Kozanekozasearchsystem.com Browser Re-direct

[apestoso]

Ive got a browser re-direct that pops up called Kozanekozasearchsystem.com. Cant seem to get rid of it and Malwarebytes and TDSkiller dont detect it. I have attached the DDS.txt file and the Attach.txt file.

DDS.txt

Attach.txt

[Maniac]

Hello apestoso! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/paste in your next reply.
  

I want to check this out. Please manually delete your copy of TDSSKiller and follow the instructions:

Download the latest version of TDSSKiller from here and save it to your Desktop.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   
7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[apestoso]

Deleted and re-downloaded the latest TDSKkiller again. It did not find anything, so the log is below.

18:10:02.0353 1444 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

18:10:02.0548 1444 ============================================================

18:10:02.0548 1444 Current date / time: 2011/12/05 18:10:02.0548

18:10:02.0548 1444 SystemInfo:

18:10:02.0548 1444

18:10:02.0548 1444 OS Version: 6.1.7601 ServicePack: 1.0

18:10:02.0548 1444 Product type: Workstation

18:10:02.0548 1444 ComputerName: ERICPC

18:10:02.0548 1444 UserName: Eric

18:10:02.0548 1444 Windows directory: C:\Windows

18:10:02.0548 1444 System windows directory: C:\Windows

18:10:02.0548 1444 Running under WOW64

18:10:02.0548 1444 Processor architecture: Intel x64

18:10:02.0548 1444 Number of processors: 8

18:10:02.0548 1444 Page size: 0x1000

18:10:02.0548 1444 Boot type: Normal boot

18:10:02.0548 1444 ============================================================

18:10:03.0259 1444 Initialize success

18:10:15.0986 1108 ============================================================

18:10:15.0986 1108 Scan started

18:10:15.0986 1108 Mode: Manual; SigCheck; TDLFS;

18:10:15.0986 1108 ============================================================

18:10:17.0189 1108 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

18:10:17.0220 1108 1394ohci - ok

18:10:17.0243 1108 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

18:10:17.0251 1108 ACPI - ok

18:10:17.0282 1108 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

18:10:17.0306 1108 AcpiPmi - ok

18:10:17.0329 1108 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

18:10:17.0345 1108 adp94xx - ok

18:10:17.0361 1108 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

18:10:17.0368 1108 adpahci - ok

18:10:17.0376 1108 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

18:10:17.0392 1108 adpu320 - ok

18:10:17.0439 1108 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

18:10:17.0454 1108 AFD - ok

18:10:17.0478 1108 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

18:10:17.0486 1108 agp440 - ok

18:10:17.0509 1108 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

18:10:17.0517 1108 aliide - ok

18:10:17.0540 1108 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

18:10:17.0548 1108 amdide - ok

18:10:17.0556 1108 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

18:10:17.0572 1108 AmdK8 - ok

18:10:17.0720 1108 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys

18:10:17.0876 1108 amdkmdag - ok

18:10:17.0900 1108 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys

18:10:17.0915 1108 amdkmdap - ok

18:10:17.0923 1108 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

18:10:17.0931 1108 AmdPPM - ok

18:10:17.0954 1108 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

18:10:17.0962 1108 amdsata - ok

18:10:17.0978 1108 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

18:10:17.0986 1108 amdsbs - ok

18:10:18.0001 1108 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

18:10:18.0009 1108 amdxata - ok

18:10:18.0032 1108 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

18:10:18.0072 1108 AppID - ok

18:10:18.0087 1108 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

18:10:18.0095 1108 arc - ok

18:10:18.0103 1108 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

18:10:18.0111 1108 arcsas - ok

18:10:18.0126 1108 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

18:10:18.0157 1108 AsyncMac - ok

18:10:18.0173 1108 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

18:10:18.0181 1108 atapi - ok

18:10:18.0204 1108 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys

18:10:18.0212 1108 AtiHdmiService - ok

18:10:18.0329 1108 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys

18:10:18.0407 1108 atikmdag - ok

18:10:18.0431 1108 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

18:10:18.0454 1108 b06bdrv - ok

18:10:18.0462 1108 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

18:10:18.0478 1108 b57nd60a - ok

18:10:18.0486 1108 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

18:10:18.0509 1108 Beep - ok

18:10:18.0548 1108 BIOS (00cadb1bc2d0030f0b2a1063618b6bd7) C:\Windows\system32\drivers\BIOS64.sys

18:10:18.0548 1108 BIOS - ok

18:10:18.0556 1108 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

18:10:18.0564 1108 blbdrive - ok

18:10:18.0587 1108 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

18:10:18.0603 1108 bowser - ok

18:10:18.0611 1108 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:10:18.0626 1108 BrFiltLo - ok

18:10:18.0642 1108 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:10:18.0650 1108 BrFiltUp - ok

18:10:18.0673 1108 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

18:10:18.0681 1108 Brserid - ok

18:10:18.0697 1108 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

18:10:18.0704 1108 BrSerWdm - ok

18:10:18.0720 1108 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

18:10:18.0728 1108 BrUsbMdm - ok

18:10:18.0743 1108 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

18:10:18.0751 1108 BrUsbSer - ok

18:10:18.0767 1108 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

18:10:18.0775 1108 BTHMODEM - ok

18:10:18.0790 1108 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

18:10:18.0814 1108 cdfs - ok

18:10:18.0837 1108 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

18:10:18.0845 1108 cdrom - ok

18:10:18.0853 1108 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

18:10:18.0861 1108 circlass - ok

18:10:18.0884 1108 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

18:10:18.0900 1108 CLFS - ok

18:10:18.0923 1108 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

18:10:18.0931 1108 CmBatt - ok

18:10:18.0954 1108 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

18:10:18.0962 1108 cmdide - ok

18:10:18.0986 1108 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

18:10:19.0001 1108 CNG - ok

18:10:19.0009 1108 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

18:10:19.0009 1108 Compbatt - ok

18:10:19.0040 1108 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

18:10:19.0048 1108 CompositeBus - ok

18:10:19.0064 1108 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

18:10:19.0072 1108 crcdisk - ok

18:10:19.0103 1108 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

18:10:19.0126 1108 CSC - ok

18:10:19.0157 1108 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

18:10:19.0181 1108 DfsC - ok

18:10:19.0189 1108 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

18:10:19.0212 1108 discache - ok

18:10:19.0220 1108 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

18:10:19.0228 1108 Disk - ok

18:10:19.0251 1108 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

18:10:19.0259 1108 drmkaud - ok

18:10:19.0290 1108 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

18:10:19.0314 1108 DXGKrnl - ok

18:10:19.0361 1108 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

18:10:19.0415 1108 ebdrv - ok

18:10:19.0439 1108 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

18:10:19.0454 1108 elxstor - ok

18:10:19.0478 1108 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

18:10:19.0486 1108 ErrDev - ok

18:10:19.0501 1108 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

18:10:19.0532 1108 exfat - ok

18:10:19.0540 1108 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

18:10:19.0564 1108 fastfat - ok

18:10:19.0579 1108 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

18:10:19.0587 1108 fdc - ok

18:10:19.0595 1108 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

18:10:19.0595 1108 FileInfo - ok

18:10:19.0611 1108 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

18:10:19.0634 1108 Filetrace - ok

18:10:19.0634 1108 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

18:10:19.0642 1108 flpydisk - ok

18:10:19.0673 1108 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

18:10:19.0681 1108 FltMgr - ok

18:10:19.0697 1108 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

18:10:19.0704 1108 FsDepends - ok

18:10:19.0712 1108 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

18:10:19.0720 1108 Fs_Rec - ok

18:10:19.0743 1108 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

18:10:19.0751 1108 fvevol - ok

18:10:19.0767 1108 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

18:10:19.0767 1108 gagp30kx - ok

18:10:19.0782 1108 GMSIPCI - ok

18:10:19.0790 1108 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

18:10:19.0798 1108 hcw85cir - ok

18:10:19.0837 1108 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

18:10:19.0845 1108 HdAudAddService - ok

18:10:19.0868 1108 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

18:10:19.0876 1108 HDAudBus - ok

18:10:19.0884 1108 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

18:10:19.0892 1108 HidBatt - ok

18:10:19.0900 1108 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

18:10:19.0915 1108 HidBth - ok

18:10:19.0915 1108 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

18:10:19.0931 1108 HidIr - ok

18:10:19.0954 1108 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

18:10:19.0962 1108 HidUsb - ok

18:10:19.0978 1108 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

18:10:19.0986 1108 HpSAMD - ok

18:10:20.0017 1108 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

18:10:20.0087 1108 HTTP - ok

18:10:20.0118 1108 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

18:10:20.0126 1108 hwpolicy - ok

18:10:20.0134 1108 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

18:10:20.0142 1108 i8042prt - ok

18:10:20.0157 1108 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

18:10:20.0165 1108 iaStorV - ok

18:10:20.0181 1108 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

18:10:20.0189 1108 iirsp - ok

18:10:20.0228 1108 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys

18:10:20.0267 1108 IntcAzAudAddService - ok

18:10:20.0290 1108 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

18:10:20.0298 1108 intelide - ok

18:10:20.0314 1108 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

18:10:20.0376 1108 intelppm - ok

18:10:20.0392 1108 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:10:20.0415 1108 IpFilterDriver - ok

18:10:20.0447 1108 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

18:10:20.0454 1108 IPMIDRV - ok

18:10:20.0470 1108 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

18:10:20.0493 1108 IPNAT - ok

18:10:20.0501 1108 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

18:10:20.0517 1108 IRENUM - ok

18:10:20.0525 1108 is3srv - ok

18:10:20.0540 1108 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

18:10:20.0548 1108 isapnp - ok

18:10:20.0572 1108 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

18:10:20.0579 1108 iScsiPrt - ok

18:10:20.0595 1108 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

18:10:20.0603 1108 kbdclass - ok

18:10:20.0603 1108 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

18:10:20.0611 1108 kbdhid - ok

18:10:20.0634 1108 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

18:10:20.0642 1108 KSecDD - ok

18:10:20.0673 1108 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

18:10:20.0681 1108 KSecPkg - ok

18:10:20.0681 1108 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

18:10:20.0704 1108 ksthunk - ok

18:10:20.0728 1108 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

18:10:20.0759 1108 lltdio - ok

18:10:20.0767 1108 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

18:10:20.0775 1108 LSI_FC - ok

18:10:20.0790 1108 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

18:10:20.0798 1108 LSI_SAS - ok

18:10:20.0814 1108 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:10:20.0822 1108 LSI_SAS2 - ok

18:10:20.0829 1108 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:10:20.0837 1108 LSI_SCSI - ok

18:10:20.0853 1108 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

18:10:20.0876 1108 luafv - ok

18:10:20.0900 1108 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

18:10:20.0907 1108 MBAMProtector - ok

18:10:20.0939 1108 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

18:10:20.0947 1108 megasas - ok

18:10:20.0962 1108 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

18:10:20.0970 1108 MegaSR - ok

18:10:20.0986 1108 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

18:10:21.0009 1108 Modem - ok

18:10:21.0032 1108 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

18:10:21.0040 1108 monitor - ok

18:10:21.0048 1108 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

18:10:21.0056 1108 mouclass - ok

18:10:21.0072 1108 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

18:10:21.0079 1108 mouhid - ok

18:10:21.0103 1108 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

18:10:21.0111 1108 mountmgr - ok

18:10:21.0126 1108 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

18:10:21.0134 1108 mpio - ok

18:10:21.0150 1108 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

18:10:21.0173 1108 mpsdrv - ok

18:10:21.0181 1108 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

18:10:21.0204 1108 MRxDAV - ok

18:10:21.0228 1108 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:10:21.0243 1108 mrxsmb - ok

18:10:21.0267 1108 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:10:21.0282 1108 mrxsmb10 - ok

18:10:21.0290 1108 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:10:21.0298 1108 mrxsmb20 - ok

18:10:21.0322 1108 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

18:10:21.0329 1108 msahci - ok

18:10:21.0337 1108 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

18:10:21.0353 1108 msdsm - ok

18:10:21.0368 1108 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

18:10:21.0392 1108 Msfs - ok

18:10:21.0415 1108 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

18:10:21.0439 1108 mshidkmdf - ok

18:10:21.0454 1108 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

18:10:21.0462 1108 msisadrv - ok

18:10:21.0478 1108 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

18:10:21.0501 1108 MSKSSRV - ok

18:10:21.0517 1108 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

18:10:21.0540 1108 MSPCLOCK - ok

18:10:21.0548 1108 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

18:10:21.0572 1108 MSPQM - ok

18:10:21.0595 1108 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

18:10:21.0603 1108 MsRPC - ok

18:10:21.0618 1108 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

18:10:21.0618 1108 mssmbios - ok

18:10:21.0634 1108 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

18:10:21.0657 1108 MSTEE - ok

18:10:21.0665 1108 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

18:10:21.0665 1108 MTConfig - ok

18:10:21.0681 1108 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

18:10:21.0689 1108 Mup - ok

18:10:21.0712 1108 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

18:10:21.0720 1108 NativeWifiP - ok

18:10:21.0767 1108 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

18:10:21.0790 1108 NDIS - ok

18:10:21.0798 1108 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

18:10:21.0822 1108 NdisCap - ok

18:10:21.0837 1108 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

18:10:21.0861 1108 NdisTapi - ok

18:10:21.0876 1108 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

18:10:21.0900 1108 Ndisuio - ok

18:10:21.0931 1108 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

18:10:21.0954 1108 NdisWan - ok

18:10:21.0970 1108 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

18:10:21.0993 1108 NDProxy - ok

18:10:22.0001 1108 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

18:10:22.0025 1108 NetBIOS - ok

18:10:22.0040 1108 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

18:10:22.0072 1108 NetBT - ok

18:10:22.0087 1108 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

18:10:22.0087 1108 nfrd960 - ok

18:10:22.0103 1108 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

18:10:22.0126 1108 Npfs - ok

18:10:22.0142 1108 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

18:10:22.0165 1108 nsiproxy - ok

18:10:22.0204 1108 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

18:10:22.0243 1108 Ntfs - ok

18:10:22.0251 1108 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

18:10:22.0275 1108 Null - ok

18:10:22.0290 1108 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

18:10:22.0298 1108 nvraid - ok

18:10:22.0314 1108 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

18:10:22.0322 1108 nvstor - ok

18:10:22.0337 1108 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

18:10:22.0345 1108 nv_agp - ok

18:10:22.0368 1108 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

18:10:22.0376 1108 ohci1394 - ok

18:10:22.0392 1108 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

18:10:22.0400 1108 Parport - ok

18:10:22.0407 1108 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

18:10:22.0415 1108 partmgr - ok

18:10:22.0431 1108 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

18:10:22.0439 1108 pci - ok

18:10:22.0454 1108 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

18:10:22.0454 1108 pciide - ok

18:10:22.0470 1108 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

18:10:22.0486 1108 pcmcia - ok

18:10:22.0493 1108 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

18:10:22.0493 1108 pcw - ok

18:10:22.0517 1108 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

18:10:22.0548 1108 PEAUTH - ok

18:10:22.0572 1108 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

18:10:22.0595 1108 PptpMiniport - ok

18:10:22.0603 1108 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

18:10:22.0611 1108 Processor - ok

18:10:22.0642 1108 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

18:10:22.0665 1108 Psched - ok

18:10:22.0697 1108 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

18:10:22.0728 1108 ql2300 - ok

18:10:22.0736 1108 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

18:10:22.0743 1108 ql40xx - ok

18:10:22.0751 1108 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

18:10:22.0767 1108 QWAVEdrv - ok

18:10:22.0775 1108 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

18:10:22.0798 1108 RasAcd - ok

18:10:22.0814 1108 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

18:10:22.0837 1108 RasAgileVpn - ok

18:10:22.0868 1108 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:10:22.0892 1108 Rasl2tp - ok

18:10:22.0907 1108 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

18:10:22.0931 1108 RasPppoe - ok

18:10:22.0939 1108 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

18:10:22.0962 1108 RasSstp - ok

18:10:22.0993 1108 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

18:10:23.0025 1108 rdbss - ok

18:10:23.0032 1108 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

18:10:23.0040 1108 rdpbus - ok

18:10:23.0056 1108 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:10:23.0079 1108 RDPCDD - ok

18:10:23.0087 1108 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

18:10:23.0103 1108 RDPDR - ok

18:10:23.0118 1108 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

18:10:23.0142 1108 RDPENCDD - ok

18:10:23.0150 1108 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

18:10:23.0173 1108 RDPREFMP - ok

18:10:23.0197 1108 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

18:10:23.0228 1108 RDPWD - ok

18:10:23.0243 1108 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

18:10:23.0251 1108 rdyboost - ok

18:10:23.0267 1108 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

18:10:23.0290 1108 rspndr - ok

18:10:23.0329 1108 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys

18:10:23.0345 1108 RTL8167 - ok

18:10:23.0368 1108 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

18:10:23.0384 1108 s3cap - ok

18:10:23.0415 1108 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

18:10:23.0423 1108 sbp2port - ok

18:10:23.0439 1108 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

18:10:23.0462 1108 scfilter - ok

18:10:23.0470 1108 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

18:10:23.0493 1108 secdrv - ok

18:10:23.0517 1108 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

18:10:23.0525 1108 Serenum - ok

18:10:23.0540 1108 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

18:10:23.0548 1108 Serial - ok

18:10:23.0572 1108 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

18:10:23.0579 1108 sermouse - ok

18:10:23.0603 1108 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

18:10:23.0611 1108 sffdisk - ok

18:10:23.0626 1108 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

18:10:23.0634 1108 sffp_mmc - ok

18:10:23.0642 1108 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

18:10:23.0650 1108 sffp_sd - ok

18:10:23.0657 1108 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

18:10:23.0665 1108 sfloppy - ok

18:10:23.0681 1108 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:10:23.0689 1108 SiSRaid2 - ok

18:10:23.0704 1108 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

18:10:23.0712 1108 SiSRaid4 - ok

18:10:23.0728 1108 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

18:10:23.0751 1108 Smb - ok

18:10:23.0767 1108 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

18:10:23.0775 1108 spldr - ok

18:10:23.0907 1108 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

18:10:23.0962 1108 srv - ok

18:10:23.0978 1108 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

18:10:23.0993 1108 srv2 - ok

18:10:24.0001 1108 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

18:10:24.0009 1108 srvnet - ok

18:10:24.0048 1108 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

18:10:24.0056 1108 stexstor - ok

18:10:24.0079 1108 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

18:10:24.0079 1108 storflt - ok

18:10:24.0095 1108 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

18:10:24.0103 1108 storvsc - ok

18:10:24.0134 1108 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

18:10:24.0142 1108 swenum - ok

18:10:24.0142 1108 szkg5 - ok

18:10:24.0189 1108 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

18:10:24.0236 1108 Tcpip - ok

18:10:24.0259 1108 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

18:10:24.0282 1108 TCPIP6 - ok

18:10:24.0298 1108 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

18:10:24.0322 1108 tcpipreg - ok

18:10:24.0337 1108 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

18:10:24.0361 1108 TDPIPE - ok

18:10:24.0361 1108 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

18:10:24.0392 1108 TDTCP - ok

18:10:24.0423 1108 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

18:10:24.0447 1108 tdx - ok

18:10:24.0462 1108 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

18:10:24.0462 1108 TermDD - ok

18:10:24.0478 1108 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:10:24.0501 1108 tssecsrv - ok

18:10:24.0525 1108 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

18:10:24.0540 1108 TsUsbFlt - ok

18:10:24.0572 1108 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

18:10:24.0595 1108 tunnel - ok

18:10:24.0603 1108 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

18:10:24.0611 1108 uagp35 - ok

18:10:24.0642 1108 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

18:10:24.0673 1108 udfs - ok

18:10:24.0689 1108 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

18:10:24.0697 1108 uliagpkx - ok

18:10:24.0720 1108 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

18:10:24.0728 1108 umbus - ok

18:10:24.0736 1108 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

18:10:24.0743 1108 UmPass - ok

18:10:24.0759 1108 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys

18:10:24.0775 1108 usbccgp - ok

18:10:24.0814 1108 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

18:10:24.0822 1108 usbcir - ok

18:10:24.0845 1108 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

18:10:24.0853 1108 usbehci - ok

18:10:24.0868 1108 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

18:10:24.0876 1108 usbhub - ok

18:10:24.0884 1108 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

18:10:24.0892 1108 usbohci - ok

18:10:24.0907 1108 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

18:10:24.0915 1108 usbprint - ok

18:10:24.0931 1108 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:10:24.0939 1108 USBSTOR - ok

18:10:24.0962 1108 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

18:10:24.0970 1108 usbuhci - ok

18:10:24.0986 1108 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

18:10:24.0993 1108 vdrvroot - ok

18:10:24.0993 1108 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

18:10:25.0009 1108 vga - ok

18:10:25.0009 1108 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

18:10:25.0032 1108 VgaSave - ok

18:10:25.0048 1108 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

18:10:25.0056 1108 vhdmp - ok

18:10:25.0087 1108 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

18:10:25.0095 1108 viaide - ok

18:10:25.0103 1108 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

18:10:25.0111 1108 vmbus - ok

18:10:25.0118 1108 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

18:10:25.0126 1108 VMBusHID - ok

18:10:25.0150 1108 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

18:10:25.0157 1108 volmgr - ok

18:10:25.0173 1108 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

18:10:25.0181 1108 volmgrx - ok

18:10:25.0204 1108 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

18:10:25.0220 1108 volsnap - ok

18:10:25.0236 1108 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

18:10:25.0243 1108 vsmraid - ok

18:10:25.0251 1108 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

18:10:25.0259 1108 vwifibus - ok

18:10:25.0275 1108 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

18:10:25.0282 1108 WacomPen - ok

18:10:25.0290 1108 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

18:10:25.0314 1108 WANARP - ok

18:10:25.0314 1108 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

18:10:25.0337 1108 Wanarpv6 - ok

18:10:25.0361 1108 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

18:10:25.0361 1108 Wd - ok

18:10:25.0384 1108 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

18:10:25.0400 1108 Wdf01000 - ok

18:10:25.0431 1108 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

18:10:25.0454 1108 WfpLwf - ok

18:10:25.0462 1108 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

18:10:25.0462 1108 WIMMount - ok

18:10:25.0509 1108 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

18:10:25.0517 1108 WmiAcpi - ok

18:10:25.0525 1108 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

18:10:25.0548 1108 ws2ifsl - ok

18:10:25.0579 1108 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

18:10:25.0611 1108 WudfPf - ok

18:10:25.0618 1108 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:10:25.0650 1108 WUDFRd - ok

18:10:25.0657 1108 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

18:10:25.0720 1108 \Device\Harddisk0\DR0 - ok

18:10:25.0720 1108 Boot (0x1200) (8af479741e81f8f8498145b9983e103e) \Device\Harddisk0\DR0\Partition0

18:10:25.0728 1108 \Device\Harddisk0\DR0\Partition0 - ok

18:10:25.0751 1108 Boot (0x1200) (b66625860b7ee02e685d03969a33b6e9) \Device\Harddisk0\DR0\Partition1

18:10:25.0751 1108 \Device\Harddisk0\DR0\Partition1 - ok

18:10:25.0751 1108 ============================================================

18:10:25.0751 1108 Scan finished

18:10:25.0751 1108 ============================================================

18:10:25.0759 4576 Detected object count: 0

18:10:25.0759 4576 Actual detected object count: 0

[Maniac]

Please follow the instructions here:

www.bleepingcomputer.com/combofix/how-to-use-combofix#use

Post the log file.

[apestoso]

FOllowed instructions:

ComboFix 11-12-06.01 - Eric 12/06/2011 9:04.1.8 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8183.5402 [GMT -8:00]

Running from: c:\users\Eric\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\windows\assembly\tmp\U

c:\windows\assembly\tmp\U\00000001.@

c:\windows\assembly\tmp\U\000000c0.@

c:\windows\assembly\tmp\U\000000cb.@

c:\windows\assembly\tmp\U\000000cf.@

c:\windows\assembly\tmp\U\80000000.@

c:\windows\assembly\tmp\U\800000c0.@

c:\windows\assembly\tmp\U\800000cb.@

c:\windows\assembly\tmp\U\800000cf.@

c:\windows\system32\consrv.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-11-06 to 2011-12-06 )))))))))))))))))))))))))))))))

.

.

2011-12-06 17:09 . 2011-12-06 17:09 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-23 07:04 . 2010-06-02 12:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll

2011-11-15 07:40 . 2011-11-15 07:40 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-11-15 07:35 . 2011-11-15 07:35 -------- d-----w- c:\users\Eric\AppData\Roaming\Malwarebytes

2011-11-15 07:35 . 2011-11-15 07:35 -------- d-----w- c:\programdata\Malwarebytes

2011-11-15 07:35 . 2011-11-15 07:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-11-15 07:35 . 2011-09-01 01:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-15 05:56 . 2011-11-15 05:56 -------- d-----w- c:\windows\system32\Macromed

2011-11-15 05:53 . 2011-11-15 07:35 -------- d-----w- c:\programdata\STOPzilla!

2011-11-15 02:41 . 2011-11-15 02:41 -------- d-sh--w- c:\windows\system32\%APPDATA%

2011-11-09 06:23 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll

2011-11-09 06:23 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll

2011-11-09 06:23 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 06:23 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-30 03:40 . 2011-09-10 20:02 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-21 11:40 . 2011-12-06 10:55 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{07A056CF-D723-4DDC-8C3B-4B4FE57C446B}\mpengine.dll

2011-10-03 13:06 . 2010-10-06 01:13 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-15 307200]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 102400]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

.

c:\users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [x]

R0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 BIOS;BIOS;c:\windows\system32\drivers\BIOS64.sys [2006-10-31 14136]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3701705256-3279568789-4172379523-1000Core.job

- c:\users\Eric\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-18 02:16]

.

2011-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3701705256-3279568789-4172379523-1000UA.job

- c:\users\Eric\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-18 02:16]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-21 7981088]

"combofix"="c:\combofix\CF32619.3XE" [2010-11-20 345088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.yahoo.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\jlqiywoh.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\OpenOffice.org 3\program\soffice.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.bin

.

**************************************************************************

.

Completion time: 2011-12-06 09:17:38 - machine was rebooted

ComboFix-quarantined-files.txt 2011-12-06 17:17

.

Pre-Run: 899,254,235,136 bytes free

Post-Run: 899,006,226,432 bytes free

.

- - End Of File - - 0EED548B1FB2EF145CB0F228DAD4E61F

[Maniac]

Step 1

• Launch Malwarebytes' Anti-Malware
  
• Go to Update" tab and select Check for Updates.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 2

1. Please run a free online scan with the ESET Online Scanner
   Note: You will need to use Internet Explorer for this scan
   
2. Tick the box next to YES, I accept the Terms of Use
   
3. Click Start
   
4. When asked, allow the ActiveX control to install
   
5. Click Start
   
6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
   
7. Click Scan (This scan can take several hours, so please be patient)
   
8. Once the scan is completed, you may close the window
   
9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
   
10. Copy and paste that log as a roeply to this topic
    

In your next reply, please post the following log files:

• Malwarebytes' Anti-Malware log
  
• ESET Online Scanner log
  

[apestoso]

Btw the redirect has not occurred since I ran COmboFix. I am not sure what ComboFix did if anything but it is not happening anymore. I would still like to be sure I have the malware completely off my machine though.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8338

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

12/8/2011 7:10:54 PM

mbam-log-2011-12-08 (19-10-54).txt

Scan type: Quick scan

Objects scanned: 169780

Time elapsed: 1 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

-----------------------------------------------------------------------------------

I accidentally deleted the first log from running Eset scan... I did the delete files thing on close and it deleted the log. It found and removed 7 java trojan type files. I scanned it again to get a log file to post and it found nothing.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=0199510acda0be4abb4e018e8607f907

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-12-09 04:30:46

# local_time=2011-12-08 08:30:46 (-0800, Pacific Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776573 100 94 0 74946453 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=149008

# found=0

# cleaned=0

# scan_time=2043

[Maniac]

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post to your next reply.

[apestoso]

Status: Deleted (events: 69)

12/14/2011 8:00:30 PM Deleted Trojan program Trojan-Downloader.Win32.Agent.gyal C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\000000cf.@.vir High

12/14/2011 8:00:30 PM Deleted virus HEUR:Backdoor.Win64.Generic C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\80000000.@.vir High

12/14/2011 8:00:31 PM Deleted Trojan program Backdoor.Win64.ZAccess.o C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\800000c0.@.vir High

12/14/2011 8:00:31 PM Deleted virus HEUR:Backdoor.Win64.Generic C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\800000cb.@.vir High

12/14/2011 8:00:31 PM Deleted virus HEUR:Backdoor.Win64.Generic C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\800000cf.@.vir High

12/14/2011 8:00:31 PM Deleted virus HEUR:Backdoor.Win64.Generic C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir High

12/14/2011 8:12:18 PM Deleted virus HEUR:Backdoor.Win64.Generic C:\Windows\assembly\GAC_64\Desktop.ini High

12/14/2011 8:12:18 PM Deleted Trojan program Backdoor.Win32.ZAccess.awg C:\Windows\assembly\GAC_32\Desktop.ini High

12/14/2011 8:14:56 PM Deleted virus HEUR:Exploit.Script.Generic C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PT33IGG\0qw5izg3[1].htm High

12/14/2011 8:14:56 PM Deleted virus HEUR:Exploit.Script.Generic C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PT33IGG\0qw5izg3[1].htm//JIM High

12/14/2011 8:24:10 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88O7ZZ9N\ajsCA0ZC6IV.js High

12/14/2011 8:24:23 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88O7ZZ9N\ajsCA9R91P3.js High

12/14/2011 8:48:22 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\afrCAH3Z9KM.htm High

12/14/2011 8:48:44 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\afrCAH4PRFX.htm High

12/14/2011 8:49:40 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\afrCAUJ192H.htm High

12/14/2011 8:49:04 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCA14XFCG.js High

12/14/2011 8:50:00 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCA7FTTFQ.js High

12/14/2011 8:51:54 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCA7XH5G1.js High

12/14/2011 8:50:20 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCA90OCQ9.js High

12/14/2011 8:50:55 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAD5AE29.js High

12/14/2011 8:51:14 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAF30WT0.js High

12/14/2011 8:51:34 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAFEA3EK.js High

12/14/2011 8:52:31 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAHTOVXH.js High

12/14/2011 8:52:51 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAL5HYE7.js High

12/14/2011 8:53:12 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAP32CTQ.js High

12/14/2011 8:53:52 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTAYU7MQ\ajsCAZLLQG4.js High

12/14/2011 9:09:52 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCA4DUTMV.js High

12/14/2011 9:09:57 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCA53HKUM.js High

12/14/2011 9:10:02 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCA587GET.js High

12/14/2011 9:10:08 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCA6S9Q1H.js High

12/14/2011 9:10:14 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCADMXLVV.js High

12/14/2011 9:10:19 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAFEIZ3K.js High

12/14/2011 9:10:25 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAMD4DIC.js High

12/14/2011 9:10:30 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAQSXA2B.js High

12/14/2011 9:10:35 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAW52X8A.js High

12/14/2011 9:10:41 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAXRQYK6.js High

12/14/2011 9:10:47 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAXVZEMT.js High

12/14/2011 9:11:24 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX4U8OJK\ajsCAZ4R491.js High

12/14/2011 9:41:11 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\afrCAAR5ZY9.htm High

12/14/2011 9:41:48 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAD3VFV4.js High

12/14/2011 9:41:57 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAD8ZGLO.js High

12/14/2011 9:42:05 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAE14HQY.js High

12/14/2011 9:42:30 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAFWUE2L.js High

12/14/2011 9:42:38 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAHZO9FG.js High

12/14/2011 9:42:46 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAKD3ZS8.js High

12/14/2011 9:42:54 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCALL6Q03.js High

12/14/2011 9:43:03 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAN0NRWZ.js High

12/14/2011 9:43:11 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAQNL4MQ.js High

12/14/2011 9:43:20 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCARBDJKD.js High

12/14/2011 9:43:28 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\ajsCAU1H59W.js High

12/14/2011 9:54:54 PM Deleted Trojan program Trojan-Downloader.JS.DarDuk.cu C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6KN0M7C\opentraff[1].htm High

12/14/2011 10:36:08 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPNMPWD9\afrCA3LQIZS.htm High

12/14/2011 10:36:34 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPNMPWD9\afrCAJWEG4S.htm High

12/14/2011 10:36:48 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPNMPWD9\ajsCA5NJC3J.js High

12/14/2011 10:37:09 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPNMPWD9\ajsCAWPRHMA.js High

12/14/2011 10:37:40 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPNMPWD9\ajsCAX80TSX.js High

12/14/2011 11:39:21 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCACQA9I7.js High

12/14/2011 11:39:29 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAEN3MC0.js High

12/14/2011 11:39:37 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAHYB5IY.js High

12/14/2011 11:39:45 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAI9T1LE.js High

12/14/2011 11:39:54 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAIEK4WM.js High

12/14/2011 11:40:04 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAP1M0XS.js High

12/14/2011 11:40:14 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAUX8DM3.js High

12/14/2011 11:40:39 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\ajsCAUWVY1M.js High

12/14/2011 11:49:17 PM Deleted virus HEUR:Exploit.Script.Generic C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\digit[1].htm High

12/14/2011 11:49:17 PM Deleted virus HEUR:Exploit.Script.Generic C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\digit[1].htm//JIM High

12/14/2011 11:50:38 PM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6BB8CBK\f979c846aa9c06fd1b710e150b66c5dd[1].js High

12/15/2011 12:21:44 AM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VFYHIGTL\afrCALYLAUR.htm High

12/15/2011 12:21:48 AM Deleted virus HEUR:Trojan.Script.Iframer C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VFYHIGTL\ajsCAML87IH.js High

[screen317]

apestoso,

We apologize for the extended delay. Do you still need help?

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!