MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: Google redirects to other pages
April 26, 2018, 05:13:26 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
April 26, 2018, 05:13:26 AM

Login with username, password and session length
 Featured Sites: de.harddriveparts.com |
News
Welcome to MyTechSupport.ca! - Registration is FREE, so why not join our friendly community today?
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: Google redirects to other pages  (Read 4607 times)
mrtubs
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 163


Bookmark and Share

View Profile
« on: July 03, 2011, 09:31:28 AM »

Hi

I have a problem. Whatever entry I click on Google I always end up on the wrong page, usually facebook.
Guessing this must be some kind of adware attack I have run Maleware Bytes anti-malware and this has highlighted 6 Trojans.  However, I cannot remove as the program says the files are inaccessible.
Any suggestions where I should go from here? I am using windows vista.
Thanks
Ian
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: July 03, 2011, 10:31:16 PM »


Download Combofix from Bleepingcomputer or Geekstogo and  place it on your Desktop

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Combofix may be slow to start and appear to be doing nothing  before it starts scanning.Just leave it,it will start.

You can get help on disabling your protection programs here : http://www.bleepingcomputer.com/forums/topic114351.html

Please include the C:\ComboFix.txt in your next reply for further review.


Caution.....
Never use this program to remove files.Only use it with  help from an experienced user.Wrongful use can damage your computer.This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a qualified helper



Logged

An Australian Member of

EDDY
mrtubs
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 163


Bookmark and Share

View Profile
« Reply #2 on: July 04, 2011, 09:54:49 AM »

Hi Pancake
Thanks for your help.

I have, I thought, disabled AIG free antivirus but the combofix still said it was running.  So I went to control panel and uninstalled it.  I rebooted but combofix still says that it is running.  Should I run combofix anyway?

Ian
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #3 on: July 04, 2011, 10:02:03 AM »

Yes run it.If you have problems,run it in safe mode.
Logged

An Australian Member of

EDDY
mrtubs
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 163


Bookmark and Share

View Profile
« Reply #4 on: July 04, 2011, 01:27:53 PM »

Thanks, log is as follows:


ComboFix 11-07-03.02 - user 04/07/2011  11:20:31.1.2 - x86
Microsoft
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #5 on: July 04, 2011, 10:19:23 PM »

Download this file, http://support.kaspersky.com/downloads/utils/tdsskiller.zip and extract TDSSKiller.exe to your Desktop.


Execute TDSSKiller.exe by doubleclicking on it. You may be prompted to restart your machine. Type Y at the prompt.

Once complete, a log will be produced at root. It will be named

UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_27.1.2010_15.31.43_log.txt.


Attach that log here please.
« Last Edit: July 04, 2011, 10:21:06 PM by Pancake » Logged

An Australian Member of

EDDY
mrtubs
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 163


Bookmark and Share

View Profile
« Reply #6 on: July 04, 2011, 11:10:49 PM »

Many thanks for your continued help.
Please find attached requested log.  This was taken before reboot, there was 1 malicious file found which it said would be cured following reboot.


2011/07/05 00:06:57.0063 3176   TDSS rootkit removing tool 2.5.9.0 Jul  1 2011 18:45:21
2011/07/05 00:06:57.0347 3176   ================================================================================
2011/07/05 00:06:57.0347 3176   SystemInfo:
2011/07/05 00:06:57.0348 3176   
2011/07/05 00:06:57.0348 3176   OS Version: 6.0.6001 ServicePack: 1.0
2011/07/05 00:06:57.0348 3176   Product type: Workstation
2011/07/05 00:06:57.0348 3176   ComputerName: USER-PC
2011/07/05 00:06:57.0349 3176   UserName: user
2011/07/05 00:06:57.0349 3176   Windows directory: C:\Windows
2011/07/05 00:06:57.0349 3176   System windows directory: C:\Windows
2011/07/05 00:06:57.0349 3176   Processor architecture: Intel x86
2011/07/05 00:06:57.0350 3176   Number of processors: 2
2011/07/05 00:06:57.0350 3176   Page size: 0x1000
2011/07/05 00:06:57.0350 3176   Boot type: Normal boot
2011/07/05 00:06:57.0350 3176   ================================================================================
2011/07/05 00:06:58.0897 3176   Initialize success
2011/07/05 00:07:19.0511 3688   ================================================================================
2011/07/05 00:07:19.0511 3688   Scan started
2011/07/05 00:07:19.0511 3688   Mode: Manual;
2011/07/05 00:07:19.0511 3688   ================================================================================
2011/07/05 00:07:20.0411 3688   ACPI            (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/07/05 00:07:20.0605 3688   adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/07/05 00:07:20.0771 3688   adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/07/05 00:07:20.0941 3688   adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/07/05 00:07:21.0007 3688   adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/07/05 00:07:21.0137 3688   AFD             (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/07/05 00:07:21.0224 3688   agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/07/05 00:07:21.0345 3688   ahcix86s        (fbe4016f9ef3ab3db547e40a936b6cd9) C:\Windows\system32\DRIVERS\ahcix86s.sys
2011/07/05 00:07:21.0433 3688   aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/05 00:07:21.0538 3688   aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/07/05 00:07:21.0628 3688   amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/07/05 00:07:21.0700 3688   amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/07/05 00:07:21.0770 3688   AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/07/05 00:07:21.0845 3688   AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/07/05 00:07:21.0976 3688   arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/07/05 00:07:22.0048 3688   arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/07/05 00:07:22.0117 3688   AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/05 00:07:22.0182 3688   atapi           (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/07/05 00:07:22.0317 3688   athr            (7fa516fc81dd5931f389b56279a27a3e) C:\Windows\system32\DRIVERS\athr.sys
2011/07/05 00:07:22.0668 3688   atikmdag        (8fdd2385d30080711633fe9ff2a64126) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/07/05 00:07:23.0126 3688   AtiPcie         (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/07/05 00:07:23.0297 3688   b57nd60x        (7d0f2bfa273831124fa08526af48af18) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/07/05 00:07:23.0413 3688   Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/05 00:07:23.0549 3688   blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/07/05 00:07:23.0680 3688   bowser          (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/05 00:07:23.0774 3688   BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/05 00:07:23.0845 3688   BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/05 00:07:23.0931 3688   Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/05 00:07:24.0006 3688   BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/05 00:07:24.0067 3688   BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/05 00:07:24.0153 3688   BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/05 00:07:24.0235 3688   BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/05 00:07:24.0513 3688   cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/05 00:07:24.0619 3688   cdrom           (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/05 00:07:24.0829 3688   circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/07/05 00:07:24.0979 3688   CLFS            (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/07/05 00:07:25.0113 3688   CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/05 00:07:25.0185 3688   cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/07/05 00:07:25.0252 3688   Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/05 00:07:25.0459 3688   crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/07/05 00:07:25.0592 3688   Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/07/05 00:07:25.0761 3688   DfsC            (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/07/05 00:07:25.0874 3688   disk            (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/07/05 00:07:25.0980 3688   DKbFltr         (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/07/05 00:07:26.0113 3688   drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/05 00:07:26.0224 3688   DXGKrnl         (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/05 00:07:26.0544 3688   E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/05 00:07:26.0725 3688   Ecache          (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/07/05 00:07:26.0834 3688   elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/07/05 00:07:26.0994 3688   ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/07/05 00:07:27.0193 3688   exfat           (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/07/05 00:07:27.0274 3688   fastfat         (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/07/05 00:07:27.0374 3688   fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/05 00:07:27.0475 3688   FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/05 00:07:27.0561 3688   Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/05 00:07:27.0630 3688   flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/05 00:07:27.0716 3688   FltMgr          (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/07/05 00:07:27.0843 3688   FsUsbExDisk     (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/07/05 00:07:27.0994 3688   Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/05 00:07:28.0087 3688   gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/05 00:07:28.0189 3688   HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/05 00:07:28.0284 3688   HDAudBus        (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/05 00:07:28.0351 3688   HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/05 00:07:28.0421 3688   HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/05 00:07:28.0508 3688   HidUsb          (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/05 00:07:28.0596 3688   HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/07/05 00:07:28.0673 3688   HSFHWAZL        (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/07/05 00:07:28.0886 3688   HSF_DPV         (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/07/05 00:07:29.0229 3688   HSXHWAZL        (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/07/05 00:07:29.0519 3688   HTTP            (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
2011/07/05 00:07:29.0848 3688   hwdatacard      (0515065a3c7e8869dd01253e987c5bd1) C:\Windows\system32\DRIVERS\ewusbmdm.sys
2011/07/05 00:07:30.0158 3688   hwusbdev        (a259d3619aa23d4562581067f85e2006) C:\Windows\system32\DRIVERS\ewusbdev.sys
2011/07/05 00:07:30.0442 3688   i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/07/05 00:07:30.0635 3688   i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/05 00:07:30.0755 3688   iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/07/05 00:07:31.0001 3688   iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/05 00:07:31.0354 3688   int15           (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2011/07/05 00:07:31.0879 3688   IntcAzAudAddService (58628f232a00a3149d7cc7708c521499) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/05 00:07:32.0154 3688   intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/07/05 00:07:32.0234 3688   intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/05 00:07:32.0352 3688   IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/05 00:07:32.0535 3688   IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/05 00:07:32.0607 3688   IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/05 00:07:32.0685 3688   irda            (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys
2011/07/05 00:07:32.0749 3688   IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/05 00:07:32.0838 3688   isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/07/05 00:07:32.0928 3688   iScsiPrt        (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/05 00:07:32.0999 3688   iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/05 00:07:33.0085 3688   iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/05 00:07:33.0156 3688   kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/05 00:07:33.0227 3688   kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/05 00:07:33.0362 3688   KSecDD          (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/05 00:07:33.0574 3688   lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/05 00:07:33.0723 3688   LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/05 00:07:33.0798 3688   LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/05 00:07:33.0873 3688   LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/05 00:07:33.0946 3688   luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/05 00:07:34.0026 3688   mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/07/05 00:07:34.0101 3688   megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/07/05 00:07:34.0198 3688   MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/07/05 00:07:34.0358 3688   Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/05 00:07:34.0448 3688   monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/05 00:07:34.0527 3688   mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/05 00:07:34.0600 3688   mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/05 00:07:34.0669 3688   MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/05 00:07:34.0736 3688   mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/07/05 00:07:34.0799 3688   mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/05 00:07:34.0893 3688   Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/05 00:07:34.0972 3688   MRxDAV          (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/05 00:07:35.0047 3688   mrxsmb          (cc752d233ef39875ca6885d9415ba869) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/05 00:07:35.0106 3688   mrxsmb10        (9049dddd4bd27d43d82f5968f1da76e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/05 00:07:35.0167 3688   mrxsmb20        (91dc069b6831ef564e7d8c97eaf0343e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/05 00:07:35.0241 3688   msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/07/05 00:07:35.0323 3688   msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/07/05 00:07:35.0455 3688   Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/05 00:07:35.0542 3688   msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/05 00:07:35.0654 3688   MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/05 00:07:35.0722 3688   MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/05 00:07:35.0782 3688   MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/05 00:07:35.0857 3688   MsRPC           (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/07/05 00:07:35.0950 3688   mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/05 00:07:36.0007 3688   MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/05 00:07:36.0080 3688   Mup             (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/07/05 00:07:36.0177 3688   NativeWifiP     (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/05 00:07:36.0279 3688   NDIS            (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/07/05 00:07:36.0391 3688   NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/05 00:07:36.0452 3688   Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/05 00:07:36.0544 3688   NdisWan         (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/05 00:07:36.0624 3688   NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/05 00:07:36.0695 3688   NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/05 00:07:36.0781 3688   netbt           (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/05 00:07:37.0100 3688   nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/05 00:07:37.0358 3688   Npfs            (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/07/05 00:07:37.0466 3688   NSCIRDA         (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys
2011/07/05 00:07:37.0561 3688   nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/05 00:07:37.0859 3688   Ntfs            (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/07/05 00:07:38.0107 3688   NTIDrvr         (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/07/05 00:07:38.0376 3688   ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/05 00:07:38.0521 3688   Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/05 00:07:38.0714 3688   nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/07/05 00:07:38.0771 3688   nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/07/05 00:07:38.0851 3688   nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/07/05 00:07:39.0077 3688   ohci1394        (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/05 00:07:39.0450 3688   Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/05 00:07:39.0733 3688   partmgr         (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/07/05 00:07:39.0796 3688   Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/05 00:07:40.0027 3688   pci             (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/07/05 00:07:40.0670 3688   pciide          (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/07/05 00:07:41.0500 3688   pcmcia          (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/05 00:07:42.0032 3688   PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/05 00:07:42.0438 3688   PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/05 00:07:42.0559 3688   Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
2011/07/05 00:07:42.0701 3688   PSched          (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/05 00:07:42.0771 3688   PSDFilter       (1dcbb35090cc4b2bd3d661e6089523c6) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/07/05 00:07:42.0825 3688   PSDNServ        (e26e46d619469964ac3609620f443867) C:\Windows\system32\DRIVERS\PSDNServ.sys
2011/07/05 00:07:42.0895 3688   psdvdisk        (3e1d134af2806867d06047c4cc33cc65) C:\Windows\system32\DRIVERS\PSDVdisk.sys
2011/07/05 00:07:43.0032 3688   ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/07/05 00:07:43.0134 3688   ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/05 00:07:43.0238 3688   QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/05 00:07:43.0305 3688   RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/05 00:07:43.0431 3688   Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/05 00:07:43.0512 3688   RasPppoe        (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/05 00:07:43.0696 3688   RasSstp         (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/05 00:07:43.0944 3688   rdbss           (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/05 00:07:44.0011 3688   RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/05 00:07:44.0115 3688   rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/07/05 00:07:44.0176 3688   RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/05 00:07:44.0448 3688   RDPWD           (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/07/05 00:07:44.0813 3688   rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/05 00:07:45.0142 3688   RTSTOR          (30af53469b2a60f693acb24fbd90abd7) C:\Windows\system32\drivers\RTSTOR.SYS
2011/07/05 00:07:45.0310 3688   SBKUPNT         (729248b54aff21e740054acebfdbcb1c) C:\Windows\system32\Drivers\SBKUPNT.SYS
2011/07/05 00:07:45.0371 3688   sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/05 00:07:45.0524 3688   sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/07/05 00:07:46.0009 3688   secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/05 00:07:46.0592 3688   Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/05 00:07:47.0462 3688   Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/05 00:07:48.0098 3688   sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/05 00:07:48.0557 3688   sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/07/05 00:07:49.0050 3688   sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/05 00:07:49.0558 3688   sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/05 00:07:50.0256 3688   sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/05 00:07:50.0449 3688   sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/07/05 00:07:50.0586 3688   SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/07/05 00:07:50.0652 3688   SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/07/05 00:07:50.0823 3688   Smb             (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/07/05 00:07:51.0022 3688   spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/05 00:07:51.0279 3688   srv             (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/07/05 00:07:51.0505 3688   srv2            (96512f4a30b741e7d33a7936b9abbc20) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/05 00:07:51.0610 3688   srvnet          (1c69e33e0e23626da5a34ca5ba0dd990) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/05 00:07:51.0779 3688   swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/05 00:07:51.0871 3688   Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/05 00:07:51.0941 3688   Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/05 00:07:52.0014 3688   Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/05 00:07:52.0091 3688   SynTP           (4c9bb4b3b9eac26211484c30b914c6dc) C:\Windows\system32\DRIVERS\SynTP.sys
2011/07/05 00:07:52.0440 3688   Tcpip           (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/07/05 00:07:52.0810 3688   Tcpip6          (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/05 00:07:53.0092 3688   tcpipreg        (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/05 00:07:53.0195 3688   TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/05 00:07:53.0260 3688   TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/05 00:07:53.0333 3688   tdx             (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/05 00:07:53.0398 3688   TermDD          (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/05 00:07:53.0687 3688   tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/05 00:07:53.0795 3688   tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/05 00:07:53.0902 3688   tunnel          (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/05 00:07:53.0991 3688   uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/07/05 00:07:54.0095 3688   UBHelper        (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
2011/07/05 00:07:54.0162 3688   udfs            (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/05 00:07:54.0474 3688   uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/05 00:07:54.0552 3688   uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/07/05 00:07:54.0638 3688   UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/05 00:07:54.0705 3688   ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/05 00:07:54.0783 3688   umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/05 00:07:54.0906 3688   usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/05 00:07:54.0989 3688   usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/05 00:07:55.0063 3688   usbehci         (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/05 00:07:55.0149 3688   usbfilter       (edca5124b54bcf04e5c0538aa397a9c1) C:\Windows\system32\DRIVERS\usbfilter.sys
2011/07/05 00:07:55.0217 3688   usbhub          (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/05 00:07:55.0299 3688   usbohci         (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/05 00:07:55.0352 3688   usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/07/05 00:07:55.0420 3688   USBSTOR         (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/05 00:07:55.0493 3688   usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/05 00:07:55.0568 3688   usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/07/05 00:07:55.0698 3688   vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/05 00:07:55.0758 3688   VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/05 00:07:55.0839 3688   viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/07/05 00:07:55.0922 3688   ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/07/05 00:07:55.0980 3688   viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/07/05 00:07:56.0044 3688   volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/05 00:07:56.0144 3688   volmgrx         (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/07/05 00:07:56.0222 3688   volsnap         (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/07/05 00:07:56.0294 3688   vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/07/05 00:07:56.0442 3688   WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/05 00:07:56.0505 3688   Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/05 00:07:56.0559 3688   Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/05 00:07:56.0717 3688   Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/07/05 00:07:56.0804 3688   Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/05 00:07:57.0118 3688   winachsf        (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/07/05 00:07:57.0411 3688   WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/05 00:07:57.0596 3688   WpdUsb          (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/07/05 00:07:57.0697 3688   ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/05 00:07:57.0869 3688   WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/05 00:07:57.0979 3688   XAudio          (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/07/05 00:07:58.0156 3688   {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (4d840c6af3c020ed3a35efba9025cf4a) C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
2011/07/05 00:07:58.0269 3688   MBR (0x1B8)     (9a60a21600304533d523088c7b447e29) \Device\Harddisk0\DR0
2011/07/05 00:07:58.0297 3688   \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/07/05 00:07:58.0364 3688   Boot (0x1200)   (1c3d9cedce07347f2b993f64ee6092fc) \Device\Harddisk0\DR0\Partition0
2011/07/05 00:07:58.0428 3688   Boot (0x1200)   (bf847cebcd4838a10c0a3fdb9fc40d62) \Device\Harddisk0\DR0\Partition1
2011/07/05 00:07:58.0466 3688   ================================================================================
2011/07/05 00:07:58.0466 3688   Scan finished
2011/07/05 00:07:58.0466 3688   ================================================================================
2011/07/05 00:07:58.0520 3908   Detected object count: 1
2011/07/05 00:07:58.0520 3908   Actual detected object count: 1
2011/07/05 00:08:14.0552 3908   \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/07/05 00:08:14.0565 3908   \Device\Harddisk0\DR0 - ok
2011/07/05 00:08:14.0568 3908   Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #7 on: July 04, 2011, 11:42:22 PM »

Ok.That should have fixed the redirect.....


Ok.All done.I see no more malware.Log looks good! All those detections are either in quarantine or system restore, both of which we'll be cleaning out in just a minute. Congratulations, well done.


Go to :
Start > Run then copy and paste the following highlighted (blue) text below into the box  and click OK.


ComboFix /uninstall






Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer. OTC is a small program that removes all the leftover tools and logs from cleanup of malware.


Please download OTC to your desktop.


Double-click OTC to run it. (Vista users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.


Here are some tips to reduce the potential for malware infection in the future; I strongly suggest that you read them and take them to heart so that you don't have to endure the process of cleaning your computer again.

Afterwork

Malware Prevention

How Did I Get Infected

More Tips on Prevention

=============================


Logged

An Australian Member of

EDDY
mrtubs
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 163


Bookmark and Share

View Profile
« Reply #8 on: July 06, 2011, 09:04:49 PM »

Many, many thanks for all your help. It really is appreciated.

Ian
Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #9 on: July 06, 2011, 10:48:23 PM »

Your welcome.
Logged

An Australian Member of

EDDY
mrtubs
Sr. Member
****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 163


Bookmark and Share

View Profile
« Reply #10 on: October 20, 2012, 01:30:08 PM »

Hi Pancake
After over a year of everything working OK, this problem has now returned.
Should I run the TDSS killer again?
Ian
Logged

 
BrideLide
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 34


Bookmark and Share

View Profile
« Reply #11 on: April 04, 2018, 01:03:12 AM »

well i think what happened was that all the other major search engines like yahoo and msn gave it up without a subpoena the issue with google is that they said no...but then they ended up selling out to the chinese.
Logged
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page April 10, 2018, 06:30:07 PM