LK001 Posted January 16, 2011 ID:374805 Share Posted January 16, 2011 I picked up the fake alert trojan through Java 6. At the time I was running free AVG. When I became infected I managed to load free Malwarebytes and solve the immediate issue of the pop-ups and all the other issues. However, now I get re-directed to eblackworld.com/blog when I pick a site through various search engines. The problem is intermittent and doesn't happen with every search.I have also since loaded free Zone Alarm.Please help me!Thanks. Link to post Share on other sites More sharing options...
LDTate Posted January 16, 2011 ID:374811 Share Posted January 16, 2011 Please don't attach the scans / logs from these scans, use "copy/paste".DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator")Stay with this topic until I give you the all clean post.You might want to print these instructions out.Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.Please download ATF Cleaner by Atribune.Download - ATF Cleaner Link to post Share on other sites More sharing options...
LK001 Posted January 16, 2011 Author ID:374844 Share Posted January 16, 2011 Here is the report from TDSSKiller -nothing was found.2011/01/16 10:44:01.0746 TDSS rootkit removing tool 2.4.13.0 Jan 12 2011 09:51:112011/01/16 10:44:01.0746 ================================================================================2011/01/16 10:44:01.0746 SystemInfo:2011/01/16 10:44:01.0746 2011/01/16 10:44:01.0746 OS Version: 6.1.7600 ServicePack: 0.02011/01/16 10:44:01.0746 Product type: Workstation2011/01/16 10:44:01.0746 ComputerName: LISA-PC2011/01/16 10:44:01.0746 UserName: Lisa2011/01/16 10:44:01.0746 Windows directory: C:\Windows2011/01/16 10:44:01.0746 System windows directory: C:\Windows2011/01/16 10:44:01.0746 Running under WOW642011/01/16 10:44:01.0746 Processor architecture: Intel x642011/01/16 10:44:01.0746 Number of processors: 22011/01/16 10:44:01.0746 Page size: 0x10002011/01/16 10:44:01.0746 Boot type: Normal boot2011/01/16 10:44:01.0746 ================================================================================2011/01/16 10:44:01.0762 Utility is running under WOW642011/01/16 10:44:02.0199 Initialize success2011/01/16 10:44:17.0705 ================================================================================2011/01/16 10:44:17.0705 Scan started2011/01/16 10:44:17.0705 Mode: Manual; 2011/01/16 10:44:17.0705 ================================================================================2011/01/16 10:44:18.0469 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys2011/01/16 10:44:18.0532 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys2011/01/16 10:44:18.0594 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys2011/01/16 10:44:18.0688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys2011/01/16 10:44:18.0766 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys2011/01/16 10:44:18.0797 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys2011/01/16 10:44:18.0937 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys2011/01/16 10:44:18.0984 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys2011/01/16 10:44:19.0109 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys2011/01/16 10:44:19.0140 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys2011/01/16 10:44:19.0187 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys2011/01/16 10:44:19.0234 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys2011/01/16 10:44:19.0296 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys2011/01/16 10:44:19.0343 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys2011/01/16 10:44:19.0374 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys2011/01/16 10:44:19.0452 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS2011/01/16 10:44:19.0515 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys2011/01/16 10:44:19.0671 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys2011/01/16 10:44:19.0717 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys2011/01/16 10:44:19.0795 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys2011/01/16 10:44:19.0905 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys2011/01/16 10:44:19.0936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys2011/01/16 10:44:20.0029 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys2011/01/16 10:44:20.0232 AVGIDSDriver (0f562e8bcf79facdfb58a5b3b95e5cfe) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys2011/01/16 10:44:20.0263 AVGIDSEH (656366fd0c0e2481a89196fb3d1be49a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys2011/01/16 10:44:20.0326 AVGIDSFilter (fdf9f596316bc1bc10726ece268a0237) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys2011/01/16 10:44:20.0466 Avgldx64 (91be0147bc27059aba6d0a478adeb1ee) C:\Windows\system32\DRIVERS\avgldx64.sys2011/01/16 10:44:20.0575 Avgmfx64 (f5ffa3053d26c55edc112e66197eed09) C:\Windows\system32\DRIVERS\avgmfx64.sys2011/01/16 10:44:20.0716 Avgrkx64 (5b3f127b26c08b1c7df5c5f111ca4030) C:\Windows\system32\DRIVERS\avgrkx64.sys2011/01/16 10:44:20.0856 Avgtdia (9140455490a9298f5a43500f1c886afe) C:\Windows\system32\DRIVERS\avgtdia.sys2011/01/16 10:44:21.0012 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys2011/01/16 10:44:21.0090 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys2011/01/16 10:44:21.0184 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys2011/01/16 10:44:21.0293 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys2011/01/16 10:44:21.0418 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys2011/01/16 10:44:21.0465 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys2011/01/16 10:44:21.0496 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys2011/01/16 10:44:21.0574 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys2011/01/16 10:44:21.0605 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys2011/01/16 10:44:21.0667 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys2011/01/16 10:44:21.0699 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys2011/01/16 10:44:21.0745 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys2011/01/16 10:44:21.0808 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys2011/01/16 10:44:21.0855 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys2011/01/16 10:44:21.0964 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys2011/01/16 10:44:22.0011 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys2011/01/16 10:44:22.0167 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys2011/01/16 10:44:22.0229 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys2011/01/16 10:44:22.0276 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys2011/01/16 10:44:22.0354 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys2011/01/16 10:44:22.0416 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys2011/01/16 10:44:22.0479 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys2011/01/16 10:44:22.0635 dc3d (db0459afd124ce5ccb649e33f95d715f) C:\Windows\system32\DRIVERS\dc3d.sys2011/01/16 10:44:22.0759 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys2011/01/16 10:44:22.0837 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys2011/01/16 10:44:22.0900 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys2011/01/16 10:44:23.0025 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys2011/01/16 10:44:23.0103 DSI_SiUSBXp_3_1 (50aad2a07bd8b90a8cfb4f6d7a4d165a) C:\Windows\system32\drivers\DSI_SiUSBXp_3_1.sys2011/01/16 10:44:23.0181 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys2011/01/16 10:44:23.0337 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys2011/01/16 10:44:23.0571 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys2011/01/16 10:44:23.0617 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys2011/01/16 10:44:23.0695 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys2011/01/16 10:44:23.0758 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys2011/01/16 10:44:23.0805 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys2011/01/16 10:44:23.0851 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys2011/01/16 10:44:23.0976 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys2011/01/16 10:44:24.0007 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys2011/01/16 10:44:24.0039 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys2011/01/16 10:44:24.0117 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys2011/01/16 10:44:24.0163 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys2011/01/16 10:44:24.0226 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys2011/01/16 10:44:24.0273 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys2011/01/16 10:44:24.0351 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys2011/01/16 10:44:24.0429 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys2011/01/16 10:44:24.0507 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys2011/01/16 10:44:24.0553 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys2011/01/16 10:44:24.0616 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys2011/01/16 10:44:24.0678 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys2011/01/16 10:44:24.0709 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys2011/01/16 10:44:24.0756 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys2011/01/16 10:44:24.0787 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys2011/01/16 10:44:24.0834 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys2011/01/16 10:44:24.0959 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys2011/01/16 10:44:25.0037 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys2011/01/16 10:44:25.0084 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys2011/01/16 10:44:25.0162 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys2011/01/16 10:44:25.0224 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys2011/01/16 10:44:25.0302 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys2011/01/16 10:44:25.0552 igfx (ac4b14e985b2bb19386cc8203fe49bcd) C:\Windows\system32\DRIVERS\igdkmd64.sys2011/01/16 10:44:25.0817 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys2011/01/16 10:44:25.0864 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys2011/01/16 10:44:25.0926 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys2011/01/16 10:44:25.0973 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys2011/01/16 10:44:26.0004 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys2011/01/16 10:44:26.0051 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys2011/01/16 10:44:26.0098 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys2011/01/16 10:44:26.0145 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys2011/01/16 10:44:26.0191 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys2011/01/16 10:44:26.0316 ISWKL (a74beacebbb108eaadb29b3c9e466e67) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys2011/01/16 10:44:26.0457 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys2011/01/16 10:44:26.0503 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys2011/01/16 10:44:26.0535 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys2011/01/16 10:44:26.0581 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys2011/01/16 10:44:26.0675 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys2011/01/16 10:44:26.0737 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys2011/01/16 10:44:26.0831 L1E (1541d77d3eb41177bd7026d49948aa95) C:\Windows\system32\DRIVERS\L1E62x64.sys2011/01/16 10:44:26.0940 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys2011/01/16 10:44:27.0065 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys2011/01/16 10:44:27.0096 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys2011/01/16 10:44:27.0174 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys2011/01/16 10:44:27.0205 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys2011/01/16 10:44:27.0252 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys2011/01/16 10:44:27.0315 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys2011/01/16 10:44:27.0377 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys2011/01/16 10:44:27.0408 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys2011/01/16 10:44:27.0471 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys2011/01/16 10:44:27.0517 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys2011/01/16 10:44:27.0627 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys2011/01/16 10:44:27.0689 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys2011/01/16 10:44:27.0720 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys2011/01/16 10:44:27.0751 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys2011/01/16 10:44:27.0798 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys2011/01/16 10:44:27.0845 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys2011/01/16 10:44:27.0907 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys2011/01/16 10:44:27.0939 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys2011/01/16 10:44:27.0985 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys2011/01/16 10:44:28.0032 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys2011/01/16 10:44:28.0063 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys2011/01/16 10:44:28.0157 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys2011/01/16 10:44:28.0204 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys2011/01/16 10:44:28.0235 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys2011/01/16 10:44:28.0329 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys2011/01/16 10:44:28.0375 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys2011/01/16 10:44:28.0422 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys2011/01/16 10:44:28.0485 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys2011/01/16 10:44:28.0531 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys2011/01/16 10:44:28.0594 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys2011/01/16 10:44:28.0656 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys2011/01/16 10:44:28.0719 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys2011/01/16 10:44:28.0797 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys2011/01/16 10:44:28.0890 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys2011/01/16 10:44:28.0953 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys2011/01/16 10:44:29.0062 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys2011/01/16 10:44:29.0109 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys2011/01/16 10:44:29.0155 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys2011/01/16 10:44:29.0187 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys2011/01/16 10:44:29.0233 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys2011/01/16 10:44:29.0374 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys2011/01/16 10:44:29.0421 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys2011/01/16 10:44:29.0545 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys2011/01/16 10:44:29.0608 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys2011/01/16 10:44:29.0655 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys2011/01/16 10:44:29.0764 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys2011/01/16 10:44:29.0904 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys2011/01/16 10:44:29.0935 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys2011/01/16 10:44:29.0982 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys2011/01/16 10:44:30.0029 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys2011/01/16 10:44:30.0076 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys2011/01/16 10:44:30.0123 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys2011/01/16 10:44:30.0201 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys2011/01/16 10:44:30.0232 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys2011/01/16 10:44:30.0279 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys2011/01/16 10:44:30.0294 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys2011/01/16 10:44:30.0435 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys2011/01/16 10:44:30.0466 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys2011/01/16 10:44:30.0513 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys2011/01/16 10:44:30.0778 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys2011/01/16 10:44:30.0809 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys2011/01/16 10:44:30.0949 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys2011/01/16 10:44:31.0027 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys2011/01/16 10:44:31.0121 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys2011/01/16 10:44:31.0168 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys2011/01/16 10:44:31.0199 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys2011/01/16 10:44:31.0293 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys2011/01/16 10:44:31.0417 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys2011/01/16 10:44:31.0464 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys2011/01/16 10:44:31.0558 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys2011/01/16 10:44:31.0605 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys2011/01/16 10:44:31.0636 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys2011/01/16 10:44:31.0761 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys2011/01/16 10:44:31.0823 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys2011/01/16 10:44:31.0870 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys2011/01/16 10:44:31.0979 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys2011/01/16 10:44:32.0057 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys2011/01/16 10:44:32.0213 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys2011/01/16 10:44:32.0275 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys2011/01/16 10:44:32.0338 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys2011/01/16 10:44:32.0463 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys2011/01/16 10:44:32.0525 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys2011/01/16 10:44:32.0572 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys2011/01/16 10:44:32.0603 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys2011/01/16 10:44:32.0665 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys2011/01/16 10:44:32.0697 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys2011/01/16 10:44:32.0728 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys2011/01/16 10:44:32.0759 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys2011/01/16 10:44:32.0821 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys2011/01/16 10:44:32.0899 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys2011/01/16 10:44:32.0946 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys2011/01/16 10:44:33.0009 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys2011/01/16 10:44:33.0196 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys2011/01/16 10:44:33.0243 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys2011/01/16 10:44:33.0336 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys2011/01/16 10:44:33.0383 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys2011/01/16 10:44:33.0430 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys2011/01/16 10:44:33.0492 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys2011/01/16 10:44:33.0586 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys2011/01/16 10:44:33.0648 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys2011/01/16 10:44:33.0773 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys2011/01/16 10:44:33.0929 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys2011/01/16 10:44:34.0007 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys2011/01/16 10:44:34.0054 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys2011/01/16 10:44:34.0085 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys2011/01/16 10:44:34.0147 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys2011/01/16 10:44:34.0241 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys2011/01/16 10:44:34.0381 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys2011/01/16 10:44:34.0444 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys2011/01/16 10:44:34.0475 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys2011/01/16 10:44:34.0522 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys2011/01/16 10:44:34.0584 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys2011/01/16 10:44:34.0631 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys2011/01/16 10:44:34.0662 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys2011/01/16 10:44:34.0771 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys2011/01/16 10:44:34.0834 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys2011/01/16 10:44:34.0881 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys2011/01/16 10:44:34.0912 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys2011/01/16 10:44:34.0959 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys2011/01/16 10:44:34.0990 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys2011/01/16 10:44:35.0037 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys2011/01/16 10:44:35.0068 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS2011/01/16 10:44:35.0099 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys2011/01/16 10:44:35.0208 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys2011/01/16 10:44:35.0302 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys2011/01/16 10:44:35.0364 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys2011/01/16 10:44:35.0427 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys2011/01/16 10:44:35.0489 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys2011/01/16 10:44:35.0629 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys2011/01/16 10:44:35.0692 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys2011/01/16 10:44:35.0739 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys2011/01/16 10:44:35.0785 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys2011/01/16 10:44:35.0817 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys2011/01/16 10:44:35.0957 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys2011/01/16 10:44:36.0113 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys2011/01/16 10:44:36.0160 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys2011/01/16 10:44:36.0191 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys2011/01/16 10:44:36.0316 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys2011/01/16 10:44:36.0394 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2011/01/16 10:44:36.0425 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys2011/01/16 10:44:36.0597 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys2011/01/16 10:44:36.0659 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys2011/01/16 10:44:36.0768 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys2011/01/16 10:44:36.0846 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys2011/01/16 10:44:36.0877 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys2011/01/16 10:44:37.0049 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys2011/01/16 10:44:37.0205 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys2011/01/16 10:44:37.0299 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys2011/01/16 10:44:37.0361 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys2011/01/16 10:44:37.0455 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys2011/01/16 10:44:37.0579 ================================================================================2011/01/16 10:44:37.0579 Scan finished2011/01/16 10:44:37.0579 ================================================================================ Link to post Share on other sites More sharing options...
LDTate Posted January 16, 2011 ID:374845 Share Posted January 16, 2011 Go here and follow the instructions to clear your Java Cachehttp://www.java.com/en/download/help/plugin_cache.xmlhttp://www.eset.eu/online-scannerGo here to run an online scannner from ESET.Click the green ESET Online Scanner button.Read the End User License Agreement and check the box: YES, I accept the Terms of Use.Click on the Start button next to it.You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.A new window will appear asking "Do you want to install this software?"".Answer Yes to download and install the ActiveX controls that allows the scan to run.Click Start.Check Remove found threats and Scan potentially unwanted applications.Click Scan to begin. If offered the option to get information or buy software. Just close the window. Wait for the scan to finishUse notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txtCopy and paste that log as a reply to this topic. Link to post Share on other sites More sharing options...
LK001 Posted January 16, 2011 Author ID:374848 Share Posted January 16, 2011 I removed Java when I thought it was causing the problem. FYI - I run window washer after every internet session.Should I skip the java cache step and go to the next one? Link to post Share on other sites More sharing options...
LDTate Posted January 16, 2011 ID:374855 Share Posted January 16, 2011 You can just run Eset Link to post Share on other sites More sharing options...
LK001 Posted January 16, 2011 Author ID:374882 Share Posted January 16, 2011 I couldn't find the logfile because I chose the remove the software upon completion, SORRY. However, I did print this to notepad: C:\Users\Lisa\AppData\Local\Temp\jar_cache2566228943099175350.tmp Java/TrojanDownloader.OpenStream.NAX trojan deleted - quarantinedC:\Users\Lisa\AppData\Local\Temp\ms0cfg32.exe a variant of Win32/Sefnit.AL trojan deleted - quarantinedC:\Users\Lisa\AppData\Local\usbUserMgmt\winNetpnp.dll a variant of Win32/Sefnit.AL trojan cleaned by deleting (after the next restart) - quarantinedC:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\1185930a-16f3f6ff multiple threats deleted - quarantinedC:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\16818dcb-10bba427 multiple threats deleted - quarantinedC:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\575d3075-47fd9249 multiple threats deleted - quarantinedIs that what you needed to see? Link to post Share on other sites More sharing options...
LDTate Posted January 16, 2011 ID:374883 Share Posted January 16, 2011 If you haven't rebooted since that scan, do so and let me know how it's running. Link to post Share on other sites More sharing options...
LK001 Posted January 16, 2011 Author ID:374895 Share Posted January 16, 2011 So far so good!Thank you! Link to post Share on other sites More sharing options...
LDTate Posted January 16, 2011 ID:374898 Share Posted January 16, 2011 I'd suggest a new BMAM scan Link to post Share on other sites More sharing options...
LDTate Posted January 16, 2011 ID:374903 Share Posted January 16, 2011 LK,Thank You very much Peace be with you Link to post Share on other sites More sharing options...
LDTate Posted January 17, 2011 ID:375549 Share Posted January 17, 2011 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts