Maniac Posted March 18, 2012 ID:535803 Share Posted March 18, 2012 It is not a normal behaviour. Take a look in C:\Qoobox for ComboFix.txt or ComboFix-quarantined-files.txt Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535812 Share Posted March 18, 2012 Can you pls provide the exact locations of the text files? As I don't find those. What else can I try to solve the issue? Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535822 Share Posted March 18, 2012 Is there any hope or is formatting the system the only option? Link to post Share on other sites More sharing options...
Maniac Posted March 18, 2012 ID:535824 Share Posted March 18, 2012 What are the problems that you are experiencing now? Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535825 Share Posted March 18, 2012 I don't think the malware is gone. Malware bytes always reports that it has blocked access to some malicious site.. Link to post Share on other sites More sharing options...
Maniac Posted March 18, 2012 ID:535831 Share Posted March 18, 2012 Download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply. Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535837 Share Posted March 18, 2012 Hi maniac,The log :14:11:39.0640 3548 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:4314:11:40.0000 3548 ============================================================14:11:40.0000 3548 Current date / time: 2012/03/18 14:11:40.000014:11:40.0000 3548 SystemInfo:14:11:40.0000 3548 14:11:40.0000 3548 OS Version: 5.1.2600 ServicePack: 3.014:11:40.0000 3548 Product type: Workstation14:11:40.0000 3548 ComputerName: VIDHYA-8F36C4A714:11:40.0000 3548 UserName: Vidhya14:11:40.0000 3548 Windows directory: C:\WINDOWS14:11:40.0000 3548 System windows directory: C:\WINDOWS14:11:40.0000 3548 Processor architecture: Intel x8614:11:40.0000 3548 Number of processors: 214:11:40.0000 3548 Page size: 0x100014:11:40.0000 3548 Boot type: Normal boot14:11:40.0000 3548 ============================================================14:11:40.0453 3548 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005014:11:40.0468 3548 \Device\Harddisk0\DR0:14:11:40.0468 3548 MBR used14:11:40.0468 3548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C114:11:40.0484 3548 Initialize success14:11:40.0484 3548 ============================================================14:11:47.0703 2376 ============================================================14:11:47.0703 2376 Scan started14:11:47.0703 2376 Mode: Manual; SigCheck; TDLFS;14:11:47.0703 2376 ============================================================14:11:48.0046 2376 Abiosdsk - ok14:11:48.0062 2376 abp480n5 - ok14:11:48.0140 2376 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys14:11:49.0093 2376 ACPI - ok14:11:49.0203 2376 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys14:11:49.0390 2376 ACPIEC - ok14:11:49.0437 2376 adpu160m - ok14:11:49.0500 2376 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys14:11:49.0640 2376 aec - ok14:11:49.0687 2376 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys14:11:49.0765 2376 AFD - ok14:11:49.0781 2376 Aha154x - ok14:11:49.0796 2376 aic78u2 - ok14:11:49.0812 2376 aic78xx - ok14:11:49.0828 2376 AliIde - ok14:11:49.0828 2376 amsint - ok14:11:49.0906 2376 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys14:11:50.0078 2376 Arp1394 - ok14:11:50.0109 2376 asc - ok14:11:50.0109 2376 asc3350p - ok14:11:50.0125 2376 asc3550 - ok14:11:50.0156 2376 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys14:11:50.0328 2376 AsyncMac - ok14:11:50.0359 2376 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys14:11:50.0531 2376 atapi - ok14:11:50.0531 2376 Atdisk - ok14:11:50.0562 2376 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys14:11:50.0703 2376 Atmarpc - ok14:11:50.0750 2376 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys14:11:50.0890 2376 audstub - ok14:11:50.0984 2376 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys14:11:51.0125 2376 BCM43XX - ok14:11:51.0187 2376 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys14:11:51.0203 2376 BCMWLNPF ( UnsignedFile.Multi.Generic ) - warning14:11:51.0203 2376 BCMWLNPF - detected UnsignedFile.Multi.Generic (1)14:11:51.0265 2376 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys14:11:51.0421 2376 Beep - ok14:11:51.0453 2376 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys14:11:51.0562 2376 Bridge - ok14:11:51.0562 2376 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys14:11:51.0656 2376 BridgeMP - ok14:11:51.0828 2376 catchme - ok14:11:51.0875 2376 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys14:11:51.0984 2376 cbidf2k - ok14:11:52.0015 2376 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys14:11:52.0125 2376 CCDECODE - ok14:11:52.0140 2376 cd20xrnt - ok14:11:52.0187 2376 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys14:11:52.0343 2376 Cdaudio - ok14:11:52.0375 2376 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys14:11:52.0515 2376 Cdfs - ok14:11:52.0578 2376 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys14:11:52.0671 2376 Cdrom - ok14:11:52.0687 2376 cerc6 - ok14:11:52.0687 2376 Changer - ok14:11:52.0734 2376 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys14:11:52.0843 2376 CmBatt - ok14:11:52.0843 2376 CmdIde - ok14:11:52.0890 2376 COH_Mon (4f2dedeed7c091fafc4dada5534f3d37) C:\WINDOWS\system32\Drivers\COH_Mon.sys14:11:52.0906 2376 COH_Mon - ok14:11:52.0921 2376 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys14:11:53.0031 2376 Compbatt - ok14:11:53.0046 2376 Cpqarray - ok14:11:53.0156 2376 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys14:11:53.0281 2376 cpudrv - ok14:11:53.0296 2376 dac2w2k - ok14:11:53.0296 2376 dac960nt - ok14:11:53.0359 2376 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys14:11:53.0468 2376 Disk - ok14:11:53.0531 2376 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys14:11:53.0734 2376 dmboot - ok14:11:53.0750 2376 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys14:11:53.0843 2376 dmio - ok14:11:53.0859 2376 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys14:11:53.0953 2376 dmload - ok14:11:54.0000 2376 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys14:11:54.0109 2376 DMusic - ok14:11:54.0125 2376 dpti2o - ok14:11:54.0125 2376 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys14:11:54.0218 2376 drmkaud - ok14:11:54.0343 2376 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys14:11:54.0359 2376 eeCtrl - ok14:11:54.0421 2376 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys14:11:54.0421 2376 EraserUtilRebootDrv - ok14:11:54.0484 2376 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys14:11:54.0593 2376 Fastfat - ok14:11:54.0656 2376 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys14:11:54.0781 2376 Fdc - ok14:11:54.0796 2376 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys14:11:54.0906 2376 Fips - ok14:11:54.0906 2376 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys14:11:55.0015 2376 Flpydisk - ok14:11:55.0062 2376 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys14:11:55.0171 2376 FltMgr - ok14:11:55.0218 2376 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys14:11:55.0328 2376 Fs_Rec - ok14:11:55.0343 2376 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys14:11:55.0437 2376 Ftdisk - ok14:11:55.0500 2376 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys14:11:55.0500 2376 GEARAspiWDM - ok14:11:55.0515 2376 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys14:11:55.0625 2376 Gpc - ok14:11:55.0687 2376 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys14:11:55.0796 2376 HDAudBus - ok14:11:55.0828 2376 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys14:11:55.0921 2376 hidusb - ok14:11:55.0937 2376 hpn - ok14:11:55.0984 2376 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys14:11:56.0031 2376 HTTP - ok14:11:56.0031 2376 i2omgmt - ok14:11:56.0046 2376 i2omp - ok14:11:56.0093 2376 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys14:11:56.0203 2376 i8042prt - ok14:11:56.0421 2376 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys14:11:56.0765 2376 ialm - ok14:11:56.0828 2376 iastor (d483687eace0c065ee772481a96e05f5) C:\WINDOWS\system32\drivers\iastor.sys14:11:56.0859 2376 iastor - ok14:11:56.0890 2376 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys14:11:57.0093 2376 Imapi - ok14:11:57.0109 2376 ini910u - ok14:11:57.0281 2376 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys14:11:57.0500 2376 IntcAzAudAddService - ok14:11:57.0515 2376 IntelIde - ok14:11:57.0562 2376 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys14:11:57.0687 2376 intelppm - ok14:11:57.0718 2376 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys14:11:57.0921 2376 Ip6Fw - ok14:11:57.0968 2376 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys14:11:58.0078 2376 IpFilterDriver - ok14:11:58.0093 2376 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys14:11:58.0187 2376 IpInIp - ok14:11:58.0296 2376 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys14:11:58.0406 2376 IpNat - ok14:11:58.0453 2376 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys14:11:58.0546 2376 IPSec - ok14:11:58.0593 2376 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys14:11:58.0656 2376 IRENUM - ok14:11:58.0703 2376 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys14:11:58.0812 2376 isapnp - ok14:11:58.0875 2376 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys14:11:59.0000 2376 Kbdclass - ok14:11:59.0046 2376 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys14:11:59.0171 2376 kmixer - ok14:11:59.0203 2376 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys14:11:59.0250 2376 KSecDD - ok14:11:59.0265 2376 lbrtfdc - ok14:11:59.0296 2376 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys14:11:59.0312 2376 MBAMProtector - ok14:11:59.0343 2376 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys14:11:59.0468 2376 mnmdd - ok14:11:59.0500 2376 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys14:11:59.0593 2376 Modem - ok14:11:59.0625 2376 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys14:11:59.0718 2376 Mouclass - ok14:11:59.0781 2376 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys14:11:59.0890 2376 mouhid - ok14:11:59.0890 2376 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys14:11:59.0984 2376 MountMgr - ok14:12:00.0000 2376 mraid35x - ok14:12:00.0031 2376 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys14:12:00.0125 2376 MRxDAV - ok14:12:00.0156 2376 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys14:12:00.0218 2376 MRxSmb - ok14:12:00.0234 2376 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys14:12:00.0328 2376 Msfs - ok14:12:00.0359 2376 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys14:12:00.0468 2376 MSKSSRV - ok14:12:00.0484 2376 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys14:12:00.0578 2376 MSPCLOCK - ok14:12:00.0578 2376 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys14:12:00.0687 2376 MSPQM - ok14:12:00.0734 2376 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys14:12:00.0859 2376 mssmbios - ok14:12:00.0875 2376 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys14:12:00.0984 2376 MSTEE - ok14:12:01.0000 2376 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys14:12:01.0046 2376 Mup - ok14:12:01.0078 2376 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys14:12:01.0187 2376 NABTSFEC - ok14:12:01.0343 2376 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120315.002\NAVENG.SYS14:12:01.0343 2376 NAVENG - ok14:12:01.0437 2376 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120315.002\NAVEX15.SYS14:12:01.0500 2376 NAVEX15 - ok14:12:01.0562 2376 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys14:12:01.0671 2376 NDIS - ok14:12:01.0703 2376 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys14:12:01.0812 2376 NdisIP - ok14:12:01.0859 2376 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys14:12:01.0906 2376 NdisTapi - ok14:12:01.0968 2376 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys14:12:02.0109 2376 Ndisuio - ok14:12:02.0109 2376 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys14:12:02.0265 2376 NdisWan - ok14:12:02.0312 2376 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys14:12:02.0343 2376 NDProxy - ok14:12:02.0359 2376 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys14:12:02.0453 2376 NetBIOS - ok14:12:02.0468 2376 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys14:12:02.0593 2376 NetBT - ok14:12:02.0640 2376 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys14:12:02.0734 2376 NIC1394 - ok14:12:02.0750 2376 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys14:12:02.0859 2376 Npfs - ok14:12:02.0890 2376 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys14:12:03.0000 2376 Ntfs - ok14:12:03.0046 2376 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys14:12:03.0140 2376 Null - ok14:12:03.0203 2376 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys14:12:03.0296 2376 NwlnkFlt - ok14:12:03.0296 2376 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys14:12:03.0406 2376 NwlnkFwd - ok14:12:03.0437 2376 O2MDRDR (948aefc4db1e6cc5a8d9fc5740aee392) C:\WINDOWS\system32\DRIVERS\o2media.sys14:12:03.0453 2376 O2MDRDR - ok14:12:03.0468 2376 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys14:12:03.0468 2376 O2SDRDR - ok14:12:03.0531 2376 OEM13Afx (58f478fd0115012ceec75fb73628901c) C:\WINDOWS\system32\Drivers\OEM13Afx.sys14:12:03.0578 2376 OEM13Afx - ok14:12:03.0609 2376 OEM13Vfx (86326062a90494bdd79ce383511d7d69) C:\WINDOWS\system32\DRIVERS\OEM13Vfx.sys14:12:03.0640 2376 OEM13Vfx - ok14:12:03.0656 2376 OEM13Vid (8d9d3b1b24105796c9b9b1473dec2d70) C:\WINDOWS\system32\DRIVERS\OEM13Vid.sys14:12:03.0703 2376 OEM13Vid - ok14:12:03.0750 2376 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys14:12:03.0859 2376 ohci1394 - ok14:12:03.0859 2376 OMCI - ok14:12:03.0906 2376 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys14:12:04.0015 2376 Parport - ok14:12:04.0031 2376 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys14:12:04.0125 2376 PartMgr - ok14:12:04.0156 2376 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys14:12:04.0250 2376 ParVdm - ok14:12:04.0250 2376 PbsAuDrv - ok14:12:04.0281 2376 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys14:12:04.0390 2376 PCI - ok14:12:04.0406 2376 PCIDump - ok14:12:04.0421 2376 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys14:12:04.0515 2376 PCIIde - ok14:12:04.0546 2376 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys14:12:04.0640 2376 Pcmcia - ok14:12:04.0656 2376 PDCOMP - ok14:12:04.0656 2376 PDFRAME - ok14:12:04.0671 2376 PDRELI - ok14:12:04.0687 2376 PDRFRAME - ok14:12:04.0687 2376 perc2 - ok14:12:04.0703 2376 perc2hib - ok14:12:04.0750 2376 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys14:12:04.0859 2376 PptpMiniport - ok14:12:04.0875 2376 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys14:12:04.0968 2376 PSched - ok14:12:05.0000 2376 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys14:12:05.0109 2376 Ptilink - ok14:12:05.0109 2376 ql1080 - ok14:12:05.0125 2376 Ql10wnt - ok14:12:05.0140 2376 ql12160 - ok14:12:05.0140 2376 ql1240 - ok14:12:05.0156 2376 ql1280 - ok14:12:05.0203 2376 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys14:12:05.0296 2376 RasAcd - ok14:12:05.0328 2376 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys14:12:05.0421 2376 Rasl2tp - ok14:12:05.0421 2376 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys14:12:05.0546 2376 RasPppoe - ok14:12:05.0546 2376 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys14:12:05.0640 2376 Raspti - ok14:12:05.0671 2376 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys14:12:05.0781 2376 Rdbss - ok14:12:05.0812 2376 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys14:12:05.0921 2376 RDPCDD - ok14:12:05.0984 2376 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys14:12:06.0078 2376 rdpdr - ok14:12:06.0125 2376 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys14:12:06.0171 2376 RDPWD - ok14:12:06.0234 2376 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys14:12:06.0328 2376 redbook - ok14:12:06.0375 2376 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS14:12:06.0500 2376 rtl8139 - ok14:12:06.0546 2376 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys14:12:06.0625 2376 RTLE8023xp - ok14:12:06.0671 2376 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys14:12:06.0859 2376 sdbus - ok14:12:06.0890 2376 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys14:12:06.0953 2376 Secdrv - ok14:12:07.0000 2376 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys14:12:07.0093 2376 Serial - ok14:12:07.0109 2376 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys14:12:07.0203 2376 Sfloppy - ok14:12:07.0218 2376 Simbad - ok14:12:07.0250 2376 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys14:12:07.0343 2376 SLIP - ok14:12:07.0359 2376 Sparrow - ok14:12:07.0484 2376 SPBBCDrv (e87cf104f12c92401c4d33c50a3d5dc8) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys14:12:07.0500 2376 SPBBCDrv - ok14:12:07.0562 2376 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys14:12:07.0656 2376 splitter - ok14:12:07.0718 2376 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys14:12:07.0781 2376 sr - ok14:12:07.0828 2376 SRTSP (b36f8d6a02ff2b3a53e250a629782f29) C:\WINDOWS\system32\Drivers\SRTSP.SYS14:12:07.0828 2376 SRTSP - ok14:12:07.0906 2376 SRTSPL (e99bd98ac171a29fc1ba9376be87ae73) C:\WINDOWS\system32\Drivers\SRTSPL.SYS14:12:07.0921 2376 SRTSPL - ok14:12:07.0953 2376 SRTSPX (1af34729898063e9b7df8d149d767e07) C:\WINDOWS\system32\Drivers\SRTSPX.SYS14:12:07.0968 2376 SRTSPX - ok14:12:08.0000 2376 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys14:12:08.0109 2376 Srv - ok14:12:08.0156 2376 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys14:12:08.0312 2376 streamip - ok14:12:08.0375 2376 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys14:12:08.0531 2376 swenum - ok14:12:08.0578 2376 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys14:12:08.0734 2376 swmidi - ok14:12:08.0734 2376 symc810 - ok14:12:08.0750 2376 symc8xx - ok14:12:08.0781 2376 SymEvent (e42a34e6f5ca71a84d4c2de620aad13d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS14:12:08.0796 2376 SymEvent - ok14:12:08.0859 2376 SYMREDRV (394b2368212114d538316812af60fddd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS14:12:08.0859 2376 SYMREDRV - ok14:12:08.0921 2376 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\WINDOWS\System32\Drivers\SYMTDI.SYS14:12:08.0937 2376 SYMTDI - ok14:12:08.0953 2376 sym_hi - ok14:12:08.0953 2376 sym_u3 - ok14:12:09.0000 2376 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys14:12:09.0140 2376 sysaudio - ok14:12:09.0218 2376 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys14:12:09.0328 2376 Tcpip - ok14:12:09.0375 2376 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys14:12:09.0531 2376 TDPIPE - ok14:12:09.0562 2376 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys14:12:09.0718 2376 TDTCP - ok14:12:09.0781 2376 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys14:12:09.0937 2376 TermDD - ok14:12:09.0968 2376 TosIde - ok14:12:10.0015 2376 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys14:12:10.0171 2376 Udfs - ok14:12:10.0187 2376 ultra - ok14:12:10.0234 2376 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys14:12:10.0390 2376 Update - ok14:12:10.0437 2376 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys14:12:10.0500 2376 USBAAPL - ok14:12:10.0546 2376 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys14:12:10.0640 2376 usbccgp - ok14:12:10.0687 2376 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys14:12:10.0796 2376 usbehci - ok14:12:10.0828 2376 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys14:12:10.0921 2376 usbhub - ok14:12:10.0953 2376 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys14:12:11.0062 2376 usbprint - ok14:12:11.0109 2376 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys14:12:11.0203 2376 usbscan - ok14:12:11.0281 2376 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS14:12:11.0375 2376 USBSTOR - ok14:12:11.0421 2376 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys14:12:11.0515 2376 usbuhci - ok14:12:11.0562 2376 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys14:12:11.0656 2376 usbvideo - ok14:12:11.0718 2376 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys14:12:11.0812 2376 VgaSave - ok14:12:11.0812 2376 ViaIde - ok14:12:11.0859 2376 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys14:12:11.0953 2376 VolSnap - ok14:12:11.0984 2376 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys14:12:12.0078 2376 Wanarp - ok14:12:12.0093 2376 WDICA - ok14:12:12.0156 2376 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys14:12:12.0250 2376 wdmaud - ok14:12:12.0296 2376 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys14:12:12.0390 2376 WmiAcpi - ok14:12:12.0421 2376 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys14:12:12.0515 2376 WS2IFSL - ok14:12:12.0546 2376 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS14:12:12.0625 2376 WSTCODEC - ok14:12:12.0656 2376 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR014:12:12.0703 2376 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected14:12:12.0703 2376 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)14:12:12.0703 2376 \Device\Harddisk0\DR0 ( TDSS File System ) - warning14:12:12.0703 2376 \Device\Harddisk0\DR0 - detected TDSS File System (1)14:12:12.0703 2376 Boot (0x1200) (23658495a4e67bbe3055dd2baddb6a38) \Device\Harddisk0\DR0\Partition014:12:12.0703 2376 \Device\Harddisk0\DR0\Partition0 - ok14:12:12.0703 2376 ============================================================14:12:12.0703 2376 Scan finished14:12:12.0703 2376 ============================================================14:12:12.0812 2388 Detected object count: 314:12:12.0812 2388 Actual detected object count: 314:12:57.0671 2388 BCMWLNPF ( UnsignedFile.Multi.Generic ) - skipped by user14:12:57.0671 2388 BCMWLNPF ( UnsignedFile.Multi.Generic ) - User select action: Skip14:12:58.0437 2388 \Device\Harddisk0\DR0\# - copied to quarantine14:12:58.0437 2388 \Device\Harddisk0\DR0 - copied to quarantine14:12:58.0468 2388 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine14:12:58.0484 2388 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine14:12:58.0484 2388 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine14:12:58.0578 2388 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine14:12:58.0578 2388 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine14:12:58.0578 2388 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine14:12:58.0593 2388 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine14:12:58.0609 2388 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine14:12:58.0625 2388 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine14:12:58.0640 2388 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine14:12:58.0656 2388 \Device\Harddisk0\DR0\TDLFS\dkmks.tmp - copied to quarantine14:12:58.0671 2388 \Device\Harddisk0\DR0\TDLFS\r.dll - copied to quarantine14:12:58.0671 2388 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot14:12:58.0671 2388 \Device\Harddisk0\DR0 - ok14:12:58.0671 2388 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure14:12:58.0671 2388 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user14:12:58.0671 2388 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip14:13:27.0390 0700 Deinitialize success Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535840 Share Posted March 18, 2012 The malware blocking message is no longer coming Link to post Share on other sites More sharing options...
Maniac Posted March 18, 2012 ID:535847 Share Posted March 18, 2012 Please try to re-run ComboFix now. Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535849 Share Posted March 18, 2012 Yeah ... Link to post Share on other sites More sharing options...
vanijayram Posted March 18, 2012 Author ID:535900 Share Posted March 18, 2012 The log report generation is still running....could there be any harm due to this or is my computer fine to use? Link to post Share on other sites More sharing options...
Maniac Posted March 19, 2012 ID:536019 Share Posted March 19, 2012 Could take a look at C:\Qoobox for ComboFix.txt or Combofix-quarantined-list.txt ? I still could not tell you for sure. Link to post Share on other sites More sharing options...
vanijayram Posted March 19, 2012 Author ID:536117 Share Posted March 19, 2012 Hi maniac,I am not able to find those files inmy system. Link to post Share on other sites More sharing options...
Maniac Posted March 19, 2012 ID:536119 Share Posted March 19, 2012 Please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scanTick the box next to YES, I accept the Terms of UseClick StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick Scan (This scan can take several hours, so please be patient)Once the scan is completed, you may close the windowUse Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txtCopy and paste that log as a reply to this topic Link to post Share on other sites More sharing options...
vanijayram Posted March 20, 2012 Author ID:536190 Share Posted March 20, 2012 Hi maniac,This is my log file :ESETSmartInstaller@High as CAB hook log:OnlineScanner.ocx - registred OK# version=7# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)# OnlineScanner.ocx=1.0.0.6583# api_version=3.0.2# EOSSerial=c35e1f48cebc0e469c42f24aea4248e8# end=finished# remove_checked=true# archives_checked=false# unwanted_checked=true# unsafe_checked=false# antistealth_checked=true# utc_time=2012-03-20 01:01:54# local_time=2012-03-19 09:01:54 (-0500, Eastern Daylight Time)# country="United States"# lang=1033# osver=5.1.2600 NT Service Pack 3# compatibility_mode=1032 16777214 0 1 4114126 4114126 0 0# compatibility_mode=8192 67108863 100 0 0 0 0 0# scanned=190261# found=5# cleaned=5# scan_time=5732C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\eYryLom6muHhor.exe.vir a variant of Win32/Kryptik.ACRH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\HWllHxOwIMY.exe.vir a variant of Win32/Kryptik.ACRH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\Qoobox\Quarantine\C\Documents and Settings\Vidhya\Application Data\Mozilla\Firefox\Profiles\2k5zys0a.default\extensions\{16fe6f95-8fc0-484f-bb67-c3df6cb6a081}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\TDSSKiller_Quarantine\18.03.2012_14.11.40\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.N trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\TDSSKiller_Quarantine\18.03.2012_14.11.40\mbr0000\tdlfs0000\tsk0009.dta a variant of Win32/Olmarik.ARM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C Link to post Share on other sites More sharing options...
Maniac Posted March 20, 2012 ID:536241 Share Posted March 20, 2012 Nothing special, it is already removed from us.Download AVPTool from Here to your desktop Run the programme you have just downloaded to your desktop (it will be randomly named) Click the cog in the upper right Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan Allow AVP to delete all infections foundOnce it has finished select report tab (last tab)Select Detected threads report from the left and press Save buttonSave it to your desktop and post it in your next reply. Link to post Share on other sites More sharing options...
vanijayram Posted March 21, 2012 Author ID:536504 Share Posted March 21, 2012 Status: Deleted (events: 5) 3/20/2012 9:19:38 PM Deleted Trojan program Backdoor.Win64.TDSS.a C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900002\4FF7D236.VBN//CryptZ High 3/20/2012 9:19:37 PM Deleted Trojan program Trojan.Win32.TDSS.clzk C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900003\4FF7D24C.VBN//CryptZ//UPX High 3/20/2012 9:19:37 PM Deleted Trojan program Trojan.Win32.TDSS.clzk C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900003\4FF7D24C.VBN//CryptZ High 3/20/2012 9:19:37 PM Deleted Trojan program Trojan.Win32.TDSS.clzk C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900003\4FF7D24C.VBN High 3/20/2012 9:19:38 PM Deleted Trojan program Backdoor.Win64.TDSS.a C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0D900002\4FF7D236.VBN High Link to post Share on other sites More sharing options...
Maniac Posted March 21, 2012 ID:536511 Share Posted March 21, 2012 Nothing imporant, those are from Quarantine folder (well-protected).How are things now? Link to post Share on other sites More sharing options...
vanijayram Posted March 21, 2012 Author ID:536551 Share Posted March 21, 2012 Looks fine to me. Running as usual.no pop ups etc.. Link to post Share on other sites More sharing options...
vanijayram Posted March 21, 2012 Author ID:536567 Share Posted March 21, 2012 One thing,Most of my files are hidden and I am manually making it visible Link to post Share on other sites More sharing options...
Maniac Posted March 21, 2012 ID:536587 Share Posted March 21, 2012 Please download unhide.exe from here and save it to your Desktop. Double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run. Link to post Share on other sites More sharing options...
vanijayram Posted March 21, 2012 Author ID:536594 Share Posted March 21, 2012 All my Favorites in IE have gone.Is there any method to recover it ?Also,can you suggest me some protective measures like a good antivirus to prevent future happenings like this? Link to post Share on other sites More sharing options...
Maniac Posted March 21, 2012 ID:536601 Share Posted March 21, 2012 All my Favorites in IE have gone.Is there any method to recover it ?After running unhide.exe?Also,can you suggest me some protective measures like a good antivirus to prevent future happenings like this?I will send you some prevention tips in my last steps for you. Link to post Share on other sites More sharing options...
vanijayram Posted March 22, 2012 Author ID:536691 Share Posted March 22, 2012 Thank you Maniac ...Now everything is fine. All hidden is removed. And favourites are also present. Link to post Share on other sites More sharing options...
Maniac Posted March 22, 2012 ID:536728 Share Posted March 22, 2012 Glad I could help!Let's clean this mess:Please run OTL and click on CleanUp button. Next, manually delete mbam-clean, AVG Remover and Kaspersky AVP Tool. Finally, uninstall ESET Online Scanner.Here some malware preventions for you:http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983Safe surfing! Link to post Share on other sites More sharing options...
Recommended Posts