Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Redirect

Started by Arnn , Jun 25 2011 08:26 AM

  • This topic is locked This topic is locked

#16
Essexboy
Posted 26 June 2011 - 08:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Sounds like a java redirect.. Could you clear your java cache as per the instructions here. Then let me know if they are still present
  • 0

Advertisements

#17
Arnn
Posted 26 June 2011 - 08:19 AM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Sadly, yes they are. Should I reboot after clearing the Java Cache, would that make a difference?
  • 0

#18
Essexboy
Posted 26 June 2011 - 09:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now look deeper

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#19
Arnn
Posted 26 June 2011 - 09:52 AM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Currently at 1% on the scan, already popped up with the Virus 'MEM:Rootkit.Win32.Sst.a' Do I Disinfect, or wait for the scant to go to completion?
  • 0

#20
Essexboy
Posted 26 June 2011 - 10:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Disinfect as you go please
  • 0

#21
Arnn
Posted 27 June 2011 - 10:47 AM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here we go, I think.

Autoscan: completed <1 minute ago (events: 12, objects: 416120, time: 02:07:59)
27/06/2011 17:32:52 Task completed
27/06/2011 15:24:51 Task started
27/06/2011 15:07:58 Task stopped
27/06/2011 15:07:45 Detected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 15:06:46 Task started
27/06/2011 14:58:00 Task stopped
27/06/2011 14:57:43 Detected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 14:54:55 Will be deleted on system restart: Virus.Win32.TDSS.e c:\Windows\System32\drivers\volsnap.sys
27/06/2011 14:54:46 Detected: Virus.Win32.TDSS.e c:\Windows\System32\drivers\volsnap.sys
27/06/2011 14:49:30 Cannot be backed up: MEM:Rootkit.Win32.Sst.a Unknown application
27/06/2011 14:48:52 Detected: MEM:Rootkit.Win32.Sst.a Unknown application
27/06/2011 14:48:40 Task started
Disinfect active threats: completed 2 hours ago (events: 6, objects: 6731, time: 00:04:08)
27/06/2011 15:02:09 Task completed
27/06/2011 15:01:04 Detected: Virus.Win32.TDSS.e c:\Windows\System32\drivers\volsnap.sys
27/06/2011 14:58:00 Disinfected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 14:58:00 Disinfected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 14:58:00 Detected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 14:58:00 Task started
Disinfect active threats: completed 2 hours ago (events: 5, objects: 7566, time: 00:11:58)
27/06/2011 15:19:55 Task completed
27/06/2011 15:07:58 Disinfected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 15:07:58 Disinfected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 15:07:58 Detected: MEM:Rootkit.Win32.Sst.a System Memory
27/06/2011 15:07:57 Task started

Attached Files


  • 0

#22
Essexboy
Posted 27 June 2011 - 11:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The thing is - did it manage to cure volsnap ?

Lets check

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 0

#23
Arnn
Posted 27 June 2011 - 11:14 AM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Came up clean. Is this looking hopeful?

2011/06/27 18:12:15.0066 3332 TDSS rootkit removing tool 2.5.6.0 Jun 27 2011 15:22:52
2011/06/27 18:12:15.0406 3332 ================================================================================
2011/06/27 18:12:15.0406 3332 SystemInfo:
2011/06/27 18:12:15.0406 3332
2011/06/27 18:12:15.0406 3332 OS Version: 6.1.7601 ServicePack: 1.0
2011/06/27 18:12:15.0407 3332 Product type: Workstation
2011/06/27 18:12:15.0407 3332 ComputerName: PHOENIX-PC
2011/06/27 18:12:15.0407 3332 UserName: Phoenix
2011/06/27 18:12:15.0408 3332 Windows directory: C:\windows
2011/06/27 18:12:15.0408 3332 System windows directory: C:\windows
2011/06/27 18:12:15.0408 3332 Processor architecture: Intel x86
2011/06/27 18:12:15.0408 3332 Number of processors: 2
2011/06/27 18:12:15.0408 3332 Page size: 0x1000
2011/06/27 18:12:15.0408 3332 Boot type: Normal boot
2011/06/27 18:12:15.0408 3332 ================================================================================
2011/06/27 18:12:18.0260 3332 Initialize success
2011/06/27 18:12:22.0970 4728 ================================================================================
2011/06/27 18:12:22.0970 4728 Scan started
2011/06/27 18:12:22.0970 4728 Mode: Manual;
2011/06/27 18:12:22.0970 4728 ================================================================================
2011/06/27 18:12:26.0191 4728 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
2011/06/27 18:12:26.0438 4728 27886361 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\windows\system32\DRIVERS\27886361.sys
2011/06/27 18:12:26.0627 4728 27886362 (a305fad3719c5db0c13d1c2bfd08a04d) C:\windows\system32\DRIVERS\27886362.sys
2011/06/27 18:12:26.0830 4728 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
2011/06/27 18:12:27.0352 4728 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
2011/06/27 18:12:27.0514 4728 ACPIVPC (0ff1f2f287e65a66a3b72484b9895785) C:\windows\system32\DRIVERS\AcpiVpc.sys
2011/06/27 18:12:27.0739 4728 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2011/06/27 18:12:27.0970 4728 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2011/06/27 18:12:28.0182 4728 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2011/06/27 18:12:28.0490 4728 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
2011/06/27 18:12:28.0648 4728 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
2011/06/27 18:12:28.0822 4728 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2011/06/27 18:12:29.0037 4728 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
2011/06/27 18:12:29.0230 4728 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
2011/06/27 18:12:29.0386 4728 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
2011/06/27 18:12:29.0561 4728 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2011/06/27 18:12:29.0878 4728 amdkmdag (70af0409de16e6ef7be74f98652efc37) C:\windows\system32\DRIVERS\atipmdag.sys
2011/06/27 18:12:30.0162 4728 amdkmdap (0b484b58e0dcb55b8d74952b7d9e8ad2) C:\windows\system32\DRIVERS\atikmpag.sys
2011/06/27 18:12:30.0410 4728 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2011/06/27 18:12:30.0604 4728 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
2011/06/27 18:12:30.0811 4728 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2011/06/27 18:12:30.0949 4728 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
2011/06/27 18:12:31.0169 4728 ApfiltrService (fd6d4bc1cf7d1fec5a17588007ecafb5) C:\windows\system32\DRIVERS\Apfiltr.sys
2011/06/27 18:12:31.0390 4728 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
2011/06/27 18:12:31.0734 4728 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2011/06/27 18:12:31.0878 4728 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2011/06/27 18:12:32.0095 4728 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2011/06/27 18:12:32.0317 4728 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
2011/06/27 18:12:32.0801 4728 AtiPcie (aca01c43d065e546c6dc88ea669ceca6) C:\windows\system32\DRIVERS\AtiPcie.sys
2011/06/27 18:12:33.0264 4728 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\windows\system32\DRIVERS\avgntflt.sys
2011/06/27 18:12:33.0579 4728 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\windows\system32\DRIVERS\avipbb.sys
2011/06/27 18:12:33.0866 4728 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2011/06/27 18:12:34.0076 4728 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/06/27 18:12:34.0357 4728 BCM43XX (cda161020bf75b12728ae394196ad991) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/06/27 18:12:34.0693 4728 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2011/06/27 18:12:34.0880 4728 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2011/06/27 18:12:35.0101 4728 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
2011/06/27 18:12:35.0177 4728 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/06/27 18:12:35.0318 4728 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/06/27 18:12:35.0494 4728 Bridge0 (b35bb97b6dd9913093579f5c83962636) C:\windows\system32\drivers\WDBridge.sys
2011/06/27 18:12:35.0718 4728 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2011/06/27 18:12:35.0885 4728 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2011/06/27 18:12:36.0078 4728 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/06/27 18:12:36.0193 4728 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2011/06/27 18:12:36.0384 4728 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys
2011/06/27 18:12:36.0517 4728 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2011/06/27 18:12:36.0683 4728 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
2011/06/27 18:12:36.0900 4728 BTHPORT (195c41cc67e9e1cedd960ccb74925920) C:\windows\System32\Drivers\BTHport.sys
2011/06/27 18:12:37.0104 4728 BTHUSB (43b3206dd654e783aa7e4ead340a43b8) C:\windows\System32\Drivers\BTHUSB.sys
2011/06/27 18:12:37.0263 4728 btwaudio (ce5833c144ca6623bcbde93b188aa850) C:\windows\system32\drivers\btwaudio.sys
2011/06/27 18:12:37.0454 4728 btwavdt (af9148c3e844131ac954cb53ff43d971) C:\windows\system32\drivers\btwavdt.sys
2011/06/27 18:12:38.0125 4728 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys
2011/06/27 18:12:38.0287 4728 btwrchid (480b3d195854b2e55299cddddc50bcf9) C:\windows\system32\DRIVERS\btwrchid.sys
2011/06/27 18:12:38.0649 4728 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2011/06/27 18:12:38.0813 4728 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
2011/06/27 18:12:39.0013 4728 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2011/06/27 18:12:39.0159 4728 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2011/06/27 18:12:39.0370 4728 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2011/06/27 18:12:39.0517 4728 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
2011/06/27 18:12:39.0702 4728 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2011/06/27 18:12:39.0896 4728 CnxtHdAudService (38b2b74dd1515cf70e8e33ab3a16ca07) C:\windows\system32\drivers\CHDRT32.sys
2011/06/27 18:12:40.0085 4728 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2011/06/27 18:12:40.0257 4728 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
2011/06/27 18:12:40.0449 4728 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2011/06/27 18:12:40.0728 4728 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
2011/06/27 18:12:40.0900 4728 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2011/06/27 18:12:41.0123 4728 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2011/06/27 18:12:41.0319 4728 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2011/06/27 18:12:41.0532 4728 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\windows\system32\DRIVERS\dtsoftbus01.sys
2011/06/27 18:12:41.0683 4728 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
2011/06/27 18:12:41.0935 4728 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2011/06/27 18:12:42.0177 4728 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2011/06/27 18:12:42.0273 4728 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
2011/06/27 18:12:42.0798 4728 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2011/06/27 18:12:42.0988 4728 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2011/06/27 18:12:43.0156 4728 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2011/06/27 18:12:43.0304 4728 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2011/06/27 18:12:43.0474 4728 FileMonitor (49d52efb28ba7f18d28d2f1d8ee33f79) C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
2011/06/27 18:12:43.0687 4728 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2011/06/27 18:12:43.0824 4728 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2011/06/27 18:12:43.0985 4728 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2011/06/27 18:12:44.0245 4728 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2011/06/27 18:12:44.0450 4728 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2011/06/27 18:12:44.0729 4728 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
2011/06/27 18:12:44.0965 4728 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/06/27 18:12:45.0246 4728 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2011/06/27 18:12:45.0409 4728 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
2011/06/27 18:12:45.0573 4728 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
2011/06/27 18:12:45.0708 4728 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2011/06/27 18:12:45.0827 4728 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2011/06/27 18:12:45.0985 4728 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2011/06/27 18:12:46.0153 4728 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
2011/06/27 18:12:46.0334 4728 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
2011/06/27 18:12:46.0507 4728 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
2011/06/27 18:12:46.0639 4728 hwdatacard (92ca47da32009ccc00a5aded04abbd78) C:\windows\system32\DRIVERS\ewusbmdm.sys
2011/06/27 18:12:46.0752 4728 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
2011/06/27 18:12:46.0945 4728 hwusbfake (1d4d6d24256f61e6b08a3cf8184a78b8) C:\windows\system32\DRIVERS\ewusbfake.sys
2011/06/27 18:12:47.0110 4728 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
2011/06/27 18:12:47.0238 4728 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
2011/06/27 18:12:47.0491 4728 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/06/27 18:12:47.0705 4728 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2011/06/27 18:12:47.0919 4728 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
2011/06/27 18:12:48.0095 4728 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2011/06/27 18:12:48.0298 4728 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
2011/06/27 18:12:48.0545 4728 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2011/06/27 18:12:48.0726 4728 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2011/06/27 18:12:48.0912 4728 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
2011/06/27 18:12:49.0008 4728 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
2011/06/27 18:12:49.0167 4728 k57nd60x (c4c95805b85bce1eb9d20f4a02fc5f9b) C:\windows\system32\DRIVERS\k57nd60x.sys
2011/06/27 18:12:49.0353 4728 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/06/27 18:12:50.0002 4728 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\DRIVERS\kbdhid.sys
2011/06/27 18:12:50.0170 4728 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\windows\system32\Drivers\ksecdd.sys
2011/06/27 18:12:50.0310 4728 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\windows\system32\Drivers\ksecpkg.sys
2011/06/27 18:12:50.0516 4728 L1C (3705b2273e8efc9a707864ab7324b614) C:\windows\system32\DRIVERS\L1C62x86.sys
2011/06/27 18:12:50.0757 4728 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
2011/06/27 18:12:50.0913 4728 Lbd (336abe8721cbc3110f1c6426da633417) C:\windows\system32\DRIVERS\Lbd.sys
2011/06/27 18:12:51.0123 4728 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2011/06/27 18:12:51.0316 4728 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/06/27 18:12:51.0496 4728 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/06/27 18:12:51.0654 4728 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/06/27 18:12:51.0811 4728 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/06/27 18:12:51.0970 4728 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2011/06/27 18:12:52.0198 4728 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\windows\system32\drivers\massfilter.sys
2011/06/27 18:12:52.0602 4728 mdvrmng (4e10e84320a8ec1c12bd0d00973b22ab) C:\windows\system32\drivers\mdvrmng.sys
2011/06/27 18:12:52.0764 4728 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2011/06/27 18:12:52.0923 4728 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2011/06/27 18:12:53.0077 4728 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2011/06/27 18:12:53.0225 4728 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2011/06/27 18:12:53.0393 4728 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2011/06/27 18:12:53.0541 4728 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2011/06/27 18:12:53.0602 4728 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
2011/06/27 18:12:53.0736 4728 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
2011/06/27 18:12:53.0906 4728 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2011/06/27 18:12:54.0087 4728 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
2011/06/27 18:12:54.0272 4728 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/06/27 18:12:54.0420 4728 mrxsmb10 (a70c828a93cce4c11617f6249f4d87fc) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/06/27 18:12:54.0545 4728 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/06/27 18:12:54.0708 4728 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
2011/06/27 18:12:54.0785 4728 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
2011/06/27 18:12:54.0884 4728 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2011/06/27 18:12:55.0059 4728 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2011/06/27 18:12:55.0126 4728 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
2011/06/27 18:12:55.0290 4728 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2011/06/27 18:12:55.0360 4728 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2011/06/27 18:12:55.0539 4728 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2011/06/27 18:12:55.0754 4728 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2011/06/27 18:12:55.0916 4728 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
2011/06/27 18:12:56.0103 4728 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2011/06/27 18:12:56.0243 4728 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2011/06/27 18:12:56.0376 4728 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2011/06/27 18:12:56.0610 4728 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2011/06/27 18:12:56.0835 4728 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
2011/06/27 18:12:57.0015 4728 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2011/06/27 18:12:57.0208 4728 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2011/06/27 18:12:57.0400 4728 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
2011/06/27 18:12:57.0579 4728 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
2011/06/27 18:12:57.0765 4728 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
2011/06/27 18:12:57.0955 4728 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2011/06/27 18:12:58.0127 4728 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
2011/06/27 18:12:58.0488 4728 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\windows\system32\DRIVERS\netw5v32.sys
2011/06/27 18:12:58.0755 4728 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2011/06/27 18:12:58.0942 4728 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2011/06/27 18:12:59.0035 4728 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2011/06/27 18:12:59.0183 4728 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
2011/06/27 18:12:59.0352 4728 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2011/06/27 18:12:59.0515 4728 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
2011/06/27 18:12:59.0684 4728 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
2011/06/27 18:12:59.0870 4728 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
2011/06/27 18:13:00.0042 4728 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
2011/06/27 18:13:00.0488 4728 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2011/06/27 18:13:00.0641 4728 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
2011/06/27 18:13:00.0717 4728 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2011/06/27 18:13:00.0788 4728 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
2011/06/27 18:13:00.0928 4728 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
2011/06/27 18:13:00.0986 4728 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2011/06/27 18:13:01.0114 4728 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2011/06/27 18:13:01.0296 4728 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2011/06/27 18:13:01.0673 4728 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2011/06/27 18:13:01.0833 4728 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2011/06/27 18:13:02.0042 4728 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2011/06/27 18:13:02.0264 4728 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
2011/06/27 18:13:02.0439 4728 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2011/06/27 18:13:02.0620 4728 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2011/06/27 18:13:02.0770 4728 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2011/06/27 18:13:02.0920 4728 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2011/06/27 18:13:03.0109 4728 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/06/27 18:13:03.0293 4728 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/06/27 18:13:03.0472 4728 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2011/06/27 18:13:03.0629 4728 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2011/06/27 18:13:03.0795 4728 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
2011/06/27 18:13:03.0967 4728 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2011/06/27 18:13:04.0128 4728 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/06/27 18:13:04.0314 4728 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2011/06/27 18:13:04.0500 4728 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2011/06/27 18:13:04.0668 4728 RDPWD (288b06960d78428ff89e811632684e20) C:\windows\system32\drivers\RDPWD.sys
2011/06/27 18:13:04.0846 4728 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
2011/06/27 18:13:05.0067 4728 RegFilter (349447385b15fce50e5e964cc5c1a8d6) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
2011/06/27 18:13:05.0241 4728 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
2011/06/27 18:13:05.0530 4728 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2011/06/27 18:13:05.0726 4728 RSUSBSTOR (5bef0fd9b6e57bbc6f7920e3118ae108) C:\windows\system32\Drivers\RtsUStor.sys
2011/06/27 18:13:05.0927 4728 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
2011/06/27 18:13:06.0088 4728 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
2011/06/27 18:13:06.0341 4728 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/06/27 18:13:06.0527 4728 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2011/06/27 18:13:06.0670 4728 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2011/06/27 18:13:06.0820 4728 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2011/06/27 18:13:07.0090 4728 setup_9.0.0.722_26.06.2011_19-03drv (64d93ec1218765498c40619427a85a91) C:\windows\system32\DRIVERS\2788636.sys
2011/06/27 18:13:07.0240 4728 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
2011/06/27 18:13:07.0387 4728 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
2011/06/27 18:13:07.0603 4728 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
2011/06/27 18:13:07.0752 4728 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2011/06/27 18:13:07.0946 4728 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
2011/06/27 18:13:08.0109 4728 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/06/27 18:13:08.0256 4728 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2011/06/27 18:13:08.0484 4728 SmartDefragDriver (bf302072dc8374cf4e118fd88aa817a2) C:\windows\system32\Drivers\SmartDefragDriver.sys
2011/06/27 18:13:08.0646 4728 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2011/06/27 18:13:08.0842 4728 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2011/06/27 18:13:09.0091 4728 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
2011/06/27 18:13:09.0266 4728 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
2011/06/27 18:13:09.0425 4728 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
2011/06/27 18:13:09.0610 4728 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
2011/06/27 18:13:09.0781 4728 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2011/06/27 18:13:09.0970 4728 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
2011/06/27 18:13:10.0266 4728 Tcpip (24326784df8f3d5f5bbb9f878ce33c14) C:\windows\system32\drivers\tcpip.sys
2011/06/27 18:13:10.0510 4728 TCPIP6 (24326784df8f3d5f5bbb9f878ce33c14) C:\windows\system32\DRIVERS\tcpip.sys
2011/06/27 18:13:11.0145 4728 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
2011/06/27 18:13:11.0327 4728 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
2011/06/27 18:13:11.0494 4728 TDTCP (2c10395baa4847f83042813c515cc289) C:\windows\system32\drivers\tdtcp.sys
2011/06/27 18:13:11.0561 4728 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
2011/06/27 18:13:11.0631 4728 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
2011/06/27 18:13:11.0772 4728 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/06/27 18:13:11.0948 4728 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
2011/06/27 18:13:12.0144 4728 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
2011/06/27 18:13:12.0206 4728 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2011/06/27 18:13:12.0351 4728 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
2011/06/27 18:13:12.0593 4728 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
2011/06/27 18:13:12.0759 4728 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
2011/06/27 18:13:12.0816 4728 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2011/06/27 18:13:13.0016 4728 UrlFilter (50faff9ad8e9b25d067628ca01aac8b6) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
2011/06/27 18:13:13.0185 4728 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
2011/06/27 18:13:13.0370 4728 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
2011/06/27 18:13:13.0521 4728 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
2011/06/27 18:13:13.0726 4728 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\windows\system32\DRIVERS\usbfilter.sys
2011/06/27 18:13:13.0912 4728 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
2011/06/27 18:13:14.0067 4728 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
2011/06/27 18:13:14.0306 4728 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2011/06/27 18:13:14.0430 4728 usbsmi (6e90fc65f27ae98fffb0741cefe75679) C:\windows\system32\DRIVERS\SMIksdrv.sys
2011/06/27 18:13:14.0493 4728 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/06/27 18:13:14.0554 4728 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
2011/06/27 18:13:14.0636 4728 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
2011/06/27 18:13:14.0988 4728 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
2011/06/27 18:13:15.0160 4728 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2011/06/27 18:13:15.0308 4728 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2011/06/27 18:13:15.0469 4728 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
2011/06/27 18:13:15.0621 4728 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
2011/06/27 18:13:15.0674 4728 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2011/06/27 18:13:15.0824 4728 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
2011/06/27 18:13:15.0979 4728 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
2011/06/27 18:13:16.0051 4728 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2011/06/27 18:13:16.0135 4728 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
2011/06/27 18:13:16.0289 4728 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2011/06/27 18:13:16.0522 4728 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2011/06/27 18:13:16.0689 4728 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2011/06/27 18:13:16.0883 4728 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2011/06/27 18:13:17.0058 4728 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
2011/06/27 18:13:17.0091 4728 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
2011/06/27 18:13:17.0349 4728 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2011/06/27 18:13:17.0447 4728 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2011/06/27 18:13:17.0559 4728 wdmirror (ea4e9dd00e69b35f9bd3d39acb113e3f) C:\windows\system32\DRIVERS\WDMirror.sys
2011/06/27 18:13:17.0814 4728 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2011/06/27 18:13:17.0918 4728 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\windows\system32\DRIVERS\wimfltr.sys
2011/06/27 18:13:18.0005 4728 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2011/06/27 18:13:18.0316 4728 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
2011/06/27 18:13:18.0561 4728 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2011/06/27 18:13:18.0789 4728 wsvd (baedc491374defd5e76336901d6d397d) C:\windows\system32\DRIVERS\wsvd.sys
2011/06/27 18:13:19.0011 4728 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
2011/06/27 18:13:19.0178 4728 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/06/27 18:13:19.0427 4728 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/06/27 18:13:19.0609 4728 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\windows\system32\DRIVERS\ZTEusbnmea.sys
2011/06/27 18:13:19.0784 4728 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\windows\system32\DRIVERS\ZTEusbser6k.sys
2011/06/27 18:13:19.0907 4728 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/27 18:13:19.0947 4728 Boot (0x1200) (2a2ba5c84a7c6d14f731a48244bc71e4) \Device\Harddisk0\DR0\Partition0
2011/06/27 18:13:19.0991 4728 Boot (0x1200) (18271cf14cbbcec08daf8820e9db522c) \Device\Harddisk0\DR0\Partition1
2011/06/27 18:13:20.0053 4728 Boot (0x1200) (ba4fab6d9c2587e11a229f235212bd90) \Device\Harddisk0\DR0\Partition2
2011/06/27 18:13:20.0069 4728 ================================================================================
2011/06/27 18:13:20.0069 4728 Scan finished
2011/06/27 18:13:20.0069 4728 ================================================================================
2011/06/27 18:13:20.0110 5536 Detected object count: 0
2011/06/27 18:13:20.0110 5536 Actual detected object count: 0
  • 0

#24
Arnn
Posted 27 June 2011 - 11:19 AM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I should probably also note that the redirects have stopped. As you can see though, volsnap is still in the above log. Does that mean potential issues that aren't rearing their ugly heads?
  • 0

#25
Essexboy
Posted 27 June 2011 - 11:21 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Nope looks good volsnap has the correct MD5 now

Lets check now for orphans - once run can you let me know of any problems outstanding

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

Advertisements

#26
Arnn
Posted 27 June 2011 - 11:34 AM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
It would appear you have slain the evil beast =]

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6961

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

27/06/2011 18:33:13
mbam-log-2011-06-27 (18-33-12).txt

Scan type: Quick scan
Objects scanned: 159414
Time elapsed: 8 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#27
Arnn
Posted 27 June 2011 - 03:53 PM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Thanks for all your help so far, just thought I'd take the time now. You've been extremely patient whilst helping a stranger, there aren't many people around these days that would do such a thing =]
  • 0

#28
Essexboy
Posted 27 June 2011 - 04:00 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Gremlins on the forum I could have swore that I posted this previously

Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points: Delete AVP from the desktop manually please

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Uninstall ComboFix

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now copy/paste this: ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /Uninstall, it needs to be there.

    Posted Image

  • Please follow the prompts to uninstall Combofix.
  • This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point

  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones

  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup an select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :unsure:
  • 0

#29
Arnn
Posted 27 June 2011 - 04:51 PM

Arnn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Thank you very much =] I normally use the 'Deep Care' option on the free version of advanced system care to do a weekly tune up, is there anything you could suggest that might be better? Also, I still have the aswMBR.exe on my desktop, is there a specific way I should be uninstalling that?
  • 0

#30
Essexboy
Posted 28 June 2011 - 10:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
aswMBR has nof iles or folders apart from the one on your desktop - so just right click and delete

I am not a great fan of performance type tools, as most can be done by using windows built in tools. However if you do not have a deep knowledge of the system then as a long as a restore point is made prior to changes it should be OK

Windows 7 is fairly robust, in the time I have had it I have experienced no problems at all.

Mainly just a good defrag now and then and a clear out of temporary files weekly should suffice
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP