Jump to content

Help Needed

mojoemil
 Share

Recommended Posts

mojoemil

mojoemil

Posted
Posted

I ran Malwarebytes, and removed several threats that had hijacked my browser and part of my system. The major problems have vanished. Now my only issues is I am being taken to incorrect/misc sites, especially when I am clicking on links provided by my Google search engine. If the Google search results indicated for example Ebay.com link, and I click on it, I'm being redirected to sites like addresses.com, and misc. spyware download sites, etc. Almost always someplace new or different, luckily never obscene. I am on a Dell Laptop, Microsoft Vista, Mozilla Firefox browser with a few add-ons, Norton's Antivirus. Any suggestions would be greatly appreciated. Thank you.

DDS Content:

DDS (Ver_10-03-17.01) - NTFSx86

Run by Administrator at 12:37:00.59 on Tue 07/13/2010

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_14

Microsoft

Attach.zip

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello mojoemil! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

First of all, you should not have more than one anti-virus program installed as they will conflict and cause problems. You have two so you need to uninstall one of them. Of the two, I would recommend keeping AVG 9.0 , so please uninstall:

LiveUpdate 3.2 (Symantec Corporation)

Symantec AntiVirus

Step 2

Please, uninstall the following applications:

  1. Adobe Reader 9.1.2

You can read, how to do this here:

Step 3

Please go into the Control Panel, Add/Remove and for now remove ALL versions of JAVA

Then run this tool to help cleanup any left over Java

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please download JavaRa and unzip it to your desktop.

***Please close any instances of Internet Explorer (or other web browser) before continuing!***

  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it back when you reply
    Then look for the following Java folders and if found delete them.
    C:\Program Files\Java
    C:\Program Files\Common Files\Java
    C:\Windows\Sun
    C:\Documents and Settings\All Users\Application Data\Java
    C:\Documents and Settings\All Users\Application Data\Sun\Java
    C:\Documents and Settings\username\Application Data\Java
    C:\Documents and Settings\username\Application Data\Sun\Java

Step 4

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. JavaRa log
  2. MalwareBytes' Anti-Malware log
  3. a new fresh DDS log only

Link to post
Share on other sites
mojoemil

mojoemil

Posted
  • Author
Posted
Hello mojoemil! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

First of all, you should not have more than one anti-virus program installed as they will conflict and cause problems. You have two so you need to uninstall one of them. Of the two, I would recommend keeping AVG 9.0 , so please uninstall:

Step 2

Please, uninstall the following applications:

  1. Adobe Reader 9.1.2

You can read, how to do this here:

Step 3

Please go into the Control Panel, Add/Remove and for now remove ALL versions of JAVA

Then run this tool to help cleanup any left over Java

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please download JavaRa and unzip it to your desktop.

***Please close any instances of Internet Explorer (or other web browser) before continuing!***

  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it back when you reply
    Then look for the following Java folders and if found delete them.
    C:\Program Files\Java
    C:\Program Files\Common Files\Java
    C:\Windows\Sun
    C:\Documents and Settings\All Users\Application Data\Java
    C:\Documents and Settings\All Users\Application Data\Sun\Java
    C:\Documents and Settings\username\Application Data\Java
    C:\Documents and Settings\username\Application Data\Sun\Java

Step 4

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. JavaRa log
  2. MalwareBytes' Anti-Malware log
  3. a new fresh DDS log only

Thank you so much for attempting to help me resolve this issues. Below are the results that you request. I hope that I'm not giving up prematurely, but the logs did not find any infected items. I can continue to try, but it is frustrating. Thanks again and I look forward to hearing your thoughts.

Java Log:

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jul 13 16:50:03 2010

------------------------------------

Finished reporting.

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jul 13 16:50:53 2010

------------------------------------

Finished reporting.

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jul 13 16:54:22 2010

------------------------------------

Finished reporting.

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jul 13 16:59:57 2010

------------------------------------

Finished reporting.

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Jul 13 18:29:12 2010

------------------------------------

Finished reporting.

Malwarebytes Report:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4292

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18928

7/13/2010 12:25:08 PM

mbam-log-2010-07-13 (12-25-08).txt

Scan type: Quick scan

Objects scanned: 144996

Time elapsed: 11 minute(s), 55 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS Log (New):

DDS (Ver_10-03-17.01) - NTFSx86

Run by Administrator at 18:17:43.37 on Tue 07/13/2010

Internet Explorer: 8.0.6001.18928

Microsoft

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Please read the following through carefully so that you understand what to do.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK. (If Vista, click on the Vista Orb and copy and paste the following into the Search field. (make sure you include the quotation marks) Then press Ctrl+Shift+Enter.)
    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • It may ask you to reboot the computer to complete the process. Allow it to do so.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

Link to post
Share on other sites
mojoemil

mojoemil

Posted
  • Author
Posted
Please read the following through carefully so that you understand what to do.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK. (If Vista, click on the Vista Orb and copy and paste the following into the Search field. (make sure you include the quotation marks) Then press Ctrl+Shift+Enter.)
    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v
  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • It may ask you to reboot the computer to complete the process. Allow it to do so.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

TDSSKILLER Text File:

07:30:04:929 4728 TDSS rootkit removing tool 2.3.2.2 Jun 30 2010 17:23:49

07:30:04:929 4728 ================================================================================

07:30:04:929 4728 SystemInfo:

07:30:04:929 4728 OS Version: 6.0.6002 ServicePack: 2.0

07:30:04:929 4728 Product type: Workstation

07:30:04:930 4728 ComputerName: IT090007442

07:30:04:930 4728 UserName: Administrator

07:30:04:930 4728 Windows directory: C:\Windows

07:30:04:930 4728 System windows directory: C:\Windows

07:30:04:930 4728 Processor architecture: Intel x86

07:30:04:930 4728 Number of processors: 2

07:30:04:930 4728 Page size: 0x1000

07:30:04:931 4728 Boot type: Normal boot

07:30:04:931 4728 ================================================================================

07:30:05:326 4728 Initialize success

07:30:05:326 4728

07:30:05:326 4728 Scanning Services ...

07:30:06:068 4728 Raw services enum returned 484 services

07:30:06:076 4728

07:30:06:077 4728 Scanning Drivers ...

07:30:06:835 4728 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

07:30:06:892 4728 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

07:30:06:913 4728 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

07:30:06:934 4728 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

07:30:06:955 4728 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

07:30:06:985 4728 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

07:30:07:005 4728 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

07:30:07:042 4728 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

07:30:07:129 4728 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

07:30:07:172 4728 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

07:30:07:198 4728 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

07:30:07:211 4728 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

07:30:07:242 4728 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

07:30:07:301 4728 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys

07:30:07:316 4728 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

07:30:07:401 4728 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

07:30:07:453 4728 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

07:30:07:481 4728 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys

07:30:07:514 4728 Avgfwfd (26a4640a8f16f8ce39b93329c83bb15a) C:\Windows\system32\DRIVERS\avgfwd6x.sys

07:30:07:584 4728 AVGIDSDrivervtx (1bf5706111544aefe29f64783c22d8fb) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys

07:30:07:614 4728 AVGIDSErHrvtx (3efc8f7eae54b780d1e0730da23dad25) C:\Windows\system32\Drivers\AVGIDSvx.sys

07:30:07:625 4728 AVGIDSFiltervtx (a19902063d7368864cc5708f4d1b1c97) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys

07:30:07:637 4728 AVGIDSShimvtx (034df5434a092e3bb963d1febff7aabf) C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys

07:30:07:723 4728 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\system32\Drivers\avgldx86.sys

07:30:07:740 4728 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\system32\Drivers\avgmfx86.sys

07:30:07:767 4728 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\Windows\system32\Drivers\avgrkx86.sys

07:30:07:789 4728 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\system32\Drivers\avgtdix.sys

07:30:07:833 4728 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

07:30:07:858 4728 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

07:30:07:889 4728 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

07:30:07:915 4728 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

07:30:07:993 4728 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

07:30:08:032 4728 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

07:30:08:062 4728 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

07:30:08:082 4728 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

07:30:08:102 4728 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

07:30:08:143 4728 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

07:30:08:182 4728 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

07:30:08:228 4728 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

07:30:08:265 4728 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys

07:30:08:344 4728 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys

07:30:08:382 4728 btwaudio (489727ea3dceba3bac3215f94bfbcaa1) C:\Windows\system32\drivers\btwaudio.sys

07:30:08:415 4728 btwavdt (dead0e02e2efdb03209c9237e93a619c) C:\Windows\system32\drivers\btwavdt.sys

07:30:08:447 4728 btwl2cap (b9920fb30bcaff10c111654909b275c9) C:\Windows\system32\DRIVERS\btwl2cap.sys

07:30:08:491 4728 btwrchid (280e088046dcac249bb08505e296db86) C:\Windows\system32\DRIVERS\btwrchid.sys

07:30:08:533 4728 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

07:30:08:572 4728 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

07:30:08:594 4728 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

07:30:08:637 4728 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

07:30:08:733 4728 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

07:30:08:757 4728 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

07:30:08:794 4728 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

07:30:08:815 4728 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

07:30:08:845 4728 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

07:30:08:894 4728 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys

07:30:08:937 4728 cvusbdrv (a95d9b8d882adf93ef40d7dc9b9bb508) C:\Windows\system32\Drivers\cvusbdrv.sys

07:30:08:981 4728 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

07:30:09:022 4728 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

07:30:09:114 4728 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

07:30:09:139 4728 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

07:30:09:169 4728 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

07:30:09:214 4728 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

07:30:09:259 4728 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

07:30:09:315 4728 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

07:30:09:330 4728 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

07:30:09:418 4728 e1yexpress (660d34b47e65f8542dd4a573a0c11a74) C:\Windows\system32\DRIVERS\e1y6032.sys

07:30:09:455 4728 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

07:30:09:488 4728 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

07:30:09:501 4728 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys

07:30:09:518 4728 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

07:30:09:544 4728 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

07:30:09:560 4728 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

07:30:09:620 4728 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

07:30:09:648 4728 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

07:30:09:709 4728 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

07:30:09:742 4728 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

07:30:09:762 4728 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

07:30:09:776 4728 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

07:30:09:827 4728 HBtnKey (91056a89a67e0081a4924d31ad3bc83b) C:\Windows\system32\drivers\hbtnkey.sys

07:30:09:872 4728 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

07:30:09:917 4728 HECI (2df64415a28ce036ac6acec7645a996f) C:\Windows\system32\drivers\heci.sys

07:30:09:956 4728 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys

07:30:09:995 4728 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

07:30:10:029 4728 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

07:30:10:047 4728 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

07:30:10:104 4728 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

07:30:10:125 4728 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

07:30:10:146 4728 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

07:30:10:167 4728 iaStor (baabb0301949774a66b955c65319635a) C:\Windows\system32\drivers\iastor.sys

07:30:10:187 4728 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

07:30:10:299 4728 igfx (938753888eaddb29d4b3754139ec19e8) C:\Windows\system32\DRIVERS\igdkmd32.sys

07:30:10:354 4728 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

07:30:10:381 4728 IntcHdmiAddService (092a78e9c6f71bf0e22379503b90e800) C:\Windows\system32\drivers\IntcHdmi.sys

07:30:10:419 4728 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

07:30:10:439 4728 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

07:30:10:455 4728 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

07:30:10:500 4728 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

07:30:10:528 4728 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

07:30:10:543 4728 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

07:30:10:555 4728 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

07:30:10:597 4728 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

07:30:10:612 4728 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

07:30:10:629 4728 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

07:30:10:643 4728 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

07:30:10:676 4728 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

07:30:10:730 4728 klmd23 (316353165feba3d0538eaa9c2f60c5b7) C:\Windows\system32\drivers\klmd.sys

07:30:10:770 4728 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

07:30:10:802 4728 LHidFilt (ea57f9a93042d53256db4e2222b93b37) C:\Windows\system32\DRIVERS\LHidFilt.Sys

07:30:10:864 4728 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

07:30:10:889 4728 LMouFilt (8bd61e1f686d352b318b025524542128) C:\Windows\system32\DRIVERS\LMouFilt.Sys

07:30:10:902 4728 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

07:30:10:917 4728 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

07:30:10:929 4728 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

07:30:10:950 4728 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

07:30:10:989 4728 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

07:30:11:010 4728 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

07:30:11:029 4728 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

07:30:11:043 4728 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

07:30:11:061 4728 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

07:30:11:087 4728 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

07:30:11:130 4728 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

07:30:11:181 4728 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

07:30:11:203 4728 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

07:30:11:234 4728 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

07:30:11:311 4728 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

07:30:11:352 4728 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

07:30:11:386 4728 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

07:30:11:414 4728 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

07:30:11:466 4728 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys

07:30:11:491 4728 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

07:30:11:526 4728 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

07:30:11:578 4728 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

07:30:11:618 4728 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

07:30:11:640 4728 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

07:30:11:672 4728 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

07:30:11:716 4728 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

07:30:11:742 4728 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

07:30:11:798 4728 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

07:30:11:818 4728 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

07:30:11:894 4728 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\Windows\system32\Drivers\iqvw32.sys

07:30:11:963 4728 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

07:30:12:011 4728 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

07:30:12:167 4728 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

07:30:12:195 4728 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

07:30:12:265 4728 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

07:30:12:307 4728 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

07:30:12:335 4728 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

07:30:12:372 4728 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

07:30:12:493 4728 NETw5v32 (7269039e216bdd863abf1850a0ffdbaf) C:\Windows\system32\DRIVERS\NETw5v32.sys

07:30:12:562 4728 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

07:30:12:636 4728 Nmea (b0d5188e282dc4edae7020f333427bc8) C:\Windows\system32\DRIVERS\pctnullport.sys

07:30:12:702 4728 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

07:30:12:717 4728 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

07:30:12:764 4728 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

07:30:12:779 4728 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

07:30:12:788 4728 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

07:30:12:803 4728 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

07:30:12:820 4728 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

07:30:12:870 4728 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

07:30:12:924 4728 NWADI (0973c0c696780161f4526586d5eac422) C:\Windows\system32\DRIVERS\NWADIenum.sys

07:30:12:991 4728 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

07:30:13:030 4728 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys

07:30:13:059 4728 partmgr (1a46bbe96a382cc08f936f57668b7334) C:\Windows\system32\drivers\partmgr.sys

07:30:13:059 4728 Suspicious file (Forged): C:\Windows\system32\drivers\partmgr.sys. Real md5: 1a46bbe96a382cc08f936f57668b7334, Fake md5: 57389fa59a36d96b3eb09d0cb91e9cdc

07:30:13:059 4728 File "C:\Windows\system32\drivers\partmgr.sys" infected by TDSS rootkit ... 07:30:13:145 4728 Backup copy found, using it..

07:30:13:178 4728 will be cured on next reboot

07:30:13:217 4728 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys

07:30:13:246 4728 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys

07:30:13:273 4728 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys

07:30:13:316 4728 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

07:30:13:362 4728 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

07:30:13:412 4728 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

07:30:13:451 4728 PCTINDIS5 (1e715247efffdda938c085913045d599) C:\Windows\system32\PCTINDIS5.SYS

07:30:13:482 4728 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

07:30:13:503 4728 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

07:30:13:533 4728 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

07:30:13:565 4728 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

07:30:13:585 4728 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

07:30:13:632 4728 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

07:30:13:675 4728 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

07:30:13:727 4728 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

07:30:13:820 4728 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys

07:30:13:848 4728 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

07:30:13:866 4728 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

07:30:13:883 4728 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

07:30:13:910 4728 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

07:30:13:944 4728 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

07:30:13:960 4728 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

07:30:13:995 4728 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys

07:30:14:019 4728 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

07:30:14:053 4728 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

07:30:14:086 4728 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

07:30:14:145 4728 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

07:30:14:162 4728 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\drivers\rimsptsk.sys

07:30:14:200 4728 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys

07:30:14:227 4728 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys

07:30:14:246 4728 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\drivers\rixdptsk.sys

07:30:14:284 4728 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys

07:30:14:299 4728 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

07:30:14:319 4728 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

07:30:14:363 4728 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

07:30:14:409 4728 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

07:30:14:438 4728 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys

07:30:14:469 4728 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys

07:30:14:502 4728 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

07:30:14:513 4728 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

07:30:14:528 4728 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

07:30:14:538 4728 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

07:30:14:556 4728 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

07:30:14:574 4728 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

07:30:14:605 4728 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

07:30:14:623 4728 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

07:30:14:698 4728 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

07:30:14:741 4728 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

07:30:14:784 4728 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys

07:30:14:820 4728 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys

07:30:14:836 4728 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys

07:30:14:871 4728 STHDA (9aefc1bc01e03a4afb8e718fc2f72c10) C:\Windows\system32\DRIVERS\stwrt.sys

07:30:14:911 4728 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

07:30:14:934 4728 swmsflt (eda7336cd2e334b4db321bc60b7da11e) C:\Windows\System32\drivers\swmsflt.sys

07:30:14:954 4728 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

07:30:15:061 4728 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

07:30:15:075 4728 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

07:30:15:135 4728 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys

07:30:15:168 4728 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys

07:30:15:189 4728 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

07:30:15:202 4728 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

07:30:15:221 4728 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

07:30:15:252 4728 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

07:30:15:341 4728 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

07:30:15:436 4728 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

07:30:15:499 4728 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

07:30:15:531 4728 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

07:30:15:551 4728 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

07:30:15:772 4728 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

07:30:16:437 4728 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

07:30:16:841 4728 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

07:30:16:864 4728 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

07:30:17:025 4728 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

07:30:17:051 4728 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

07:30:17:080 4728 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

07:30:17:140 4728 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\Windows\system32\DRIVERS\usbccid.sys

07:30:17:188 4728 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

07:30:17:247 4728 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

07:30:17:282 4728 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

07:30:17:311 4728 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

07:30:17:339 4728 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

07:30:17:397 4728 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

07:30:17:459 4728 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

07:30:17:482 4728 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

07:30:17:561 4728 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

07:30:17:583 4728 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

07:30:17:608 4728 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

07:30:17:634 4728 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

07:30:17:694 4728 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

07:30:17:725 4728 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

07:30:17:766 4728 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

07:30:17:797 4728 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

07:30:17:883 4728 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

07:30:17:907 4728 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

07:30:17:920 4728 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

07:30:17:922 4728 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

07:30:17:983 4728 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

07:30:18:003 4728 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

07:30:18:026 4728 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

07:30:18:042 4728 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

07:30:18:056 4728 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

07:30:18:057 4728 Reboot required for cure complete..

07:30:18:079 4728 Cure on reboot scheduled successfully

07:30:18:079 4728

07:30:18:080 4728 Completed

07:30:18:080 4728

07:30:18:080 4728 Results:

07:30:18:080 4728 Registry objects infected / cured / cured on reboot: 0 / 0 / 0

07:30:18:080 4728 File objects infected / cured / cured on reboot: 1 / 0 / 1

07:30:18:081 4728

07:30:18:082 4728 KLMD(ARK) unloaded successfully

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Some last steps :)

Step 1

To enable CD Emulation programs using DeFogger please perform these steps:

  1. Please download DeFogger to your desktop.
  2. Once downloaded, double-click on the DeFogger icon to start the tool.
  3. The application window will now appear. You should now click on the Enable button to enable your CD Emulation drivers
  4. When it prompts you whether or not you want to continue, please click on the Yes button to continue
  5. When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  6. If CD Emulation programs are present and have been enabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.

Step 2

Please manually delete Defogger, DDS, TDSSKiller, JavaRa and GMER.

Step 3

Please download and install the latest version of Adobe Reader from:

www.adobe.com

About Java:

www.java.com/en

Step 4

Some malware preventions:

http://forums.malwarebytes.org/index.php?showtopic=9365

Safe surfing! :angry:

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.