Jump to content

Recommended Posts

i am stuck with this anti-anti-malware thing whatever its called and basically i cant get the programs to run to fix it, and im barely scratching the surface of the problem.

here is the other detail, when clicking any link from search sites (google, yahoo) on any browser (firefox, IE) it forwards it to this top100search.com or something like that, which is what brought the problem to attention. then i noticed it wreaking havok on my comodo internet security and windows defender as well as a load of other programs it seems to have infected.

it got to the point where i had to do a system restore, which toned down the false security attacks, but the malware, and browser hijack thing are still in effect.

ah so i tried just about everything that i have read online, so far 2 things KIND OF worked, as in didnt crash them

inherit.exe works to fix the programs not being able to run not due to permissions... OK

Emsisoft Anti-Malware runs, but doesnt fix anything. but it did point out the problems (i think)

TDSSKiller runs ok...

none of the anti malware programs work

hijack this does not work

and i have tried almost everything, changing the filenames around, etc. I have my settings correct, i do close all programs, and I have even SEEN what is messed up but it never fixed. rebooted dozens of times

I have not tried the registry fix or the fix.ini that i read about as i am not sure if it will mess up my pc if it goes wrong

heres the first emsisoft log:

-------------

Emsisoft Anti-Malware - Version 5.1

Last update: N/A

Scan settings:

Scan type: N/A

Objects: Memory, Traces, C:\Windows\, C:\Program Files

Scan archives: Off

Heuristics: Off

ADS Scan: On

Scan start: 7/9/2011 5:29:14 AM

[956] C:\Windows\System32\nvvsvc.exe detected: Trojan-Spy.Win32.Zbot!IK

[592] C:\Program Files\Bonjour\mDNSResponder.exe detected: Trojan-Spy.Win32.Zbot!IK

[920] C:\Windows\System32\dlbxcoms.exe detected: Trojan-Spy.Win32.Zbot!IK

[216] C:\Windows\SMINST\BLService.exe detected: Trojan-Spy.Win32.Zbot!IK

[2204] C:\Program Files\CyberLink\Shared Files\RichVideo.exe detected: Trojan-Spy.Win32.Zbot!IK

[2288] C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe detected: Trojan-Spy.Win32.Zbot!IK

[2388] C:\Program Files\Viewpoint\Common\ViewpointService.exe detected: Trojan-Spy.Win32.Zbot!IK

[4064] C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe detected: Trojan-Spy.Win32.Zbot!IK

[4088] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe detected: Trojan-Spy.Win32.Zbot!IK

c:\programdata\microsoft\windows\start menu\programs\PopCap Games detected: Trace.Directory.Bejeweled 2 Deluxe 1.0!A2

Value: HKEY_CLASSES_ROOT\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} --> AppID detected: Trace.Registry.dl.tvunetworks.com!A2

Value: HKEY_CLASSES_ROOT\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}\InprocServer32 --> ThreadingModel detected: Trace.Registry.dl.tvunetworks.com!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} --> AppID detected: Trace.Registry.dl.tvunetworks.com!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3EA4FA88-E0BE-419A-A732-9B79B87A6ED0}\InprocServer32 --> ThreadingModel detected: Trace.Registry.dl.tvunetworks.com!A2

Scanned

Files: 424

Traces: 587294

Cookies: 0

Processes: 58

Found

Files: 0

Traces: 5

Cookies: 0

Processes: 9

Registry keys: 0

Scan end: 7/9/2011 5:32:01 AM

Scan time: 0:02:47

Quarantined

Files: 0

Traces: 5

Cookies: 0

Quarantined

Files: 0

Traces: 10

Cookies: 0

Quarantined

Files: 0

Traces: 15

Cookies: 0

---------------

Now here is the other log I have found this is using TDSSKiller

TDSSKiller Log:

----here is the log from TDSSKiller one of the only programs to show me something is wrong:

2011/07/09 06:14:49.0629 1660 Scan started

2011/07/09 06:14:49.0629 1660 Mode: Manual;

2011/07/09 06:14:49.0629 1660 ================================================================================

2011/07/09 06:14:50.0539 1660 Suspicious service (NoAccess): 983205519

2011/07/09 06:14:50.0637 1660 983205519 (6d69f8e6284502cd29f9e1694f3d8fad) C:\Windows\system32\drivers\983205519.sys

2011/07/09 06:14:50.0637 1660 Suspicious file (NoAccess): C:\Windows\system32\drivers\983205519.sys. md5: 6d69f8e6284502cd29f9e1694f3d8fad

2011/07/09 06:14:50.0661 1660 983205519 - detected LockedService.Multi.Generic (1)

2011/07/09 06:14:50.0802 1660 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

2011/07/09 06:14:50.0981 1660 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2011/07/09 06:14:51.0070 1660 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2011/07/09 06:14:51.0145 1660 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2011/07/09 06:14:51.0184 1660 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2011/07/09 06:14:51.0329 1660 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys

2011/07/09 06:14:51.0456 1660 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

2011/07/09 06:14:51.0574 1660 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/07/09 06:14:51.0651 1660 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2011/07/09 06:14:51.0707 1660 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2011/07/09 06:14:51.0761 1660 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2011/07/09 06:14:51.0838 1660 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2011/07/09 06:14:51.0939 1660 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

2011/07/09 06:14:52.0032 1660 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2011/07/09 06:14:52.0083 1660 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2011/07/09 06:14:52.0204 1660 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/07/09 06:14:52.0231 1660 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

2011/07/09 06:14:52.0362 1660 athr (600efe56f37adbd65a0fb076b50d1b8d) C:\Windows\system32\DRIVERS\athr.sys

2011/07/09 06:14:52.0591 1660 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys

2011/07/09 06:14:52.0678 1660 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/07/09 06:14:52.0850 1660 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2011/07/09 06:14:52.0970 1660 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

2011/07/09 06:14:53.0105 1660 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/07/09 06:14:53.0160 1660 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/07/09 06:14:53.0237 1660 Bridge (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys

2011/07/09 06:14:53.0294 1660 BridgeMP (72df06d26ae4ced2e08f428b96302b0e) C:\Windows\system32\DRIVERS\bridge.sys

2011/07/09 06:14:53.0435 1660 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/07/09 06:14:53.0499 1660 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/07/09 06:14:53.0560 1660 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/07/09 06:14:53.0599 1660 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/07/09 06:14:53.0647 1660 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/07/09 06:14:54.0210 1660 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/07/09 06:14:54.0302 1660 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

2011/07/09 06:14:54.0378 1660 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

2011/07/09 06:14:54.0456 1660 CLFS (0703b9dee7eec6d6370edebd43d0f5c2) C:\Windows\system32\CLFS.sys

2011/07/09 06:14:54.0616 1660 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/07/09 06:14:54.0719 1660 cmdGuard (aa54e7614e0f2f9cc22adf262d9f94f8) C:\Windows\system32\DRIVERS\cmdguard.sys

2011/07/09 06:14:54.0765 1660 cmdHlp (9b85c587cba4e2319b3fa372c9db2ac3) C:\Windows\system32\DRIVERS\cmdhlp.sys

2011/07/09 06:14:54.0852 1660 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2011/07/09 06:14:54.0977 1660 CnxtHdAudService (1adf6f4852e7d7e2e8ac481bdb970586) C:\Windows\system32\drivers\CHDRT32.sys

2011/07/09 06:14:55.0043 1660 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2011/07/09 06:14:55.0100 1660 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2011/07/09 06:14:55.0154 1660 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2011/07/09 06:14:55.0334 1660 DefragFS (292e9ec82df08cbdd1cc51d963f38248) C:\Windows\system32\drivers\DefragFS.sys

2011/07/09 06:14:55.0400 1660 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

2011/07/09 06:14:55.0568 1660 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

2011/07/09 06:14:55.0810 1660 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/07/09 06:14:55.0888 1660 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

2011/07/09 06:14:55.0966 1660 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/07/09 06:14:56.0253 1660 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

2011/07/09 06:14:56.0382 1660 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2011/07/09 06:14:56.0546 1660 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2011/07/09 06:14:56.0660 1660 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

2011/07/09 06:14:56.0710 1660 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

2011/07/09 06:14:56.0795 1660 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2011/07/09 06:14:56.0955 1660 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/07/09 06:14:57.0015 1660 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/07/09 06:14:57.0074 1660 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/07/09 06:14:57.0166 1660 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

2011/07/09 06:14:57.0245 1660 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/07/09 06:14:57.0337 1660 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2011/07/09 06:14:57.0460 1660 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

2011/07/09 06:14:57.0545 1660 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/07/09 06:14:57.0590 1660 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/07/09 06:14:57.0689 1660 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2011/07/09 06:14:57.0772 1660 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys

2011/07/09 06:14:57.0873 1660 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2011/07/09 06:14:58.0005 1660 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

2011/07/09 06:14:58.0117 1660 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

2011/07/09 06:14:58.0225 1660 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys

2011/07/09 06:14:58.0359 1660 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

2011/07/09 06:14:58.0432 1660 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

2011/07/09 06:14:58.0489 1660 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2011/07/09 06:14:58.0623 1660 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/07/09 06:14:58.0673 1660 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2011/07/09 06:14:58.0754 1660 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/07/09 06:14:58.0836 1660 inspect (07e3923799ef3b737252a2512eda9caf) C:\Windows\system32\DRIVERS\inspect.sys

2011/07/09 06:14:58.0865 1660 inspect - detected Rootkit.Win32.ZAccess.c (0)

2011/07/09 06:14:59.0054 1660 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2011/07/09 06:14:59.0139 1660 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/07/09 06:14:59.0489 1660 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/07/09 06:14:59.0657 1660 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2011/07/09 06:14:59.0723 1660 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/07/09 06:14:59.0799 1660 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/07/09 06:14:59.0846 1660 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2011/07/09 06:14:59.0999 1660 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/07/09 06:15:00.0049 1660 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/07/09 06:15:00.0122 1660 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/07/09 06:15:00.0171 1660 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/07/09 06:15:00.0219 1660 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

2011/07/09 06:15:00.0296 1660 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

2011/07/09 06:15:00.0442 1660 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/07/09 06:15:00.0531 1660 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2011/07/09 06:15:00.0562 1660 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2011/07/09 06:15:00.0594 1660 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2011/07/09 06:15:00.0636 1660 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/07/09 06:15:00.0755 1660 MBAMSwissArmy (b309912717c29fc67e1ba4730a82b6dd) C:\Windows\system32\drivers\mbamswissarmy.sys

2011/07/09 06:15:00.0846 1660 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

2011/07/09 06:15:00.0925 1660 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2011/07/09 06:15:01.0013 1660 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2011/07/09 06:15:01.0087 1660 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/07/09 06:15:01.0172 1660 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/07/09 06:15:01.0250 1660 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/07/09 06:15:01.0308 1660 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/07/09 06:15:01.0343 1660 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/07/09 06:15:01.0432 1660 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2011/07/09 06:15:01.0502 1660 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/07/09 06:15:01.0580 1660 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/07/09 06:15:01.0624 1660 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

2011/07/09 06:15:01.0696 1660 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/07/09 06:15:01.0761 1660 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/07/09 06:15:01.0828 1660 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/07/09 06:15:01.0880 1660 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

2011/07/09 06:15:01.0933 1660 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2011/07/09 06:15:02.0034 1660 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/07/09 06:15:02.0179 1660 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/07/09 06:15:02.0300 1660 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/07/09 06:15:02.0392 1660 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/07/09 06:15:02.0483 1660 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/07/09 06:15:02.0535 1660 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

2011/07/09 06:15:02.0609 1660 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/07/09 06:15:02.0657 1660 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/07/09 06:15:02.0735 1660 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

2011/07/09 06:15:02.0869 1660 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

2011/07/09 06:15:03.0141 1660 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

2011/07/09 06:15:03.0214 1660 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/07/09 06:15:03.0269 1660 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/07/09 06:15:03.0371 1660 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/07/09 06:15:03.0430 1660 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/07/09 06:15:03.0488 1660 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/07/09 06:15:03.0545 1660 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

2011/07/09 06:15:03.0646 1660 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/07/09 06:15:03.0792 1660 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

2011/07/09 06:15:03.0842 1660 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/07/09 06:15:03.0949 1660 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

2011/07/09 06:15:04.0031 1660 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/07/09 06:15:04.0132 1660 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/07/09 06:15:04.0262 1660 NVENETFD (ae78a7285df03a277415fc62f8ce8f24) C:\Windows\system32\DRIVERS\nvmfdx32.sys

2011/07/09 06:15:04.0406 1660 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys

2011/07/09 06:15:05.0005 1660 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/07/09 06:15:05.0351 1660 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2011/07/09 06:15:05.0440 1660 nvsmu (0fb6bf3ab170fc5bd403d25e134eafde) C:\Windows\system32\DRIVERS\nvsmu.sys

2011/07/09 06:15:05.0492 1660 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2011/07/09 06:15:05.0587 1660 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2011/07/09 06:15:05.0700 1660 NWADI (0973c0c696780161f4526586d5eac422) C:\Windows\system32\DRIVERS\NWADIenum.sys

2011/07/09 06:15:05.0882 1660 NWUSBCDFIL (1fde5b2d61d97d803594df4b3bc28c4b) C:\Windows\system32\DRIVERS\NwUsbCdFil.sys

2011/07/09 06:15:06.0011 1660 NWUSBModem (65b471bb7e57c416a1e685ec07d4abfa) C:\Windows\system32\DRIVERS\nwusbmdm.sys

2011/07/09 06:15:06.0089 1660 NWUSBPort (65b471bb7e57c416a1e685ec07d4abfa) C:\Windows\system32\DRIVERS\nwusbser.sys

2011/07/09 06:15:06.0170 1660 NWUSBPort2 (65b471bb7e57c416a1e685ec07d4abfa) C:\Windows\system32\DRIVERS\nwusbser2.sys

2011/07/09 06:15:06.0326 1660 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

2011/07/09 06:15:06.0442 1660 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2011/07/09 06:15:06.0518 1660 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

2011/07/09 06:15:06.0565 1660 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2011/07/09 06:15:06.0699 1660 pbfilter (2f6e885c432927a186c2e352c8a1cbf4) C:\Program Files\PeerBlock\pbfilter.sys

2011/07/09 06:15:06.0834 1660 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

2011/07/09 06:15:06.0928 1660 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2011/07/09 06:15:06.0989 1660 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/07/09 06:15:07.0144 1660 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/07/09 06:15:07.0480 1660 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/07/09 06:15:07.0568 1660 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys

2011/07/09 06:15:07.0721 1660 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

2011/07/09 06:15:07.0858 1660 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2011/07/09 06:15:07.0972 1660 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/07/09 06:15:08.0042 1660 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/07/09 06:15:08.0100 1660 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/07/09 06:15:08.0164 1660 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/07/09 06:15:08.0215 1660 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/07/09 06:15:08.0273 1660 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

2011/07/09 06:15:08.0318 1660 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

2011/07/09 06:15:08.0370 1660 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/07/09 06:15:08.0489 1660 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

2011/07/09 06:15:08.0548 1660 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/07/09 06:15:08.0606 1660 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

2011/07/09 06:15:08.0791 1660 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/07/09 06:15:08.0890 1660 RTSTOR (b0538dea03e088b80482ca939f4e8740) C:\Windows\system32\drivers\RTSTOR.SYS

2011/07/09 06:15:09.0190 1660 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/07/09 06:15:09.0343 1660 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/07/09 06:15:09.0417 1660 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2011/07/09 06:15:09.0487 1660 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2011/07/09 06:15:09.0592 1660 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/07/09 06:15:09.0671 1660 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2011/07/09 06:15:09.0736 1660 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2011/07/09 06:15:09.0775 1660 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2011/07/09 06:15:09.0816 1660 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2011/07/09 06:15:09.0958 1660 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2011/07/09 06:15:10.0040 1660 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2011/07/09 06:15:10.0070 1660 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2011/07/09 06:15:10.0148 1660 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

2011/07/09 06:15:10.0245 1660 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS

2011/07/09 06:15:10.0375 1660 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/07/09 06:15:10.0502 1660 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys

2011/07/09 06:15:10.0502 1660 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9

2011/07/09 06:15:10.0524 1660 sptd - detected LockedFile.Multi.Generic (1)

2011/07/09 06:15:10.0611 1660 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

2011/07/09 06:15:10.0674 1660 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

2011/07/09 06:15:10.0727 1660 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

2011/07/09 06:15:10.0792 1660 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys

2011/07/09 06:15:10.0905 1660 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/07/09 06:15:11.0036 1660 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/07/09 06:15:11.0099 1660 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/07/09 06:15:11.0162 1660 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/07/09 06:15:11.0281 1660 SynTP (00b19f27858f56181edb58b71a7c67a0) C:\Windows\system32\DRIVERS\SynTP.sys

2011/07/09 06:15:11.0454 1660 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

2011/07/09 06:15:11.0520 1660 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

2011/07/09 06:15:11.0619 1660 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

2011/07/09 06:15:11.0703 1660 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/07/09 06:15:11.0746 1660 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/07/09 06:15:11.0787 1660 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

2011/07/09 06:15:11.0853 1660 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

2011/07/09 06:15:11.0969 1660 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/07/09 06:15:12.0081 1660 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/07/09 06:15:12.0146 1660 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

2011/07/09 06:15:12.0226 1660 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2011/07/09 06:15:12.0292 1660 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

2011/07/09 06:15:12.0421 1660 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2011/07/09 06:15:12.0477 1660 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2011/07/09 06:15:12.0541 1660 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/07/09 06:15:12.0578 1660 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/07/09 06:15:12.0623 1660 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2011/07/09 06:15:12.0771 1660 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys

2011/07/09 06:15:12.0830 1660 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/07/09 06:15:12.0890 1660 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/07/09 06:15:13.0001 1660 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

2011/07/09 06:15:13.0061 1660 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

2011/07/09 06:15:13.0109 1660 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys

2011/07/09 06:15:13.0187 1660 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2011/07/09 06:15:13.0257 1660 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2011/07/09 06:15:13.0365 1660 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/07/09 06:15:13.0447 1660 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/07/09 06:15:13.0534 1660 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

2011/07/09 06:15:13.0688 1660 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/07/09 06:15:13.0766 1660 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/07/09 06:15:13.0822 1660 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2011/07/09 06:15:13.0877 1660 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2011/07/09 06:15:13.0946 1660 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2011/07/09 06:15:14.0099 1660 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/07/09 06:15:14.0165 1660 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

2011/07/09 06:15:14.0234 1660 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

2011/07/09 06:15:14.0295 1660 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2011/07/09 06:15:14.0390 1660 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/07/09 06:15:14.0476 1660 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/09 06:15:14.0502 1660 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/09 06:15:14.0576 1660 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2011/07/09 06:15:14.0637 1660 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/07/09 06:15:14.0936 1660 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

2011/07/09 06:15:15.0211 1660 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/07/09 06:15:15.0353 1660 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

2011/07/09 06:15:15.0420 1660 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/07/09 06:15:15.0517 1660 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/07/09 06:15:15.0628 1660 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys

2011/07/09 06:15:15.0781 1660 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\Windows\system32\DRIVERS\xusb21.sys

2011/07/09 06:15:15.0848 1660 MBR (0x1B8) (85d751f0e41b8e520aee8c07a8da777b) \Device\Harddisk0\DR0

2011/07/09 06:15:15.0913 1660 Boot (0x1200) (266a7bcc8dcb2ce8a2c3bf29d91065bc) \Device\Harddisk0\DR0\Partition0

2011/07/09 06:15:15.0961 1660 Boot (0x1200) (455fb69e905e64cabcc77a78ff362e73) \Device\Harddisk0\DR0\Partition1

2011/07/09 06:15:16.0001 1660 ================================================================================

2011/07/09 06:15:16.0001 1660 Scan finished

2011/07/09 06:15:16.0001 1660 ================================================================================

2011/07/09 06:15:16.0040 3132 Detected object count: 3

2011/07/09 06:15:16.0041 3132 Actual detected object count: 3

2011/07/09 06:15:58.0938 3132 LockedService.Multi.Generic(983205519) - User select action: Skip

2011/07/09 06:15:59.0079 3132 inspect (07e3923799ef3b737252a2512eda9caf) C:\Windows\system32\DRIVERS\inspect.sys

2011/07/09 06:16:00.0505 3132 Backup copy found, using it..

2011/07/09 06:16:00.0551 3132 C:\Windows\system32\DRIVERS\inspect.sys - will be cured after reboot

2011/07/09 06:16:00.0551 3132 Rootkit.Win32.ZAccess.c(inspect) - User select action: Cure

2011/07/09 06:16:00.0557 3132 LockedFile.Multi.Generic(sptd) - User select action: Skip

2011/07/09 06:17:20.0936 3256 Deinitialize success

---------------------------

please guys, anything will help I did not deserve this crap i have been up almost 6 hours trying to fix and have lost alot of sleep due to work already, and its driving me absolutely crazy i still have 2 reports to do and i am just hoping to god that my pc doesnt mess up and i lose my data (yes i back it up but im worried this whole thing will still ruin my computer.

i will try running the programs in safe mode, again, to see if anything happens...until then if someone can help me i will be forever greatful this is so frustrating

Link to post
Share on other sites

heres something i got from rkill

Rkill was run on 07/09/2011 at 8:51:44.

Operating System: Windows Vista Home Premium

Processes terminated by Rkill or while it was running:

\\.\globalroot\Device\svchost.exe\svchost.exe

xe

Rkill completed on 07/09/2011 at 8:52:25.

Link to post
Share on other sites

ok so after all that grief (8 hours of trying to fix this, im nearing a deadline on my papers) i managed to fix it kind of by accident.

this is what i did, ran the TDSSKiller, and had it delete the .sys file that kept popping up, i was unsure about this and freaked out when, upon restart, windows kept having an error message saying 'windows cannot start properly, shutting down in 1 minute'

at this point, i completely freaked out thinking i had ****ed up the computer for good. but this is what worked, i did yet another system restore from 2 days ago, (took about 10 mins) and it booted up fine. i checked with firefox and the link redirect was gone, as was control of my comodo internet security. just to be sure, however, i ran Malwarebytes AntiMalware, just to be on the safe side. Voila! it actually started scanning, a trojan and 2 rogues were still lurking and the program got them...

so long story short

Thank you creators of Malwarebytes AntiMalware, and everyone that works on this site. I know i didnt really need any help but im clogging up your message board and figured can at least say thank you, as tired as i am (notice my lazy caps) and without reading the other advice posted i would still be clueless as to what exactly was happening to my pc.

again thanks, for everyone that you guys have helped fix these horrible problems in the past, if i hadnt come across this site i would have given up hope altogether and never got it fixed. now i can sleep

Link to post
Share on other sites

  • 4 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.