Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can anyone help me please.....:(


  • This topic is locked This topic is locked
11 replies to this topic

#1 solveme

solveme

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 27 July 2011 - 04:30 AM

ok.....just had a tec out to fix 6 computers ............ ( rounter poisoned... no 6)

paid the bill got 3 days grace then it all has begun again........ browser goes to what it wants...... and then everything else decides it will do its own thing too......

ran rootkit scanner and shows rootkit infections ...... have logs already done ........ ready to post..........


please somebody help me understand why my p.c is acting possessed....

ok not sure if i have to post a log or not..... and clearer outline of problems.... so here goes
since december 2011 i have had 5 laptops all go nuts..... all been put back to factory settings around 7 times .....

i am using router no 7........$1000's of dollars in excess of 100 hours on phone to bigpond........ after and still no answer!

internet connection on all pc said no connection router lights all green icon says connected...... explorer,mozilla,chrome,opera browsers all same problem....all say invalid rsa certificates and web page is being redirected...also iphone...all my emails.....bigpond,gmail,hotmail cannot acess as passwords keep changing as soon as i log out...facebook account cannot access.... then after 4 months yes....deactivated then somehow reactivated.....router logs showing smurfing,flooding and dns is not bigpond...... router behing router ....... i am only using 1 router........have purchased zonelarm avast and tried many others no help......
ran malawarebytes today....posting log....anyinsight would be very much appreciated.....



Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database
version: 7291

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27/07/2011 12:46:23 PM
mbam-log-2011-07-27 (12-46-19).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 308886
Time elapsed: 24 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\george\Desktop\uSeRiNiT.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

rh log too

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows 7
Version 6.1.7600
Number of processors #4
==============================================
>SSDT State
==============================================
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x8784E020 [324] C:\Windows\System32\smss.exe (Microsoft Corporation, Windows Session Manager)
0x877607A0 [424] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x88573578 [492] C:\Windows\System32\wininit.exe (Microsoft Corporation, Windows Start-Up Application)
0x880DCD40 [500] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x8890B7C0 [504] C:\Windows\explorer.exe (Microsoft Corporation, Windows Explorer)
0x885A2910 [548] C:\Windows\System32\services.exe (Microsoft Corporation, Services and Controller app)
0x8859E2C8 [568] C:\Windows\System32\lsass.exe (Microsoft Corporation, Local Security Authority Process)
0x885AE358 [576] C:\Windows\System32\lsm.exe (Microsoft Corporation, Local Session Manager Service)
0x88650530 [672] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8868ED40 [748] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x886906E8 [808] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x88578A00 [840] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x886B7D40 [880] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x886CC528 [916] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\stacsv.exe (IDT, Inc., IDT PC Audio)
0x886F5200 [1064] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x888DC648 [1096] C:\Windows\System32\dwm.exe (Microsoft Corporation, Desktop Window Manager)
0x88734030 [1152] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x86382D40 [1248] C:\Windows\System32\winlogon.exe (Microsoft Corporation, Windows Logon Application)
0x85F45D40 [1336] C:\Users\george\Desktop\RKUnhookerLE.EXE (UG North, RKULE, SR2 Overlord)
0x887B2B38 [1384] C:\Windows\System32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x877C9C48 [1412] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x88803030 [1516] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x888FFD40 [1580] C:\Windows\System32\taskhost.exe (Microsoft Corporation, Host Process for Windows Tasks)
0x88834C88 [1592] C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp., Microsoft SeaPort Search Enhancement Broker)
0x85E6B798 [1736] C:\Windows\System32\wuauclt.exe (Microsoft Corporation, Windows Update)
0x88625930 [2188] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation, Malwarebytes' Anti-Malware)
0x8885C760 [2268] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation, Malwarebytes' Anti-Malware)
0x85FFBB60 [2460] C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation, Microsoft Windows Search Filter Host)
0x88B802B8 [2692] C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation, WMI Provider Host)
0x889D2268 [2796] C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation, Microsoft Windows Search Indexer)
0x88BCDD40 [2892] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x88B40610 [3452] C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation, Windows Media Player Network Sharing Service)
0x88A82B38 [3828] C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation, Microsoft Windows Search Protocol Host)
0x85A3DBC0 [4] System
0x886DD330 [992] C:\Windows\System32\audiodg.exe (Microsoft Corporation, Windows Audio Device Graph Isolation )
==============================================
>Drivers
==============================================
0x94823000 C:\Windows\system32\DRIVERS\atikmdag.sys 5414912 bytes (ATI Technologies Inc., ATI Radeon Kernel Mode Driver)
0x82C44000 C:\Windows\system32\ntoskrnl.exe 4198400 bytes (Microsoft Corporation, NT Kernel & System)
0x82C44000 PnpManager 4198400 bytes
0x82C44000 RAW 4198400 bytes
0x82C44000 WMIxWDM 4198400 bytes
0x97890000 Win32k 2408448 bytes
0x97890000 C:\Windows\System32\win32k.sys 2408448 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8CA2F000 C:\Windows\system32\DRIVERS\ql2300.sys 1568768 bytes (QLogic Corporation, QLogic Fibre Channel Stor Miniport Driver)
0x8D026000 C:\Windows\System32\drivers\tcpip.sys 1347584 bytes (Microsoft Corporation, TCP/IP Driver)
0x8CCFD000 C:\Windows\System32\Drivers\Ntfs.sys 1241088 bytes (Microsoft Corporation, NT File System Driver)
0x94EC1000 C:\Windows\system32\DRIVERS\athr.sys 1232896 bytes (Atheros Communications, Inc., Atheros Extensible Wireless LAN device driver)
0x970A9000 C:\Windows\system32\DRIVERS\AGRSM.sys 1163264 bytes (LSI Corporation, SoftModem Device Driver)
0x8C465000 C:\Windows\system32\drivers\iaStorV.sys 897024 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x97236000 C:\Windows\System32\Drivers\dump_iaStor.sys 892928 bytes
0x8C540000 C:\Windows\system32\DRIVERS\iaStor.sys 892928 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x94D4D000 C:\Windows\System32\drivers\dxgkrnl.sys 749568 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8CEDE000 C:\Windows\system32\drivers\ndis.sys 749568 bytes (Microsoft Corporation, NDIS 6.20 driver)
0x8C0E7000 C:\Windows\system32\CI.dll 700416 bytes (Microsoft Corporation, Code Integrity Module)
0x99078000 C:\Windows\system32\drivers\peauth.sys 618496 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8C96A000 C:\Windows\system32\DRIVERS\MegaSR.sys 598016 bytes (LSI Corporation, Inc., LSI MegaRAID Software RAID Driver)
0x8D2DE000 C:\Windows\system32\drivers\HTTP.sys 544768 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8C014000 C:\Windows\system32\mcupdate_GenuineIntel.dll 491520 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x8C898000 C:\Windows\system32\DRIVERS\elxstor.sys 471040 bytes (Emulex, Storport Miniport Driver for LightPulse HBAs)
0x8C1A0000 C:\Windows\system32\drivers\Wdf01000.sys 462848 bytes (Microsoft Corporation, Kernel Mode Driver Framework Runtime)
0x9703E000 C:\Windows\system32\DRIVERS\stwrt.sys 438272 bytes (IDT, Inc., IDT PC Audio)
0x8C6C2000 C:\Windows\system32\DRIVERS\adp94xx.sys 434176 bytes (Adaptec, Inc., Adaptec Windows SAS/SATA Storport Driver)
0x8CE6A000 C:\Windows\System32\Drivers\cng.sys 380928 bytes (Microsoft Corporation, Kernel Cryptography, Next Generation)
0x93C3F000 C:\Windows\system32\drivers\afd.sys 368640 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8CC1B000 C:\Windows\system32\DRIVERS\ql40xx.sys 348160 bytes (QLogic Corporation, QLogic iSCSI Storport Miniport Driver)
0x99196000 C:\Windows\System32\DRIVERS\srv.sys 335872 bytes (Microsoft Corporation, Server driver)
0x99147000 C:\Windows\System32\DRIVERS\srv2.sys 323584 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x97B40000 C:\Windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x8C72C000 C:\Windows\system32\DRIVERS\adpahci.sys 311296 bytes (Adaptec, Inc., Adaptec Windows SATA Storport Driver)
0x94E76000 C:\Windows\system32\drivers\USBPORT.SYS 307200 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8C314000 C:\Windows\System32\drivers\volmgrx.sys 307200 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8C21F000 C:\Windows\system32\DRIVERS\ACPI.sys 294912 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8C65E000 C:\Windows\system32\DRIVERS\storport.sys 290816 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8D298000 C:\Windows\system32\DRIVERS\nwifi.sys 286720 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x93FBB000 C:\Windows\system32\DRIVERS\usbhub.sys 278528 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x8C0A5000 C:\Windows\system32\CLFS.SYS 270336 bytes (Microsoft Corporation, Common Log File System Driver)
0x93D33000 C:\Windows\system32\DRIVERS\rdbss.sys 266240 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x971DE000 C:\Windows\system32\DRIVERS\udfs.sys 262144 bytes (Microsoft Corporation, UDF File System Driver)
0x8D1A8000 C:\Windows\system32\DRIVERS\volsnap.sys 258048 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8CF95000 C:\Windows\system32\drivers\NETIO.SYS 253952 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8C824000 C:\Windows\system32\DRIVERS\amdsbs.sys 249856 bytes (AMD Technologies Inc., AMD Technology AHCI Compatible Controller Driver for Windows family)
0x93DDF000 C:\Windows\system32\DRIVERS\Rt86win7.sys 245760 bytes (Realtek , Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver )
0x9900A000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 241664 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x94E04000 C:\Windows\System32\drivers\dxgmms1.sys 233472 bytes (Microsoft Corporation, DirectX Graphics MMS)
0x82C0D000 ACPI_HAL 225280 bytes
0x82C0D000 C:\Windows\system32\halmacpi.dll 225280 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x93E28000 C:\Windows\system32\DRIVERS\Apfiltr.sys 221184 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x8CCB8000 C:\Windows\system32\drivers\fltmgr.sys 212992 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x93F4F000 C:\Windows\system32\DRIVERS\ks.sys 212992 bytes (Microsoft Corporation, Kernel CSA Library)
0x8D255000 C:\Windows\System32\DRIVERS\fvevol.sys 204800 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x93C99000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8D16F000 C:\Windows\System32\drivers\fwpkclnt.sys 200704 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8CBC5000 C:\Windows\system32\drivers\portcls.sys 192512 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8D210000 C:\Windows\System32\drivers\rdyboost.sys 184320 bytes (Microsoft Corporation, ReadyBoost Driver)
0x8CE2C000 C:\Windows\System32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x93F91000 C:\Windows\System32\Drivers\fastfat.SYS 172032 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8C278000 C:\Windows\system32\DRIVERS\pci.sys 172032 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8C778000 C:\Windows\system32\DRIVERS\adpu320.sys 155648 bytes (Adaptec, Inc., Adaptec StorPort Ultra320 SCSI Driver)
0x8C7B2000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8C431000 C:\Windows\system32\drivers\CLASSPNP.SYS 151552 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8CFD3000 C:\Windows\System32\Drivers\ksecpkg.sys 151552 bytes (Microsoft Corporation, Kernel Security Support Provider Interface Packages)
0x8CA0A000 C:\Windows\system32\drivers\nvstor.sys 151552 bytes (NVIDIA Corporation, NVIDIA® nForce™ Sata Performance Driver)
0x8CC93000 C:\Windows\system32\DRIVERS\vsmraid.sys 151552 bytes (VIA Technologies Inc.,Ltd, VIA RAID DRIVER FOR AMD-X86-64)
0x8C2BC000 C:\Windows\system32\DRIVERS\mpio.sys 147456 bytes (Microsoft Corporation, MultiPath Support Bus-Driver)
0x9739D000 C:\Windows\System32\Drivers\usbvideo.sys 147456 bytes (Microsoft Corporation, USB Video Class Driver)
0x8C623000 C:\Windows\system32\DRIVERS\ataport.SYS 143360 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x8D363000 C:\Windows\system32\DRIVERS\mrxsmb.sys 143360 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x93EE7000 C:\Windows\system32\DRIVERS\ndiswan.sys 139264 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x99119000 C:\Windows\System32\DRIVERS\srvnet.sys 135168 bytes (Microsoft Corporation, Server Network driver)
0x93DBA000 C:\Windows\system32\DRIVERS\tunnel.sys 135168 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8D3C9000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8C3A0000 C:\Windows\system32\DRIVERS\msdsm.sys 131072 bytes (Microsoft Corporation, Microsoft Device Specific Module)
0x8D390000 C:\Windows\system32\DRIVERS\cdrom.sys 126976 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x94E3D000 C:\Windows\system32\DRIVERS\HDAudBus.sys 126976 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x93E6B000 C:\Windows\system32\DRIVERS\Impcd.sys 126976 bytes (Intel Corporation, Intel® Turbo Boost Technology Driver)
0x8C3C0000 C:\Windows\system32\drivers\nvraid.sys 126976 bytes (NVIDIA Corporation, NVIDIA® nForce™ RAID Driver)
0x93CD2000 C:\Windows\system32\DRIVERS\pacer.sys 126976 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x97B20000 C:\Windows\System32\cdd.dll 122880 bytes (Microsoft Corporation, Canonical Display Driver)
0x93C11000 C:\Windows\system32\drivers\AtiHdmi.sys 118784 bytes (ATI Technologies, Inc., ATI High Definition Audio Function Driver)
0x97351000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x99045000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 110592 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8C91B000 C:\Windows\system32\DRIVERS\lsi_fc.sys 106496 bytes (LSI Corporation, LSI Fusion-MPT FC Driver (StorPort))
0x8C945000 C:\Windows\system32\DRIVERS\lsi_scsi.sys 106496 bytes (LSI Corporation, LSI Fusion-MPT SCSI Driver (StorPort))
0x9736C000 C:\Windows\system32\drivers\WudfPf.sys 106496 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x97000000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8C800000 C:\Windows\system32\drivers\drmk.sys 102400 bytes (Microsoft Corporation, Microsoft Trusted Audio Drivers)
0x8C880000 C:\Windows\system32\DRIVERS\arcsas.sys 98304 bytes (Adaptec, Inc., Adaptec SAS RAID WS03 Driver)
0x93D94000 C:\Windows\System32\Drivers\dfsc.sys 98304 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x94800000 C:\Windows\system32\DRIVERS\i8042prt.sys 98304 bytes (Microsoft Corporation, i8042 Port Driver)
0x8C646000 C:\Windows\system32\DRIVERS\lsi_sas.sys 98304 bytes (LSI Corporation, LSI Fusion-MPT SAS Driver (StorPort))
0x93EC4000 C:\Windows\system32\DRIVERS\rasl2tp.sys 98304 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x93F09000 C:\Windows\system32\DRIVERS\raspppoe.sys 98304 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8D1F8000 C:\Windows\system32\DRIVERS\sbp2port.sys 98304 bytes (Microsoft Corporation, SBP-2 Protocol Driver)
0x8C7D8000 C:\Windows\system32\drivers\amdsata.sys 94208 bytes (Advanced Micro Devices, AHCI 1.2 Device Driver)
0x93F21000 C:\Windows\system32\DRIVERS\raspptp.sys 94208 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x93F38000 C:\Windows\system32\DRIVERS\rassstp.sys 94208 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8CBAE000 C:\Windows\system32\DRIVERS\tdx.sys 94208 bytes (Microsoft Corporation, TDI Translation Driver)
0x97386000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x8C86A000 C:\Windows\system32\DRIVERS\arc.sys 90112 bytes (Adaptec, Inc., Adaptec RAID Storport Driver)
0x8C38A000 C:\Windows\System32\drivers\mountmgr.sys 90112 bytes (Microsoft Corporation, Mount Point Manager)
0x8CC7D000 C:\Windows\system32\DRIVERS\sisraid4.sys 90112 bytes (Silicon Integrated Systems, SiS AHCI Stor-Miniport Driver)
0x8C79E000 C:\Windows\system32\DRIVERS\djsvs.sys 81920 bytes (Adaptec, Inc., Adaptec Ultra SCSI miniport)
0x9732C000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 77824 bytes (Microsoft Corporation, Hid Class Library)
0x8C6AF000 C:\Windows\system32\DRIVERS\HpSAMD.sys 77824 bytes (Hewlett-Packard Company, Smart Array SAS/SATA Controller Media Driver)
0x8CE57000 C:\Windows\System32\Drivers\ksecdd.sys 77824 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x973E1000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x93D10000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x93EB2000 C:\Windows\system32\DRIVERS\AgileVpn.sys 73728 bytes (Microsoft Corporation, RAS Agile Vpn Miniport Call Manager)
0x93E8A000 C:\Windows\system32\DRIVERS\intelppm.sys 73728 bytes (Microsoft Corporation, Processor Device Driver)
0x97019000 C:\Windows\System32\drivers\mpsdrv.sys 73728 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8D287000 C:\Windows\system32\DRIVERS\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x97310000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x8CCEC000 C:\Windows\system32\drivers\fileinfo.sys 69632 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x93C00000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8C2E0000 C:\Windows\System32\drivers\partmgr.sys 69632 bytes (Microsoft Corporation, Partition Management Driver)
0x8C08C000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x93CF1000 C:\Windows\system32\DRIVERS\vwififlt.sys 69632 bytes (Microsoft Corporation, Virtual WiFi Filter Driver)
0x8C90B000 C:\Windows\system32\DRIVERS\iirsp.sys 65536 bytes (Intel Corp./ICP vortex GmbH, Intel/ICP Raid Storport Driver)
0x973C1000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8C935000 C:\Windows\system32\DRIVERS\lsi_sas2.sys 65536 bytes (LSI Corporation, LSI SAS Gen2 Driver (StorPort))
0x8D23D000 C:\Windows\System32\Drivers\mup.sys 65536 bytes (Microsoft Corporation, Multiple UNC Provider Driver)
0x973D1000 C:\Windows\system32\DRIVERS\ndisuio.sys 65536 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x93D23000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Remote Desktop Server Driver)
0x8C304000 C:\Windows\system32\DRIVERS\volmgr.sys 65536 bytes (Microsoft Corporation, Volume Manager Driver)
0x8C2AD000 C:\Windows\system32\DRIVERS\isapnp.sys 61440 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0x94E67000 C:\Windows\system32\drivers\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x93DAC000 C:\Windows\system32\DRIVERS\blbdrive.sys 57344 bytes (Microsoft Corporation, BLB Drive Driver)
0x8C192000 C:\Windows\System32\drivers\gvhtgum.sys 57344 bytes
0x93D02000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8C9FC000 C:\Windows\system32\DRIVERS\nfrd960.sys 57344 bytes (IBM Corporation, IBM ServeRAID Controller Driver)
0x8CC00000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8C366000 C:\Windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8CEC7000 C:\Windows\System32\drivers\pcw.sys 57344 bytes (Microsoft Corporation, Performance Counters for Windows Driver)
0x93F83000 C:\Windows\system32\DRIVERS\umbus.sys 57344 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8C211000 C:\Windows\system32\drivers\WDFLDR.SYS 57344 bytes (Microsoft Corporation, Kernel Mode Driver Framework Loader)
0x93EA5000 C:\Windows\system32\DRIVERS\CompositeBus.sys 53248 bytes (Microsoft Corporation, Multi-Transport Composite Bus Enumerator)
0x97229000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x93E1B000 C:\Windows\system32\DRIVERS\kbdclass.sys 53248 bytes (Microsoft Corporation, Keyboard Class Driver)
0x971C7000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x93E5E000 C:\Windows\system32\DRIVERS\mouclass.sys 53248 bytes (Microsoft Corporation, Mouse Class Driver)
0x8CC70000 C:\Windows\system32\DRIVERS\SiSRaid2.sys 53248 bytes (Silicon Integrated Systems Corp., SiS RAID Stor Miniport Driver)
0x9913A000 C:\Windows\System32\drivers\tcpipreg.sys 53248 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8D3EA000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x93D88000 C:\Windows\System32\drivers\discache.sys 49152 bytes (Microsoft Corporation, System Indexer/Cache Driver)
0x8D3BD000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8C2F9000 C:\Windows\system32\DRIVERS\BATTC.SYS 45056 bytes (Microsoft Corporation, Battery Class Driver)
0x94E5C000 C:\Windows\system32\DRIVERS\HECI.sys 45056 bytes (Intel Corporation, Intel® Management Engine Interface)
0x97321000 C:\Windows\system32\DRIVERS\hidusb.sys 45056 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x8C95F000 C:\Windows\system32\DRIVERS\megasas.sys 45056 bytes (LSI Corporation, MEGASAS RAID Controller Driver for Windows 7 for x86)
0x9721E000 C:\Windows\system32\DRIVERS\monitor.sys 45056 bytes (Microsoft Corporation, Monitor Driver)
0x97346000 C:\Windows\system32\DRIVERS\mouhid.sys 45056 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x8D010000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x93EDC000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8D01B000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8C2A2000 C:\Windows\system32\DRIVERS\vdrvroot.sys 45056 bytes (Microsoft Corporation, Virtual Drive Root Enumerator)
0x971D4000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8C6A5000 C:\Windows\system32\DRIVERS\msahci.sys 40960 bytes (Microsoft Corporation, MS AHCI 1.0 Standard Driver)
0x93D7E000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x93D74000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x9910F000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x94FEE000 C:\Windows\system32\DRIVERS\vwifibus.sys 40960 bytes (Microsoft Corporation, Virtual WiFi Bus Driver)
0x8C861000 C:\Windows\system32\drivers\amdxata.sys 36864 bytes (Advanced Micro Devices, Storage Filter Driver)
0x8C61A000 C:\Windows\system32\DRIVERS\atapi.sys 36864 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x99256000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x8CED5000 C:\Windows\System32\Drivers\Fs_Rec.sys 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x94818000 C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 36864 bytes (Hewlett-Packard Development Company, L.P., HpqKbFiltr Keyboard Filter Driver)
0x8D1E7000 C:\Windows\system32\DRIVERS\stexstor.sys 36864 bytes (Promise Technology, Promise SuperTrak EX Series Driver for Windows )
0x97AF0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x93E9C000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x8C267000 C:\Windows\system32\DRIVERS\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8C09D000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x8C382000 C:\Windows\system32\DRIVERS\cmdide.sys 32768 bytes (CMD Technology, Inc., CMD PCI IDE Bus Driver)
0x8C2F1000 C:\Windows\system32\DRIVERS\compbatt.sys 32768 bytes (Microsoft Corporation, Composite Battery Driver)
0x8D24D000 C:\Windows\System32\drivers\hwpolicy.sys 32768 bytes (Microsoft Corporation, Hardware Policy Driver)
0x80BB8000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Serial Kernel Debugger)
0x8C270000 C:\Windows\system32\DRIVERS\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8D3F7000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8D000000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Encoder Miniport)
0x8D008000 C:\Windows\system32\drivers\rdprefmp.sys 32768 bytes (Microsoft Corporation, RDP Reflector Driver Miniport)
0x8D1F0000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8C45D000 C:\Windows\system32\DRIVERS\viaide.sys 32768 bytes (VIA Technologies, Inc., VIA Generic PCI IDE Bus Driver)
0x8D1A0000 C:\Windows\system32\DRIVERS\wd.sys 32768 bytes (Microsoft Corporation, Microsoft Watchdog Timer Driver)
0x8C374000 C:\Windows\system32\DRIVERS\aliide.sys 28672 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0x8C37B000 C:\Windows\system32\DRIVERS\amdide.sys 28672 bytes (Microsoft Corporation, AMD IDE Driver)
0x8D3B6000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x9733F000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8C35F000 C:\Windows\system32\DRIVERS\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8D3AF000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8C456000 C:\Windows\system32\DRIVERS\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x93CCB000 C:\Windows\system32\DRIVERS\wfplwf.sys 28672 bytes (Microsoft Corporation, WFP NDIS 6.20 Lightweight Filter Driver)
0x93DDB000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x99252000 C:\Windows\system32\drivers\mbam.sys 16384 bytes (Malwarebytes Corporation, Malwarebytes' Anti-Malware)
0x94821000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x971C5000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================
==============================================
>Files
==============================================
!-->[Hidden] C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_3082C23F.exe_8385d919d053e617e7b0f5db547868ce617063c_0416ecbe\Report.wer
!-->[Hidden] C:\Qoobox\BackEnv\AppData.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Cache.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Cookies.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Desktop.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Favorites.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\History.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\LocalAppData.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\LocalSettings.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Music.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\NetHood.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Personal.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Pictures.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\PrintHood.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Profiles.Folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Programs.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\Recent.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\SendTo.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\SetPath.bat
!-->[Hidden] C:\Qoobox\BackEnv\StartMenu.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\StartUp.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\SysPath.dat
!-->[Hidden] C:\Qoobox\BackEnv\Templates.folder.dat
!-->[Hidden] C:\Qoobox\BackEnv\VikPev00
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF1D28DFF25B63F44B.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF2CA4C5FAB3474348.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF4F5250EADFDA854B.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF5190E5723C795345.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF5CCEDFF69C5AD1F8.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF753C20236EF769B0.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF888401D1E1DC379A.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DF9D7FADB4DC58E1F1.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFA262ED2BFCBB5764.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFA2BAB402A84D8D78.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFA819D38F1850E405.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFBAD025920C7003E8.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFC289B3010AD2546F.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFD7CB4EE449410089.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFE4C0A29B61D01D7F.TMP::$DATA
!-->[Hidden] C:\Users\george\AppData\Local\temp\~DFFBA17830A4BD5DC8.TMP::$DATA
!-->[Hidden] C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
!-->[Hidden] C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\fed13cbe12d143b42ec7c39c7e660796da054e47.HomeGroupClassifier\8c09b4abedd1443e7d769fc591c304d7\grouping\edb00005.log
!-->[Hidden] C:\Windows\SoftwareDistribution\DataStore\DataStore.edb::$DATA
!-->[Hidden] C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log::$DATA
!-->[Hidden] C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\3082C23F.exe.2420.dmp
!-->[Hidden] C:\Windows\System32\winevt\Logs\Microsoft-Windows-Fault-Tolerant-Heap%4Operational.evtx
!-->[Hidden] C:\Windows\System32\winevt\Logs\Microsoft-Windows-WER-Diag%4Operational.evtx
==============================================
>Hooks
==============================================


!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)


minibox log

MiniToolBox by Farbar
Ran by george (administrator) on 27-07-2011 at 14:29:08
Windows 7 Home Premium (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : george-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : C4-17-FE-30-CD-03
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5584:d83b:178e:8cc2%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, 27 July 2011 12:48:17 PM
Lease Expires . . . . . . . . . . : Thursday, 28 July 2011 12:48:19 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 331618302
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-0B-04-E7-70-5A-B6-90-1A-75
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 70-5A-B6-90-1A-75
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4cd:1ded:834e:930d(Preferred)
Link-local IPv6 Address . . . . . : fe80::4cd:1ded:834e:930d%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Broadcom.Home
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 74.125.237.18
74.125.237.19
74.125.237.20
74.125.237.16
74.125.237.17


Pinging google.com [74.125.237.20] with 32 bytes of data:
Reply from 74.125.237.20: bytes=32 time=75ms TTL=51
Reply from 74.125.237.20: bytes=32 time=81ms TTL=52

Ping statistics for 74.125.237.20:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 75ms, Maximum = 81ms, Average = 78ms
Server: Broadcom.Home
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76


Pinging yahoo.com [67.195.160.76] with 32 bytes of data:
Reply from 67.195.160.76: bytes=32 time=355ms TTL=44
Reply from 67.195.160.76: bytes=32 time=353ms TTL=44

Ping statistics for 67.195.160.76:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 353ms, Maximum = 355ms, Average = 354ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
13...c4 17 fe 30 cd 03 ......Atheros AR9285 802.11b/g/n WiFi Adapter
11...70 5a b6 90 1a 75 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:4137:9e76:4cd:1ded:834e:930d/128
On-link
13 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::4cd:1ded:834e:930d/128
On-link
13 281 fe80::5584:d83b:178e:8cc2/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/27/2011 02:29:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2011 02:29:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2011 02:29:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2011 02:16:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2011 02:14:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2011 02:13:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/27/2011 02:04:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: 3082C23F.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7ab44
Exception code: 0xc0000005
Fault offset: 0x000274f4
Faulting process id: 0xb38
Faulting application start time: 0x3082C23F.exe0
Faulting application path: 3082C23F.exe1
Faulting module path: 3082C23F.exe2
Report Id: 3082C23F.exe3

Error: (07/27/2011 02:04:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: 3082C23F.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7ab44
Exception code: 0xc0000005
Fault offset: 0x000274f4
Faulting process id: 0xc3c
Faulting application start time: 0x3082C23F.exe0
Faulting application path: 3082C23F.exe1
Faulting module path: 3082C23F.exe2
Report Id: 3082C23F.exe3

Error: (07/27/2011 00:59:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: 3082C23F.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7ab44
Exception code: 0xc0000005
Fault offset: 0x000274f4
Faulting process id: 0x974
Faulting application start time: 0x3082C23F.exe0
Faulting application path: 3082C23F.exe1
Faulting module path: 3082C23F.exe2
Report Id: 3082C23F.exe3

Error: (07/27/2011 00:49:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"1".
Dependent Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (07/27/2011 10:01:12 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:20:52 AM on ?27/?07/?2011 was unexpected.

Error: (07/27/2011 00:20:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:20:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:20:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:15:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:15:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:15:15 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:13:09 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:13:09 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/27/2011 00:13:09 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

2007 Microsoft Office system (Version: 12.0.4518.1014)
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.1)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Adobe Shockwave Player (Version: 11.5.1.601)
Alps Touch Pad Driver
Atheros Driver Installation Program (Version: 5.2)
ATI Catalyst Install Manager (Version: 3.0.750.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1111.2327.42077)
Catalyst Control Center Graphics Full Existing (Version: 2009.1111.2327.42077)
Catalyst Control Center Graphics Full New (Version: 2009.1111.2327.42077)
Catalyst Control Center Graphics Light (Version: 2009.1111.2327.42077)
Catalyst Control Center Graphics Previews Common (Version: 2009.1111.2327.42077)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1111.2327.42077)
Catalyst Control Center InstallProxy (Version: 2009.1111.2327.42077)
Catalyst Control Center Localization All (Version: 2009.1111.2327.42077)
ccc-core-static (Version: 2009.1111.2327.42077)
ccc-utility (Version: 2009.1111.2327.42077)
CCC Help Chinese Standard (Version: 2009.1111.2326.42077)
CCC Help Chinese Traditional (Version: 2009.1111.2326.42077)
CCC Help Czech (Version: 2009.1111.2326.42077)
CCC Help Danish (Version: 2009.1111.2326.42077)
CCC Help Dutch (Version: 2009.1111.2326.42077)
CCC Help English (Version: 2009.1111.2326.42077)
CCC Help Finnish (Version: 2009.1111.2326.42077)
CCC Help French (Version: 2009.1111.2326.42077)
CCC Help German (Version: 2009.1111.2326.42077)
CCC Help Greek (Version: 2009.1111.2326.42077)
CCC Help Hungarian (Version: 2009.1111.2326.42077)
CCC Help Italian (Version: 2009.1111.2326.42077)
CCC Help Japanese (Version: 2009.1111.2326.42077)
CCC Help Korean (Version: 2009.1111.2326.42077)
CCC Help Norwegian (Version: 2009.1111.2326.42077)
CCC Help Polish (Version: 2009.1111.2326.42077)
CCC Help Portuguese (Version: 2009.1111.2326.42077)
CCC Help Russian (Version: 2009.1111.2326.42077)
CCC Help Spanish (Version: 2009.1111.2326.42077)
CCC Help Swedish (Version: 2009.1111.2326.42077)
CCC Help Thai (Version: 2009.1111.2326.42077)
CCC Help Turkish (Version: 2009.1111.2326.42077)
CCleaner (Version: 3.02)
CyberLink DVD Suite (Version: 7.0.2216)
CyberLink MediaShow (Version: 4.1.3419)
CyberLink PowerDVD 8 (Version: 8.0.1.1110)
CyberLink YouCam (Version: 3.0.2201)
ERUNT 1.1j
ESU for Microsoft Windows 7 (Version: 1.0.0)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP Quick Launch Buttons (Version: 6.50.7.1)
HP Setup (Version: 1.2.3560.3170)
HP Support Assistant (Version: 4.3.1.2)
HP Update (Version: 5.001.000.014)
HP User Guides 0167 (Version: 1.00.0000)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
IDT Audio (Version: 1.0.6249.0)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Turbo Boost Technology Driver (Version: 01.00.00.1030)
Intel® Matrix Storage Manager
Java™ 6 Update 15 (Version: 6.0.150)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2215)
LightScribe System Software (Version: 1.18.9.1)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
MSVCRT (Version: 14.0.1468.721)
muvee Reveal (Version: 7.0.43.11502)
Norton Online Backup (Version: 1.2.20.0)
Power2Go (Version: 6.0.3415)
PowerDirector (Version: 7.0.3420)
PX Profile Update (Version: 1.00.1.)
QLBCASL (Version: 6.40.17.2)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0011)
Realtek USB2.0&PCIE Card Reader (Version: 2009.11.09)
Recovery Manager (Version: 5.5.2214)
SoftStylus (Version: 2.2.112.0)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 3062.84 MB
Available physical RAM: 2051.75 MB
Total Pagefile: 6121.9 MB
Available Pagefile: 5132.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.77 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:449.21 GB) (Free:419.55 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:16.26 GB) (Free:2.59 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive f: (GRMCULFRER_EN_DVD) (CDROM) (Total:4.3 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\GEORGE-PC

Administrator george Guest

========================= Minidump Files ==================================

No minidump file found

== End of log ==





Edited by solveme, 27 July 2011 - 07:00 AM.


BC AdBot (Login to Remove)

 


#2 solveme

solveme
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 28 July 2011 - 04:08 AM

hi again..... things getting wierder last night i could hear somebody moving around....they had a strum on a guitar... typed a little..... very strange.........why would this happen?

through my pc speakers....lol forgot to mention that.

Edited by solveme, 28 July 2011 - 04:28 AM.


#3 shre

shre

  • Banned
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 28 July 2011 - 04:23 AM

BOOT IN SAFE MODE.


1.Download dr.web from here:
https://www.freedrweb.com/download+cureit+free/?lng=en

2.Fill in a short form and do the download.

3.Double click and follow the install process.

4.Do a update and a full scan,pls select to cure if it finds anything.


post results on next reply.

#4 solveme

solveme
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 28 July 2011 - 08:32 AM

cannot work out how to save log...... said no viruses found?

#5 shre

shre

  • Banned
  • 23 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 28 July 2011 - 10:34 AM

ok,time to go for rootkit removal:


Please download GMER from one of the following locations and save it to your desktop:
Main Mirror:
http://gmer.net/download.php
This version will download a randomly named file (Recommended)
Zipped Mirror:
http://gmer.net/gmer.zip
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

Disconnect from the Internet and close all running programs.
Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

Posted Image

GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.
Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.


IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

Edited by shre, 28 July 2011 - 10:43 AM.


#6 solveme

solveme
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 28 July 2011 - 05:45 PM

ok will do shortly...

#7 solveme

solveme
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 29 July 2011 - 12:44 PM

any further ideas?

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:20 AM

Posted 29 July 2011 - 01:07 PM

Hello, you have Rootkit activity and need proper attention to remove.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Include the GRootkit Unhooker log you posted earlier.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 solveme

solveme
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 30 July 2011 - 08:25 PM

ok have done just forgot the gamer log just doing it now.... thank thankyou U :) oopsy not gamer the unhooker sozz...

Edited by solveme, 30 July 2011 - 08:30 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:20 AM

Posted 30 July 2011 - 08:27 PM

Ok ,post it there when done.
You're welcome.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 solveme

solveme
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:queensland
  • Local time:12:20 AM

Posted 30 July 2011 - 08:37 PM

ok all done.... thank you for your help!! :) very much!

#12 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,994 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:20 AM

Posted 30 July 2011 - 08:52 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic412125.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users