Jump to content

infected with ping.exe


Guest bobiel

Recommended Posts

Dear All,

I am infected in my computer with a trojan, which creates 2 process in my memory. The process ping.exe and svchost.exe are in memory and ping.exe uses about 100% of my CPU.

I have scanned my computer with Malwarebyte, TDSS Killer from kaspersky, Avast, Secuser Housecall and they detect noting.

So can you help me? The process ping.exe always take 100% of my CPU.

thanks,

tdss killer found nothing:

00:08:48.0368 2032 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31

00:08:48.0649 2032 ============================================================

00:08:48.0649 2032 Current date / time: 2011/12/16 00:08:48.0649

00:08:48.0649 2032 SystemInfo:

00:08:48.0649 2032

00:08:48.0649 2032 OS Version: 5.1.2600 ServicePack: 3.0

00:08:48.0649 2032 Product type: Workstation

00:08:48.0649 2032 ComputerName: CPQ26051264741

00:08:48.0649 2032 UserName: admin

00:08:48.0649 2032 Windows directory: C:\WINDOWS

00:08:48.0649 2032 System windows directory: C:\WINDOWS

00:08:48.0649 2032 Processor architecture: Intel x86

00:08:48.0649 2032 Number of processors: 1

00:08:48.0649 2032 Page size: 0x1000

00:08:48.0649 2032 Boot type: Normal boot

00:08:48.0649 2032 ============================================================

00:08:53.0245 2032 Initialize success

00:09:06.0024 1124 ============================================================

00:09:06.0024 1124 Scan started

00:09:06.0024 1124 Mode: Manual;

00:09:06.0024 1124 ============================================================

00:09:08.0998 1124 Abiosdsk - ok

00:09:09.0248 1124 abp480n5 - ok

00:09:09.0839 1124 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

00:09:10.0190 1124 ACPI - ok

00:09:10.0640 1124 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

00:09:10.0640 1124 ACPIEC - ok

00:09:10.0851 1124 adpu160m - ok

00:09:11.0171 1124 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

00:09:11.0181 1124 aec - ok

00:09:11.0522 1124 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

00:09:11.0532 1124 AFD - ok

00:09:11.0812 1124 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

00:09:11.0812 1124 agp440 - ok

00:09:12.0052 1124 Aha154x - ok

00:09:12.0273 1124 aic78u2 - ok

00:09:12.0443 1124 aic78xx - ok

00:09:12.0854 1124 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

00:09:12.0854 1124 AliIde - ok

00:09:13.0164 1124 allegro (bc129f409af5fcf46e978c1c144e31be) C:\WINDOWS\system32\drivers\es198x.sys

00:09:13.0174 1124 allegro - ok

00:09:13.0474 1124 AmdK7 (d3dabc57be6d456dfd4bc026cfa582ff) C:\WINDOWS\system32\DRIVERS\amdk7.sys

00:09:13.0484 1124 AmdK7 - ok

00:09:13.0695 1124 amsint - ok

00:09:13.0995 1124 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

00:09:14.0005 1124 Arp1394 - ok

00:09:14.0236 1124 asc - ok

00:09:14.0336 1124 asc3350p - ok

00:09:14.0606 1124 asc3550 - ok

00:09:14.0907 1124 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

00:09:14.0917 1124 AsyncMac - ok

00:09:15.0197 1124 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

00:09:15.0197 1124 atapi - ok

00:09:15.0427 1124 Atdisk - ok

00:09:15.0788 1124 ati2mtag (83f24e252908e59c4a7ef203bf7f4c02) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

00:09:15.0828 1124 ati2mtag - ok

00:09:16.0178 1124 atimpab (d90ba1698e2e5845a44149b279bca4d7) C:\WINDOWS\system32\DRIVERS\atimpab.sys

00:09:16.0198 1124 atimpab - ok

00:09:16.0479 1124 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

00:09:16.0479 1124 Atmarpc - ok

00:09:16.0729 1124 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

00:09:16.0739 1124 audstub - ok

00:09:17.0000 1124 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

00:09:17.0000 1124 Beep - ok

00:09:17.0360 1124 caboagp (2e692c65f6a0b2bede600ce122273675) C:\WINDOWS\system32\DRIVERS\atisgkaf.sys

00:09:17.0390 1124 caboagp - ok

00:09:17.0691 1124 CALIAUD (f77ab3dea1b770a8c386797b29cdb5ad) C:\WINDOWS\system32\drivers\caliaud.sys

00:09:17.0711 1124 CALIAUD - ok

00:09:18.0041 1124 CALIHALA (86ce67eea284f55f8664d00902623ab9) C:\WINDOWS\system32\drivers\calihal.sys

00:09:18.0061 1124 CALIHALA - ok

00:09:18.0341 1124 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

00:09:18.0341 1124 cbidf2k - ok

00:09:18.0622 1124 cd20xrnt - ok

00:09:18.0902 1124 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

00:09:18.0912 1124 Cdaudio - ok

00:09:19.0203 1124 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

00:09:19.0213 1124 Cdfs - ok

00:09:19.0503 1124 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

00:09:19.0513 1124 Cdrom - ok

00:09:19.0814 1124 CE3 (9e595c9121cf28ede5c35e48eddbc6a9) C:\WINDOWS\system32\DRIVERS\ce3n5.sys

00:09:19.0814 1124 CE3 - ok

00:09:20.0014 1124 Changer - ok

00:09:20.0424 1124 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

00:09:20.0424 1124 CmBatt - ok

00:09:20.0675 1124 CmdIde - ok

00:09:20.0845 1124 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

00:09:20.0845 1124 Compbatt - ok

00:09:21.0115 1124 Cpqarray - ok

00:09:21.0246 1124 dac2w2k - ok

00:09:21.0466 1124 dac960nt - ok

00:09:21.0816 1124 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

00:09:21.0816 1124 Disk - ok

00:09:22.0147 1124 DKbFltr (21deb0dbf75ec8bef6544d7d5b779389) C:\WINDOWS\system32\Drivers\DKbFltr.SYS

00:09:22.0177 1124 DKbFltr - ok

00:09:22.0538 1124 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys

00:09:22.0588 1124 dmboot - ok

00:09:22.0848 1124 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys

00:09:22.0868 1124 dmio - ok

00:09:23.0118 1124 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

00:09:23.0138 1124 dmload - ok

00:09:23.0489 1124 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

00:09:23.0489 1124 DMusic - ok

00:09:23.0889 1124 DP83815 (7b2c60cf4acc2f176622931eaf0289ed) C:\WINDOWS\system32\DRIVERS\DP83815.SYS

00:09:23.0889 1124 DP83815 - ok

00:09:24.0110 1124 dpti2o - ok

00:09:24.0280 1124 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

00:09:24.0280 1124 drmkaud - ok

00:09:24.0711 1124 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

00:09:24.0721 1124 Fastfat - ok

00:09:24.0991 1124 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

00:09:24.0991 1124 Fdc - ok

00:09:25.0261 1124 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys

00:09:25.0261 1124 Fips - ok

00:09:25.0672 1124 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

00:09:25.0672 1124 Flpydisk - ok

00:09:25.0992 1124 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

00:09:26.0023 1124 FltMgr - ok

00:09:26.0343 1124 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

00:09:26.0343 1124 Fs_Rec - ok

00:09:26.0663 1124 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

00:09:26.0673 1124 Ftdisk - ok

00:09:26.0954 1124 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

00:09:26.0964 1124 Gpc - ok

00:09:27.0635 1124 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

00:09:27.0635 1124 HidUsb - ok

00:09:27.0915 1124 HPCI - ok

00:09:28.0015 1124 hpn - ok

00:09:28.0336 1124 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

00:09:28.0336 1124 HPZid412 - ok

00:09:28.0626 1124 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

00:09:28.0626 1124 HPZipr12 - ok

00:09:28.0927 1124 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

00:09:28.0927 1124 HPZius12 - ok

00:09:29.0297 1124 HSFHWALI (c98fe9b4843888e153526c3f184fcc8d) C:\WINDOWS\system32\DRIVERS\HSFHWALI.sys

00:09:29.0317 1124 HSFHWALI - ok

00:09:29.0688 1124 HSF_DP (fe4eb683439bac32fb3126ebdd7b3927) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

00:09:29.0898 1124 HSF_DP - ok

00:09:30.0158 1124 HSF_DPV - ok

00:09:30.0479 1124 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

00:09:30.0499 1124 HTTP - ok

00:09:30.0749 1124 i2omgmt - ok

00:09:30.0849 1124 i2omp - ok

00:09:31.0130 1124 i8042prt (fbec854bc75f26499d9839182b334a55) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

00:09:31.0140 1124 i8042prt - ok

00:09:31.0440 1124 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

00:09:31.0450 1124 Imapi - ok

00:09:31.0671 1124 ini910u - ok

00:09:31.0831 1124 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\System32\DRIVERS\intelide.sys

00:09:31.0831 1124 IntelIde - ok

00:09:32.0151 1124 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

00:09:32.0161 1124 ip6fw - ok

00:09:32.0442 1124 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

00:09:32.0442 1124 IpFilterDriver - ok

00:09:32.0672 1124 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

00:09:32.0672 1124 IpInIp - ok

00:09:32.0952 1124 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

00:09:32.0962 1124 IpNat - ok

00:09:33.0323 1124 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

00:09:33.0333 1124 IPSec - ok

00:09:33.0583 1124 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

00:09:33.0583 1124 IRENUM - ok

00:09:33.0864 1124 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys

00:09:33.0864 1124 isapnp - ok

00:09:34.0204 1124 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

00:09:34.0204 1124 Kbdclass - ok

00:09:34.0495 1124 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

00:09:34.0495 1124 kbdhid - ok

00:09:34.0775 1124 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

00:09:34.0785 1124 kmixer - ok

00:09:35.0156 1124 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

00:09:35.0166 1124 KSecDD - ok

00:09:35.0466 1124 lbrtfdc - ok

00:09:35.0757 1124 LEX_NIC_SERVICE (749ac09ecc5e4f9a9108661515da7e03) C:\WINDOWS\system32\DRIVERS\Express.sys

00:09:35.0767 1124 LEX_NIC_SERVICE - ok

00:09:36.0057 1124 mdmxsdk (a1e9d936eac07ee9386e87bac1377fad) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

00:09:36.0057 1124 mdmxsdk - ok

00:09:36.0488 1124 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

00:09:36.0498 1124 mnmdd - ok

00:09:36.0798 1124 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys

00:09:36.0798 1124 Modem - ok

00:09:37.0108 1124 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

00:09:37.0118 1124 MODEMCSA - ok

00:09:37.0469 1124 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys

00:09:37.0469 1124 Mouclass - ok

00:09:37.0739 1124 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

00:09:37.0739 1124 mouhid - ok

00:09:37.0990 1124 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

00:09:38.0000 1124 MountMgr - ok

00:09:38.0270 1124 mraid35x - ok

00:09:38.0551 1124 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

00:09:38.0561 1124 MRxDAV - ok

00:09:38.0871 1124 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

00:09:38.0911 1124 MRxSmb - ok

00:09:39.0292 1124 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

00:09:39.0292 1124 Msfs - ok

00:09:39.0642 1124 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

00:09:39.0642 1124 MSKSSRV - ok

00:09:39.0923 1124 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

00:09:39.0923 1124 MSPCLOCK - ok

00:09:40.0283 1124 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

00:09:40.0353 1124 MSPQM - ok

00:09:40.0914 1124 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

00:09:40.0914 1124 mssmbios - ok

00:09:41.0224 1124 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

00:09:41.0234 1124 Mup - ok

00:09:41.0505 1124 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

00:09:41.0525 1124 NDIS - ok

00:09:41.0805 1124 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

00:09:41.0805 1124 NdisTapi - ok

00:09:42.0076 1124 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

00:09:42.0086 1124 Ndisuio - ok

00:09:42.0376 1124 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

00:09:42.0406 1124 NdisWan - ok

00:09:42.0646 1124 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

00:09:42.0656 1124 NDProxy - ok

00:09:42.0937 1124 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

00:09:42.0937 1124 NetBIOS - ok

00:09:43.0217 1124 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

00:09:43.0227 1124 NetBT - ok

00:09:43.0618 1124 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

00:09:43.0628 1124 NIC1394 - ok

00:09:43.0918 1124 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

00:09:43.0918 1124 Npfs - ok

00:09:44.0249 1124 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

00:09:44.0279 1124 Ntfs - ok

00:09:44.0599 1124 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

00:09:44.0599 1124 Null - ok

00:09:44.0870 1124 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

00:09:44.0880 1124 NwlnkFlt - ok

00:09:45.0150 1124 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

00:09:45.0150 1124 NwlnkFwd - ok

00:09:45.0470 1124 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

00:09:45.0470 1124 ohci1394 - ok

00:09:45.0751 1124 P3 (cecb679633523ac5eb7eb85f92dcd806) C:\WINDOWS\system32\DRIVERS\p3.sys

00:09:45.0751 1124 P3 - ok

00:09:46.0031 1124 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys

00:09:46.0031 1124 Parport - ok

00:09:46.0522 1124 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

00:09:46.0532 1124 PartMgr - ok

00:09:46.0802 1124 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

00:09:46.0802 1124 ParVdm - ok

00:09:47.0073 1124 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys

00:09:47.0073 1124 PCI - ok

00:09:47.0333 1124 PCIDump - ok

00:09:47.0674 1124 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\System32\DRIVERS\pciide.sys

00:09:47.0674 1124 PCIIde - ok

00:09:47.0934 1124 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

00:09:47.0944 1124 Pcmcia - ok

00:09:48.0194 1124 PDCOMP - ok

00:09:48.0465 1124 PDFRAME - ok

00:09:48.0685 1124 PDRELI - ok

00:09:48.0905 1124 PDRFRAME - ok

00:09:49.0126 1124 perc2 - ok

00:09:49.0246 1124 perc2hib - ok

00:09:49.0737 1124 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

00:09:49.0737 1124 PptpMiniport - ok

00:09:50.0127 1124 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

00:09:50.0127 1124 PSched - ok

00:09:50.0468 1124 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

00:09:50.0478 1124 Ptilink - ok

00:09:50.0698 1124 ql1080 - ok

00:09:50.0798 1124 Ql10wnt - ok

00:09:51.0008 1124 ql12160 - ok

00:09:51.0149 1124 ql1240 - ok

00:09:51.0309 1124 ql1280 - ok

00:09:51.0479 1124 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

00:09:51.0489 1124 RasAcd - ok

00:09:51.0760 1124 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

00:09:51.0770 1124 Rasl2tp - ok

00:09:52.0040 1124 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

00:09:52.0050 1124 RasPppoe - ok

00:09:52.0340 1124 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

00:09:52.0340 1124 Raspti - ok

00:09:52.0671 1124 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

00:09:52.0691 1124 Rdbss - ok

00:09:52.0951 1124 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

00:09:52.0951 1124 RDPCDD - ok

00:09:53.0352 1124 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

00:09:53.0362 1124 RDPWD - ok

00:09:53.0682 1124 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys

00:09:53.0682 1124 redbook - ok

00:09:54.0063 1124 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

00:09:54.0063 1124 Secdrv - ok

00:09:54.0393 1124 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

00:09:54.0393 1124 serenum - ok

00:09:54.0704 1124 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys

00:09:54.0714 1124 Serial - ok

00:09:55.0074 1124 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

00:09:55.0074 1124 Sfloppy - ok

00:09:55.0345 1124 Simbad - ok

00:09:55.0625 1124 Sparrow - ok

00:09:55.0895 1124 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

00:09:55.0895 1124 splitter - ok

00:09:56.0186 1124 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys

00:09:56.0196 1124 sr - ok

00:09:56.0496 1124 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys

00:09:56.0526 1124 Srv - ok

00:09:56.0937 1124 StreamDispatcher (3caf8a823d46bb9b739068f173e98f51) C:\WINDOWS\system32\DRIVERS\strmdisp.sys

00:09:56.0937 1124 StreamDispatcher - ok

00:09:57.0227 1124 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

00:09:57.0237 1124 swenum - ok

00:09:57.0528 1124 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

00:09:57.0528 1124 swmidi - ok

00:09:57.0778 1124 symc810 - ok

00:09:57.0878 1124 symc8xx - ok

00:09:58.0099 1124 sym_hi - ok

00:09:58.0339 1124 sym_u3 - ok

00:09:58.0549 1124 SynTP (0331b5cbb728ee33283417cfd0db9705) C:\WINDOWS\system32\DRIVERS\SynTP.sys

00:09:58.0569 1124 SynTP - ok

00:09:58.0840 1124 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

00:09:58.0850 1124 sysaudio - ok

00:09:59.0220 1124 tap0901 (9171a2543e4b23eefc03f4cd671ea54a) C:\WINDOWS\system32\DRIVERS\tap0901.sys

00:09:59.0220 1124 tap0901 - ok

00:09:59.0551 1124 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

00:09:59.0581 1124 Tcpip - ok

00:09:59.0831 1124 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

00:09:59.0841 1124 TDPIPE - ok

00:10:00.0102 1124 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

00:10:00.0102 1124 TDTCP - ok

00:10:00.0392 1124 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

00:10:00.0402 1124 TermDD - ok

00:10:00.0672 1124 TosIde - ok

00:10:01.0033 1124 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

00:10:01.0043 1124 Udfs - ok

00:10:01.0313 1124 ultra - ok

00:10:01.0574 1124 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

00:10:01.0604 1124 Update - ok

00:10:01.0974 1124 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

00:10:01.0974 1124 usbccgp - ok

00:10:02.0265 1124 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

00:10:02.0265 1124 usbhub - ok

00:10:02.0585 1124 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

00:10:02.0585 1124 usbohci - ok

00:10:02.0845 1124 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

00:10:02.0845 1124 usbprint - ok

00:10:03.0136 1124 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

00:10:03.0136 1124 usbscan - ok

00:10:03.0406 1124 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

00:10:03.0416 1124 USBSTOR - ok

00:10:03.0687 1124 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

00:10:03.0687 1124 usbuhci - ok

00:10:03.0947 1124 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

00:10:03.0957 1124 VgaSave - ok

00:10:04.0227 1124 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys

00:10:04.0237 1124 ViaIde - ok

00:10:04.0548 1124 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys

00:10:04.0558 1124 VolSnap - ok

00:10:04.0918 1124 W8335XP (738244934c71118a21f8d678067d057d) C:\WINDOWS\system32\DRIVERS\WG511v2XP.sys

00:10:04.0938 1124 W8335XP - ok

00:10:05.0389 1124 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

00:10:05.0389 1124 Wanarp - ok

00:10:05.0670 1124 WDC_SAM - ok

00:10:05.0890 1124 WDICA - ok

00:10:06.0190 1124 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

00:10:06.0200 1124 wdmaud - ok

00:10:06.0561 1124 winachsf (dc3f6288a33bcfa43402f1593321b44a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

00:10:06.0591 1124 winachsf - ok

00:10:07.0112 1124 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

00:10:07.0142 1124 WudfPf - ok

00:10:07.0452 1124 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

00:10:07.0482 1124 WudfRd - ok

00:10:07.0642 1124 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0

00:10:07.0793 1124 \Device\Harddisk0\DR0 - ok

00:10:07.0823 1124 Boot (0x1200) (dcd9c31080e95a962408a70431037c58) \Device\Harddisk0\DR0\Partition0

00:10:07.0823 1124 \Device\Harddisk0\DR0\Partition0 - ok

00:10:07.0823 1124 ============================================================

00:10:07.0823 1124 Scan finished

00:10:07.0823 1124 ============================================================

00:10:07.0883 1184 Detected object count: 0

00:10:07.0883 1184 Actual detected object count: 0

00:10:32.0909 1496 Deinitialize success

can someone help me? I discover that i have 2 bad process: svchost.exe and ping.exe in my task manager.

i run myself combix and this prog has broken my internet connection !!! Any idea to remove ping.exe trojan? why antivirus like malwarebye are unable to detect it during scan?

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 1 month later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.