Search results keep getting redirected

July 24, 2011 at 20:45:13
Specs: Windows 7, Core 2 Quad/6 GB
My search results keep getting redirected to some random page and it's getting annoying. After a reboot it stopped, yet I don't know if it will show up again, since I haven't done anything in particular. Can anyone tell me a way to make sure it's completely off my system?

EDIT: Never mind about it stopping, I just encountered it again. So it's still on my system. How do I remove it though?


See More: Search results keep getting redirected

Report •


#1
July 24, 2011 at 21:33:23
amongos,

Try the following:

Please download TDSSKiller
http://www.windows7download.com/win...

Save it to the Desktop.

Be sure to temporarily disable all AntiVirus/AntiSpyware software, while these steps are being completed, to keep these programs from interfering with the repairs.

This can normally be done by right clicking the software's Taskbar icon, or accessing each software through Start - Programs.

Some tips if needed:
http://www.bleepingcomputer.com/for...


Now, right-click the file, and select: Run As Administrator
Click the 'Start Scan' button.

Do not use the computer during the scan

If the scan completes with nothing found, click Close to exit.

When the scan finishes it displays a Scan results screen stating whether or not an infection was found on your computer.

To remove the infection, click on the Continue button.

If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button.

Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.

Reboot to finish the cleaning process.

A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) is created and saved to the root directory (usually Local Disk C:).

>>Please provide the contents of TDSSKiller in your reply.<<

Now, download iExplore.exe, which is a renamed copy of RKill:
http://www.bleepingcomputer.com/dow...

[If the file does not download, paste the following, >without the brackets<, in the address bar of your browser:
[http://www.bleepingcomputer.com/download/anti-virus/rkill]

Save the file to the Desktop

Right-click and select: Run as Administrator

Ignore any messages, and allow the file to run until the command window closes.
If you have problems running RKill, download any of the other renamed versions of RKill from its download page.


Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) :
http://download.cnet.com/Malwarebyt...

Save to the Desktop

Right-click mbam-setup.exe and select: Run as Administrator

Follow the prompts to install the program.

Run Malwarfebytes’ AntiMalware and update the program.

Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

>>Please post the >Malwarebytes log< in your reply.<< so we can see where we are at, and plan any additional removal strategy.<<

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#2
July 24, 2011 at 23:04:03
Here is the log of TDSS:
2011/07/24 21:51:42.0001 4200 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/24 21:51:43.0503 4200 ================================================================================
2011/07/24 21:51:43.0503 4200 SystemInfo:
2011/07/24 21:51:43.0503 4200
2011/07/24 21:51:43.0503 4200 OS Version: 6.1.7601 ServicePack: 1.0
2011/07/24 21:51:43.0503 4200 Product type: Workstation
2011/07/24 21:51:43.0504 4200 ComputerName: IAN-PC
2011/07/24 21:51:43.0504 4200 UserName: Ian
2011/07/24 21:51:43.0504 4200 Windows directory: C:\Windows
2011/07/24 21:51:43.0504 4200 System windows directory: C:\Windows
2011/07/24 21:51:43.0504 4200 Running under WOW64
2011/07/24 21:51:43.0504 4200 Processor architecture: Intel x64
2011/07/24 21:51:43.0504 4200 Number of processors: 4
2011/07/24 21:51:43.0504 4200 Page size: 0x1000
2011/07/24 21:51:43.0504 4200 Boot type: Normal boot
2011/07/24 21:51:43.0504 4200 ================================================================================
2011/07/24 21:51:44.0408 4200 Initialize success
2011/07/24 21:52:11.0138 0696 ================================================================================
2011/07/24 21:52:11.0138 0696 Scan started
2011/07/24 21:52:11.0138 0696 Mode: Manual;
2011/07/24 21:52:11.0138 0696 ================================================================================
2011/07/24 21:52:14.0642 0696 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/07/24 21:52:14.0811 0696 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/07/24 21:52:15.0004 0696 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/07/24 21:52:15.0074 0696 ADIHdAudAddService (1c090e86afd15231377ad37436c3c719) C:\Windows\system32\drivers\ADIHdAud.sys
2011/07/24 21:52:15.0171 0696 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/24 21:52:15.0234 0696 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/24 21:52:15.0289 0696 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/24 21:52:15.0394 0696 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/07/24 21:52:15.0468 0696 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/07/24 21:52:15.0555 0696 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/07/24 21:52:15.0693 0696 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/07/24 21:52:15.0751 0696 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/24 21:52:15.0988 0696 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/07/24 21:52:16.0235 0696 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/07/24 21:52:16.0276 0696 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/24 21:52:16.0347 0696 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/07/24 21:52:16.0398 0696 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/24 21:52:16.0458 0696 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/07/24 21:52:16.0530 0696 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/07/24 21:52:16.0633 0696 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/24 21:52:16.0678 0696 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/24 21:52:16.0745 0696 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/24 21:52:16.0792 0696 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/07/24 21:52:16.0884 0696 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
2011/07/24 21:52:17.0134 0696 atikmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/07/24 21:52:17.0239 0696 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/24 21:52:17.0330 0696 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/24 21:52:17.0384 0696 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/24 21:52:17.0445 0696 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/24 21:52:17.0503 0696 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/24 21:52:17.0529 0696 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/24 21:52:17.0553 0696 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/24 21:52:17.0601 0696 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/24 21:52:17.0637 0696 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/24 21:52:17.0670 0696 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/24 21:52:17.0736 0696 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/24 21:52:17.0770 0696 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/24 21:52:17.0812 0696 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/24 21:52:17.0861 0696 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/07/24 21:52:17.0943 0696 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/24 21:52:17.0994 0696 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/24 21:52:18.0096 0696 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/24 21:52:18.0151 0696 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/07/24 21:52:18.0227 0696 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/07/24 21:52:18.0278 0696 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/24 21:52:18.0318 0696 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/07/24 21:52:18.0362 0696 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/24 21:52:18.0446 0696 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/07/24 21:52:18.0549 0696 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/07/24 21:52:18.0629 0696 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/24 21:52:18.0692 0696 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/24 21:52:18.0763 0696 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/24 21:52:18.0831 0696 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/07/24 21:52:18.0905 0696 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/24 21:52:19.0026 0696 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/24 21:52:19.0162 0696 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/24 21:52:19.0270 0696 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/07/24 21:52:19.0334 0696 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/24 21:52:19.0383 0696 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/24 21:52:19.0441 0696 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/24 21:52:19.0488 0696 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/24 21:52:19.0520 0696 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/24 21:52:19.0564 0696 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/24 21:52:19.0625 0696 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/07/24 21:52:19.0699 0696 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/24 21:52:19.0742 0696 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/24 21:52:19.0793 0696 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/24 21:52:19.0845 0696 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/24 21:52:20.0052 0696 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
2011/07/24 21:52:20.0091 0696 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
2011/07/24 21:52:20.0150 0696 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/24 21:52:20.0238 0696 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/07/24 21:52:20.0316 0696 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/07/24 21:52:20.0364 0696 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/24 21:52:20.0398 0696 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/24 21:52:20.0431 0696 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/24 21:52:20.0483 0696 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/24 21:52:20.0535 0696 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/07/24 21:52:20.0642 0696 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/07/24 21:52:20.0711 0696 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/24 21:52:20.0752 0696 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/07/24 21:52:20.0818 0696 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/07/24 21:52:20.0925 0696 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/24 21:52:20.0986 0696 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/07/24 21:52:21.0050 0696 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/24 21:52:21.0103 0696 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/24 21:52:21.0166 0696 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/07/24 21:52:21.0205 0696 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/24 21:52:21.0241 0696 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/24 21:52:21.0294 0696 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/07/24 21:52:21.0354 0696 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/07/24 21:52:21.0435 0696 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/24 21:52:21.0475 0696 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/24 21:52:21.0541 0696 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/24 21:52:21.0609 0696 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/24 21:52:21.0674 0696 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/24 21:52:21.0769 0696 libusb0 (285954c6c6ef43b78ab84034750fac6a) C:\Windows\system32\DRIVERS\libusb0.sys
2011/07/24 21:52:21.0807 0696 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/24 21:52:21.0879 0696 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/24 21:52:21.0921 0696 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/24 21:52:21.0973 0696 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/24 21:52:22.0027 0696 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/24 21:52:22.0091 0696 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/24 21:52:22.0127 0696 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/24 21:52:22.0166 0696 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/24 21:52:22.0248 0696 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/24 21:52:22.0305 0696 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/24 21:52:22.0379 0696 MotioninJoyXFilter (fc44ad48746ffa5fd640ef1260ab5ec2) C:\Windows\system32\DRIVERS\MijXfilt.sys
2011/07/24 21:52:22.0458 0696 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/24 21:52:22.0509 0696 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/24 21:52:22.0574 0696 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/07/24 21:52:22.0657 0696 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/07/24 21:52:22.0709 0696 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/07/24 21:52:22.0768 0696 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/07/24 21:52:22.0832 0696 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/24 21:52:22.0910 0696 MRV6X64U (7e997df71cd2dd5cf0d3d07b8d8e798c) C:\Windows\system32\DRIVERS\MRVW24C.sys
2011/07/24 21:52:22.0989 0696 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/07/24 21:52:23.0058 0696 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/24 21:52:23.0101 0696 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/24 21:52:23.0154 0696 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/24 21:52:23.0231 0696 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/07/24 21:52:23.0289 0696 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/07/24 21:52:23.0356 0696 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/24 21:52:23.0397 0696 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/24 21:52:23.0417 0696 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/07/24 21:52:23.0473 0696 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/24 21:52:23.0522 0696 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/24 21:52:23.0549 0696 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/24 21:52:23.0610 0696 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/07/24 21:52:23.0660 0696 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/07/24 21:52:23.0707 0696 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/24 21:52:23.0753 0696 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/24 21:52:23.0801 0696 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/07/24 21:52:23.0843 0696 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/24 21:52:23.0916 0696 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/24 21:52:24.0024 0696 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/07/24 21:52:24.0097 0696 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/24 21:52:24.0140 0696 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/24 21:52:24.0196 0696 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/24 21:52:24.0252 0696 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/24 21:52:24.0319 0696 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/07/24 21:52:24.0359 0696 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/24 21:52:24.0423 0696 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/24 21:52:24.0541 0696 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/24 21:52:24.0608 0696 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/24 21:52:24.0684 0696 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/24 21:52:24.0728 0696 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/24 21:52:24.0827 0696 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/07/24 21:52:24.0900 0696 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/24 21:52:24.0966 0696 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/07/24 21:52:25.0062 0696 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/07/24 21:52:25.0141 0696 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/07/24 21:52:25.0203 0696 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/07/24 21:52:25.0289 0696 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/24 21:52:25.0363 0696 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/07/24 21:52:25.0417 0696 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/07/24 21:52:25.0453 0696 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/07/24 21:52:25.0488 0696 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/24 21:52:25.0545 0696 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/24 21:52:25.0597 0696 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/24 21:52:25.0748 0696 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys
2011/07/24 21:52:25.0841 0696 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/24 21:52:25.0890 0696 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/24 21:52:25.0972 0696 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/24 21:52:26.0050 0696 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/07/24 21:52:26.0116 0696 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/24 21:52:26.0234 0696 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/24 21:52:26.0282 0696 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/24 21:52:26.0328 0696 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/24 21:52:26.0377 0696 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/24 21:52:26.0440 0696 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/24 21:52:26.0508 0696 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/24 21:52:26.0559 0696 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/24 21:52:26.0615 0696 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/24 21:52:26.0676 0696 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/24 21:52:26.0709 0696 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/24 21:52:26.0770 0696 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/07/24 21:52:26.0826 0696 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/24 21:52:26.0859 0696 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/24 21:52:26.0932 0696 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/07/24 21:52:26.0998 0696 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/07/24 21:52:27.0070 0696 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/07/24 21:52:27.0155 0696 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/24 21:52:27.0210 0696 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/07/24 21:52:27.0298 0696 SaiH0461 (be1d7d7ba1dbff394f7513a83cd55a9d) C:\Windows\system32\DRIVERS\SaiH0461.sys
2011/07/24 21:52:27.0371 0696 SaiMini (296d0cc623eeb6d2b9800ad421f9116a) C:\Windows\system32\DRIVERS\SaiMini.sys
2011/07/24 21:52:27.0420 0696 SaiNtBus (6a77d63b566df14da0e7dd0d2c594ef7) C:\Windows\system32\drivers\SaiBus.sys
2011/07/24 21:52:27.0471 0696 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/07/24 21:52:27.0537 0696 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/24 21:52:27.0620 0696 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/24 21:52:27.0714 0696 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
2011/07/24 21:52:27.0759 0696 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/24 21:52:27.0798 0696 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/24 21:52:27.0865 0696 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/24 21:52:27.0938 0696 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/07/24 21:52:27.0980 0696 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/24 21:52:28.0016 0696 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/24 21:52:28.0056 0696 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/24 21:52:28.0125 0696 Si3132r5 (68ba8f870e3e37646138497950ffa6a1) C:\Windows\system32\DRIVERS\Si3132r5.sys
2011/07/24 21:52:28.0187 0696 SiFilter (0dd2045a3c42ce78ed6dbf1ea2a61ece) C:\Windows\system32\DRIVERS\SiWinAcc.sys
2011/07/24 21:52:28.0231 0696 SiRemFil (1e541838ba90611c9a5c2d7d53db3edd) C:\Windows\system32\DRIVERS\SiRemFil.sys
2011/07/24 21:52:28.0275 0696 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/24 21:52:28.0320 0696 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/24 21:52:28.0370 0696 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/24 21:52:28.0428 0696 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/24 21:52:28.0484 0696 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/07/24 21:52:28.0552 0696 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/24 21:52:28.0633 0696 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/24 21:52:28.0776 0696 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/24 21:52:28.0880 0696 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/07/24 21:52:28.0922 0696 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/07/24 21:52:28.0958 0696 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/07/24 21:52:29.0120 0696 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
2011/07/24 21:52:29.0218 0696 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
2011/07/24 21:52:29.0367 0696 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/24 21:52:29.0436 0696 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/24 21:52:29.0488 0696 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/24 21:52:29.0519 0696 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/24 21:52:29.0580 0696 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/24 21:52:29.0642 0696 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/07/24 21:52:29.0760 0696 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/24 21:52:29.0828 0696 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/07/24 21:52:29.0937 0696 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/24 21:52:30.0006 0696 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/24 21:52:30.0069 0696 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/24 21:52:30.0166 0696 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/24 21:52:30.0257 0696 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/07/24 21:52:30.0293 0696 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/24 21:52:30.0360 0696 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
2011/07/24 21:52:30.0435 0696 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
2011/07/24 21:52:30.0499 0696 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/07/24 21:52:30.0558 0696 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/24 21:52:30.0649 0696 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/24 21:52:30.0721 0696 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/24 21:52:30.0771 0696 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/24 21:52:30.0820 0696 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/24 21:52:30.0857 0696 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/24 21:52:30.0916 0696 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/07/24 21:52:30.0959 0696 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/24 21:52:31.0009 0696 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/24 21:52:31.0100 0696 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/07/24 21:52:31.0152 0696 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/07/24 21:52:31.0202 0696 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/07/24 21:52:31.0286 0696 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/07/24 21:52:31.0371 0696 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/07/24 21:52:31.0427 0696 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/07/24 21:52:31.0476 0696 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/07/24 21:52:31.0531 0696 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/24 21:52:31.0600 0696 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/07/24 21:52:31.0680 0696 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/07/24 21:52:31.0713 0696 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/24 21:52:31.0798 0696 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/07/24 21:52:31.0871 0696 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/24 21:52:31.0885 0696 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/24 21:52:31.0965 0696 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/24 21:52:32.0027 0696 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/24 21:52:32.0112 0696 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/24 21:52:32.0177 0696 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/24 21:52:32.0284 0696 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/24 21:52:32.0366 0696 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/24 21:52:32.0448 0696 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/24 21:52:32.0544 0696 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/07/24 21:52:32.0615 0696 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/24 21:52:32.0732 0696 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
2011/07/24 21:52:32.0801 0696 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/07/24 21:52:32.0877 0696 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/24 21:52:32.0890 0696 Boot (0x1200) (68ef6462a5cf7206deb3c8aed1caf931) \Device\Harddisk0\DR0\Partition0
2011/07/24 21:52:32.0913 0696 Boot (0x1200) (0f3bd3dcdae3b313b61c59c8c6e65feb) \Device\Harddisk0\DR0\Partition1
2011/07/24 21:52:32.0918 0696 ================================================================================
2011/07/24 21:52:32.0918 0696 Scan finished
2011/07/24 21:52:32.0918 0696 ================================================================================
2011/07/24 21:52:32.0928 5104 Detected object count: 0
2011/07/24 21:52:32.0928 5104 Actual detected object count: 0
2011/07/24 21:53:10.0903 1532 Deinitialize success

And here is the log for Malwarebytes:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7268

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

7/24/2011 22:58:40
mbam-log-2011-07-24 (22-58-40).txt

Scan type: Full scan (C:\|)
Objects scanned: 478236
Time elapsed: 49 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\Users\Ian\AppData\Local\ikilotefa.dll (IPH.Trojan.Hiloti.7B) -> Delete on reboot.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rgiqiyim (IPH.Trojan.Hiloti.7B) -> Value: Rgiqiyim -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Ian\AppData\Local\ikilotefa.dll (IPH.Trojan.Hiloti.7B) -> Quarantined and deleted successfully.
c:\program files (x86)\red alert 2 yuri's revenge\Ra2.exe (Trojan.FakeAlert) -> Not selected for removal.

There was one file that I didn't delete just yet, since I'm fairly sure that it's a false positive.


Report •

#3
July 25, 2011 at 09:13:03
amongos,

First of all, how is the redirection issue going? Any improvement?

On the file which you think is a false positive (FP), it may need to be disinfected.

Let's see what the following shows, though:

Please submit the file for analysis to Virus Total:
http://www.virustotal.com/

Use the 'Browse' button to navigate to the location of the file

Click on the file [b]c:\program files (x86)\red alert 2 yuri's revenge\Ra2.exe[/b]
Then, click the 'Open' button.
The file is now displayed in the Submit Box.

Scroll down and click 'Send File', and wait for the results
If you get a message saying: 'File has already been analyzed', click 'Reanalyze file now'

Once scanned, please provide the link to the results page in your reply.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

Related Solutions

#4
July 25, 2011 at 13:50:09
When I rebooted after the Malwarebyte scan, a pop-up said something like "blahblahblah" cannot be found, which was the file Malwarebyte erased. But it still keeps redirecting me. I don't know whether there are more of them or if the virus duplicated itself.

And the link for the VirusTotal scan:
http://www.virustotal.com/file-scan...

Thanks again for all your help.


Report •

#5
July 26, 2011 at 18:16:25
anongos,

Please run Malwarebytes' again.

Select:' Perform Full Sca'n and click the 'Scan' button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

Reboot, if prompted to do so.

Please post the new Malwarebytes log< in your reply.

and click the Remove Selected button to get rid of the malware it finds.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#6
July 26, 2011 at 22:27:47
Actually, I found out how to stop the redirects from happening. Using ComboFix did the trick for me. I appreciate your help though!

Report •


Ask Question