Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 [2] 3  All   Go Down

Author Topic: Google redirect & random ads  (Read 29646 times)

0 Members and 1 Guest are viewing this topic.

SuperDave

  • Malware Removal Specialist


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: Google redirect & random ads
« Reply #15 on: November 11, 2010, 07:09:25 AM »
I forgot. What browser are you using?
Logged
Windows 8 and Windows 10 dual boot with two SSD's

Addicted2Apples

    Topic Starter


    Rookie

    • Experience: Beginner
    • OS: Windows 7
    Re: Google redirect & random ads
    « Reply #16 on: November 11, 2010, 10:00:05 AM »
    firefox
    Logged

    SuperDave

    • Malware Removal Specialist


      • Genius
      • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: Google redirect & random ads
    « Reply #17 on: November 12, 2010, 01:12:58 PM »
    Please try un-installing and re-installing FireFox.
    Logged
    Windows 8 and Windows 10 dual boot with two SSD's

    Addicted2Apples

      Topic Starter


      Rookie

      • Experience: Beginner
      • OS: Windows 7
      Re: Google redirect & random ads
      « Reply #18 on: November 15, 2010, 08:21:43 PM »
      i did that but it didn't work
      Logged

      Addicted2Apples

        Topic Starter


        Rookie

        • Experience: Beginner
        • OS: Windows 7
        Re: Google redirect & random ads
        « Reply #19 on: November 15, 2010, 08:24:29 PM »
        and for some reason my yahoo email got hacked too although im not sure if it's related. and i forgot to mention that i still get google redirect when i was using the IE browser
        Logged

        SuperDave

        • Malware Removal Specialist


          • Genius
          • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: Google redirect & random ads
        « Reply #20 on: November 16, 2010, 01:17:35 PM »
        Could you please run the SAS, MBAM and OTL scan again as described in Reply #1 and post the logs. 

        Logged
        Windows 8 and Windows 10 dual boot with two SSD's

        Addicted2Apples

          Topic Starter


          Rookie

          • Experience: Beginner
          • OS: Windows 7
          Re: Google redirect & random ads
          « Reply #21 on: November 17, 2010, 02:10:39 AM »
          SUPERAntiSpyware Scan Log
          http://www.superantispyware.com

          Generated 11/17/2010 at 00:25 AM

          Application Version : 4.45.1000

          Core Rules Database Version : 5873
          Trace Rules Database Version: 3685

          Scan type       : Complete Scan
          Total Scan Time : 01:07:42

          Memory items scanned      : 900
          Memory threats detected   : 0
          Registry items scanned    : 13735
          Registry threats detected : 0
          File items scanned        : 134687
          File threats detected     : 27

          Adware.Tracking Cookie
             C:\Users\Naked_Prince\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
             C:\Users\Naked_Prince\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
             C:\Users\Naked_Prince\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
             C:\Users\Naked_Prince\AppData\Roaming\Microsoft\Windows\Cookies\naked_prince@tacoda[2].txt
             C:\Users\Naked_Prince\AppData\Roaming\Microsoft\Windows\Cookies\naked_prince@atwola[1].txt
             statse.webtrendslive.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             www.free-counter.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .statcounter.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .imrworldwide.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .imrworldwide.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .apmebf.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .fastclick.net [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .fastclick.net [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .fastclick.net [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .fastclick.net [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .fastclick.net [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .2o7.net [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .tripod.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             s01.flagcounter.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             .soundclick.com [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]
             *Blocked Russian URL* [ C:\Users\Naked_Prince\AppData\Roaming\Mozilla\Firefox\Profiles\s7zxuqul.default\cookies.sqlite ]




          Malwarebytes' Anti-Malware 1.46
          www.malwarebytes.org

          Database version: 4866

          Windows 6.1.7600
          Internet Explorer 8.0.7600.16385

          10/17/2010 9:12:32 PM
          mbam-log-2010-10-17 (21-12-32).txt

          Scan type: Quick scan
          Objects scanned: 139017
          Time elapsed: 3 minute(s), 12 second(s)

          Memory Processes Infected: 0
          Memory Modules Infected: 0
          Registry Keys Infected: 0
          Registry Values Infected: 0
          Registry Data Items Infected: 0
          Folders Infected: 0
          Files Infected: 5

          Memory Processes Infected:
          (No malicious items detected)

          Memory Modules Infected:
          (No malicious items detected)

          Registry Keys Infected:
          (No malicious items detected)

          Registry Values Infected:
          (No malicious items detected)

          Registry Data Items Infected:
          (No malicious items detected)

          Folders Infected:
          (No malicious items detected)

          Files Infected:
          C:\Users\Naked_Prince\AppData\Local\Temp\12E9.tmp.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
          C:\Users\Naked_Prince\AppData\Local\Temp\1327.tmp.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
          C:\Users\Naked_Prince\AppData\Local\Temp\6B9.tmp.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
          C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
          C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> Quarantined and deleted successfully.


          [recovering disk space - old attachment deleted by admin]
          « Last Edit: November 17, 2010, 02:39:29 AM by Addicted2Apples »
          Logged

          SuperDave

          • Malware Removal Specialist


            • Genius
            • Thanked: 1020
          • Certifications: List
          • Experience: Expert
          • OS: Windows 10
          Re: Google redirect & random ads
          « Reply #22 on: November 17, 2010, 12:07:48 PM »
          Quote
          and for some reason my yahoo email got hacked too although im not sure if it's related. and i forgot to mention that i still get google redirect when i was using the IE browser
          What exactly do you mean by email got hacked?
          Are your google redirects always to the same site?

          • Download TDSSKiller and save it to your Desktop.
          • Extract its contents to your desktop.
          • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
          • If an infected file is detected, the default action will be Cure, click on Continue.
          • If a suspicious file is detected, the default action will be Skip, click on Continue.
          • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
          • Click the Report button and copy/paste the contents of it into your next reply
          Note:It will also create a log in the C:\ directory..

          Logged
          Windows 8 and Windows 10 dual boot with two SSD's

          Addicted2Apples

            Topic Starter


            Rookie

            • Experience: Beginner
            • OS: Windows 7
            Re: Google redirect & random ads
            « Reply #23 on: November 17, 2010, 05:38:18 PM »
            like someone used my email and sent a link to the people in my contact list. I was being inform by one of the person in my contact list and the google redirects would redirect me to different sites.

            2010/11/17 16:31:08.0362   TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
            2010/11/17 16:31:08.0362   ================================================================================
            2010/11/17 16:31:08.0362   SystemInfo:
            2010/11/17 16:31:08.0362   
            2010/11/17 16:31:08.0362   OS Version: 6.1.7600 ServicePack: 0.0
            2010/11/17 16:31:08.0362   Product type: Workstation
            2010/11/17 16:31:08.0362   ComputerName: HIBARI
            2010/11/17 16:31:08.0363   UserName: Naked_Prince
            2010/11/17 16:31:08.0363   Windows directory: C:\Windows
            2010/11/17 16:31:08.0363   System windows directory: C:\Windows
            2010/11/17 16:31:08.0363   Running under WOW64
            2010/11/17 16:31:08.0363   Processor architecture: Intel x64
            2010/11/17 16:31:08.0363   Number of processors: 8
            2010/11/17 16:31:08.0363   Page size: 0x1000
            2010/11/17 16:31:08.0363   Boot type: Normal boot
            2010/11/17 16:31:08.0363   ================================================================================
            2010/11/17 16:31:08.0364   Utility is running under WOW64
            2010/11/17 16:31:08.0717   Initialize success
            2010/11/17 16:31:12.0163   ================================================================================
            2010/11/17 16:31:12.0163   Scan started
            2010/11/17 16:31:12.0163   Mode: Manual;
            2010/11/17 16:31:12.0163   ================================================================================
            2010/11/17 16:31:13.0706   1394ohci        (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys
            2010/11/17 16:31:13.0756   Acceler         (c49c56b35bfc6cda8d1fdcad2885568f) C:\Windows\system32\DRIVERS\Acceler.sys
            2010/11/17 16:31:13.0834   ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
            2010/11/17 16:31:13.0879   AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
            2010/11/17 16:31:13.0955   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
            2010/11/17 16:31:14.0001   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
            2010/11/17 16:31:14.0038   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
            2010/11/17 16:31:14.0127   AFD             (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
            2010/11/17 16:31:14.0184   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
            2010/11/17 16:31:14.0246   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
            2010/11/17 16:31:14.0295   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
            2010/11/17 16:31:14.0347   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
            2010/11/17 16:31:14.0387   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
            2010/11/17 16:31:14.0443   amdsata         (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
            2010/11/17 16:31:14.0491   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
            2010/11/17 16:31:14.0534   amdxata         (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
            2010/11/17 16:31:14.0581   AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
            2010/11/17 16:31:14.0647   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
            2010/11/17 16:31:14.0674   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
            2010/11/17 16:31:14.0726   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
            2010/11/17 16:31:14.0768   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
            2010/11/17 16:31:14.0819   AtiHdmiService  (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
            2010/11/17 16:31:15.0024   atikmdag        (b5fb227a09a9ec28163fa4b45487c3c7) C:\Windows\system32\DRIVERS\atikmdag.sys
            2010/11/17 16:31:15.0320   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
            2010/11/17 16:31:15.0379   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
            2010/11/17 16:31:15.0424   BCM42RLY        (5c0f919666954885d7760dffe4b29a25) C:\Windows\system32\drivers\BCM42RLY.sys
            2010/11/17 16:31:15.0553   BCM43XX         (bab887a2b2786310a966881f074f4a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
            2010/11/17 16:31:15.0713   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
            2010/11/17 16:31:15.0789   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
            2010/11/17 16:31:15.0853   bowser          (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
            2010/11/17 16:31:15.0907   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
            2010/11/17 16:31:15.0938   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
            2010/11/17 16:31:15.0988   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
            2010/11/17 16:31:16.0015   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
            2010/11/17 16:31:16.0061   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
            2010/11/17 16:31:16.0099   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
            2010/11/17 16:31:16.0142   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
            2010/11/17 16:31:16.0216   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
            2010/11/17 16:31:16.0286   cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
            2010/11/17 16:31:16.0367   cfwids          (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys
            2010/11/17 16:31:16.0444   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
            2010/11/17 16:31:16.0520   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
            2010/11/17 16:31:16.0609   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
            2010/11/17 16:31:16.0652   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
            2010/11/17 16:31:16.0701   CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
            2010/11/17 16:31:16.0746   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
            2010/11/17 16:31:16.0799   CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
            2010/11/17 16:31:16.0848   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
            2010/11/17 16:31:16.0915   CtClsFlt        (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
            2010/11/17 16:31:16.0991   DfsC            (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
            2010/11/17 16:31:17.0018   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
            2010/11/17 16:31:17.0068   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
            2010/11/17 16:31:17.0162   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
            2010/11/17 16:31:17.0227   DXGKrnl         (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
            2010/11/17 16:31:17.0387   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
            2010/11/17 16:31:17.0594   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
            2010/11/17 16:31:17.0642   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
            2010/11/17 16:31:17.0706   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
            2010/11/17 16:31:17.0741   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
            2010/11/17 16:31:17.0823   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
            2010/11/17 16:31:17.0876   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
            2010/11/17 16:31:17.0899   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
            2010/11/17 16:31:17.0925   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
            2010/11/17 16:31:17.0980   FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
            2010/11/17 16:31:18.0022   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
            2010/11/17 16:31:18.0054   Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
            2010/11/17 16:31:18.0114   fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
            2010/11/17 16:31:18.0191   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
            2010/11/17 16:31:18.0231   GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
            2010/11/17 16:31:18.0283   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
            2010/11/17 16:31:18.0318   HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
            2010/11/17 16:31:18.0359   HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
            2010/11/17 16:31:18.0533   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
            2010/11/17 16:31:18.0672   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
            2010/11/17 16:31:18.0886   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
            2010/11/17 16:31:19.0090   HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
            2010/11/17 16:31:19.0160   HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
            2010/11/17 16:31:19.0229   HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
            2010/11/17 16:31:19.0283   hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
            2010/11/17 16:31:19.0338   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
            2010/11/17 16:31:19.0402   iaStorV         (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
            2010/11/17 16:31:19.0471   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
            2010/11/17 16:31:19.0544   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
            2010/11/17 16:31:19.0574   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
            2010/11/17 16:31:19.0620   IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
            2010/11/17 16:31:19.0672   IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
            2010/11/17 16:31:19.0709   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
            2010/11/17 16:31:19.0775   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
            2010/11/17 16:31:19.0840   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
            2010/11/17 16:31:19.0895   iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
            2010/11/17 16:31:19.0946   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
            2010/11/17 16:31:19.0996   kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
            2010/11/17 16:31:20.0040   KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
            2010/11/17 16:31:20.0236   KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
            2010/11/17 16:31:20.0366   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
            2010/11/17 16:31:20.0428   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
            2010/11/17 16:31:20.0493   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
            2010/11/17 16:31:20.0554   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
            2010/11/17 16:31:20.0590   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
            2010/11/17 16:31:20.0619   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
            2010/11/17 16:31:20.0662   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
            2010/11/17 16:31:20.0779   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
            2010/11/17 16:31:20.0836   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
            2010/11/17 16:31:20.0897   mfeapfk         (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys
            2010/11/17 16:31:20.0944   mfeavfk         (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys
            2010/11/17 16:31:21.0097   mfefirek        (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys
            2010/11/17 16:31:21.0204   mfehidk         (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys
            2010/11/17 16:31:21.0307   mfenlfk         (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys
            2010/11/17 16:31:21.0367   mferkdet        (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys
            2010/11/17 16:31:21.0475   mfewfpk         (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys
            2010/11/17 16:31:21.0575   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
            2010/11/17 16:31:21.0614   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
            2010/11/17 16:31:21.0682   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
            2010/11/17 16:31:21.0730   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
            2010/11/17 16:31:21.0787   mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
            2010/11/17 16:31:21.0830   mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
            2010/11/17 16:31:21.0855   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
            2010/11/17 16:31:21.0896   MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
            2010/11/17 16:31:21.0941   mrxsmb          (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
            2010/11/17 16:31:22.0030   mrxsmb10        (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
            2010/11/17 16:31:22.0080   mrxsmb20        (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
            2010/11/17 16:31:22.0149   msahci          (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
            2010/11/17 16:31:22.0226   msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
            2010/11/17 16:31:22.0272   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
            2010/11/17 16:31:22.0304   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
            2010/11/17 16:31:22.0345   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
            2010/11/17 16:31:22.0412   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
            2010/11/17 16:31:22.0459   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
            2010/11/17 16:31:22.0491   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
            2010/11/17 16:31:22.0539   MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
            2010/11/17 16:31:22.0615   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
            2010/11/17 16:31:22.0639   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
            2010/11/17 16:31:22.0674   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
            2010/11/17 16:31:22.0724   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
            2010/11/17 16:31:22.0784   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
            2010/11/17 16:31:22.0862   NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
            2010/11/17 16:31:22.0922   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
            2010/11/17 16:31:22.0980   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
            2010/11/17 16:31:23.0007   Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
            2010/11/17 16:31:23.0038   NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
            2010/11/17 16:31:23.0085   NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
            2010/11/17 16:31:23.0117   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
            2010/11/17 16:31:23.0153   NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
            2010/11/17 16:31:23.0212   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
            2010/11/17 16:31:23.0254   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
            2010/11/17 16:31:23.0273   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
            2010/11/17 16:31:23.0351   Ntfs            (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
            2010/11/17 16:31:23.0418   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
            2010/11/17 16:31:23.0467   nvraid          (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
            2010/11/17 16:31:23.0507   nvstor          (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
            2010/11/17 16:31:23.0561   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
            2010/11/17 16:31:23.0619   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
            2010/11/17 16:31:23.0689   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
            2010/11/17 16:31:23.0723   partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
            2010/11/17 16:31:23.0772   pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
            2010/11/17 16:31:23.0806   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
            2010/11/17 16:31:23.0841   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
            2010/11/17 16:31:23.0883   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
            2010/11/17 16:31:23.0919   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
            2010/11/17 16:31:24.0034   PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
            2010/11/17 16:31:24.0077   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
            2010/11/17 16:31:24.0136   Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
            2010/11/17 16:31:24.0183   PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
            2010/11/17 16:31:24.0304   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
            2010/11/17 16:31:24.0367   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
            2010/11/17 16:31:24.0405   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
            2010/11/17 16:31:24.0468   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
            2010/11/17 16:31:24.0524   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
            2010/11/17 16:31:24.0566   Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
            2010/11/17 16:31:24.0607   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
            2010/11/17 16:31:24.0632   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
            2010/11/17 16:31:24.0661   rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
            2010/11/17 16:31:24.0696   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
            2010/11/17 16:31:24.0741   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
            2010/11/17 16:31:24.0779   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
            2010/11/17 16:31:24.0803   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
            2010/11/17 16:31:24.0839   RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
            2010/11/17 16:31:24.0879   rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
            2010/11/17 16:31:24.0936   rimmptsk        (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys
            2010/11/17 16:31:25.0017   rimspci         (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
            2010/11/17 16:31:25.0080   rimsptsk        (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys
            2010/11/17 16:31:25.0138   risdpcie        (a6da2b0c8f5bb3f9f5423cff8d6a02d9) C:\Windows\system32\DRIVERS\risdpe64.sys
            2010/11/17 16:31:25.0190   rismxdp         (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys
            2010/11/17 16:31:25.0247   rixdpcie        (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
            2010/11/17 16:31:25.0443   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
            2010/11/17 16:31:25.0518   RTL8167         (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
            2010/11/17 16:31:25.0681   SASDIFSV        (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
            2010/11/17 16:31:25.0742   SASKUTIL        (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
            2010/11/17 16:31:25.0792   sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
            2010/11/17 16:31:25.0819   scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
            2010/11/17 16:31:25.0900   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
            2010/11/17 16:31:25.0966   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
            2010/11/17 16:31:26.0027   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
            2010/11/17 16:31:26.0080   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
            2010/11/17 16:31:26.0156   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
            2010/11/17 16:31:26.0188   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
            2010/11/17 16:31:26.0216   sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
            2010/11/17 16:31:26.0270   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
            2010/11/17 16:31:26.0333   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
            2010/11/17 16:31:26.0363   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
            2010/11/17 16:31:26.0411   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
            2010/11/17 16:31:26.0456   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
            2010/11/17 16:31:26.0530   srv             (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
            2010/11/17 16:31:26.0650   srv2            (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
            2010/11/17 16:31:26.0725   srvnet          (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
            2010/11/17 16:31:26.0826   stdflt          (c48e0745d33897c7a73394214f2b9b4f) C:\Windows\system32\DRIVERS\stdflt.sys
            2010/11/17 16:31:26.0898   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
            2010/11/17 16:31:26.0958   STHDA           (caf5a9708671b14b9670260735b22c4e) C:\Windows\system32\DRIVERS\stwrt64.sys
            2010/11/17 16:31:27.0028   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
            2010/11/17 16:31:27.0089   SynTP           (639b57dc871be4b86283027faf1f4e30) C:\Windows\system32\DRIVERS\SynTP.sys
            2010/11/17 16:31:27.0223   Tcpip           (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
            2010/11/17 16:31:27.0403   TCPIP6          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
            2010/11/17 16:31:27.0450   tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
            2010/11/17 16:31:27.0483   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
            2010/11/17 16:31:27.0508   TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
            2010/11/17 16:31:27.0549   tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
            2010/11/17 16:31:27.0587   TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
            2010/11/17 16:31:27.0642   tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
            2010/11/17 16:31:27.0701   tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
            2010/11/17 16:31:27.0766   TurboB          (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
            2010/11/17 16:31:27.0839   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
            2010/11/17 16:31:27.0889   udfs            (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
            2010/11/17 16:31:27.0988   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
            2010/11/17 16:31:28.0041   umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
            2010/11/17 16:31:28.0085   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
            2010/11/17 16:31:28.0152   USBAAPL64       (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
            2010/11/17 16:31:28.0253   usbccgp         (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
            2010/11/17 16:31:28.0310   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
            2010/11/17 16:31:28.0369   usbehci         (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
            2010/11/17 16:31:28.0469   usbhub          (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
            2010/11/17 16:31:28.0551   usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
            2010/11/17 16:31:28.0593   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
            2010/11/17 16:31:28.0646   usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
            2010/11/17 16:31:28.0689   USBSTOR         (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
            2010/11/17 16:31:28.0741   usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
            2010/11/17 16:31:28.0809   usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
            2010/11/17 16:31:28.0908   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
            2010/11/17 16:31:28.0979   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
            2010/11/17 16:31:29.0018   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
            2010/11/17 16:31:29.0047   vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
            2010/11/17 16:31:29.0089   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
            2010/11/17 16:31:29.0124   volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
            2010/11/17 16:31:29.0160   volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
            2010/11/17 16:31:29.0196   volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
            2010/11/17 16:31:29.0265   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
            2010/11/17 16:31:29.0324   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
            2010/11/17 16:31:29.0370   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
            2010/11/17 16:31:29.0439   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
            2010/11/17 16:31:29.0512   WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
            2010/11/17 16:31:29.0537   Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
            2010/11/17 16:31:29.0592   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
            2010/11/17 16:31:29.0662   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
            2010/11/17 16:31:29.0796   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
            2010/11/17 16:31:29.0849   WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
            2010/11/17 16:31:29.0933   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
            2010/11/17 16:31:30.0014   WinUsb          (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
            2010/11/17 16:31:30.0130   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
            2010/11/17 16:31:30.0198   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
            2010/11/17 16:31:30.0250   WudfPf          (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
            2010/11/17 16:31:30.0338   WUDFRd          (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
            2010/11/17 16:31:30.0586   \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
            2010/11/17 16:31:30.0590   ================================================================================
            2010/11/17 16:31:30.0590   Scan finished
            2010/11/17 16:31:30.0590   ================================================================================
            2010/11/17 16:31:30.0601   Detected object count: 1
            2010/11/17 16:32:32.0851   \HardDisk0 - will be cured after reboot
            2010/11/17 16:32:32.0851   Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
            2010/11/17 16:32:49.0948   Deinitialize success
            Logged

            SuperDave

            • Malware Removal Specialist


              • Genius
              • Thanked: 1020
            • Certifications: List
            • Experience: Expert
            • OS: Windows 10
            Re: Google redirect & random ads
            « Reply #24 on: November 18, 2010, 12:25:20 PM »
            Ok. Let's run this scan to see if all the rootkits are gone.

            Download the GMER Rootkit Scanner. Unzip it to your Desktop.

            Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

            Double-click gmer.exe. The program will begin to run.

            **Caution**
            These types of scans can produce false positives. Do NOT take any action on any             "<--- ROOKIT" entries unless advised!

            If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
            • Click NO
            • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
            • Now click the Scan button.
            • Once the scan is complete, you may receive another notice about rootkit activity.
            • Click OK.
            • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
            • Save it where you can easily find it, such as your desktop.
            Logged
            Windows 8 and Windows 10 dual boot with two SSD's

            Addicted2Apples

              Topic Starter


              Rookie

              • Experience: Beginner
              • OS: Windows 7
              Re: Google redirect & random ads
              « Reply #25 on: November 18, 2010, 09:31:01 PM »
              When I run the program, i think it started running like you said but then after nothing happen after that. Then I clicked scan and after it finished there was no log showing up.
              Logged

              SuperDave

              • Malware Removal Specialist


                • Genius
                • Thanked: 1020
              • Certifications: List
              • Experience: Expert
              • OS: Windows 10
              Re: Google redirect & random ads
              « Reply #26 on: November 19, 2010, 10:44:01 AM »
              Quote
              When I run the program, i think it started running like you said but then after nothing happen after that. Then I clicked scan and after it finished there was no log showing up.
              You can try looking on your C drive for the log or do a search for *.txt  This will show all the txt files on your computer.
              If you can't find it, we'll try another tool.
              Logged
              Windows 8 and Windows 10 dual boot with two SSD's

              Addicted2Apples

                Topic Starter


                Rookie

                • Experience: Beginner
                • OS: Windows 7
                Re: Google redirect & random ads
                « Reply #27 on: November 19, 2010, 09:56:38 PM »
                i can't find the log. and it seems that the popup is gone since the rookit was removed with GMER scan :)
                Logged

                SuperDave

                • Malware Removal Specialist


                  • Genius
                  • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: Google redirect & random ads
                « Reply #28 on: November 20, 2010, 11:32:48 AM »
                Ok. Please run the ESET scan again as recommended in Reply # 3
                Logged
                Windows 8 and Windows 10 dual boot with two SSD's

                Addicted2Apples

                  Topic Starter


                  Rookie

                  • Experience: Beginner
                  • OS: Windows 7
                  Re: Google redirect & random ads
                  « Reply #29 on: November 21, 2010, 03:41:11 AM »
                  there isnt any threats found on ESET scan so there's no export log option
                  Logged
                  Pages: 1 [2] 3  All   Go Up
                  « previous next »