnkFlt - ok
23:30:48.0250 4344 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:30:48.0250 4344 NwlnkFwd - ok
23:30:48.0281 4344 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:30:48.0281 4344 ohci1394 - ok
23:30:48.0296 4344 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
23:30:48.0296 4344 Parport - ok
23:30:48.0312 4344 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:30:48.0312 4344 PartMgr - ok
23:30:48.0328 4344 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
23:30:48.0328 4344 ParVdm - ok
23:30:48.0359 4344 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
23:30:48.0359 4344 PBADRV - ok
23:30:48.0406 4344 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
23:30:48.0406 4344 PCASp50 - ok
23:30:48.0421 4344 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
23:30:48.0437 4344 PCI - ok
23:30:48.0437 4344 PCIDump - ok
23:30:48.0484 4344 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:30:48.0484 4344 PCIIde - ok
23:30:48.0500 4344 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
23:30:48.0500 4344 Pcmcia - ok
23:30:48.0515 4344 PDCOMP - ok
23:30:48.0546 4344 PDFRAME - ok
23:30:48.0562 4344 PDRELI - ok
23:30:48.0578 4344 PDRFRAME - ok
23:30:48.0625 4344 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
23:30:48.0625 4344 perc2 - ok
23:30:48.0671 4344 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
23:30:48.0671 4344 perc2hib - ok
23:30:48.0734 4344 PhilCam8116 (8754763a924639b9d07d4c8ea9990f1e) C:\WINDOWS\system32\DRIVERS\CamDrO21.sys
23:30:48.0750 4344 PhilCam8116 - ok
23:30:48.0781 4344 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:30:48.0781 4344 PptpMiniport - ok
23:30:48.0796 4344 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:30:48.0796 4344 PSched - ok
23:30:48.0828 4344 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:30:48.0828 4344 Ptilink - ok
23:30:48.0859 4344 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:30:48.0859 4344 PxHelp20 - ok
23:30:48.0890 4344 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
23:30:48.0890 4344 ql1080 - ok
23:30:48.0906 4344 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
23:30:48.0906 4344 Ql10wnt - ok
23:30:48.0921 4344 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
23:30:48.0921 4344 ql12160 - ok
23:30:48.0937 4344 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
23:30:48.0937 4344 ql1240 - ok
23:30:48.0953 4344 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
23:30:48.0953 4344 ql1280 - ok
23:30:48.0984 4344 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:30:48.0984 4344 RasAcd - ok
23:30:49.0000 4344 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:30:49.0015 4344 Rasl2tp - ok
23:30:49.0031 4344 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:30:49.0031 4344 RasPppoe - ok
23:30:49.0046 4344 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:30:49.0046 4344 Raspti - ok
23:30:49.0062 4344 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:30:49.0062 4344 Rdbss - ok
23:30:49.0078 4344 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:30:49.0078 4344 RDPCDD - ok
23:30:49.0109 4344 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:30:49.0109 4344 rdpdr - ok
23:30:49.0156 4344 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
23:30:49.0156 4344 RDPWD - ok
23:30:49.0171 4344 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:30:49.0171 4344 redbook - ok
23:30:49.0218 4344 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
23:30:49.0218 4344 rimmptsk - ok
23:30:49.0234 4344 rimsptsk (03d6740e41e86476ef7d1e52ca0b947d) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
23:30:49.0234 4344 rimsptsk - ok
23:30:49.0250 4344 rismxdp (d231b577024aa324af13a42f3a807d10) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
23:30:49.0250 4344 rismxdp - ok
23:30:49.0312 4344 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:30:49.0312 4344 SASDIFSV - ok
23:30:49.0328 4344 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:30:49.0328 4344 SASKUTIL - ok
23:30:49.0359 4344 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
23:30:49.0359 4344 sbp2port - ok
23:30:49.0390 4344 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
23:30:49.0390 4344 sdbus - ok
23:30:49.0421 4344 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:30:49.0421 4344 Secdrv - ok
23:30:49.0453 4344 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
23:30:49.0468 4344 Serial - ok
23:30:49.0500 4344 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
23:30:49.0500 4344 sffdisk - ok
23:30:49.0515 4344 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
23:30:49.0515 4344 sffp_sd - ok
23:30:49.0546 4344 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:30:49.0546 4344 Sfloppy - ok
23:30:49.0562 4344 Simbad - ok
23:30:49.0578 4344 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
23:30:49.0593 4344 sisagp - ok
23:30:49.0625 4344 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:30:49.0640 4344 SLIP - ok
23:30:49.0687 4344 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
23:30:49.0687 4344 Sparrow - ok
23:30:49.0718 4344 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:30:49.0718 4344 splitter - ok
23:30:49.0750 4344 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
23:30:49.0750 4344 sr - ok
23:30:49.0796 4344 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:30:49.0796 4344 Srv - ok
23:30:49.0812 4344 SSPORT - ok
23:30:49.0890 4344 STHDA (9baa5e118c8e8726e39d1f60333e0842) C:\WINDOWS\system32\drivers\sthda.sys
23:30:49.0890 4344 STHDA - ok
23:30:49.0953 4344 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:30:49.0953 4344 streamip - ok
23:30:49.0984 4344 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:30:49.0984 4344 swenum - ok
23:30:50.0000 4344 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:30:50.0000 4344 swmidi - ok
23:30:50.0031 4344 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
23:30:50.0031 4344 symc810 - ok
23:30:50.0062 4344 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
23:30:50.0062 4344 symc8xx - ok
23:30:50.0125 4344 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
23:30:50.0125 4344 sym_hi - ok
23:30:50.0156 4344 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
23:30:50.0156 4344 sym_u3 - ok
23:30:50.0203 4344 SynTP (337eb83164f8bbf79c5d2e45da7bdc51) C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:30:50.0203 4344 SynTP - ok
23:30:50.0218 4344 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:30:50.0218 4344 sysaudio - ok
23:30:50.0265 4344 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:30:50.0281 4344 Tcpip - ok
23:30:50.0343 4344 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:30:50.0343 4344 TDPIPE - ok
23:30:50.0359 4344 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:30:50.0359 4344 TDTCP - ok
23:30:50.0375 4344 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:30:50.0375 4344 TermDD - ok
23:30:50.0390 4344 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
23:30:50.0390 4344 TosIde - ok
23:30:50.0453 4344 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:30:50.0453 4344 Udfs - ok
23:30:50.0468 4344 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
23:30:50.0468 4344 ultra - ok
23:30:50.0531 4344 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:30:50.0531 4344 Update - ok
23:30:50.0593 4344 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
23:30:50.0593 4344 usbaudio - ok
23:30:50.0609 4344 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:30:50.0609 4344 usbccgp - ok
23:30:50.0656 4344 USBCCID (150442fa5224dc338028543e2fffa7b4) C:\WINDOWS\system32\DRIVERS\usbccid.sys
23:30:50.0656 4344 USBCCID - ok
23:30:50.0687 4344 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:30:50.0687 4344 usbehci - ok
23:30:50.0718 4344 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:30:50.0718 4344 usbhub - ok
23:30:50.0765 4344 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:30:50.0781 4344 usbprint - ok
23:30:50.0812 4344 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:30:50.0812 4344 usbscan - ok
23:30:50.0828 4344 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:30:50.0828 4344 USBSTOR - ok
23:30:50.0859 4344 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:30:50.0859 4344 usbuhci - ok
23:30:50.0921 4344 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
23:30:50.0921 4344 usbvideo - ok
23:30:50.0937 4344 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:30:50.0953 4344 VgaSave - ok
23:30:50.0984 4344 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
23:30:50.0984 4344 viaagp - ok
23:30:51.0000 4344 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
23:30:51.0000 4344 ViaIde - ok
23:30:51.0015 4344 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
23:30:51.0031 4344 VolSnap - ok
23:30:51.0125 4344 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:30:51.0203 4344 Wanarp - ok
23:30:51.0234 4344 WavxDMgr (0be8dd6c95c5bdff9c5f3fa8095d304c) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
23:30:51.0281 4344 WavxDMgr - ok
23:30:51.0296 4344 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
23:30:51.0296 4344 WDC_SAM - ok
23:30:51.0343 4344 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:30:51.0343 4344 Wdf01000 - ok
23:30:51.0359 4344 WDICA - ok
23:30:51.0437 4344 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:30:51.0437 4344 wdmaud - ok
23:30:51.0531 4344 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:30:51.0531 4344 WmiAcpi - ok
23:30:51.0562 4344 WQ_USBHWA (11c3cac6d2ff32c74696bf5b9b8119f3) C:\WINDOWS\system32\DRIVERS\WQ_hwa.sys
23:30:51.0562 4344 WQ_USBHWA - ok
23:30:51.0609 4344 WQ_USBLOAD (1fe1659aef673576580eda7645ac5e38) C:\WINDOWS\system32\DRIVERS\WQ_ldr.sys
23:30:51.0609 4344 WQ_USBLOAD - ok
23:30:51.0640 4344 WQ_USBRCI (7cc27f67e2438aeffac798f514ca4329) C:\WINDOWS\system32\DRIVERS\WQ_rci.sys
23:30:51.0640 4344 WQ_USBRCI - ok
23:30:51.0703 4344 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:30:51.0703 4344 WSTCODEC - ok
23:30:51.0734 4344 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
23:30:51.0781 4344 \Device\Harddisk0\DR0 - ok
23:30:51.0781 4344 Boot (0x1200) (e2a421f17d775a07c52e757126b7dd77) \Device\Harddisk0\DR0\Partition0
23:30:51.0781 4344 \Device\Harddisk0\DR0\Partition0 - ok
23:30:51.0781 4344 ============================================================
23:30:51.0781 4344 Scan finished
23:30:51.0781 4344 ============================================================
23:30:51.0796 4340 Detected object count: 1
23:30:51.0796 4340 Actual detected object count: 1
23:31:14.0734 4340 Backup copy found, using it..
23:31:14.0781 4340 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
23:31:14.0781 4340 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
23:31:39.0921 5056 Deinitialize success

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:01 PM

Posted 13 October 2011 - 10:52 PM

Ok yes that would be it.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
You're welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users