Jump to content

Google redirect - logs available


Recommended Posts

I was infected by a false virus suite (security tool) a few days ago which I managed to get rid of using task manager and malwarebytes.

Since then bootup takes longer than usual and worse is that

google keeps redirecting to various search pages.

Malwarebytes says I'm clean but it keeps happening.

I'm running Vista 32

Mcafee (BT netprotect plus) inc firewall

MBAM 1.46

database 5007

I use a router

I ran defogger, then DDS and GMER.

I have the logs if anyone needs them.

Please can anyone help?

<><><>

DDS (Ver_10-10-31.01) - NTFSx86

Run by Admin at 17:14:13.80 on 31/10/2010

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22

Microsoft

Link to post
Share on other sites

:D

Please don't attach the scan results, use Copy/Paste

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

Thanks for your help.

I ran the programs and then tried google again and it redirected to r.looksmart.com

TDSSKiller log follows.

<><><>

2010/11/01 19:26:31.0175 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49

2010/11/01 19:26:31.0176 ================================================================================

2010/11/01 19:26:31.0176 SystemInfo:

2010/11/01 19:26:31.0176

2010/11/01 19:26:31.0176 OS Version: 6.0.6002 ServicePack: 2.0

2010/11/01 19:26:31.0176 Product type: Workstation

2010/11/01 19:26:31.0176 ComputerName: MAIN-PC

2010/11/01 19:26:31.0176 UserName: Admin

2010/11/01 19:26:31.0176 Windows directory: C:\Windows

2010/11/01 19:26:31.0176 System windows directory: C:\Windows

2010/11/01 19:26:31.0176 Processor architecture: Intel x86

2010/11/01 19:26:31.0176 Number of processors: 4

2010/11/01 19:26:31.0176 Page size: 0x1000

2010/11/01 19:26:31.0176 Boot type: Normal boot

2010/11/01 19:26:31.0176 ================================================================================

2010/11/01 19:26:31.0466 Initialize success

2010/11/01 19:26:33.0521 ================================================================================

2010/11/01 19:26:33.0522 Scan started

2010/11/01 19:26:33.0522 Mode: Manual;

2010/11/01 19:26:33.0522 ================================================================================

2010/11/01 19:26:34.0528 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2010/11/01 19:26:34.0582 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2010/11/01 19:26:34.0620 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2010/11/01 19:26:34.0655 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2010/11/01 19:26:34.0716 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2010/11/01 19:26:34.0772 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2010/11/01 19:26:34.0825 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

2010/11/01 19:26:34.0853 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2010/11/01 19:26:34.0891 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2010/11/01 19:26:34.0913 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2010/11/01 19:26:34.0934 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2010/11/01 19:26:34.0966 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2010/11/01 19:26:34.0990 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2010/11/01 19:26:35.0068 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2010/11/01 19:26:35.0103 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2010/11/01 19:26:35.0146 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2010/11/01 19:26:35.0181 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

2010/11/01 19:26:35.0245 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2010/11/01 19:26:35.0287 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2010/11/01 19:26:35.0307 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2010/11/01 19:26:35.0331 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2010/11/01 19:26:35.0359 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2010/11/01 19:26:35.0406 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2010/11/01 19:26:35.0440 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2010/11/01 19:26:35.0468 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2010/11/01 19:26:35.0486 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2010/11/01 19:26:35.0510 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2010/11/01 19:26:35.0545 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2010/11/01 19:26:35.0572 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2010/11/01 19:26:35.0620 cfwids (426ee59b25988bb3382fc0a3655deaa2) C:\Windows\system32\drivers\cfwids.sys

2010/11/01 19:26:35.0688 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

2010/11/01 19:26:35.0732 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2010/11/01 19:26:35.0779 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2010/11/01 19:26:35.0839 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

2010/11/01 19:26:35.0858 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2010/11/01 19:26:35.0885 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2010/11/01 19:26:35.0962 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2010/11/01 19:26:36.0011 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2010/11/01 19:26:36.0086 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2010/11/01 19:26:36.0148 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2010/11/01 19:26:36.0180 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

2010/11/01 19:26:36.0220 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2010/11/01 19:26:36.0275 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2010/11/01 19:26:36.0312 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2010/11/01 19:26:36.0356 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2010/11/01 19:26:36.0427 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2010/11/01 19:26:36.0445 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2010/11/01 19:26:36.0470 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2010/11/01 19:26:36.0515 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2010/11/01 19:26:36.0555 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2010/11/01 19:26:36.0578 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2010/11/01 19:26:36.0617 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2010/11/01 19:26:36.0648 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2010/11/01 19:26:36.0705 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2010/11/01 19:26:36.0753 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2010/11/01 19:26:37.0031 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

2010/11/01 19:26:37.0071 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2010/11/01 19:26:37.0125 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2010/11/01 19:26:37.0168 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2010/11/01 19:26:37.0252 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2010/11/01 19:26:37.0306 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2010/11/01 19:26:37.0349 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2010/11/01 19:26:37.0378 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2010/11/01 19:26:37.0448 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\drivers\iastor.sys

2010/11/01 19:26:37.0645 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2010/11/01 19:26:37.0697 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2010/11/01 19:26:37.0792 IntcAzAudAddService (32abc54d0dde1a8885c9439537dd3bad) C:\Windows\system32\drivers\RTKVHDA.sys

2010/11/01 19:26:37.0921 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys

2010/11/01 19:26:37.0948 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2010/11/01 19:26:37.0973 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/11/01 19:26:38.0008 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2010/11/01 19:26:38.0040 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2010/11/01 19:26:38.0090 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2010/11/01 19:26:38.0127 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2010/11/01 19:26:38.0190 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2010/11/01 19:26:38.0225 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2010/11/01 19:26:38.0288 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2010/11/01 19:26:38.0369 Jukebox3 (33193d6dbdfaec78ea92b469b22ae57a) C:\Windows\system32\DRIVERS\ctpdusb.sys

2010/11/01 19:26:38.0412 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2010/11/01 19:26:38.0473 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

2010/11/01 19:26:38.0528 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2010/11/01 19:26:38.0711 Lavasoft Kernexplorer (32da3fde01f1bb080c2e69521dd8881e) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys

2010/11/01 19:26:38.0797 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys

2010/11/01 19:26:38.0843 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2010/11/01 19:26:38.0895 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2010/11/01 19:26:38.0935 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2010/11/01 19:26:38.0962 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2010/11/01 19:26:39.0005 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2010/11/01 19:26:39.0155 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2010/11/01 19:26:39.0221 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2010/11/01 19:26:39.0312 mfeapfk (5bd0c401a8ee4a54f6176c0a10d595ae) C:\Windows\system32\drivers\mfeapfk.sys

2010/11/01 19:26:39.0354 mfeavfk (f3bb4dc61b4dc662bdc778cf1634fae1) C:\Windows\system32\drivers\mfeavfk.sys

2010/11/01 19:26:39.0523 mfebopk (b1498db38d129ed31650422fc8bab9c5) C:\Windows\system32\drivers\mfebopk.sys

2010/11/01 19:26:39.0573 mfefirek (51e9ccea45c78858a229afb6e682cf41) C:\Windows\system32\drivers\mfefirek.sys

2010/11/01 19:26:39.0727 mfehidk (32f7298664874715ce469a79078853c4) C:\Windows\system32\drivers\mfehidk.sys

2010/11/01 19:26:39.0751 mfenlfk (e920bfd5837aed4aef903cf1c7d3949e) C:\Windows\system32\DRIVERS\mfenlfk.sys

2010/11/01 19:26:39.0869 mferkdet (858337b64484cd80eee7d2eba5ac61bc) C:\Windows\system32\drivers\mferkdet.sys

2010/11/01 19:26:39.0951 mfewfpk (dcfbf068951fb4086c6aef99c6330516) C:\Windows\system32\drivers\mfewfpk.sys

2010/11/01 19:26:40.0099 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2010/11/01 19:26:40.0138 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2010/11/01 19:26:40.0161 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2010/11/01 19:26:40.0178 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2010/11/01 19:26:40.0214 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2010/11/01 19:26:40.0260 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2010/11/01 19:26:40.0311 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2010/11/01 19:26:40.0354 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2010/11/01 19:26:40.0397 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2010/11/01 19:26:40.0438 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2010/11/01 19:26:40.0457 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/11/01 19:26:40.0471 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/11/01 19:26:40.0513 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys

2010/11/01 19:26:40.0656 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2010/11/01 19:26:40.0711 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2010/11/01 19:26:40.0739 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2010/11/01 19:26:40.0781 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2010/11/01 19:26:40.0834 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2010/11/01 19:26:40.0854 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2010/11/01 19:26:40.0903 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2010/11/01 19:26:40.0922 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2010/11/01 19:26:40.0970 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2010/11/01 19:26:40.0988 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2010/11/01 19:26:41.0052 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2010/11/01 19:26:41.0091 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2010/11/01 19:26:41.0107 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2010/11/01 19:26:41.0160 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2010/11/01 19:26:41.0205 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2010/11/01 19:26:41.0227 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2010/11/01 19:26:41.0248 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2010/11/01 19:26:41.0289 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2010/11/01 19:26:41.0349 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2010/11/01 19:26:41.0420 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2010/11/01 19:26:41.0439 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2010/11/01 19:26:41.0545 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2010/11/01 19:26:41.0593 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2010/11/01 19:26:41.0611 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2010/11/01 19:26:41.0812 nvlddmkm (d538d78b15370c94ea7ec3dc74ae2ff4) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2010/11/01 19:26:41.0881 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2010/11/01 19:26:41.0936 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2010/11/01 19:26:41.0978 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2010/11/01 19:26:42.0066 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

2010/11/01 19:26:42.0119 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2010/11/01 19:26:42.0154 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2010/11/01 19:26:42.0201 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2010/11/01 19:26:42.0271 pbfilter (4dfe4cef1aeec1025380d7ebf40e8e2b) C:\Program Files\Peerblock\pbfilter.sys

2010/11/01 19:26:42.0597 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2010/11/01 19:26:42.0618 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

2010/11/01 19:26:42.0658 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2010/11/01 19:26:42.0721 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2010/11/01 19:26:42.0873 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2010/11/01 19:26:42.0910 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

2010/11/01 19:26:42.0966 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2010/11/01 19:26:43.0002 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys

2010/11/01 19:26:43.0067 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2010/11/01 19:26:43.0128 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2010/11/01 19:26:43.0171 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2010/11/01 19:26:43.0242 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys

2010/11/01 19:26:43.0291 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2010/11/01 19:26:43.0335 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2010/11/01 19:26:43.0372 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2010/11/01 19:26:43.0395 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2010/11/01 19:26:43.0474 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2010/11/01 19:26:43.0488 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2010/11/01 19:26:43.0533 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

2010/11/01 19:26:43.0554 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2010/11/01 19:26:43.0609 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2010/11/01 19:26:43.0684 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2010/11/01 19:26:43.0736 RTL8169 (17b1d7ce7af11fb24db1def9621c033b) C:\Windows\system32\DRIVERS\Rtlh86.sys

2010/11/01 19:26:43.0908 RtNdPt60 (7f8d15ee000577be703537849d4f9397) C:\Windows\system32\DRIVERS\RtNdPt60.sys

2010/11/01 19:26:43.0967 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2010/11/01 19:26:44.0048 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2010/11/01 19:26:44.0124 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2010/11/01 19:26:44.0174 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2010/11/01 19:26:44.0205 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2010/11/01 19:26:44.0264 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2010/11/01 19:26:44.0309 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2010/11/01 19:26:44.0331 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2010/11/01 19:26:44.0389 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

2010/11/01 19:26:44.0441 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2010/11/01 19:26:44.0476 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2010/11/01 19:26:44.0515 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2010/11/01 19:26:44.0558 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2010/11/01 19:26:44.0625 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2010/11/01 19:26:44.0733 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys

2010/11/01 19:26:44.0808 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys

2010/11/01 19:26:44.0827 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys

2010/11/01 19:26:44.0879 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2010/11/01 19:26:44.0935 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2010/11/01 19:26:44.0974 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2010/11/01 19:26:45.0000 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2010/11/01 19:26:45.0114 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2010/11/01 19:26:45.0206 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2010/11/01 19:26:45.0268 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2010/11/01 19:26:45.0321 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2010/11/01 19:26:45.0358 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2010/11/01 19:26:45.0397 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2010/11/01 19:26:45.0465 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2010/11/01 19:26:45.0534 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2010/11/01 19:26:45.0561 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2010/11/01 19:26:45.0600 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

2010/11/01 19:26:45.0644 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2010/11/01 19:26:45.0735 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2010/11/01 19:26:45.0792 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2010/11/01 19:26:45.0847 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2010/11/01 19:26:45.0881 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2010/11/01 19:26:45.0920 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2010/11/01 19:26:45.0974 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2010/11/01 19:26:46.0028 UMPass (88bd96a1baeed33ee8bdf9499c07a841) C:\Windows\system32\DRIVERS\umpass.sys

2010/11/01 19:26:46.0100 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2010/11/01 19:26:46.0137 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2010/11/01 19:26:46.0248 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2010/11/01 19:26:46.0290 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2010/11/01 19:26:46.0351 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2010/11/01 19:26:46.0386 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2010/11/01 19:26:46.0413 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2010/11/01 19:26:46.0441 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/11/01 19:26:46.0515 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2010/11/01 19:26:46.0618 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2010/11/01 19:26:46.0656 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2010/11/01 19:26:46.0699 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2010/11/01 19:26:46.0751 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2010/11/01 19:26:46.0816 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2010/11/01 19:26:46.0865 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2010/11/01 19:26:47.0017 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2010/11/01 19:26:47.0083 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2010/11/01 19:26:47.0119 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2010/11/01 19:26:47.0168 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2010/11/01 19:26:47.0210 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/11/01 19:26:47.0228 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/11/01 19:26:47.0279 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2010/11/01 19:26:47.0302 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2010/11/01 19:26:47.0380 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

2010/11/01 19:26:47.0466 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2010/11/01 19:26:47.0529 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2010/11/01 19:26:47.0616 ================================================================================

2010/11/01 19:26:47.0616 Scan finished

2010/11/01 19:26:47.0616 ================================================================================

2010/11/01 19:47:48.0547 Deinitialize success

Link to post
Share on other sites

post-32477-1261866970.gif

DO NOT use any TOOLS such as Combofix, or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

XP Users

Double-click My Computer.

Click the Tools menu, and then click Folder Options.

Click the View tab.

Uncheck "Hide file extensions for known file types."

Under the "Hidden files" folder, select "Show hidden files and folders."

Uncheck "Hide protected operating system files."

Click Apply, and then click OK.

Vista Users

To enable the viewing of hidden and protected system files in Windows Vista please follow these steps:

Close all programs so that you are at your desktop.

Click on the Start button. This is the small round button with the Windows flag in the lower left corner.

Click on the Control Panel menu option.

When the control panel opens you can either be in Classic View or Control Panel Home view:

If you are in the Classic View do the following:

Double-click on the Folder Options icon.

Click on the View tab.

If you are in the Control Panel Home view do the following:

Click on the Appearance and Personalization link.

Click on Show Hidden Files or Folders.

Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.

Remove the checkmark from the checkbox labeled Hide extensions for known file types.

Remove the checkmark from the checkbox labeled Hide protected operating system files.

Please do not delete anything unless instructed to.

Next:

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

All running much faster too.

Any idea what that was?

No idea what it was.

Looks good now though.

Good job

The following will implement some cleanup procedures as well as reset System Restore points:

  • Click START run
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

To be on the safe side, I would also change all my passwords.

Here's my usual all clean post

Log looks good :D

  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
    5. Change the Download signed ActiveX controls to Prompt
    6. Change the Download unsigned ActiveX controls to Disable
    7. Change the Initialize and script ActiveX controls not marked as safe to Disable
    8. Change the Installation of desktop items to Prompt
    9. Change the Launching programs and files in an IFRAME to Prompt
    10. Change the Navigate sub-frames across different domains to Prompt
    11. When all these settings have been made, click on the OK button.
    12. If it prompts you as to whether or not you want to save the settings, press the Yes button.

    • Next press the Apply button and then the OK to exit the Internet Properties page.
    • Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
      (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
    • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
      Without a firewall your computer is succeptible to being hacked and taken over.
      I am very serious about this and see it happen almost every day with my clients.
      Simply using a Firewall in its default configuration can lower your risk greatly.
    • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
      This will ensure your computer has always the latest security updates available installed on your computer.
      If there are new updates to install, install them immediately, reboot your computer, and revisit the site
      until there are no more critical updates.
    • Update all these programs regularly - Make sure you update all the programs I have listed regularly.
      Without regular updates you WILL NOT be protected when new malicious programs are released.

    Only run one Anti-Virus and Firewall program.

    I would suggest you read How to Prevent Malware:

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.