Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect trojan virus


  • Please log in to reply
12 replies to this topic

#1 yunglj

yunglj

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 06:47 PM

Hi,

I have a trojan virus that is associated with SVCHOST.EXE that won't clean completely. I have Malwarebyte and it quarantines it but it comes back after reboot. It started went I couldn't get to my iGoogle anymore with a 404 error. It also redirects all my Google searches. Any help in killing this thing would be greatly appreciated. Malwarebyte is also stopping a malicious outbound traffic every 30 seconds or so.

BC AdBot (Login to Remove)

 


#2 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 06:53 PM

Additional information:

Windows 7 64bit
Norton 360
MalwareByte (just loaded to try to fix this issue)

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:58 AM

Posted 16 February 2012 - 07:07 PM

Hello and welcome. Lets see if we can get this..
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.

>>>
Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


>>>
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

[color="#008000"] Note:
When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 07:32 PM

Thanks for the quick response. Answers to your questions:

Yes on a wireless router.
No other machines seem to be ok.
I have IE9 and Google Chrome no Firefox.

Here's the TDDSKiller report:

19:18:10.0473 3928 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
19:18:11.0648 3928 ============================================================
19:18:11.0648 3928 Current date / time: 2012/02/16 19:18:11.0648
19:18:11.0648 3928 SystemInfo:
19:18:11.0648 3928
19:18:11.0648 3928 OS Version: 6.1.7601 ServicePack: 1.0
19:18:11.0648 3928 Product type: Workstation
19:18:11.0649 3928 ComputerName: YUNG-PC
19:18:11.0649 3928 UserName: Yung
19:18:11.0649 3928 Windows directory: C:\Windows
19:18:11.0649 3928 System windows directory: C:\Windows
19:18:11.0649 3928 Running under WOW64
19:18:11.0649 3928 Processor architecture: Intel x64
19:18:11.0649 3928 Number of processors: 2
19:18:11.0649 3928 Page size: 0x1000
19:18:11.0649 3928 Boot type: Normal boot
19:18:11.0649 3928 ============================================================
19:18:13.0251 3928 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:13.0607 3928 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:13.0627 3928 \Device\Harddisk0\DR0:
19:18:13.0627 3928 MBR used
19:18:13.0627 3928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BAEFFC1
19:18:13.0628 3928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BAF0000, BlocksNum 0x16D4000
19:18:13.0628 3928 \Device\Harddisk1\DR1:
19:18:13.0628 3928 MBR used
19:18:13.0628 3928 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
19:18:13.0789 3928 Initialize success
19:18:13.0789 3928 ============================================================
19:18:24.0301 3504 ============================================================
19:18:24.0301 3504 Scan started
19:18:24.0301 3504 Mode: Manual;
19:18:24.0301 3504 ============================================================
19:18:25.0384 3504 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:18:25.0391 3504 1394ohci - ok
19:18:25.0455 3504 6077757b (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
19:18:25.0457 3504 6077757b - ok
19:18:25.0524 3504 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
19:18:25.0527 3504 Accelerometer - ok
19:18:25.0669 3504 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:18:25.0678 3504 ACPI - ok
19:18:25.0803 3504 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:18:25.0806 3504 AcpiPmi - ok
19:18:25.0949 3504 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:18:25.0962 3504 adp94xx - ok
19:18:26.0139 3504 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:18:26.0149 3504 adpahci - ok
19:18:26.0188 3504 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:18:26.0195 3504 adpu320 - ok
19:18:26.0976 3504 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:18:26.0998 3504 AFD - ok
19:18:27.0199 3504 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
19:18:27.0225 3504 AgereSoftModem - ok
19:18:27.0933 3504 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:18:27.0964 3504 agp440 - ok
19:18:28.0323 3504 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:18:28.0331 3504 aliide - ok
19:18:28.0435 3504 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:18:28.0453 3504 amdide - ok
19:18:28.0631 3504 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:18:28.0656 3504 AmdK8 - ok
19:18:28.0994 3504 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:18:29.0010 3504 AmdPPM - ok
19:18:29.0226 3504 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:18:29.0249 3504 amdsata - ok
19:18:29.0527 3504 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:18:29.0553 3504 amdsbs - ok
19:18:29.0849 3504 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:18:29.0851 3504 amdxata - ok
19:18:30.0033 3504 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:18:30.0058 3504 AppID - ok
19:18:30.0248 3504 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:18:30.0277 3504 arc - ok
19:18:30.0469 3504 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:18:30.0492 3504 arcsas - ok
19:18:30.0892 3504 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:18:30.0894 3504 AsyncMac - ok
19:18:31.0024 3504 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:18:31.0026 3504 atapi - ok
19:18:31.0423 3504 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:18:31.0440 3504 b06bdrv - ok
19:18:31.0667 3504 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:18:31.0692 3504 b57nd60a - ok
19:18:32.0057 3504 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:18:32.0447 3504 Beep - ok
19:18:32.0870 3504 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
19:18:32.0896 3504 BHDrvx64 - ok
19:18:33.0046 3504 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:18:33.0048 3504 blbdrive - ok
19:18:33.0144 3504 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:18:33.0147 3504 bowser - ok
19:18:33.0510 3504 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:18:33.0513 3504 BrFiltLo - ok
19:18:33.0532 3504 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:18:33.0536 3504 BrFiltUp - ok
19:18:33.0588 3504 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:18:33.0598 3504 Brserid - ok
19:18:33.0815 3504 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:18:33.0818 3504 BrSerWdm - ok
19:18:33.0835 3504 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:18:33.0839 3504 BrUsbMdm - ok
19:18:33.0864 3504 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:18:33.0866 3504 BrUsbSer - ok
19:18:33.0915 3504 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:18:33.0918 3504 BthEnum - ok
19:18:33.0955 3504 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:18:33.0959 3504 BTHMODEM - ok
19:18:34.0103 3504 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:18:34.0107 3504 BthPan - ok
19:18:34.0182 3504 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:18:34.0195 3504 BTHPORT - ok
19:18:34.0345 3504 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:18:34.0348 3504 BTHUSB - ok
19:18:34.0432 3504 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:18:34.0436 3504 cdfs - ok
19:18:34.0625 3504 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:18:34.0630 3504 cdrom - ok
19:18:34.0704 3504 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:18:34.0714 3504 circlass - ok
19:18:34.0865 3504 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:18:34.0876 3504 CLFS - ok
19:18:35.0020 3504 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:18:35.0022 3504 CmBatt - ok
19:18:35.0116 3504 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:18:35.0120 3504 cmdide - ok
19:18:35.0186 3504 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:18:35.0197 3504 CNG - ok
19:18:35.0345 3504 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:18:35.0347 3504 Compbatt - ok
19:18:35.0417 3504 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:18:35.0419 3504 CompositeBus - ok
19:18:35.0450 3504 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:18:35.0452 3504 crcdisk - ok
19:18:35.0624 3504 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:18:35.0636 3504 CSC - ok
19:18:35.0836 3504 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys
19:18:35.0839 3504 dc3d - ok
19:18:35.0984 3504 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:18:35.0988 3504 DfsC - ok
19:18:36.0086 3504 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:18:36.0088 3504 discache - ok
19:18:36.0142 3504 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:18:36.0143 3504 Disk - ok
19:18:36.0279 3504 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:18:36.0285 3504 dot4 - ok
19:18:36.0403 3504 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
19:18:36.0406 3504 Dot4Print - ok
19:18:36.0497 3504 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
19:18:36.0501 3504 Dot4Scan - ok
19:18:36.0621 3504 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:18:36.0626 3504 dot4usb - ok
19:18:36.0771 3504 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:18:36.0774 3504 drmkaud - ok
19:18:36.0857 3504 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:18:36.0880 3504 DXGKrnl - ok
19:18:37.0122 3504 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:18:37.0220 3504 ebdrv - ok
19:18:37.0339 3504 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:18:37.0349 3504 eeCtrl - ok
19:18:37.0563 3504 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:18:37.0576 3504 elxstor - ok
19:18:37.0685 3504 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:18:37.0689 3504 EraserUtilRebootDrv - ok
19:18:37.0887 3504 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:18:37.0890 3504 ErrDev - ok
19:18:37.0966 3504 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:18:37.0971 3504 exfat - ok
19:18:37.0997 3504 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:18:38.0001 3504 fastfat - ok
19:18:38.0087 3504 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:18:38.0090 3504 fdc - ok
19:18:38.0203 3504 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:18:38.0206 3504 FileInfo - ok
19:18:38.0232 3504 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:18:38.0236 3504 Filetrace - ok
19:18:38.0260 3504 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:18:38.0262 3504 flpydisk - ok
19:18:38.0353 3504 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:18:38.0361 3504 FltMgr - ok
19:18:38.0542 3504 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:18:38.0546 3504 FsDepends - ok
19:18:38.0579 3504 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:18:38.0583 3504 Fs_Rec - ok
19:18:38.0662 3504 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:18:38.0668 3504 fvevol - ok
19:18:38.0814 3504 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:18:38.0818 3504 gagp30kx - ok
19:18:38.0908 3504 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:18:38.0909 3504 GEARAspiWDM - ok
19:18:38.0932 3504 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:18:38.0934 3504 hcw85cir - ok
19:18:39.0039 3504 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:18:39.0050 3504 HdAudAddService - ok
19:18:39.0165 3504 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:18:39.0178 3504 HDAudBus - ok
19:18:39.0302 3504 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:18:39.0305 3504 HidBatt - ok
19:18:39.0327 3504 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:18:39.0332 3504 HidBth - ok
19:18:39.0393 3504 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:18:39.0397 3504 HidIr - ok
19:18:39.0532 3504 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:18:39.0534 3504 HidUsb - ok
19:18:39.0656 3504 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
19:18:39.0658 3504 hpdskflt - ok
19:18:39.0791 3504 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:18:39.0796 3504 HpSAMD - ok
19:18:39.0921 3504 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:18:40.0032 3504 HTTP - ok
19:18:40.0120 3504 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:18:40.0121 3504 hwpolicy - ok
19:18:40.0234 3504 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:18:40.0237 3504 i8042prt - ok
19:18:40.0327 3504 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:18:40.0335 3504 iaStorV - ok
19:18:40.0656 3504 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120215.002\IDSvia64.sys
19:18:40.0668 3504 IDSVia64 - ok
19:18:40.0928 3504 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:18:40.0931 3504 iirsp - ok
19:18:40.0997 3504 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:18:41.0000 3504 intelide - ok
19:18:41.0021 3504 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:18:41.0024 3504 intelppm - ok
19:18:41.0132 3504 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:18:41.0137 3504 IpFilterDriver - ok
19:18:41.0245 3504 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:18:41.0249 3504 IPMIDRV - ok
19:18:41.0316 3504 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:18:41.0321 3504 IPNAT - ok
19:18:41.0453 3504 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:18:41.0457 3504 IRENUM - ok
19:18:41.0543 3504 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:18:41.0543 3504 isapnp - ok
19:18:41.0614 3504 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:18:41.0623 3504 iScsiPrt - ok
19:18:41.0788 3504 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:18:41.0820 3504 kbdclass - ok
19:18:41.0893 3504 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:18:41.0897 3504 kbdhid - ok
19:18:41.0958 3504 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:18:41.0961 3504 KSecDD - ok
19:18:42.0020 3504 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:18:42.0025 3504 KSecPkg - ok
19:18:42.0141 3504 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:18:42.0143 3504 ksthunk - ok
19:18:42.0237 3504 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:18:42.0240 3504 lltdio - ok
19:18:42.0390 3504 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:18:42.0396 3504 LSI_FC - ok
19:18:42.0480 3504 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:18:42.0485 3504 LSI_SAS - ok
19:18:42.0520 3504 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:18:42.0525 3504 LSI_SAS2 - ok
19:18:42.0707 3504 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:18:42.0717 3504 LSI_SCSI - ok
19:18:42.0837 3504 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:18:42.0841 3504 luafv - ok
19:18:42.0996 3504 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:18:42.0997 3504 MBAMProtector - ok
19:18:43.0108 3504 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:18:43.0110 3504 megasas - ok
19:18:43.0165 3504 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:18:43.0171 3504 MegaSR - ok
19:18:43.0293 3504 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:18:43.0295 3504 Modem - ok
19:18:43.0360 3504 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:18:43.0362 3504 monitor - ok
19:18:43.0424 3504 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:18:43.0427 3504 mouclass - ok
19:18:43.0458 3504 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:18:43.0460 3504 mouhid - ok
19:18:43.0573 3504 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:18:43.0576 3504 mountmgr - ok
19:18:43.0643 3504 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:18:43.0649 3504 mpio - ok
19:18:43.0773 3504 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:18:43.0777 3504 mpsdrv - ok
19:18:43.0906 3504 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
19:18:43.0909 3504 MREMP50 - ok
19:18:44.0009 3504 MREMP50a64 - ok
19:18:44.0019 3504 MREMPR5 - ok
19:18:44.0029 3504 MRENDIS5 - ok
19:18:44.0065 3504 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
19:18:44.0067 3504 MRESP50 - ok
19:18:44.0071 3504 MRESP50a64 - ok
19:18:44.0212 3504 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:18:44.0218 3504 MRxDAV - ok
19:18:44.0271 3504 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:18:44.0276 3504 mrxsmb - ok
19:18:44.0344 3504 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:18:44.0352 3504 mrxsmb10 - ok
19:18:44.0400 3504 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:18:44.0404 3504 mrxsmb20 - ok
19:18:44.0549 3504 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:18:44.0551 3504 msahci - ok
19:18:44.0604 3504 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:18:44.0610 3504 msdsm - ok
19:18:44.0669 3504 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:18:44.0679 3504 Msfs - ok
19:18:44.0764 3504 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:18:44.0768 3504 mshidkmdf - ok
19:18:44.0924 3504 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:18:44.0926 3504 msisadrv - ok
19:18:45.0004 3504 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:18:45.0006 3504 MSKSSRV - ok
19:18:45.0019 3504 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:18:45.0022 3504 MSPCLOCK - ok
19:18:45.0040 3504 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:18:45.0043 3504 MSPQM - ok
19:18:45.0194 3504 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:18:45.0204 3504 MsRPC - ok
19:18:45.0244 3504 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:18:45.0245 3504 mssmbios - ok
19:18:45.0294 3504 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:18:45.0297 3504 MSTEE - ok
19:18:45.0330 3504 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:18:45.0332 3504 MTConfig - ok
19:18:45.0350 3504 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:18:45.0352 3504 Mup - ok
19:18:45.0531 3504 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:18:45.0540 3504 NativeWifiP - ok
19:18:45.0856 3504 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120216.004\ENG64.SYS
19:18:45.0858 3504 NAVENG - ok
19:18:45.0956 3504 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120216.004\EX64.SYS
19:18:45.0981 3504 NAVEX15 - ok
19:18:46.0168 3504 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:18:46.0188 3504 NDIS - ok
19:18:46.0350 3504 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:18:46.0353 3504 NdisCap - ok
19:18:46.0412 3504 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:18:46.0414 3504 NdisTapi - ok
19:18:46.0453 3504 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:18:46.0456 3504 Ndisuio - ok
19:18:46.0501 3504 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:18:46.0505 3504 NdisWan - ok
19:18:46.0652 3504 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:18:46.0657 3504 NDProxy - ok
19:18:46.0723 3504 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:18:46.0723 3504 NetBIOS - ok
19:18:46.0808 3504 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:18:46.0815 3504 NetBT - ok
19:18:47.0204 3504 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
19:18:47.0410 3504 NETw5s64 - ok
19:18:47.0724 3504 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
19:18:47.0940 3504 netw5v64 - ok
19:18:48.0140 3504 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:18:48.0140 3504 nfrd960 - ok
19:18:48.0190 3504 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:18:48.0190 3504 Npfs - ok
19:18:48.0220 3504 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:18:48.0230 3504 nsiproxy - ok
19:18:48.0330 3504 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:18:48.0370 3504 Ntfs - ok
19:18:48.0530 3504 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
19:18:48.0530 3504 NuidFltr - ok
19:18:48.0580 3504 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:18:48.0580 3504 Null - ok
19:18:48.0670 3504 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
19:18:48.0670 3504 NVHDA - ok
19:18:49.0196 3504 nvlddmkm (e63279a205da5c225369770e400904a8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:18:49.0474 3504 nvlddmkm - ok
19:18:49.0669 3504 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:18:49.0672 3504 nvraid - ok
19:18:49.0776 3504 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:18:49.0780 3504 nvstor - ok
19:18:49.0817 3504 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:18:49.0821 3504 nv_agp - ok
19:18:49.0983 3504 NWADI (17bcf5df3c54dcf2af2e164eb84a0169) C:\Windows\system32\DRIVERS\NWADIenum.sys
19:18:49.0990 3504 NWADI - ok
19:18:50.0058 3504 NWUSBCDFIL64 (de3abd010d9734cd4ad4e0ba81f50b63) C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
19:18:50.0062 3504 NWUSBCDFIL64 - ok
19:18:50.0087 3504 NWUSBModem (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbmdm.sys
19:18:50.0095 3504 NWUSBModem - ok
19:18:50.0252 3504 NWUSBPort (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbser.sys
19:18:50.0260 3504 NWUSBPort - ok
19:18:50.0350 3504 NWUSBPort2 (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbser2.sys
19:18:50.0357 3504 NWUSBPort2 - ok
19:18:50.0456 3504 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:18:50.0461 3504 ohci1394 - ok
19:18:50.0641 3504 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:18:50.0647 3504 Parport - ok
19:18:50.0792 3504 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:18:50.0795 3504 partmgr - ok
19:18:50.0854 3504 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:18:50.0854 3504 pci - ok
19:18:50.0880 3504 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:18:50.0880 3504 pciide - ok
19:18:51.0036 3504 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:18:51.0044 3504 pcmcia - ok
19:18:51.0110 3504 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS
19:18:51.0116 3504 PCTINDIS5X64 - ok
19:18:51.0267 3504 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:18:51.0270 3504 pcw - ok
19:18:51.0317 3504 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:18:51.0333 3504 PEAUTH - ok
19:18:51.0545 3504 Point64 (a6d06378f37bdba0c0019294c2aabbd0) C:\Windows\system32\DRIVERS\point64k.sys
19:18:51.0548 3504 Point64 - ok
19:18:51.0634 3504 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:18:51.0638 3504 PptpMiniport - ok
19:18:51.0692 3504 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:18:51.0702 3504 Processor - ok
19:18:51.0943 3504 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:18:51.0943 3504 Psched - ok
19:18:52.0060 3504 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:18:52.0087 3504 ql2300 - ok
19:18:52.0233 3504 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:18:52.0238 3504 ql40xx - ok
19:18:52.0273 3504 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:18:52.0277 3504 QWAVEdrv - ok
19:18:52.0296 3504 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:18:52.0300 3504 RasAcd - ok
19:18:52.0400 3504 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:18:52.0403 3504 RasAgileVpn - ok
19:18:52.0589 3504 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:18:52.0594 3504 Rasl2tp - ok
19:18:52.0634 3504 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:18:52.0637 3504 RasPppoe - ok
19:18:52.0657 3504 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:18:52.0659 3504 RasSstp - ok
19:18:52.0789 3504 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:18:52.0798 3504 rdbss - ok
19:18:52.0874 3504 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:18:52.0876 3504 rdpbus - ok
19:18:52.0979 3504 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:18:52.0979 3504 RDPCDD - ok
19:18:53.0110 3504 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:18:53.0114 3504 RDPDR - ok
19:18:53.0197 3504 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:18:53.0199 3504 RDPENCDD - ok
19:18:53.0342 3504 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:18:53.0344 3504 RDPREFMP - ok
19:18:53.0519 3504 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:18:53.0666 3504 RDPWD - ok
19:18:53.0772 3504 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:18:53.0778 3504 rdyboost - ok
19:18:53.0978 3504 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
19:18:53.0980 3504 regi - ok
19:18:54.0048 3504 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:18:54.0053 3504 RFCOMM - ok
19:18:54.0109 3504 RimUsb (71b48ddaf5e9c2b40e64de5c405f5aac) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:18:54.0113 3504 RimUsb - ok
19:18:54.0278 3504 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:18:54.0280 3504 RimVSerPort - ok
19:18:54.0350 3504 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
19:18:54.0352 3504 ROOTMODEM - ok
19:18:54.0411 3504 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:18:54.0413 3504 rspndr - ok
19:18:54.0571 3504 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:18:54.0577 3504 RTL8167 - ok
19:18:54.0632 3504 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:18:54.0635 3504 s3cap - ok
19:18:54.0664 3504 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:18:54.0669 3504 sbp2port - ok
19:18:54.0780 3504 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:18:54.0784 3504 scfilter - ok
19:18:54.0946 3504 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
19:18:54.0955 3504 sdbus - ok
19:18:55.0023 3504 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:18:55.0025 3504 secdrv - ok
19:18:55.0039 3504 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:18:55.0049 3504 Serenum - ok
19:18:55.0069 3504 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:18:55.0069 3504 Serial - ok
19:18:55.0223 3504 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:18:55.0227 3504 sermouse - ok
19:18:55.0304 3504 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:18:55.0306 3504 sffdisk - ok
19:18:55.0329 3504 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:18:55.0331 3504 sffp_mmc - ok
19:18:55.0351 3504 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:18:55.0353 3504 sffp_sd - ok
19:18:55.0401 3504 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:18:55.0404 3504 sfloppy - ok
19:18:55.0626 3504 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:18:55.0631 3504 SiSRaid2 - ok
19:18:55.0653 3504 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:18:55.0658 3504 SiSRaid4 - ok
19:18:55.0692 3504 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:18:55.0695 3504 Smb - ok
19:18:56.0128 3504 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) D:\VERIZO~1\SMSIVZAM5X64.SYS
19:18:56.0128 3504 SMSIVZAM5X64 - ok
19:18:56.0337 3504 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:18:56.0341 3504 spldr - ok
19:18:56.0521 3504 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
19:18:56.0538 3504 SRTSP - ok
19:18:56.0964 3504 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
19:18:56.0967 3504 SRTSPX - ok
19:18:57.0041 3504 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:18:57.0053 3504 srv - ok
19:18:57.0203 3504 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:18:57.0213 3504 srv2 - ok
19:18:57.0265 3504 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:18:57.0269 3504 srvnet - ok
19:18:57.0476 3504 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:18:57.0480 3504 stexstor - ok
19:18:57.0571 3504 STHDA (ed1722f43ce61409ef68340402d6267d) C:\Windows\system32\DRIVERS\stwrt64.sys
19:18:57.0583 3504 STHDA - ok
19:18:57.0750 3504 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:18:57.0753 3504 storflt - ok
19:18:57.0796 3504 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:18:57.0799 3504 storvsc - ok
19:18:57.0836 3504 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:18:57.0837 3504 swenum - ok
19:18:57.0996 3504 swmsflt (179de6936fbb0702f89535b27e311b1f) C:\Windows\System32\drivers\swmsflt.sys
19:18:58.0001 3504 swmsflt - ok
19:18:58.0095 3504 SWNC8U56 (808cb62212dd7a934074ed65d3106948) C:\Windows\system32\DRIVERS\swnc8u56.sys
19:18:58.0103 3504 SWNC8U56 - ok
19:18:58.0179 3504 SWUMX56 (df3f437a890a77cce5e3fd7b7bb93585) C:\Windows\system32\DRIVERS\swumx56.sys
19:18:58.0189 3504 SWUMX56 - ok
19:18:58.0410 3504 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
19:18:58.0421 3504 SymDS - ok
19:18:58.0673 3504 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
19:18:58.0695 3504 SymEFA - ok
19:18:58.0855 3504 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:18:58.0861 3504 SymEvent - ok
19:18:58.0914 3504 SYMFW - ok
19:18:59.0071 3504 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
19:18:59.0077 3504 SymIRON - ok
19:18:59.0213 3504 SYMNDISV - ok
19:18:59.0358 3504 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
19:18:59.0367 3504 SymNetS - ok
19:18:59.0537 3504 SynTP (c52b05821884f9a0ebee38c45dbd73cd) C:\Windows\system32\DRIVERS\SynTP.sys
19:18:59.0546 3504 SynTP - ok
19:18:59.0663 3504 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:18:59.0693 3504 Tcpip - ok
19:18:59.0902 3504 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:18:59.0928 3504 TCPIP6 - ok
19:19:00.0083 3504 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:19:00.0086 3504 tcpipreg - ok
19:19:00.0147 3504 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:19:00.0150 3504 TDPIPE - ok
19:19:00.0174 3504 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:19:00.0178 3504 TDTCP - ok
19:19:00.0240 3504 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:19:00.0243 3504 tdx - ok
19:19:00.0385 3504 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:19:00.0388 3504 TermDD - ok
19:19:00.0482 3504 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:00.0484 3504 tssecsrv - ok
19:19:00.0545 3504 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:19:00.0550 3504 TsUsbFlt - ok
19:19:00.0720 3504 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:19:00.0725 3504 tunnel - ok
19:19:00.0781 3504 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:19:00.0785 3504 uagp35 - ok
19:19:00.0852 3504 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:19:00.0862 3504 udfs - ok
19:19:00.0935 3504 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:19:00.0940 3504 uliagpkx - ok
19:19:01.0086 3504 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:19:01.0099 3504 umbus - ok
19:19:01.0148 3504 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:19:01.0152 3504 UmPass - ok
19:19:01.0328 3504 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:19:01.0333 3504 USBAAPL64 - ok
19:19:01.0389 3504 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:01.0395 3504 usbccgp - ok
19:19:01.0445 3504 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:19:01.0450 3504 usbcir - ok
19:19:01.0502 3504 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:19:01.0505 3504 usbehci - ok
19:19:01.0671 3504 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:19:01.0681 3504 usbhub - ok
19:19:01.0739 3504 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
19:19:01.0743 3504 usbohci - ok
19:19:01.0786 3504 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:19:01.0790 3504 usbprint - ok
19:19:01.0941 3504 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:19:01.0945 3504 usbscan - ok
19:19:01.0995 3504 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:02.0001 3504 USBSTOR - ok
19:19:02.0048 3504 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:19:02.0051 3504 usbuhci - ok
19:19:02.0227 3504 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:19:02.0233 3504 usbvideo - ok
19:19:02.0307 3504 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
19:19:02.0311 3504 usb_rndisx - ok
19:19:02.0416 3504 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:19:02.0419 3504 vdrvroot - ok
19:19:02.0552 3504 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:02.0556 3504 vga - ok
19:19:02.0625 3504 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:19:02.0630 3504 VgaSave - ok
19:19:02.0685 3504 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:19:02.0693 3504 vhdmp - ok
19:19:02.0718 3504 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:19:02.0720 3504 viaide - ok
19:19:02.0786 3504 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:19:02.0792 3504 vmbus - ok
19:19:02.0858 3504 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:19:02.0861 3504 VMBusHID - ok
19:19:02.0891 3504 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:19:02.0894 3504 volmgr - ok
19:19:02.0966 3504 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:19:02.0976 3504 volmgrx - ok
19:19:03.0085 3504 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:19:03.0094 3504 volsnap - ok
19:19:03.0219 3504 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:19:03.0226 3504 vsmraid - ok
19:19:03.0295 3504 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:19:03.0297 3504 vwifibus - ok
19:19:03.0366 3504 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:19:03.0366 3504 vwififlt - ok
19:19:03.0407 3504 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:19:03.0410 3504 WacomPen - ok
19:19:03.0483 3504 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:03.0487 3504 WANARP - ok
19:19:03.0496 3504 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:03.0499 3504 Wanarpv6 - ok
19:19:03.0726 3504 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:19:03.0730 3504 Wd - ok
19:19:03.0779 3504 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:19:03.0796 3504 Wdf01000 - ok
19:19:04.0009 3504 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:19:04.0011 3504 WfpLwf - ok
19:19:04.0043 3504 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:19:04.0048 3504 WIMMount - ok
19:19:04.0248 3504 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:19:04.0253 3504 WinUsb - ok
19:19:04.0416 3504 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:19:04.0416 3504 WmiAcpi - ok
19:19:04.0531 3504 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:19:04.0535 3504 ws2ifsl - ok
19:19:04.0610 3504 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:19:04.0612 3504 WudfPf - ok
19:19:04.0790 3504 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:04.0797 3504 WUDFRd - ok
19:19:04.0886 3504 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
19:19:04.0913 3504 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
19:19:04.0913 3504 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
19:19:04.0920 3504 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
19:19:04.0931 3504 \Device\Harddisk1\DR1 - ok
19:19:04.0939 3504 Boot (0x1200) (fc01dc6cc25144a1f4c1226e309a5420) \Device\Harddisk0\DR0\Partition0
19:19:04.0942 3504 \Device\Harddisk0\DR0\Partition0 - ok
19:19:04.0967 3504 Boot (0x1200) (601c4a2d8e51434525fc44badae7ade5) \Device\Harddisk0\DR0\Partition1
19:19:04.0969 3504 \Device\Harddisk0\DR0\Partition1 - ok
19:19:04.0974 3504 Boot (0x1200) (f3236e035aeca789e508a739910f2e8f) \Device\Harddisk1\DR1\Partition0
19:19:04.0975 3504 \Device\Harddisk1\DR1\Partition0 - ok
19:19:04.0976 3504 ============================================================
19:19:04.0976 3504 Scan finished
19:19:04.0976 3504 ============================================================
19:19:04.0989 4868 Detected object count: 1
19:19:04.0989 4868 Actual detected object count: 1
19:20:40.0008 4868 \Device\Harddisk0\DR0\# - copied to quarantine
19:20:40.0008 4868 \Device\Harddisk0\DR0 - copied to quarantine
19:20:40.0108 4868 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:20:40.0118 4868 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:20:40.0128 4868 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
19:20:40.0138 4868 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
19:20:40.0158 4868 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:20:40.0178 4868 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:20:40.0178 4868 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:20:40.0188 4868 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:20:40.0188 4868 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:20:40.0188 4868 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:20:40.0198 4868 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:20:40.0198 4868 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:20:40.0228 4868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
19:20:40.0238 4868 \Device\Harddisk0\DR0 - ok
19:20:42.0044 4868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
19:21:05.0886 4688 Deinitialize success

#5 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 07:39 PM

I'm doing the awsMBR scan now and will post results. Oh and yes the TDDSkiller had me reboot.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:58 AM

Posted 16 February 2012 - 07:39 PM

Thanks,
Reboot as rquested and run aswMBR.
Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.

Edited by boopme, 16 February 2012 - 07:40 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 07:59 PM

FYI, when I ran awsMBR it crashed on me with a blue screen and rebooted. I'll run MBAM now and post.

#8 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 08:13 PM

Results from MBAM, it looks clean...does this mean I'm good to go?


Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.16.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Yung :: YUNG-PC [administrator]

Protection: Enabled

2/16/2012 8:01:07 PM
mbam-log-2012-02-16 (20-01-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 182434
Time elapsed: 5 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 08:15 PM

NO more redirects and I can get into iGoogle...

#10 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 08:21 PM

Thanks so much for your help!!!!!!!!!!!!!!!

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:58 AM

Posted 16 February 2012 - 09:39 PM

You're welcome.. Looks good to me.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 yunglj

yunglj
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 16 February 2012 - 09:53 PM

Will do...again thank you for all your help.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:58 AM

Posted 16 February 2012 - 11:12 PM

:thumbup2:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users