Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google ReDirect?


  • Please log in to reply
8 replies to this topic

#1 TDase

TDase

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 07:53 AM

I believe I am infected with Google ReDirect virus. I don't actually get any error messages or notice any problem EXCEPT in Chrome or IE9 I can only load Google, Yahoo, or other search engines. I was unable to access bleepingcomputer.com from my home machine. I can download e-mail using Outlook.

I first thought it might be a DNS server issue and mistakenly blamed Google Music Beta for messing with my settings. But that does not appear to be the case.

I am running Win7 and use both IE9 and Chrome.

BC AdBot (Login to Remove)

 


#2 invision

invision

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 14 June 2011 - 08:22 AM

Follow this guide by boopme

Hello,lets first see if there is a malware here.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.4.0) from Kaspersky's website

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware



#3 TDase

TDase
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 08:33 AM

2011/06/14 09:26:05.0352 3960 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/14 09:26:05.0618 3960 ================================================================================
2011/06/14 09:26:05.0618 3960 SystemInfo:
2011/06/14 09:26:05.0618 3960
2011/06/14 09:26:05.0618 3960 OS Version: 6.1.7601 ServicePack: 1.0
2011/06/14 09:26:05.0618 3960 Product type: Workstation
2011/06/14 09:26:05.0618 3960 ComputerName: DASE-PC
2011/06/14 09:26:05.0618 3960 UserName: Tom
2011/06/14 09:26:05.0618 3960 Windows directory: C:\Windows
2011/06/14 09:26:05.0618 3960 System windows directory: C:\Windows
2011/06/14 09:26:05.0618 3960 Running under WOW64
2011/06/14 09:26:05.0618 3960 Processor architecture: Intel x64
2011/06/14 09:26:05.0618 3960 Number of processors: 8
2011/06/14 09:26:05.0618 3960 Page size: 0x1000
2011/06/14 09:26:05.0618 3960 Boot type: Normal boot
2011/06/14 09:26:05.0618 3960 ================================================================================
2011/06/14 09:26:05.0898 3960 Initialize success
2011/06/14 09:26:11.0951 3340 ================================================================================
2011/06/14 09:26:11.0951 3340 Scan started
2011/06/14 09:26:11.0951 3340 Mode: Manual;
2011/06/14 09:26:11.0951 3340 ================================================================================
2011/06/14 09:26:12.0076 3340 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/06/14 09:26:12.0092 3340 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/06/14 09:26:12.0107 3340 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/06/14 09:26:12.0123 3340 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/14 09:26:12.0154 3340 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/14 09:26:12.0170 3340 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/14 09:26:12.0201 3340 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/06/14 09:26:12.0216 3340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/06/14 09:26:12.0232 3340 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/06/14 09:26:12.0248 3340 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/06/14 09:26:12.0263 3340 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/14 09:26:12.0372 3340 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/06/14 09:26:12.0450 3340 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/06/14 09:26:12.0482 3340 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/14 09:26:12.0497 3340 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/06/14 09:26:12.0513 3340 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/14 09:26:12.0528 3340 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/06/14 09:26:12.0544 3340 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/06/14 09:26:12.0575 3340 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/06/14 09:26:12.0591 3340 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/14 09:26:12.0606 3340 asmthub3 (e1e75921e9eb025009696d4837f531fb) C:\Windows\system32\DRIVERS\asmthub3.sys
2011/06/14 09:26:12.0622 3340 asmtxhci (b0cf9ab16006b61634d4f955345ca5d2) C:\Windows\system32\DRIVERS\asmtxhci.sys
2011/06/14 09:26:12.0638 3340 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/14 09:26:12.0653 3340 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/06/14 09:26:12.0669 3340 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys
2011/06/14 09:26:12.0778 3340 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/06/14 09:26:12.0825 3340 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/06/14 09:26:12.0840 3340 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/06/14 09:26:12.0872 3340 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/06/14 09:26:12.0887 3340 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/14 09:26:12.0903 3340 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/14 09:26:12.0918 3340 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/14 09:26:12.0934 3340 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/14 09:26:12.0950 3340 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/06/14 09:26:12.0965 3340 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/14 09:26:12.0981 3340 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/14 09:26:12.0996 3340 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/14 09:26:13.0012 3340 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/14 09:26:13.0028 3340 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/14 09:26:13.0059 3340 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/14 09:26:13.0074 3340 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/14 09:26:13.0090 3340 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/06/14 09:26:13.0106 3340 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/14 09:26:13.0121 3340 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/06/14 09:26:13.0137 3340 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/06/14 09:26:13.0168 3340 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/14 09:26:13.0184 3340 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/06/14 09:26:13.0199 3340 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/14 09:26:13.0215 3340 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/06/14 09:26:13.0230 3340 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/06/14 09:26:13.0262 3340 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/06/14 09:26:13.0277 3340 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/06/14 09:26:13.0293 3340 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/14 09:26:13.0355 3340 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/06/14 09:26:13.0402 3340 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/14 09:26:13.0418 3340 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/06/14 09:26:13.0433 3340 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/06/14 09:26:13.0464 3340 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/06/14 09:26:13.0480 3340 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/14 09:26:13.0496 3340 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/06/14 09:26:13.0511 3340 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/06/14 09:26:13.0527 3340 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/14 09:26:13.0542 3340 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/06/14 09:26:13.0558 3340 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/06/14 09:26:13.0574 3340 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/14 09:26:13.0605 3340 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/14 09:26:13.0620 3340 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/14 09:26:13.0636 3340 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/14 09:26:13.0652 3340 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/14 09:26:13.0667 3340 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/06/14 09:26:13.0683 3340 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/06/14 09:26:13.0698 3340 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/14 09:26:13.0714 3340 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/14 09:26:13.0730 3340 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/14 09:26:13.0745 3340 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/14 09:26:13.0776 3340 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/06/14 09:26:13.0792 3340 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/06/14 09:26:13.0808 3340 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/14 09:26:13.0823 3340 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/06/14 09:26:13.0839 3340 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/06/14 09:26:13.0870 3340 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/14 09:26:13.0917 3340 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
2011/06/14 09:26:13.0932 3340 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/06/14 09:26:13.0948 3340 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/14 09:26:13.0964 3340 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/14 09:26:13.0979 3340 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/06/14 09:26:13.0995 3340 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/06/14 09:26:14.0010 3340 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/06/14 09:26:14.0026 3340 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/06/14 09:26:14.0057 3340 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/06/14 09:26:14.0073 3340 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/14 09:26:14.0088 3340 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/14 09:26:14.0104 3340 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/14 09:26:14.0120 3340 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/14 09:26:14.0135 3340 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/06/14 09:26:14.0151 3340 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/14 09:26:14.0182 3340 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/14 09:26:14.0198 3340 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/14 09:26:14.0213 3340 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/14 09:26:14.0229 3340 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/14 09:26:14.0244 3340 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/06/14 09:26:14.0260 3340 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/14 09:26:14.0276 3340 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/14 09:26:14.0307 3340 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/06/14 09:26:14.0322 3340 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/14 09:26:14.0338 3340 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/14 09:26:14.0354 3340 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/14 09:26:14.0369 3340 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/06/14 09:26:14.0385 3340 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/06/14 09:26:14.0400 3340 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/14 09:26:14.0416 3340 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/06/14 09:26:14.0432 3340 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/14 09:26:14.0447 3340 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/14 09:26:14.0463 3340 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/14 09:26:14.0478 3340 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/06/14 09:26:14.0494 3340 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/06/14 09:26:14.0525 3340 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/06/14 09:26:14.0541 3340 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/14 09:26:14.0556 3340 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/06/14 09:26:14.0572 3340 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/14 09:26:14.0588 3340 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/14 09:26:14.0603 3340 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/06/14 09:26:14.0619 3340 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/06/14 09:26:14.0634 3340 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/06/14 09:26:14.0650 3340 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/06/14 09:26:14.0666 3340 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/14 09:26:14.0697 3340 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/06/14 09:26:14.0712 3340 mv91cons (e53d9ab63917338d7ffe12e85310a636) C:\Windows\system32\DRIVERS\mv91cons.sys
2011/06/14 09:26:14.0728 3340 mv91xx (38b4c95e821528fb91df16a78e04450f) C:\Windows\system32\DRIVERS\mv91xx.sys
2011/06/14 09:26:14.0744 3340 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/14 09:26:14.0775 3340 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/06/14 09:26:14.0790 3340 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/14 09:26:14.0806 3340 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/14 09:26:14.0822 3340 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/14 09:26:14.0837 3340 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/14 09:26:14.0853 3340 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/06/14 09:26:14.0868 3340 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/14 09:26:14.0900 3340 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/14 09:26:14.0915 3340 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/14 09:26:14.0931 3340 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/06/14 09:26:14.0946 3340 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/14 09:26:14.0993 3340 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/06/14 09:26:15.0009 3340 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/06/14 09:26:15.0024 3340 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/06/14 09:26:15.0056 3340 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/06/14 09:26:15.0071 3340 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/06/14 09:26:15.0087 3340 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/06/14 09:26:15.0102 3340 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/06/14 09:26:15.0118 3340 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/06/14 09:26:15.0149 3340 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/06/14 09:26:15.0165 3340 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/06/14 09:26:15.0180 3340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/14 09:26:15.0196 3340 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/06/14 09:26:15.0212 3340 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/06/14 09:26:15.0258 3340 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/14 09:26:15.0274 3340 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/06/14 09:26:15.0290 3340 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/14 09:26:15.0305 3340 PSINAflt (118603a97cd639d25f4448dd25273173) C:\Windows\system32\DRIVERS\PSINAflt.sys
2011/06/14 09:26:15.0321 3340 PSINFile (bf625c0afaf796c80e3b75be2284fde8) C:\Windows\system32\DRIVERS\PSINFile.sys
2011/06/14 09:26:15.0336 3340 PSINKNC (18487175ba65c66acc6f94354f0552de) C:\Windows\system32\DRIVERS\psinknc.sys
2011/06/14 09:26:15.0352 3340 PSINProc (44f40ccaca74dcb1915398712fad8342) C:\Windows\system32\DRIVERS\PSINProc.sys
2011/06/14 09:26:15.0368 3340 PSINProt (38474fbd900a9e3199438fb372db8e36) C:\Windows\system32\DRIVERS\PSINProt.sys
2011/06/14 09:26:15.0383 3340 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/06/14 09:26:15.0414 3340 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/14 09:26:15.0446 3340 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/14 09:26:15.0461 3340 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/14 09:26:15.0477 3340 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/14 09:26:15.0492 3340 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/14 09:26:15.0508 3340 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/14 09:26:15.0539 3340 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/14 09:26:15.0555 3340 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/14 09:26:15.0570 3340 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/14 09:26:15.0586 3340 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/14 09:26:15.0602 3340 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/14 09:26:15.0617 3340 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/14 09:26:15.0633 3340 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/14 09:26:15.0648 3340 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/06/14 09:26:15.0664 3340 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/06/14 09:26:15.0695 3340 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/14 09:26:15.0711 3340 RTL8167 (16d4e350420baa7e63e16e3fc033e1f5) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/06/14 09:26:15.0726 3340 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/14 09:26:15.0742 3340 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/14 09:26:15.0773 3340 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/06/14 09:26:15.0804 3340 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/14 09:26:15.0820 3340 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/06/14 09:26:15.0836 3340 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/14 09:26:15.0851 3340 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/06/14 09:26:15.0867 3340 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/14 09:26:15.0882 3340 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/14 09:26:15.0898 3340 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/14 09:26:15.0929 3340 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/14 09:26:15.0945 3340 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/14 09:26:15.0960 3340 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/06/14 09:26:15.0976 3340 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/06/14 09:26:16.0007 3340 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/06/14 09:26:16.0023 3340 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/14 09:26:16.0038 3340 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/14 09:26:16.0054 3340 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/14 09:26:16.0085 3340 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/06/14 09:26:16.0116 3340 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/06/14 09:26:16.0179 3340 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/14 09:26:16.0194 3340 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/14 09:26:16.0210 3340 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/06/14 09:26:16.0226 3340 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/06/14 09:26:16.0241 3340 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/14 09:26:16.0257 3340 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/06/14 09:26:16.0288 3340 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/14 09:26:16.0304 3340 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/06/14 09:26:16.0319 3340 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/14 09:26:16.0335 3340 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/14 09:26:16.0350 3340 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/14 09:26:16.0382 3340 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/14 09:26:16.0397 3340 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/14 09:26:16.0413 3340 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/14 09:26:16.0428 3340 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/06/14 09:26:16.0444 3340 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/14 09:26:16.0460 3340 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/06/14 09:26:16.0475 3340 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
2011/06/14 09:26:16.0491 3340 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/06/14 09:26:16.0506 3340 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/14 09:26:16.0522 3340 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/14 09:26:16.0553 3340 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/14 09:26:16.0569 3340 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/14 09:26:16.0584 3340 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/14 09:26:16.0600 3340 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/06/14 09:26:16.0616 3340 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/14 09:26:16.0631 3340 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/06/14 09:26:16.0647 3340 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/06/14 09:26:16.0662 3340 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/06/14 09:26:16.0678 3340 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/06/14 09:26:16.0694 3340 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/06/14 09:26:16.0709 3340 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/06/14 09:26:16.0740 3340 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/14 09:26:16.0756 3340 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/06/14 09:26:16.0772 3340 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/14 09:26:16.0787 3340 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/14 09:26:16.0803 3340 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/14 09:26:16.0818 3340 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/06/14 09:26:16.0834 3340 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
2011/06/14 09:26:16.0850 3340 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/14 09:26:16.0896 3340 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/14 09:26:16.0912 3340 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/06/14 09:26:16.0943 3340 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/14 09:26:16.0959 3340 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/14 09:26:16.0974 3340 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/14 09:26:17.0006 3340 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/06/14 09:26:17.0021 3340 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/14 09:26:17.0037 3340 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
2011/06/14 09:26:17.0037 3340 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/14 09:26:17.0052 3340 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
2011/06/14 09:26:17.0068 3340 MBR (0x1B8) (ccee28f1e86fe65e1dc043d7472722bb) \Device\Harddisk3\DR3
2011/06/14 09:26:17.0084 3340 MBR (0x1B8) (9ea3c774c540dd0b7fc5d1a94ca173f1) \Device\Harddisk4\DR4
2011/06/14 09:26:17.0630 3340 ================================================================================
2011/06/14 09:26:17.0630 3340 Scan finished
2011/06/14 09:26:17.0630 3340 ================================================================================
2011/06/14 09:26:17.0630 1452 Detected object count: 0
2011/06/14 09:26:17.0630 1452 Actual detected object count: 0

+++++++++++++++++++++++++++++++
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6853

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

6/14/2011 9:29:33 AM
mbam-log-2011-06-14 (09-29-33).txt

Scan type: Quick scan
Objects scanned: 177424
Time elapsed: 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 TDase

TDase
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 08:35 AM

As the logs indicate, nothing was found. Connecting my machine to the network at the office I can connect normally to the internet. I don't know if this is because the problem was fixed somehow in running the two scans (even though they didn't find anything) or if this indicates that the problem may be on the hardware side with my home connection.

#5 invision

invision

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 14 June 2011 - 08:39 AM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Users, Partitions and Memory size.
  • List Minidump Files.


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

#6 TDase

TDase
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 08:48 AM

MiniToolBox by Farbar
Ran by Tom (administrator) on 14-06-2011 at 09:46:33
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************


================= Flush DNS: ==============================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

================= End of Flush DNS ========================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= End of IE Proxy Settings ========================

"Reset IE Proxy Settings": Proxy Settings were reset.

=============== Hosts content: ============================================

127.0.0.1 localhost

=============== End of Hosts ==============================================

================= IP Configuration: =======================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dase-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ponzio.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : ponzio.local
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : BC-AE-C5-69-D8-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1451:c2c2:43d3:75cb%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.119(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 14, 2011 9:39:32 AM
Lease Expires . . . . . . . . . . : Wednesday, June 22, 2011 9:39:31 AM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.5
DHCPv6 IAID . . . . . . . . . . . : 247246533
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-13-0A-50-BC-AE-C5-69-D8-A1
DNS Servers . . . . . . . . . . . : 10.0.0.5
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.ponzio.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ponzio.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.5

Name: google.com
Addresses: 74.125.115.147
74.125.115.104
74.125.115.106
74.125.115.103
74.125.115.99
74.125.115.105


Pinging google.com [74.125.115.104] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 74.125.115.104:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: UnKnown
Address: 10.0.0.5

Name: yahoo.com
Addresses: 72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76
69.147.125.65


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...bc ae c5 69 d8 a1 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.119 10
10.0.0.0 255.255.255.0 On-link 10.0.0.119 266
10.0.0.119 255.255.255.255 On-link 10.0.0.119 266
10.0.0.255 255.255.255.255 On-link 10.0.0.119 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.119 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.119 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::1451:c2c2:43d3:75cb/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

================= End of IP Configuration =================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/13/2011 09:48:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c, This service cannot be started in Safe Mode
.


Operation:
Instantiating VSS server

Error: (06/13/2011 09:48:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]


Operation:
Instantiating VSS server

Error: (06/13/2011 09:08:49 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location L:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (06/10/2011 09:12:11 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (06/10/2011 09:12:11 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (06/10/2011 09:12:11 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (06/10/2011 09:12:11 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (06/10/2011 09:06:51 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error: (06/10/2011 09:06:51 PM) (Source: Outlook) (User: )
Description: Failed to get the Crawl Scope Manager with error=0x8007043c.

Error: (06/10/2011 09:06:50 PM) (Source: Outlook) (User: )
Description: Failed to determine if the store is in the crawl scope (error=0x8007043c).


System errors:
=============
Error: (06/14/2011 09:38:27 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (06/14/2011 09:31:56 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (06/14/2011 09:29:43 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR5.

Error: (06/14/2011 09:29:42 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR5.

Error: (06/14/2011 09:29:42 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR5.

Error: (06/14/2011 09:27:52 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:27:14 AM on ?6/?14/?2011 was unexpected.

Error: (06/14/2011 09:24:23 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/14/2011 09:24:23 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/14/2011 09:24:22 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/14/2011 09:24:17 AM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================

========================= End of Event log errors =========================

========================= Memory info: ====================================

Percentage of memory in use: 17%
Total physical RAM: 8173.4 MB
Available physical RAM: 6702.89 MB
Total Pagefile: 16345 MB
Available Pagefile: 14764.46 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.86 MB

======================= Partitions: =======================================

1 Drive c: () (Fixed) (Total:55.9 GB) (Free:7.76 GB) NTFS
2 Drive d: (Storage) (Fixed) (Total:465.76 GB) (Free:201.48 GB) NTFS
3 Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
4 Drive f: (Program Files) (Fixed) (Total:34.48 GB) (Free:25.77 GB) NTFS
5 Drive g: (Program Files (x86)) (Fixed) (Total:34.36 GB) (Free:33.08 GB) NTFS

================= Users: ==================================================

User accounts for \\DASE-PC

-------------------------------------------------------------------------------
Administrator Guest Sam
Tom
The command completed successfully.

================= End of Users ============================================

=========================== Minidump Files ====================

No minidump file found

=========================== End oF Minidump Files =============

#7 TDase

TDase
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 08:49 AM

I appreciate the immediacy of your responses, but at this point I think it would be best if I wait until I am able to reconnect to my router at home to see if the issue returns. Once I am home I will see what happens and either post that the issue is resolved or continue with troubleshooting/cleaning.

Thanks!

Tom

#8 TDase

TDase
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 07:38 PM

So I got home and can still only get to google.com and other search engines and westell.com (I have Verizon DSL with a Westell 327W modem/wireless router). My iPhone still has full connectivity via WiFi and I can still access mail servers.

Ran TDSSKiller and nothing was found.

Does this still sound like a possible malware issue, bad DNS or other setting, or should I be on the phone with Verizon?

#9 TDase

TDase
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 14 June 2011 - 07:50 PM

When page didn't load I got the following error in Chrome:

Error 7 (net::ERR_TIMED_OUT): The operation timed out.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users