Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Google allowed Virus or Malware


  • Please log in to reply
11 replies to this topic

#1 foxydenver

foxydenver

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 24 October 2011 - 10:37 AM

A few weeks ago I was running Google Chrome on my Windows XP Desktop. Microsoft Forefront Security told me that we had a virus called "chrome.exe" and I removed it using Forefront.

I then began using Firefox, and had no problems for a week. Then whenever I tried to get to Google.com I was told "Firefox cannot find the server."

So an IT friend of mine and I went through and cleaned the registries, the host data, did a dns flush and ran both malware bytes and spybot. After the first run they found stuff and got rid of it, but now they find nothing harmful on the computer but I still cannot access, or ping, any website with Google in the name [ie gmail, google.ca, google.co.uk] and I do not know what to do!

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:11 PM

Posted 24 October 2011 - 10:58 AM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

==============================================================================================

and cleaned the registries

Registry cleaners/optimizers are not recommended for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 foxydenver

foxydenver
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 24 October 2011 - 12:02 PM

Thanks. I've run all of the programs. Logs Below:

[Logs Edited Out]

Edited by foxydenver, 24 October 2011 - 02:30 PM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:11 PM

Posted 24 October 2011 - 12:05 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 foxydenver

foxydenver
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 24 October 2011 - 12:13 PM

11:07:53.0281 1456 TDSS rootkit removing tool 2.6.12.0 Oct 21 2011 11:23:48
11:07:53.0687 1456 ============================================================
11:07:53.0687 1456 Current date / time: 2011/10/24 11:07:53.0687
11:07:53.0687 1456 SystemInfo:
11:07:53.0687 1456
11:07:53.0687 1456 OS Version: 5.1.2600 ServicePack: 3.0
11:07:53.0687 1456 Product type: Workstation
11:07:53.0687 1456 ComputerName: D2001152
11:07:53.0687 1456 UserName: fdenver
11:07:53.0687 1456 Windows directory: C:\WINDOWS
11:07:53.0687 1456 System windows directory: C:\WINDOWS
11:07:53.0687 1456 Processor architecture: Intel x86
11:07:53.0687 1456 Number of processors: 2
11:07:53.0687 1456 Page size: 0x1000
11:07:53.0687 1456 Boot type: Normal boot
11:07:53.0687 1456 ============================================================
11:07:54.0718 1456 Initialize success
11:07:57.0531 1788 ============================================================
11:07:57.0531 1788 Scan started
11:07:57.0531 1788 Mode: Manual;
11:07:57.0531 1788 ============================================================
11:08:01.0031 1788 Abiosdsk - ok
11:08:01.0187 1788 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:08:01.0187 1788 abp480n5 - ok
11:08:01.0218 1788 ACPI (d8fb7d1c3f5bfa3f53fe9cc6367e9e99) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:08:01.0218 1788 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: d8fb7d1c3f5bfa3f53fe9cc6367e9e99, Fake md5: 8fd99680a539792a30e97944fdaecf17
11:08:01.0218 1788 ACPI ( Virus.Win32.Rloader.a ) - infected
11:08:01.0218 1788 ACPI - detected Virus.Win32.Rloader.a (0)
11:08:01.0234 1788 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:08:01.0234 1788 ACPIEC - ok
11:08:01.0265 1788 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:08:01.0265 1788 adpu160m - ok
11:08:01.0359 1788 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:08:01.0359 1788 aec - ok
11:08:01.0421 1788 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:08:01.0421 1788 AFD - ok
11:08:01.0468 1788 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:08:01.0468 1788 agp440 - ok
11:08:01.0468 1788 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:08:01.0468 1788 agpCPQ - ok
11:08:01.0484 1788 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:08:01.0484 1788 Aha154x - ok
11:08:01.0499 1788 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:08:01.0499 1788 aic78u2 - ok
11:08:01.0499 1788 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:08:01.0499 1788 aic78xx - ok
11:08:01.0531 1788 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:08:01.0531 1788 AliIde - ok
11:08:01.0546 1788 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:08:01.0546 1788 alim1541 - ok
11:08:01.0562 1788 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:08:01.0562 1788 amdagp - ok
11:08:01.0562 1788 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:08:01.0562 1788 amsint - ok
11:08:01.0578 1788 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:08:01.0578 1788 Arp1394 - ok
11:08:01.0593 1788 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:08:01.0593 1788 asc - ok
11:08:01.0671 1788 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:08:01.0671 1788 asc3350p - ok
11:08:01.0859 1788 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:08:01.0859 1788 asc3550 - ok
11:08:01.0953 1788 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:08:01.0953 1788 AsyncMac - ok
11:08:02.0078 1788 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:08:02.0093 1788 atapi - ok
11:08:02.0093 1788 Atdisk - ok
11:08:02.0124 1788 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:08:02.0124 1788 Atmarpc - ok
11:08:02.0156 1788 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:08:02.0156 1788 audstub - ok
11:08:02.0171 1788 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:08:02.0171 1788 Beep - ok
11:08:02.0218 1788 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:08:02.0218 1788 cbidf - ok
11:08:02.0218 1788 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:08:02.0218 1788 cbidf2k - ok
11:08:02.0234 1788 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:08:02.0234 1788 cd20xrnt - ok
11:08:02.0265 1788 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:08:02.0265 1788 Cdaudio - ok
11:08:02.0281 1788 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:08:02.0281 1788 Cdfs - ok
11:08:02.0296 1788 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:08:02.0296 1788 Cdrom - ok
11:08:02.0312 1788 Changer - ok
11:08:02.0343 1788 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:08:02.0343 1788 CmBatt - ok
11:08:02.0374 1788 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:08:02.0374 1788 CmdIde - ok
11:08:02.0390 1788 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:08:02.0390 1788 Compbatt - ok
11:08:02.0437 1788 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:08:02.0437 1788 Cpqarray - ok
11:08:02.0437 1788 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:08:02.0453 1788 dac2w2k - ok
11:08:02.0453 1788 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:08:02.0453 1788 dac960nt - ok
11:08:02.0468 1788 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:08:02.0468 1788 Disk - ok
11:08:02.0515 1788 DLABMFSM (5b149ccfe275f4de0b4b8ec6b9f6821e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
11:08:02.0515 1788 DLABMFSM - ok
11:08:02.0531 1788 DLABOIOM (ad4cb3d783634c90a9d0ce360933a63c) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
11:08:02.0531 1788 DLABOIOM - ok
11:08:02.0546 1788 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
11:08:02.0546 1788 DLACDBHM - ok
11:08:02.0578 1788 DLADResM (93d03238cc3f0ee3c0b3985d110ec575) C:\WINDOWS\system32\DLA\DLADResM.SYS
11:08:02.0578 1788 DLADResM - ok
11:08:02.0593 1788 DLAIFS_M (6a82f77c4a6f5235bf352f0028e2ef52) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
11:08:02.0593 1788 DLAIFS_M - ok
11:08:02.0624 1788 DLAOPIOM (0e6052c0ada37504896a847231a3907d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
11:08:02.0624 1788 DLAOPIOM - ok
11:08:02.0656 1788 DLAPoolM (29670bb4e2b973c5b55a76107d4910b2) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
11:08:02.0656 1788 DLAPoolM - ok
11:08:02.0703 1788 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
11:08:02.0703 1788 DLARTL_M - ok
11:08:02.0718 1788 DLAUDFAM (6b087732b86c1d866d69dbbe463ea90a) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
11:08:02.0718 1788 DLAUDFAM - ok
11:08:02.0734 1788 DLAUDF_M (bbeecb95f2841ae4a3e3690d46d7153d) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
11:08:02.0749 1788 DLAUDF_M - ok
11:08:02.0843 1788 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:08:02.0859 1788 dmboot - ok
11:08:02.0906 1788 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:08:02.0906 1788 dmio - ok
11:08:02.0937 1788 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:08:02.0937 1788 dmload - ok
11:08:02.0999 1788 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:08:02.0999 1788 DMusic - ok
11:08:03.0046 1788 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:08:03.0046 1788 dpti2o - ok
11:08:03.0093 1788 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:08:03.0093 1788 drmkaud - ok
11:08:03.0140 1788 DRVMCDB (83106585494d5eb96f59187200c144bd) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
11:08:03.0140 1788 DRVMCDB - ok
11:08:03.0171 1788 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
11:08:03.0171 1788 DRVNDDM - ok
11:08:03.0218 1788 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:08:03.0218 1788 Fastfat - ok
11:08:03.0265 1788 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:08:03.0265 1788 Fdc - ok
11:08:03.0281 1788 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:08:03.0281 1788 Fips - ok
11:08:03.0296 1788 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:08:03.0296 1788 Flpydisk - ok
11:08:03.0328 1788 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:08:03.0328 1788 FltMgr - ok
11:08:03.0359 1788 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:08:03.0359 1788 Fs_Rec - ok
11:08:03.0390 1788 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:08:03.0390 1788 Ftdisk - ok
11:08:03.0437 1788 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:08:03.0437 1788 Gpc - ok
11:08:03.0468 1788 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:08:03.0468 1788 HDAudBus - ok
11:08:03.0515 1788 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:08:03.0515 1788 HidUsb - ok
11:08:03.0562 1788 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:08:03.0562 1788 hpn - ok
11:08:03.0671 1788 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:08:03.0671 1788 HTTP - ok
11:08:03.0734 1788 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:08:03.0734 1788 i2omgmt - ok
11:08:03.0765 1788 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:08:03.0765 1788 i2omp - ok
11:08:03.0921 1788 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:08:03.0921 1788 i8042prt - ok
11:08:04.0093 1788 ialm (9acb03875cfe068d5cc0e98fb2cf7017) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:08:04.0156 1788 ialm - ok
11:08:04.0234 1788 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:08:04.0234 1788 Imapi - ok
11:08:04.0265 1788 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:08:04.0265 1788 ini910u - ok
11:08:04.0374 1788 IntcAzAudAddService (053517d1bcadf00bedb21fb7218c8f33) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:08:04.0421 1788 IntcAzAudAddService - ok
11:08:04.0421 1788 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:08:04.0421 1788 IntelIde - ok
11:08:04.0453 1788 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:08:04.0453 1788 intelppm - ok
11:08:04.0484 1788 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:08:04.0484 1788 Ip6Fw - ok
11:08:04.0484 1788 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:08:04.0484 1788 IpFilterDriver - ok
11:08:04.0499 1788 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:08:04.0499 1788 IpInIp - ok
11:08:04.0531 1788 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:08:04.0531 1788 IpNat - ok
11:08:04.0546 1788 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:08:04.0546 1788 IPSec - ok
11:08:04.0562 1788 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:08:04.0562 1788 IRENUM - ok
11:08:04.0593 1788 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:08:04.0593 1788 isapnp - ok
11:08:04.0609 1788 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:08:04.0609 1788 Kbdclass - ok
11:08:04.0656 1788 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:08:04.0656 1788 kbdhid - ok
11:08:04.0671 1788 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:08:04.0671 1788 kmixer - ok
11:08:04.0703 1788 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:08:04.0703 1788 KSecDD - ok
11:08:04.0718 1788 lbrtfdc - ok
11:08:04.0749 1788 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
11:08:04.0749 1788 MBAMProtector - ok
11:08:04.0828 1788 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:08:04.0828 1788 mnmdd - ok
11:08:04.0921 1788 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:08:04.0921 1788 Modem - ok
11:08:05.0015 1788 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:08:05.0015 1788 Mouclass - ok
11:08:05.0046 1788 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:08:05.0046 1788 mouhid - ok
11:08:05.0124 1788 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:08:05.0124 1788 MountMgr - ok
11:08:05.0187 1788 MpFilter (356842aac621ab40f18992c01a590f71) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:08:05.0187 1788 MpFilter - ok
11:08:05.0203 1788 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:08:05.0203 1788 mraid35x - ok
11:08:05.0234 1788 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:08:05.0249 1788 MRxDAV - ok
11:08:05.0328 1788 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:08:05.0328 1788 MRxSmb - ok
11:08:05.0359 1788 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:08:05.0359 1788 Msfs - ok
11:08:05.0374 1788 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:08:05.0374 1788 MSKSSRV - ok
11:08:05.0390 1788 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:08:05.0390 1788 MSPCLOCK - ok
11:08:05.0390 1788 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:08:05.0406 1788 MSPQM - ok
11:08:05.0421 1788 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:08:05.0421 1788 mssmbios - ok
11:08:05.0468 1788 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:08:05.0468 1788 Mup - ok
11:08:05.0515 1788 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:08:05.0515 1788 NDIS - ok
11:08:05.0546 1788 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:08:05.0546 1788 NdisTapi - ok
11:08:05.0562 1788 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:08:05.0562 1788 Ndisuio - ok
11:08:05.0562 1788 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:08:05.0562 1788 NdisWan - ok
11:08:05.0624 1788 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:08:05.0624 1788 NDProxy - ok
11:08:05.0781 1788 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:08:05.0781 1788 NetBIOS - ok
11:08:05.0812 1788 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:08:05.0812 1788 NetBT - ok
11:08:05.0874 1788 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:08:05.0874 1788 NIC1394 - ok
11:08:05.0890 1788 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:08:05.0890 1788 Npfs - ok
11:08:05.0953 1788 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:08:05.0968 1788 Ntfs - ok
11:08:05.0968 1788 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:08:05.0968 1788 Null - ok
11:08:05.0999 1788 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:08:05.0999 1788 NwlnkFlt - ok
11:08:05.0999 1788 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:08:05.0999 1788 NwlnkFwd - ok
11:08:06.0031 1788 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:08:06.0031 1788 ohci1394 - ok
11:08:06.0046 1788 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:08:06.0046 1788 Parport - ok
11:08:06.0062 1788 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:08:06.0062 1788 PartMgr - ok
11:08:06.0078 1788 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:08:06.0078 1788 ParVdm - ok
11:08:06.0109 1788 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:08:06.0109 1788 PCI - ok
11:08:06.0124 1788 PCIDump - ok
11:08:06.0124 1788 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:08:06.0124 1788 PCIIde - ok
11:08:06.0156 1788 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:08:06.0156 1788 Pcmcia - ok
11:08:06.0156 1788 PDCOMP - ok
11:08:06.0171 1788 PDFRAME - ok
11:08:06.0171 1788 PDRELI - ok
11:08:06.0187 1788 PDRFRAME - ok
11:08:06.0203 1788 pelmouse (bd71f603c9aa0754c96e7557ee0001f9) C:\WINDOWS\system32\DRIVERS\pelmouse.sys
11:08:06.0203 1788 pelmouse - ok
11:08:06.0234 1788 pelps2m (859b4b99dc669340434366a7351606a0) C:\WINDOWS\system32\DRIVERS\pelps2m.sys
11:08:06.0234 1788 pelps2m - ok
11:08:06.0265 1788 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:08:06.0265 1788 perc2 - ok
11:08:06.0281 1788 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:08:06.0281 1788 perc2hib - ok
11:08:06.0312 1788 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
11:08:06.0312 1788 pmem - ok
11:08:06.0343 1788 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:08:06.0343 1788 PptpMiniport - ok
11:08:06.0359 1788 psadd (f8a25f1dd8b2c332cbc663e3579566e7) C:\WINDOWS\system32\DRIVERS\psadd.sys
11:08:06.0359 1788 psadd - ok
11:08:06.0374 1788 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:08:06.0374 1788 PSched - ok
11:08:06.0374 1788 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:08:06.0390 1788 Ptilink - ok
11:08:06.0406 1788 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:08:06.0421 1788 PxHelp20 - ok
11:08:06.0437 1788 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:08:06.0437 1788 ql1080 - ok
11:08:06.0437 1788 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:08:06.0437 1788 Ql10wnt - ok
11:08:06.0468 1788 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:08:06.0484 1788 ql12160 - ok
11:08:06.0484 1788 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:08:06.0484 1788 ql1240 - ok
11:08:06.0499 1788 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:08:06.0499 1788 ql1280 - ok
11:08:06.0515 1788 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:08:06.0515 1788 RasAcd - ok
11:08:06.0531 1788 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:08:06.0531 1788 Rasl2tp - ok
11:08:06.0546 1788 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:08:06.0546 1788 RasPppoe - ok
11:08:06.0546 1788 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:08:06.0546 1788 Raspti - ok
11:08:06.0562 1788 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:08:06.0578 1788 Rdbss - ok
11:08:06.0578 1788 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:08:06.0578 1788 RDPCDD - ok
11:08:06.0640 1788 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:08:06.0640 1788 rdpdr - ok
11:08:06.0671 1788 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:08:06.0671 1788 RDPWD - ok
11:08:06.0718 1788 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:08:06.0718 1788 redbook - ok
11:08:06.0749 1788 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:08:06.0749 1788 Secdrv - ok
11:08:06.0781 1788 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:08:06.0781 1788 Serenum - ok
11:08:06.0781 1788 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:08:06.0781 1788 Serial - ok
11:08:06.0812 1788 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:08:06.0812 1788 Sfloppy - ok
11:08:06.0812 1788 Simbad - ok
11:08:06.0843 1788 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:08:06.0843 1788 sisagp - ok
11:08:06.0859 1788 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:08:06.0859 1788 Sparrow - ok
11:08:06.0890 1788 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:08:06.0890 1788 splitter - ok
11:08:06.0921 1788 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:08:06.0921 1788 sr - ok
11:08:06.0953 1788 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:08:06.0953 1788 Srv - ok
11:08:06.0984 1788 SuperIO (05756b6a3a45db52334526f9e1fec6bc) C:\WINDOWS\system32\DRIVERS\spio.sys
11:08:06.0984 1788 SuperIO - ok
11:08:07.0031 1788 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:08:07.0031 1788 swenum - ok
11:08:07.0062 1788 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:08:07.0062 1788 swmidi - ok
11:08:07.0093 1788 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:08:07.0093 1788 symc810 - ok
11:08:07.0124 1788 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:08:07.0124 1788 symc8xx - ok
11:08:07.0124 1788 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:08:07.0124 1788 sym_hi - ok
11:08:07.0140 1788 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:08:07.0140 1788 sym_u3 - ok
11:08:07.0171 1788 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:08:07.0171 1788 sysaudio - ok
11:08:07.0218 1788 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:08:07.0218 1788 Tcpip - ok
11:08:07.0249 1788 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:08:07.0249 1788 TDPIPE - ok
11:08:07.0281 1788 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:08:07.0281 1788 TDTCP - ok
11:08:07.0312 1788 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:08:07.0312 1788 TermDD - ok
11:08:07.0343 1788 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
11:08:07.0343 1788 TosIde - ok
11:08:07.0374 1788 TVTI2C (f2bacc1b7adfecba363275e7330ab5c1) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
11:08:07.0374 1788 TVTI2C - ok
11:08:07.0374 1788 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:08:07.0374 1788 Udfs - ok
11:08:07.0406 1788 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:08:07.0406 1788 ultra - ok
11:08:07.0437 1788 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:08:07.0437 1788 Update - ok
11:08:07.0484 1788 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:08:07.0484 1788 usbccgp - ok
11:08:07.0531 1788 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:08:07.0531 1788 usbehci - ok
11:08:07.0531 1788 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:08:07.0531 1788 usbhub - ok
11:08:07.0578 1788 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:08:07.0578 1788 USBSTOR - ok
11:08:07.0609 1788 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:08:07.0609 1788 usbuhci - ok
11:08:07.0624 1788 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:08:07.0624 1788 VgaSave - ok
11:08:07.0656 1788 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:08:07.0656 1788 viaagp - ok
11:08:07.0703 1788 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:08:07.0703 1788 ViaIde - ok
11:08:07.0734 1788 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:08:07.0734 1788 VolSnap - ok
11:08:07.0765 1788 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:08:07.0765 1788 Wanarp - ok
11:08:07.0781 1788 WDICA - ok
11:08:07.0828 1788 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:08:07.0828 1788 wdmaud - ok
11:08:07.0999 1788 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
11:08:07.0999 1788 WmiAcpi - ok
11:08:08.0078 1788 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:08:08.0078 1788 WudfPf - ok
11:08:08.0093 1788 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:08:08.0093 1788 WudfRd - ok
11:08:08.0140 1788 yukonwxp (d039bed903758f315b05825a1a364488) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:08:08.0140 1788 yukonwxp - ok
11:08:08.0171 1788 MBR (0x1B8) (56b94a7b5065830b51620cb2832a9510) \Device\Harddisk0\DR0
11:08:08.0171 1788 \Device\Harddisk0\DR0 - ok
11:08:08.0187 1788 Boot (0x1200) (654f09d06d1155555df0be496f09d6ea) \Device\Harddisk0\DR0\Partition0
11:08:08.0187 1788 \Device\Harddisk0\DR0\Partition0 - ok
11:08:08.0187 1788 ============================================================
11:08:08.0187 1788 Scan finished
11:08:08.0187 1788 ============================================================
11:08:08.0187 1920 Detected object count: 1
11:08:08.0187 1920 Actual detected object count: 1
11:08:35.0109 1920 Backup copy found, using it..
11:08:35.0718 1920 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
11:08:35.0718 1920 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
11:08:46.0140 0148 Deinitialize success

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:11 PM

Posted 24 October 2011 - 12:15 PM

How are the issues now?

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 foxydenver

foxydenver
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 24 October 2011 - 12:22 PM

All the googles and gmails are working!!
Here's the scan:

[Logs Edited Out]

Edited by foxydenver, 24 October 2011 - 02:30 PM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:11 PM

Posted 24 October 2011 - 12:33 PM

Good news :)

The above log looks good.

Couple more steps....

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 foxydenver

foxydenver
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 24 October 2011 - 01:41 PM

[Logs Edited Out]

should i remove the threats?

Edited by foxydenver, 24 October 2011 - 02:30 PM.


#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:11 PM

Posted 24 October 2011 - 01:57 PM

Yes.

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

====================================================================

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

=============================================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/

2. Make sure, Windows Updates are current.

3. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

4. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

5. Run Temporary File Cleaner (TFC) weekly.

6. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

10. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 foxydenver

foxydenver
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 24 October 2011 - 02:30 PM

many, many thanks.

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:11 PM

Posted 24 October 2011 - 03:24 PM

You're very welcome Posted Image

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users