Jump to content

Recommended Posts

See below for the contents of the DDS log.

Thank you in advance for any help provided!

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18

Run by Scott at 22:12:34 on 2011-11-28

Microsoft Windows 7 Starter 6.1.7600.0.1252.61.1033.18.1015.392 [GMT 11:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\System32\AsusService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE

C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\Program Files\asus\SystemSetting\WallPaperAgent.exe

C:\windows\Explorer.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ASUS\Eee Docking\Eee Docking.exe

C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe

C:\Program Files\EeePC\HotkeyService\HotkeyService.exe

C:\Program Files\EeePC\SHE\SuperHybridEngine.exe

C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\windows\system32\wuauclt.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\windows\system32\conhost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

uInternet Settings,ProxyOverride = *.local

uWinlogon: Shell=c:\program files\asus\systemsetting\WallPaperAgent.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: ASUS Windows 7 Starter Helper: {d381ff29-7cfb-4d4e-b92a-c4eddc696614} - c:\program files\asus\systemsetting\StarterHelper.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"

uRun: [EPSON TX100 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiedp.exe /fu "c:\users\scott\appdata\local\temp\E_S2CF8.tmp" /EF "HKCU"

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe

mRun: [HotKeyMon] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotKeyMon.exe

mRun: [superHybridEngine] AsusSender.exe c:\program files\eeepc\she\SuperHybridEngine.exe

mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun

mRun: [LiveUpdate] AsusSender.exe c:\program files\asus\liveupdate\LiveUpdate.exe auto

mRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe

mRun: [Trend Micro Client Framework] c:\program files\trend micro\uniclient\uifrmwrk\UIWatchDog.exe

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [OOBESetup] c:\program files\asus\ooberegbackup\ooberegbackup.exe /restore -"c:\program files\asus\ooberegbackup\OOBEReg.ini"

mRun: [boingo Wi-Fi] "c:\program files\boingo\boingo wi-fi\Boingo.lnk"

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

dRun: [EPSON TX100 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiedp.exe /fu "c:\windows\temp\E_S428B.tmp" /EF "HKCU"

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{235D2379-540A-466C-A07A-BD6F740749C0} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{2A09815E-248F-4FF2-A21B-B020F6D758FC} : DhcpNameServer = 10.0.0.138

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: acaptuser32.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\scott\appdata\roaming\mozilla\firefox\profiles\99zakf8y.default\

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]

R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-6-4 11448]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2009-10-26 219136]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\asus\game park\gameconsole\OberonGameConsoleService.exe [2009-10-27 44312]

R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-12-25 52752]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2009-11-13 58368]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

S2 Amsp;Trend Micro Solution Platform;"c:\program files\trend micro\amsp\coreserviceshell.exe" coreframeworkhost.exe -m=nb --> c:\program files\trend micro\amsp\coreServiceShell.exe [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\sdwinsec.exe --> c:\program files\spybot - search & destroy\SDWinSec.exe [?]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2009-12-25 55280]

S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]

S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-10-26 626688]

.

=============== Created Last 30 ================

.

2011-11-09 18:28:23 708608 ----a-w- c:\program files\common files\system\wab32.dll

2011-11-09 18:28:22 1285488 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 18:28:19 2339840 ----a-w- c:\windows\system32\win32k.sys

2011-11-06 11:02:54 -------- d-----w- c:\users\scott\appdata\roaming\AVG

2011-11-06 09:52:09 -------- d--h--w- C:\$AVG

2011-11-06 08:44:37 -------- d-----w- c:\users\scott\appdata\roaming\AVG2012

2011-11-06 08:43:40 -------- d--h--w- c:\programdata\Common Files

2011-11-06 08:41:43 -------- d-----w- c:\windows\system32\drivers\AVG

2011-11-06 08:41:43 -------- d-----w- c:\programdata\AVG2012

2011-11-06 08:38:47 -------- d-----w- c:\program files\AVG

2011-11-06 08:10:09 -------- d-----w- c:\programdata\MFAData

2011-11-04 08:28:31 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0776be6a-3d23-4d74-a27c-3f8e650ae7f6}\mpengine.dll

2011-11-01 11:08:06 -------- d-----w- c:\users\scott\appdata\roaming\AVS4YOU

2011-11-01 11:05:11 -------- d-----w- c:\program files\common files\AVSMedia

2011-11-01 11:04:01 24576 ----a-w- c:\windows\system32\msxml3a.dll

2011-11-01 11:04:01 1700352 ----a-w- c:\windows\system32\GdiPlus.dll

2011-11-01 11:04:00 -------- d-----w- c:\programdata\AVS4YOU

2011-11-01 11:04:00 -------- d-----w- c:\program files\AVS4YOU

2011-11-01 10:08:16 860160 ----a-w- c:\windows\system32\lameACM.acm

2011-11-01 10:08:15 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2011-11-01 10:08:15 118784 ----a-w- c:\windows\system32\ac3acm.acm

2011-11-01 10:08:14 159839 ----a-w- c:\windows\system32\xvidvfw.dll

2011-11-01 10:08:13 81920 ----a-w- c:\windows\system32\dpl100.dll

2011-11-01 10:08:13 683520 ----a-w- c:\windows\system32\divx.dll

2011-11-01 10:08:13 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2011-11-01 10:08:11 7680 ----a-w- c:\windows\system32\ff_vfw.dll

.

==================== Find3M ====================

.

2011-10-06 19:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-03 19:21:28 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-10-01 02:59:14 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-12 19:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2011-09-04 10:50:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 22:15:17.35 ===============

Attach.txt

Link to post
Share on other sites

Sorry, I should have mentioned my computer's symptoms...

I'm getting redirected from all google search results to unknown websites, sometimes asking to run a random .exe file (I always click the close box for the window)

I was also getting the occasional Internet Explorer popup with random tabs (I have since disabled IE)

I'm also getting regular Blue Screen errors and restarts.

Hope someone can help.

Thanks.

Link to post
Share on other sites

Hello Scott2301! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Step 1

You have p2p software installed on your system, which is very dangerous and illegal. Please check our rules for piracy and uninstall µTorrent:

http://forums.malwarebytes.org/index.php?showtopic=97700

Step 2

You have two installed and active antivirus programs on your system:

AVG Anti-Virus Free Edition 2012

Trend Micro Security

Two antivirus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove one of them. If you don't have a license for Trend Micro, I suggest you to uninstall it.

Step 3

Please follow the guide to download and run ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#use

Post the log file when you are ready.

Link to post
Share on other sites

Hi, thanks for helping me. In reply to your 3 steps...

1) uTorrent removed as requested

2) I tried to uninstall Trend Micro, but could not find it in the list of programs to uninstall through the control panel.

3) I downloaded combofix and ran it as outlined in the guide, although I did have 1 small problem... Just before it started to produce the log my AVG re-activated as it was on a time delay. I had to go into AVG while combofix was running and deactivate it again. Would this have had any effect on combofix?

See below for the log:

ComboFix 11-12-01.01 - Scott 01/12/2011 23:40:38.1.2 - x86

Microsoft Windows 7 Starter 6.1.7600.0.1252.61.1033.18.1015.480 [GMT 11:00]

Running from: c:\users\Scott\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\FullRemove.exe

c:\users\Scott\AppData\Roaming\.#

.

.

((((((((((((((((((((((((( Files Created from 2011-11-01 to 2011-12-01 )))))))))))))))))))))))))))))))

.

.

2011-12-01 12:59 . 2011-12-01 12:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-09 18:28 . 2011-10-01 04:43 708608 ----a-w- c:\program files\Common Files\System\wab32.dll

2011-11-09 18:28 . 2011-09-29 15:43 1285488 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 18:28 . 2011-09-29 04:20 2339840 ----a-w- c:\windows\system32\win32k.sys

2011-11-06 11:02 . 2011-11-06 11:03 -------- d-----w- c:\users\Scott\AppData\Roaming\AVG

2011-11-06 09:52 . 2011-11-06 09:52 -------- d-----w- C:\$AVG

2011-11-06 08:43 . 2011-11-06 08:43 -------- d--h--w- c:\programdata\Common Files

2011-11-06 08:41 . 2011-12-01 06:25 -------- d-----w- c:\windows\system32\drivers\AVG

2011-11-06 08:41 . 2011-11-06 08:45 -------- d-----w- c:\programdata\AVG2012

2011-11-06 08:38 . 2011-11-06 11:01 -------- d-----w- c:\program files\AVG

2011-11-06 08:10 . 2011-12-01 06:25 -------- d-----w- c:\programdata\MFAData

2011-11-04 08:28 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0776BE6A-3D23-4D74-A27C-3F8E650AE7F6}\mpengine.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-06 19:23 . 2011-10-06 19:23 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2011-10-03 19:21 . 2011-10-03 19:21 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys

2011-10-01 02:59 . 2011-10-16 05:06 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-12 19:30 . 2011-09-12 19:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2011-09-04 10:50 . 2011-08-19 23:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-05 06:53 . 2011-11-17 11:38 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]

"HotkeyService"="AsusSender.exe" [2009-09-11 33768]

"HotKeyMon"="AsusSender.exe" [2009-09-11 33768]

"SuperHybridEngine"="AsusSender.exe" [2009-09-11 33768]

"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-11-17 414384]

"LiveUpdate"="AsusSender.exe" [2009-09-11 33768]

"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]

"OOBESetup"="c:\program files\asus\OOBERegBackup\OOBERegBackup.exe" [2009-09-30 338096]

"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2009-12-25 2429]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-02 38768]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-18 421736]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-10-24 2415456]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-11 4433248]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2009-09-11 626688]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 23120]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-12 32592]

S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-06 230608]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-10 295248]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-01 192776]

S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]

S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2009-10-14 52752]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 134736]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 24272]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-03 16720]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2009-11-12 58368]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://asus.msn.com

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\99zakf8y.default\

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

HKLM-Run-Trend Micro Client Framework - c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-12-02 00:08:14

ComboFix-quarantined-files.txt 2011-12-01 13:08

.

Pre-Run: 52,867,010,560 bytes free

Post-Run: 52,719,616,000 bytes free

.

- - End Of File - - D0796DA359CA4CBA1AB6C40DBDD90B59

Link to post
Share on other sites

It is not a big deal, don't worry.

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

Finished running TDSSKiller... See the log below:

18:00:43.0031 3756 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

18:00:43.0998 3756 ============================================================

18:00:43.0998 3756 Current date / time: 2011/12/02 18:00:43.0998

18:00:43.0998 3756 SystemInfo:

18:00:43.0998 3756

18:00:43.0998 3756 OS Version: 6.1.7600 ServicePack: 0.0

18:00:43.0998 3756 Product type: Workstation

18:00:43.0998 3756 ComputerName: SCOTT-PC

18:00:43.0998 3756 UserName: Scott

18:00:43.0998 3756 Windows directory: C:\windows

18:00:43.0998 3756 System windows directory: C:\windows

18:00:43.0998 3756 Processor architecture: Intel x86

18:00:43.0998 3756 Number of processors: 2

18:00:43.0998 3756 Page size: 0x1000

18:00:43.0998 3756 Boot type: Normal boot

18:00:43.0998 3756 ============================================================

18:00:47.0196 3756 Initialize success

18:01:51.0327 3284 ============================================================

18:01:51.0327 3284 Scan started

18:01:51.0327 3284 Mode: Manual; SigCheck; TDLFS;

18:01:51.0327 3284 ============================================================

18:01:53.0667 3284 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys

18:01:54.0011 3284 1394ohci - ok

18:01:54.0401 3284 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys

18:01:54.0479 3284 ACPI - ok

18:01:54.0557 3284 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys

18:01:54.0681 3284 AcpiPmi - ok

18:01:54.0806 3284 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys

18:01:54.0900 3284 adp94xx - ok

18:01:55.0040 3284 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys

18:01:55.0103 3284 adpahci - ok

18:01:55.0290 3284 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys

18:01:55.0337 3284 adpu320 - ok

18:01:55.0446 3284 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys

18:01:55.0586 3284 AFD - ok

18:01:55.0664 3284 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys

18:01:55.0711 3284 agp440 - ok

18:01:55.0820 3284 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys

18:01:55.0883 3284 aic78xx - ok

18:01:56.0023 3284 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys

18:01:56.0070 3284 aliide - ok

18:01:56.0117 3284 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys

18:01:56.0163 3284 amdagp - ok

18:01:56.0210 3284 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys

18:01:56.0241 3284 amdide - ok

18:01:56.0304 3284 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys

18:01:56.0429 3284 AmdK8 - ok

18:01:56.0507 3284 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys

18:01:56.0600 3284 AmdPPM - ok

18:01:56.0756 3284 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys

18:01:56.0803 3284 amdsata - ok

18:01:56.0897 3284 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys

18:01:56.0959 3284 amdsbs - ok

18:01:57.0053 3284 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys

18:01:57.0084 3284 amdxata - ok

18:01:57.0209 3284 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys

18:01:57.0333 3284 AppID - ok

18:01:57.0521 3284 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys

18:01:57.0567 3284 arc - ok

18:01:57.0614 3284 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys

18:01:57.0645 3284 arcsas - ok

18:01:57.0801 3284 AsUpIO (e67493490466b5f04b58c22d2590e8ca) C:\windows\system32\drivers\AsUpIO.sys

18:01:58.0925 3284 AsUpIO - ok

18:01:59.0377 3284 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys

18:01:59.0564 3284 AsyncMac - ok

18:02:00.0017 3284 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys

18:02:00.0110 3284 atapi - ok

18:02:00.0375 3284 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys

18:02:00.0547 3284 athr - ok

18:02:00.0984 3284 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys

18:02:01.0062 3284 AVGIDSDriver - ok

18:02:01.0358 3284 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\windows\system32\DRIVERS\AVGIDSEH.Sys

18:02:01.0389 3284 AVGIDSEH - ok

18:02:01.0967 3284 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys

18:02:02.0013 3284 AVGIDSFilter - ok

18:02:02.0606 3284 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\windows\system32\DRIVERS\AVGIDSShim.Sys

18:02:02.0653 3284 AVGIDSShim - ok

18:02:03.0074 3284 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\windows\system32\DRIVERS\avgldx86.sys

18:02:03.0121 3284 Avgldx86 - ok

18:02:03.0698 3284 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\windows\system32\DRIVERS\avgmfx86.sys

18:02:03.0729 3284 Avgmfx86 - ok

18:02:03.0839 3284 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\windows\system32\DRIVERS\avgrkx86.sys

18:02:03.0870 3284 Avgrkx86 - ok

18:02:04.0026 3284 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\windows\system32\DRIVERS\avgtdix.sys

18:02:04.0088 3284 Avgtdix - ok

18:02:04.0400 3284 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys

18:02:04.0541 3284 b06bdrv - ok

18:02:04.0821 3284 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys

18:02:04.0915 3284 b57nd60x - ok

18:02:05.0227 3284 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys

18:02:05.0321 3284 Beep - ok

18:02:06.0038 3284 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys

18:02:06.0101 3284 blbdrive - ok

18:02:06.0584 3284 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys

18:02:06.0662 3284 bowser - ok

18:02:07.0177 3284 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys

18:02:07.0255 3284 BrFiltLo - ok

18:02:07.0661 3284 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys

18:02:07.0739 3284 BrFiltUp - ok

18:02:07.0942 3284 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys

18:02:08.0113 3284 Brserid - ok

18:02:08.0238 3284 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys

18:02:08.0316 3284 BrSerWdm - ok

18:02:08.0441 3284 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys

18:02:08.0519 3284 BrUsbMdm - ok

18:02:08.0862 3284 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys

18:02:08.0940 3284 BrUsbSer - ok

18:02:09.0158 3284 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys

18:02:09.0252 3284 BthEnum - ok

18:02:09.0377 3284 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys

18:02:09.0439 3284 BTHMODEM - ok

18:02:09.0533 3284 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys

18:02:09.0626 3284 BthPan - ok

18:02:09.0782 3284 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys

18:02:09.0860 3284 BTHPORT - ok

18:02:10.0001 3284 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys

18:02:10.0079 3284 BTHUSB - ok

18:02:10.0157 3284 btwaudio - ok

18:02:10.0219 3284 btwavdt - ok

18:02:10.0250 3284 btwl2cap - ok

18:02:10.0313 3284 btwrchid - ok

18:02:10.0406 3284 catchme - ok

18:02:10.0516 3284 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys

18:02:10.0625 3284 cdfs - ok

18:02:10.0703 3284 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys

18:02:10.0781 3284 cdrom - ok

18:02:10.0859 3284 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys

18:02:10.0921 3284 circlass - ok

18:02:10.0984 3284 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys

18:02:11.0030 3284 CLFS - ok

18:02:11.0124 3284 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys

18:02:11.0186 3284 CmBatt - ok

18:02:11.0233 3284 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys

18:02:11.0264 3284 cmdide - ok

18:02:11.0405 3284 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys

18:02:11.0530 3284 CNG - ok

18:02:11.0639 3284 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys

18:02:11.0686 3284 Compbatt - ok

18:02:11.0764 3284 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys

18:02:11.0842 3284 CompositeBus - ok

18:02:11.0935 3284 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys

18:02:11.0982 3284 crcdisk - ok

18:02:12.0076 3284 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys

18:02:12.0185 3284 DfsC - ok

18:02:12.0294 3284 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys

18:02:12.0403 3284 discache - ok

18:02:12.0497 3284 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys

18:02:12.0544 3284 Disk - ok

18:02:12.0653 3284 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys

18:02:12.0715 3284 drmkaud - ok

18:02:12.0793 3284 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys

18:02:12.0887 3284 DXGKrnl - ok

18:02:13.0058 3284 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys

18:02:13.0261 3284 ebdrv - ok

18:02:13.0417 3284 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys

18:02:13.0495 3284 elxstor - ok

18:02:13.0604 3284 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys

18:02:13.0667 3284 ErrDev - ok

18:02:13.0792 3284 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys

18:02:13.0901 3284 exfat - ok

18:02:13.0963 3284 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys

18:02:14.0057 3284 fastfat - ok

18:02:14.0182 3284 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys

18:02:14.0275 3284 fdc - ok

18:02:14.0353 3284 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys

18:02:14.0400 3284 FileInfo - ok

18:02:14.0478 3284 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys

18:02:14.0587 3284 Filetrace - ok

18:02:14.0665 3284 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys

18:02:14.0728 3284 flpydisk - ok

18:02:14.0852 3284 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys

18:02:14.0915 3284 FltMgr - ok

18:02:14.0993 3284 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys

18:02:15.0055 3284 FsDepends - ok

18:02:15.0227 3284 fssfltr (574cea4d3510ec905c0163c42d305ba5) C:\windows\system32\DRIVERS\fssfltr.sys

18:02:15.0258 3284 fssfltr - ok

18:02:15.0320 3284 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys

18:02:15.0352 3284 Fs_Rec - ok

18:02:15.0430 3284 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys

18:02:15.0476 3284 fvevol - ok

18:02:15.0586 3284 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys

18:02:15.0617 3284 gagp30kx - ok

18:02:15.0695 3284 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

18:02:15.0726 3284 GEARAspiWDM - ok

18:02:15.0788 3284 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys

18:02:15.0882 3284 hcw85cir - ok

18:02:15.0991 3284 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys

18:02:16.0069 3284 HdAudAddService - ok

18:02:16.0210 3284 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys

18:02:16.0288 3284 HDAudBus - ok

18:02:16.0350 3284 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys

18:02:16.0412 3284 HidBatt - ok

18:02:16.0475 3284 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys

18:02:16.0553 3284 HidBth - ok

18:02:16.0662 3284 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys

18:02:16.0740 3284 HidIr - ok

18:02:16.0834 3284 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys

18:02:16.0912 3284 HidUsb - ok

18:02:17.0005 3284 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys

18:02:17.0052 3284 HpSAMD - ok

18:02:17.0130 3284 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys

18:02:17.0255 3284 HTTP - ok

18:02:17.0364 3284 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys

18:02:17.0411 3284 hwpolicy - ok

18:02:17.0473 3284 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys

18:02:17.0551 3284 i8042prt - ok

18:02:17.0754 3284 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys

18:02:17.0801 3284 iaStor - ok

18:02:17.0957 3284 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys

18:02:18.0004 3284 iaStorV - ok

18:02:18.0238 3284 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\windows\system32\DRIVERS\igdkmd32.sys

18:02:18.0534 3284 igfx - ok

18:02:18.0643 3284 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys

18:02:18.0690 3284 iirsp - ok

18:02:18.0877 3284 IntcAzAudAddService (db96b8bd676bb24bd4f1dc53ca1f182c) C:\windows\system32\drivers\RTKVHDA.sys

18:02:19.0096 3284 IntcAzAudAddService - ok

18:02:19.0174 3284 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys

18:02:19.0220 3284 intelide - ok

18:02:19.0283 3284 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys

18:02:19.0345 3284 intelppm - ok

18:02:19.0501 3284 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys

18:02:19.0579 3284 IPMIDRV - ok

18:02:19.0673 3284 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys

18:02:19.0798 3284 IPNAT - ok

18:02:19.0938 3284 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys

18:02:20.0094 3284 IRENUM - ok

18:02:20.0156 3284 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys

18:02:20.0203 3284 isapnp - ok

18:02:20.0250 3284 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys

18:02:20.0297 3284 iScsiPrt - ok

18:02:20.0359 3284 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys

18:02:20.0390 3284 kbdclass - ok

18:02:20.0453 3284 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys

18:02:20.0515 3284 kbdhid - ok

18:02:20.0640 3284 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys

18:02:20.0671 3284 kbfiltr - ok

18:02:20.0734 3284 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys

18:02:20.0780 3284 KSecDD - ok

18:02:20.0843 3284 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys

18:02:20.0890 3284 KSecPkg - ok

18:02:20.0983 3284 L1C (3705b2273e8efc9a707864ab7324b614) C:\windows\system32\DRIVERS\L1C62x86.sys

18:02:21.0061 3284 L1C - ok

18:02:21.0186 3284 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys

18:02:21.0280 3284 lltdio - ok

18:02:21.0467 3284 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys

18:02:21.0498 3284 LSI_FC - ok

18:02:21.0545 3284 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys

18:02:21.0592 3284 LSI_SAS - ok

18:02:21.0654 3284 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys

18:02:21.0701 3284 LSI_SAS2 - ok

18:02:21.0763 3284 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys

18:02:21.0810 3284 LSI_SCSI - ok

18:02:21.0872 3284 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys

18:02:21.0982 3284 luafv - ok

18:02:22.0060 3284 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys

18:02:22.0122 3284 megasas - ok

18:02:22.0169 3284 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys

18:02:22.0231 3284 MegaSR - ok

18:02:22.0372 3284 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys

18:02:22.0496 3284 Modem - ok

18:02:22.0574 3284 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys

18:02:22.0652 3284 monitor - ok

18:02:22.0777 3284 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys

18:02:22.0824 3284 mouclass - ok

18:02:22.0902 3284 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys

18:02:22.0964 3284 mouhid - ok

18:02:23.0027 3284 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys

18:02:23.0074 3284 mountmgr - ok

18:02:23.0152 3284 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys

18:02:23.0198 3284 mpio - ok

18:02:23.0276 3284 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys

18:02:23.0510 3284 mpsdrv - ok

18:02:23.0620 3284 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys

18:02:23.0698 3284 MRxDAV - ok

18:02:23.0807 3284 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys

18:02:23.0916 3284 mrxsmb - ok

18:02:24.0041 3284 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\windows\system32\DRIVERS\mrxsmb10.sys

18:02:24.0134 3284 mrxsmb10 - ok

18:02:24.0197 3284 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys

18:02:24.0244 3284 mrxsmb20 - ok

18:02:24.0337 3284 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys

18:02:24.0384 3284 msahci - ok

18:02:24.0446 3284 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys

18:02:24.0571 3284 msdsm - ok

18:02:24.0680 3284 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys

18:02:24.0790 3284 Msfs - ok

18:02:24.0852 3284 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys

18:02:24.0961 3284 mshidkmdf - ok

18:02:25.0024 3284 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys

18:02:25.0055 3284 msisadrv - ok

18:02:25.0180 3284 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys

18:02:25.0273 3284 MSKSSRV - ok

18:02:25.0336 3284 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys

18:02:25.0445 3284 MSPCLOCK - ok

18:02:25.0492 3284 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys

18:02:25.0585 3284 MSPQM - ok

18:02:25.0648 3284 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys

18:02:25.0710 3284 MsRPC - ok

18:02:25.0772 3284 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys

18:02:25.0819 3284 mssmbios - ok

18:02:25.0882 3284 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys

18:02:25.0991 3284 MSTEE - ok

18:02:26.0053 3284 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys

18:02:26.0116 3284 MTConfig - ok

18:02:26.0178 3284 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys

18:02:26.0225 3284 Mup - ok

18:02:26.0350 3284 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys

18:02:26.0428 3284 NativeWifiP - ok

18:02:26.0537 3284 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys

18:02:26.0615 3284 NDIS - ok

18:02:26.0677 3284 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys

18:02:26.0786 3284 NdisCap - ok

18:02:26.0864 3284 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys

18:02:26.0974 3284 NdisTapi - ok

18:02:27.0114 3284 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys

18:02:27.0223 3284 Ndisuio - ok

18:02:27.0301 3284 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys

18:02:27.0395 3284 NdisWan - ok

18:02:27.0504 3284 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys

18:02:27.0598 3284 NDProxy - ok

18:02:27.0660 3284 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys

18:02:27.0769 3284 NetBIOS - ok

18:02:27.0847 3284 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys

18:02:27.0941 3284 NetBT - ok

18:02:28.0128 3284 netr28 (596e25b4631df2be98fd2bade8bcc625) C:\windows\system32\DRIVERS\netr28.sys

18:02:28.0268 3284 netr28 - ok

18:02:28.0424 3284 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys

18:02:28.0456 3284 nfrd960 - ok

18:02:28.0534 3284 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys

18:02:28.0643 3284 Npfs - ok

18:02:28.0705 3284 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys

18:02:28.0799 3284 nsiproxy - ok

18:02:28.0955 3284 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys

18:02:29.0095 3284 Ntfs - ok

18:02:29.0173 3284 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys

18:02:29.0298 3284 Null - ok

18:02:29.0392 3284 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys

18:02:29.0438 3284 nvraid - ok

18:02:29.0485 3284 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys

18:02:29.0532 3284 nvstor - ok

18:02:29.0610 3284 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys

18:02:29.0657 3284 nv_agp - ok

18:02:29.0782 3284 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys

18:02:29.0844 3284 ohci1394 - ok

18:02:29.0969 3284 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys

18:02:30.0047 3284 Parport - ok

18:02:30.0203 3284 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys

18:02:30.0250 3284 partmgr - ok

18:02:30.0328 3284 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys

18:02:30.0390 3284 Parvdm - ok

18:02:30.0468 3284 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys

18:02:30.0515 3284 pci - ok

18:02:30.0577 3284 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys

18:02:30.0624 3284 pciide - ok

18:02:30.0671 3284 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys

18:02:30.0718 3284 pcmcia - ok

18:02:30.0764 3284 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys

18:02:30.0811 3284 pcw - ok

18:02:30.0874 3284 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys

18:02:30.0998 3284 PEAUTH - ok

18:02:31.0201 3284 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys

18:02:31.0310 3284 PptpMiniport - ok

18:02:31.0357 3284 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys

18:02:31.0420 3284 Processor - ok

18:02:31.0560 3284 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys

18:02:31.0669 3284 Psched - ok

18:02:31.0841 3284 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys

18:02:31.0981 3284 ql2300 - ok

18:02:32.0075 3284 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys

18:02:32.0106 3284 ql40xx - ok

18:02:32.0153 3284 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys

18:02:32.0231 3284 QWAVEdrv - ok

18:02:32.0278 3284 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys

18:02:32.0387 3284 RasAcd - ok

18:02:32.0480 3284 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys

18:02:32.0605 3284 RasAgileVpn - ok

18:02:32.0683 3284 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys

18:02:32.0777 3284 Rasl2tp - ok

18:02:32.0902 3284 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys

18:02:33.0011 3284 RasPppoe - ok

18:02:33.0058 3284 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys

18:02:33.0151 3284 RasSstp - ok

18:02:33.0229 3284 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys

18:02:33.0370 3284 rdbss - ok

18:02:33.0541 3284 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys

18:02:33.0604 3284 rdpbus - ok

18:02:33.0760 3284 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys

18:02:33.0884 3284 RDPCDD - ok

18:02:34.0025 3284 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys

18:02:34.0134 3284 RDPENCDD - ok

18:02:34.0212 3284 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys

18:02:34.0306 3284 RDPREFMP - ok

18:02:34.0384 3284 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys

18:02:34.0493 3284 RDPWD - ok

18:02:34.0618 3284 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys

18:02:34.0696 3284 rdyboost - ok

18:02:34.0820 3284 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys

18:02:34.0898 3284 RFCOMM - ok

18:02:35.0054 3284 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys

18:02:35.0164 3284 rspndr - ok

18:02:35.0242 3284 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys

18:02:35.0288 3284 sbp2port - ok

18:02:35.0460 3284 SCDEmu (612a3d69e603dbbe5c3c1079186a0393) C:\windows\system32\drivers\SCDEmu.sys

18:02:35.0491 3284 SCDEmu ( UnsignedFile.Multi.Generic ) - warning

18:02:35.0491 3284 SCDEmu - detected UnsignedFile.Multi.Generic (1)

18:02:35.0569 3284 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys

18:02:35.0710 3284 scfilter - ok

18:02:35.0834 3284 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys

18:02:35.0975 3284 secdrv - ok

18:02:36.0162 3284 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys

18:02:36.0256 3284 Serenum - ok

18:02:36.0380 3284 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys

18:02:36.0458 3284 Serial - ok

18:02:36.0505 3284 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys

18:02:36.0599 3284 sermouse - ok

18:02:36.0692 3284 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys

18:02:36.0755 3284 sffdisk - ok

18:02:36.0817 3284 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys

18:02:36.0911 3284 sffp_mmc - ok

18:02:37.0004 3284 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys

18:02:37.0082 3284 sffp_sd - ok

18:02:37.0145 3284 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys

18:02:37.0223 3284 sfloppy - ok

18:02:37.0332 3284 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys

18:02:37.0379 3284 sisagp - ok

18:02:37.0426 3284 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys

18:02:37.0472 3284 SiSRaid2 - ok

18:02:37.0519 3284 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys

18:02:37.0582 3284 SiSRaid4 - ok

18:02:37.0675 3284 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys

18:02:37.0800 3284 Smb - ok

18:02:38.0003 3284 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys

18:02:38.0050 3284 spldr - ok

18:02:38.0174 3284 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys

18:02:38.0252 3284 srv - ok

18:02:38.0299 3284 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys

18:02:38.0408 3284 srv2 - ok

18:02:38.0471 3284 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys

18:02:38.0533 3284 srvnet - ok

18:02:38.0674 3284 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys

18:02:38.0720 3284 stexstor - ok

18:02:38.0830 3284 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys

18:02:38.0861 3284 swenum - ok

18:02:38.0970 3284 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys

18:02:39.0032 3284 SynTP - ok

18:02:39.0157 3284 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\drivers\tcpip.sys

18:02:39.0298 3284 Tcpip - ok

18:02:39.0454 3284 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\windows\system32\DRIVERS\tcpip.sys

18:02:39.0578 3284 TCPIP6 - ok

18:02:39.0766 3284 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys

18:02:39.0875 3284 tcpipreg - ok

18:02:39.0984 3284 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys

18:02:40.0109 3284 TDPIPE - ok

18:02:40.0156 3284 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys

18:02:40.0249 3284 TDTCP - ok

18:02:40.0358 3284 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys

18:02:40.0468 3284 tdx - ok

18:02:40.0514 3284 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys

18:02:40.0577 3284 TermDD - ok

18:02:40.0717 3284 tmactmon (722480eab3708d3a28c90593bfb86a74) C:\windows\system32\DRIVERS\tmactmon.sys

18:02:40.0764 3284 tmactmon - ok

18:02:40.0842 3284 tmcomm (7763cc9a04fa3ce9dd70987ccbbc707e) C:\windows\system32\DRIVERS\tmcomm.sys

18:02:40.0920 3284 tmcomm - ok

18:02:41.0045 3284 tmevtmgr (000ac70deae3c38b2bc259bf796aad4d) C:\windows\system32\DRIVERS\tmevtmgr.sys

18:02:41.0092 3284 tmevtmgr - ok

18:02:41.0154 3284 tmtdi (d7e61f0274f8cb75251b08d52b03ef98) C:\windows\system32\DRIVERS\tmtdi.sys

18:02:41.0185 3284 tmtdi - ok

18:02:41.0279 3284 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys

18:02:41.0388 3284 tssecsrv - ok

18:02:41.0528 3284 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys

18:02:41.0653 3284 tunnel - ok

18:02:41.0747 3284 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys

18:02:41.0794 3284 uagp35 - ok

18:02:41.0856 3284 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys

18:02:41.0965 3284 udfs - ok

18:02:42.0090 3284 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys

18:02:42.0137 3284 uliagpkx - ok

18:02:42.0230 3284 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys

18:02:42.0293 3284 umbus - ok

18:02:42.0340 3284 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys

18:02:42.0402 3284 UmPass - ok

18:02:42.0542 3284 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys

18:02:42.0605 3284 USBAAPL - ok

18:02:42.0667 3284 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\windows\system32\DRIVERS\usbccgp.sys

18:02:42.0730 3284 usbccgp - ok

18:02:42.0808 3284 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys

18:02:42.0870 3284 usbcir - ok

18:02:42.0917 3284 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\windows\system32\drivers\usbehci.sys

18:02:42.0979 3284 usbehci - ok

18:02:43.0057 3284 usbhub (bdcd7156ec37448f08633fd899823620) C:\windows\system32\DRIVERS\usbhub.sys

18:02:43.0166 3284 usbhub - ok

18:02:43.0276 3284 usbohci (eb2d819a639015253c871cda09d91d58) C:\windows\system32\drivers\usbohci.sys

18:02:43.0338 3284 usbohci - ok

18:02:43.0447 3284 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys

18:02:43.0541 3284 usbprint - ok

18:02:43.0666 3284 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys

18:02:43.0744 3284 usbscan - ok

18:02:43.0806 3284 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\DRIVERS\USBSTOR.SYS

18:02:43.0900 3284 USBSTOR - ok

18:02:44.0009 3284 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\windows\system32\drivers\usbuhci.sys

18:02:44.0102 3284 usbuhci - ok

18:02:44.0196 3284 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys

18:02:44.0305 3284 usbvideo - ok

18:02:44.0446 3284 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys

18:02:44.0492 3284 vdrvroot - ok

18:02:44.0570 3284 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys

18:02:44.0633 3284 vga - ok

18:02:44.0695 3284 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys

18:02:44.0789 3284 VgaSave - ok

18:02:44.0836 3284 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys

18:02:44.0882 3284 vhdmp - ok

18:02:44.0945 3284 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys

18:02:44.0992 3284 viaagp - ok

18:02:45.0116 3284 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys

18:02:45.0194 3284 ViaC7 - ok

18:02:45.0304 3284 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys

18:02:45.0350 3284 viaide - ok

18:02:45.0413 3284 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys

18:02:45.0460 3284 volmgr - ok

18:02:45.0553 3284 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys

18:02:45.0616 3284 volmgrx - ok

18:02:45.0678 3284 volsnap (7c28b63e4c9e5c3be7ffe53789593619) C:\windows\system32\DRIVERS\volsnap.sys

18:02:45.0694 3284 Suspicious file (Forged): C:\windows\system32\DRIVERS\volsnap.sys. Real md5: 7c28b63e4c9e5c3be7ffe53789593619, Fake md5: 58df9d2481a56edde167e51b334d44fd

18:02:45.0694 3284 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - infected

18:02:45.0694 3284 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)

18:02:45.0787 3284 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys

18:02:45.0850 3284 vsmraid - ok

18:02:45.0896 3284 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys

18:02:45.0974 3284 vwifibus - ok

18:02:46.0099 3284 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys

18:02:46.0177 3284 vwififlt - ok

18:02:46.0271 3284 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys

18:02:46.0349 3284 vwifimp - ok

18:02:46.0489 3284 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys

18:02:46.0552 3284 WacomPen - ok

18:02:46.0598 3284 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys

18:02:46.0708 3284 WANARP - ok

18:02:46.0723 3284 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys

18:02:46.0817 3284 Wanarpv6 - ok

18:02:47.0020 3284 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys

18:02:47.0066 3284 Wd - ok

18:02:47.0207 3284 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys

18:02:47.0285 3284 Wdf01000 - ok

18:02:47.0456 3284 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys

18:02:47.0566 3284 WfpLwf - ok

18:02:47.0628 3284 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys

18:02:47.0659 3284 WIMMount - ok

18:02:47.0846 3284 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys

18:02:47.0909 3284 WinUsb - ok

18:02:47.0987 3284 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys

18:02:48.0049 3284 WmiAcpi - ok

18:02:48.0205 3284 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys

18:02:48.0330 3284 ws2ifsl - ok

18:02:48.0439 3284 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys

18:02:48.0548 3284 WudfPf - ok

18:02:48.0704 3284 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys

18:02:48.0829 3284 WUDFRd - ok

18:02:48.0923 3284 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

18:02:49.0094 3284 \Device\Harddisk0\DR0 - ok

18:02:49.0110 3284 Boot (0x1200) (16d6744203f569de9b9819538ec1a60f) \Device\Harddisk0\DR0\Partition0

18:02:49.0126 3284 \Device\Harddisk0\DR0\Partition0 - ok

18:02:49.0172 3284 Boot (0x1200) (25ee7379de003d6d260f69d52f33a047) \Device\Harddisk0\DR0\Partition1

18:02:49.0172 3284 \Device\Harddisk0\DR0\Partition1 - ok

18:02:49.0172 3284 ============================================================

18:02:49.0172 3284 Scan finished

18:02:49.0172 3284 ============================================================

18:02:49.0235 0944 Detected object count: 2

18:02:49.0235 0944 Actual detected object count: 2

18:03:07.0424 0944 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user

18:03:07.0424 0944 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:03:09.0421 0944 Backup copy found, using it..

18:03:09.0484 0944 C:\windows\system32\DRIVERS\volsnap.sys - will be cured on reboot

18:03:09.0484 0944 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure

18:03:13.0134 1508 Deinitialize success

Link to post
Share on other sites

Step 1

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

  1. Please run a free online scan with the ESET Online Scanner
    Note: You will need to use Internet Explorer for this scan
  2. Tick the box next to YES, I accept the Terms of Use
  3. Click Start
  4. When asked, allow the ActiveX control to install
  5. Click Start
  6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  7. Click Scan (This scan can take several hours, so please be patient)
  8. Once the scan is completed, you may close the window
  9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  10. Copy and paste that log as a reply to this topic

In your next reply, please post the following log files:

  • Malwarebytes' Anti-Malware log
  • ESET Online Scanner log

Link to post
Share on other sites

No threats found in either scan.

Malwarebytes log:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8293

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

3/12/2011 2:30:05 PM

mbam-log-2011-12-03 (14-30-05).txt

Scan type: Quick scan

Objects scanned: 169163

Time elapsed: 8 minute(s), 42 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

ESET Log: I looked in the folder that you mentioned, but there didn't seem to be a relevant log file... The log file that was there only had 2 lines in it.

Link to post
Share on other sites

It is okay.

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post to your next post.

Link to post
Share on other sites

Google redirect seems to be gone...

I have not had any IE pop-ups recently...

There's also been no bluescreen crashes since cleaning the machine...

One thing I have noticed though is that the machine still seems to be a little slow, although that could just be the model of computer.

Link to post
Share on other sites

I have good news for you => Your system is clean now! :)

Here are some tips to prevent future malware problems:

You need to ensure that you have the latest version of Java. Before you download and install the latest versions is important to uninstall them, so for this purpose: Click Start => Control Panel => Add or Remove Programs highlight them and click on Remove button. Next, click on each of the programs to download it:

Slowly and carefully install applications and then restart your computer.

Let the cleaning tools we use. First get rid of ComboFix:

Go to Start => Run... and copy & paste next command in the field:

ComboFix /uninstall

Then hit Enter button.

This procedure will do the following:

  • Uninstall ComboFix
  • Delete its related folders and files
  • Reset your clock settings then update it and perform a full system scan.
  • Hide file extensions
  • Hide the system/hidden files
  • Resets System Restore again

Note: Make sure there's a space between ComboFix and /uninstall

At this stage, you don't need the online scanner, so:

To remove the ESET Online Scanner components from your computer, start the Add or Remove Programs applet from Control Panel, select the ESET Online Scanner entry and click Remove. A restart may be required to complete uninstallation.

Please manually delete TDSSKiller, Kaspersky AVP Tool and DDS.

Some quick tips:

  1. Firewall - Your Windows OS has a built-in firewall, but it is weak and in no way good for the current requirements for optimal security, so I recommend you choose a suitable firewall on my advice below. A firewall will protect you from attacks coming from the global network. Without a firewall your computer is susceptible to being hacked and taken over. Here some good free firewall solutions:

[*]Alternative browser - Due to the large market share of Internet Explorer, it is a top target of the writers of malware, so we recommend using an alternative browser. There are many better alternatives to Internet Explorer regarding security, features and speed such as:

[*]Program updates - Updating the software is really important for the productivity, but also for their security. Here is an application that will help in checking the new versions and updates for your programs. It is called FileHippo Update Checker and you can download it from here.

[*]Clear old system restore points - Once your system is infected as a result there will be infected restore points that need to be cleaned.

  1. Open Start => All Programs => Accessories => System tools => Disk Cleanup.
  2. In the Drop down box that appears select your main drive e.g. C:\
  3. Click OK.
  4. The System will do some calculation and display a dialogue box with TABS.
  5. Select the More Options tab.
  6. At the bottom will be a system restore box with a CLEANUP button. Click on it.
  7. Accept the Warning and select OK again, the program will close and you are done.

[*]Create a new system restore point - Now that everything is fine, it is necessary to create a new restore point to restore your system to an earlier stage in case you get a problem. Do the following:

  1. Click Start, point to All Programs, point to Accessories, point to System Tools, and then click System Restore.
  2. In the System Restore dialog box, click Create a restore point, and then click Next.
  3. Type a description for your restore point, such as "After Cleanup", then click Create.

Safe surfing! ;)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.