Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Malware


  • This topic is locked This topic is locked
15 replies to this topic

#1 kelb25

kelb25

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 10 August 2011 - 04:45 PM

Hi,

I am being redirected on all search engines I have used to various sites (usually ebay, Bing and unknown serach engines). It making it really hard to search anything on the internet. I have tried various ant-malware,spyware and virus downloads, but nothing has worked. Can you help?

BC AdBot (Login to Remove)

 


#2 weatherman13

weatherman13

  • Members
  • 93 posts
  • OFFLINE
  •  
  • Local time:09:12 PM

Posted 10 August 2011 - 09:10 PM

Hello and Welcome to Bleeping Computer,
Please follow the instructions here: http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller. If you have any problems do not hesitate to reply back.

Thanks

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:12 AM

Posted 17 August 2011 - 01:27 PM

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#4 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 28 August 2011 - 02:29 AM

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7591

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

28/08/2011 08:27:45
mbam-log-2011-08-28 (08-27-45).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|Y:\|)
Objects scanned: 395328
Time elapsed: 46 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#5 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 28 August 2011 - 03:12 AM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/28/2011 at 09:12 AM

Application Version : 5.0.1118

Core Rules Database Version : 7613
Trace Rules Database Version: 5425

Scan type : Complete Scan
Total Scan Time : 00:38:25

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 660
Memory threats detected : 0
Registry items scanned : 72334
Registry threats detected : 0
File items scanned : 49988
File threats detected : 23

Adware.Tracking Cookie
C:\Users\Blackwell\AppData\Roaming\Microsoft\Windows\Cookies\FTG8O9RL.txt
C:\Users\Blackwell\AppData\Roaming\Microsoft\Windows\Cookies\8ICEO8YO.txt
C:\Users\Blackwell\AppData\Roaming\Microsoft\Windows\Cookies\6JR8V1F3.txt
C:\Users\Blackwell\AppData\Roaming\Microsoft\Windows\Cookies\NGI218PW.txt
C:\Users\Blackwell\AppData\Roaming\Microsoft\Windows\Cookies\0QYX8PBI.txt
media.kyte.tv [ C:\USERS\BLACKWELL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5J4MGRSX ]
s0.2mdn.net [ C:\USERS\BLACKWELL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5J4MGRSX ]
secure-uk.imrworldwide.com [ C:\USERS\BLACKWELL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5J4MGRSX ]
spe.atdmt.com [ C:\USERS\BLACKWELL\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5J4MGRSX ]
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@ADSERVER.ADTECHUS[1].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@ADULTFRIENDFINDER[1].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@AT.ATWOLA[2].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@BRIDGE2.ADMARKETPLACE[1].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@CLICKS.SEARCH312[1].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@CONTENT.YIELDMANAGER[3].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@DMTRACKER[2].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@EHG-TOTALSYSTEMSSERVICES.HITBOX[2].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@INTERCLICK[2].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@SERVER.LON.LIVEPERSON[2].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@SOLVEMEDIA[2].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@TSLEDUCATION.112.2O7[1].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@WWW.FIND-FAST-ANSWERS[1].TXT
C:\USERS\BLACKWELL\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BLACKWELL@XITI[1].TXT

#6 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 28 August 2011 - 04:31 AM

the gmer log was empty. It said there were no system modifications.

#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:12 AM

Posted 28 August 2011 - 04:52 AM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#8 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 30 August 2011 - 12:47 AM

MiniToolBox by Farbar
Ran by Blackwell (administrator) on 30-08-2011 at 06:46:13
Windows 7 Home Premium (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Blackwell-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : A4-BA-DB-F0-2C-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cc65:c45a:b7ed:f716%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 30 August 2011 06:39:54
Lease Expires . . . . . . . . . . : 31 August 2011 06:39:54
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 245676763
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-61-9B-A6-A4-BA-DB-F0-2C-E2
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:104f:37e5:a97c:2fdc(Preferred)
Link-local IPv6 Address . . . . . : fe80::104f:37e5:a97c:2fdc%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Pinging google.com [209.85.229.104] with 32 bytes of data:
Reply from 209.85.229.104: bytes=32 time=53ms TTL=49
Reply from 209.85.229.104: bytes=32 time=51ms TTL=49

Ping statistics for 209.85.229.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 53ms, Average = 52ms

Pinging yahoo.com [69.147.125.65] with 32 bytes of data:
Reply from 69.147.125.65: bytes=32 time=126ms TTL=48
Reply from 69.147.125.65: bytes=32 time=125ms TTL=48

Ping statistics for 69.147.125.65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 126ms, Average = 125ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...a4 ba db f0 2c e2 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.65 276
192.168.1.65 255.255.255.255 On-link 192.168.1.65 276
192.168.1.255 255.255.255.255 On-link 192.168.1.65 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.65 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.65 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:5ef5:79fd:104f:37e5:a97c:2fdc/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::104f:37e5:a97c:2fdc/128
On-link
11 276 fe80::cc65:c45a:b7ed:f716/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/28/2011 09:54:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/28/2011 08:07:36 AM) (Source: Application Hang) (User: )
Description: The program Photoshop.exe version 7.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b4

Start Time: 01cc654e855d060b

Termination Time: 31

Application Path: C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe

Report Id: 608bba1e-d144-11e0-9db9-a4badbf02ce2

Error: (08/26/2011 07:56:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/25/2011 08:36:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/24/2011 07:56:25 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (08/24/2011 07:56:25 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (08/22/2011 07:46:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (08/17/2011 07:59:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (08/17/2011 07:59:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (08/17/2011 07:49:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.


System errors:
=============
Error: (08/30/2011 06:40:36 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/30/2011 06:40:13 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCLEPCI

Error: (08/30/2011 06:39:58 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (08/30/2011 06:39:33 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\pclepci.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/29/2011 05:55:04 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/29/2011 05:54:41 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCLEPCI

Error: (08/29/2011 05:54:26 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error:
%%2

Error: (08/29/2011 05:54:03 PM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\pclepci.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/27/2011 03:11:34 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (08/27/2011 03:11:07 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCLEPCI


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 9.4.1 (Version: 9.4.1)
Akamai NetSession Interface
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.1209.2334)
AVG 2011 (Version: 10.0.1392)
AVG 2011 (Version: 10.0.1520)
Baldur's Gate™ II - Throne of Bhaal ™
Bonjour (Version: 2.0.5.0)
BTHomeHub
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full Existing (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Full New (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Light (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Common (Version: 2009.1209.2335.42329)
Catalyst Control Center Graphics Previews Vista (Version: 2009.1209.2335.42329)
Catalyst Control Center InstallProxy (Version: 2009.1209.2335.42329)
Catalyst Control Center Localization All (Version: 2009.1209.2335.42329)
ccc-core-static (Version: 2009.1209.2335.42329)
ccc-utility64 (Version: 2009.1209.2335.42329)
CCC Help Chinese Standard (Version: 2009.1209.2334.42329)
CCC Help Chinese Traditional (Version: 2009.1209.2334.42329)
CCC Help Czech (Version: 2009.1209.2334.42329)
CCC Help Danish (Version: 2009.1209.2334.42329)
CCC Help Dutch (Version: 2009.1209.2334.42329)
CCC Help English (Version: 2009.1209.2334.42329)
CCC Help Finnish (Version: 2009.1209.2334.42329)
CCC Help French (Version: 2009.1209.2334.42329)
CCC Help German (Version: 2009.1209.2334.42329)
CCC Help Greek (Version: 2009.1209.2334.42329)
CCC Help Hungarian (Version: 2009.1209.2334.42329)
CCC Help Italian (Version: 2009.1209.2334.42329)
CCC Help Japanese (Version: 2009.1209.2334.42329)
CCC Help Korean (Version: 2009.1209.2334.42329)
CCC Help Norwegian (Version: 2009.1209.2334.42329)
CCC Help Polish (Version: 2009.1209.2334.42329)
CCC Help Portuguese (Version: 2009.1209.2334.42329)
CCC Help Russian (Version: 2009.1209.2334.42329)
CCC Help Spanish (Version: 2009.1209.2334.42329)
CCC Help Swedish (Version: 2009.1209.2334.42329)
CCC Help Thai (Version: 2009.1209.2334.42329)
CCC Help Turkish (Version: 2009.1209.2334.42329)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Convert VOB to AVI 1.7
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 2.41)
Dell DataSafe Local Backup (Version: 9.4.51)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dragon Age II (Version: 1.00)
DVD Decrypter (Remove Only)
EPSON Printer Software
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.1.2003.1856)
Google Update Helper (Version: 1.3.21.65)
GoToAssist Corporate (Version: 9.0.0.570)
GoToAssist Corporate (Version: 9.0.570)
iTunes (Version: 10.3.1.55)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Medieval II Total War (Version: 1.00.0000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.6.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA PhysX (Version: 9.09.0203)
Pixie registration fix (Version: 1.00.0000)
PowerDVD DX (Version: 8.3.6107)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
Roxio Burn (Version: 1.01)
Safari (Version: 5.33.21.1)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Skins (Version: 2009.1209.2335.42329)
SUPERAntiSpyware (Version: 5.0.1118)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 6103.12 MB
Available physical RAM: 4355.28 MB
Total Pagefile: 12204.38 MB
Available Pagefile: 10244.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.64 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.71 GB) (Free:652.3 GB) NTFS
2 Drive d: (Dragon Age II) (CDROM) (Total:6.59 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\BLACKWELL-PC

Administrator Blackwell Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#9 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:12 AM

Posted 30 August 2011 - 06:49 AM

Can you run Gmer?

#10 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 30 August 2011 - 04:23 PM

Most of the boxes on the right hand side of GMER are greyed out, so I can't check them. I have tried to run it but there is no log. I am runnng a 64 bit windows, though

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:12 AM

Posted 30 August 2011 - 04:28 PM

Does it come up and say no system modifications detected?

#12 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 31 August 2011 - 01:24 AM

yeah it did

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:12 PM

Posted 01 November 2011 - 07:17 PM

Is this the topic you referenced in the 3 day topic?

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?




Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (2.6.11.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
[color=green]Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 kelb25

kelb25
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 06 November 2011 - 05:19 PM

Hi,

I am on a router but also run a laptop off it wirelessly and there are no problems on that.

I don't use firefox.

I have ran the TFC

Thanks

22:13:07.0976 4852 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
22:13:08.0179 4852 ============================================================
22:13:08.0179 4852 Current date / time: 2011/11/06 22:13:08.0179
22:13:08.0179 4852 SystemInfo:
22:13:08.0179 4852
22:13:08.0179 4852 OS Version: 6.1.7600 ServicePack: 0.0
22:13:08.0179 4852 Product type: Workstation
22:13:08.0179 4852 ComputerName: BLACKWELL-PC
22:13:08.0179 4852 UserName: Blackwell
22:13:08.0179 4852 Windows directory: C:\Windows
22:13:08.0179 4852 System windows directory: C:\Windows
22:13:08.0179 4852 Running under WOW64
22:13:08.0179 4852 Processor architecture: Intel x64
22:13:08.0179 4852 Number of processors: 4
22:13:08.0179 4852 Page size: 0x1000
22:13:08.0179 4852 Boot type: Normal boot
22:13:08.0179 4852 ============================================================
22:13:09.0037 4852 Initialize success
22:13:14.0591 1936 ============================================================
22:13:14.0591 1936 Scan started
22:13:14.0591 1936 Mode: Manual;
22:13:14.0591 1936 ============================================================
22:13:15.0932 1936 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:13:15.0932 1936 1394ohci - ok
22:13:15.0964 1936 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:13:15.0964 1936 ACPI - ok
22:13:15.0979 1936 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:13:15.0979 1936 AcpiPmi - ok
22:13:16.0042 1936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:13:16.0057 1936 adp94xx - ok
22:13:16.0073 1936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:13:16.0073 1936 adpahci - ok
22:13:16.0088 1936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:13:16.0104 1936 adpu320 - ok
22:13:16.0166 1936 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
22:13:16.0166 1936 AFD - ok
22:13:16.0182 1936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:13:16.0182 1936 agp440 - ok
22:13:16.0354 1936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:13:16.0369 1936 aliide - ok
22:13:16.0369 1936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:13:16.0369 1936 amdide - ok
22:13:16.0400 1936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:13:16.0400 1936 AmdK8 - ok
22:13:16.0416 1936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:13:16.0416 1936 AmdPPM - ok
22:13:16.0463 1936 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
22:13:16.0463 1936 amdsata - ok
22:13:16.0478 1936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:13:16.0494 1936 amdsbs - ok
22:13:16.0510 1936 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
22:13:16.0510 1936 amdxata - ok
22:13:16.0525 1936 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:13:16.0525 1936 AppID - ok
22:13:16.0572 1936 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:13:16.0572 1936 arc - ok
22:13:16.0603 1936 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:13:16.0603 1936 arcsas - ok
22:13:16.0619 1936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:13:16.0619 1936 AsyncMac - ok
22:13:16.0666 1936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:13:16.0666 1936 atapi - ok
22:13:16.0712 1936 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
22:13:16.0712 1936 AtiHdmiService - ok
22:13:16.0822 1936 atikmdag (37456be85384e4cc38dc899f07f88c45) C:\Windows\system32\DRIVERS\atikmdag.sys
22:13:16.0837 1936 atikmdag - ok
22:13:16.0900 1936 AVGIDSDriver (e6671e90d38c88764412e07c9d9b3d63) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:13:16.0915 1936 AVGIDSDriver - ok
22:13:16.0946 1936 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:13:16.0946 1936 AVGIDSEH - ok
22:13:16.0962 1936 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:13:16.0962 1936 AVGIDSFilter - ok
22:13:17.0024 1936 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
22:13:17.0024 1936 Avgldx64 - ok
22:13:17.0071 1936 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
22:13:17.0071 1936 Avgmfx64 - ok
22:13:17.0118 1936 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
22:13:17.0118 1936 Avgrkx64 - ok
22:13:17.0149 1936 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
22:13:17.0149 1936 Avgtdia - ok
22:13:17.0227 1936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:13:17.0227 1936 b06bdrv - ok
22:13:17.0274 1936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:13:17.0274 1936 b57nd60a - ok
22:13:17.0305 1936 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:13:17.0305 1936 Beep - ok
22:13:17.0352 1936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:13:17.0352 1936 blbdrive - ok
22:13:17.0383 1936 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:13:17.0383 1936 bowser - ok
22:13:17.0414 1936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:13:17.0414 1936 BrFiltLo - ok
22:13:17.0430 1936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:13:17.0430 1936 BrFiltUp - ok
22:13:17.0446 1936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:13:17.0461 1936 Brserid - ok
22:13:17.0477 1936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:13:17.0477 1936 BrSerWdm - ok
22:13:17.0492 1936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:13:17.0492 1936 BrUsbMdm - ok
22:13:17.0508 1936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:13:17.0508 1936 BrUsbSer - ok
22:13:17.0524 1936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:13:17.0524 1936 BTHMODEM - ok
22:13:17.0570 1936 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:13:17.0570 1936 cdfs - ok
22:13:17.0602 1936 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:13:17.0602 1936 cdrom - ok
22:13:17.0617 1936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:13:17.0633 1936 circlass - ok
22:13:17.0664 1936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:13:17.0664 1936 CLFS - ok
22:13:17.0711 1936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:13:17.0711 1936 CmBatt - ok
22:13:17.0742 1936 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:13:17.0742 1936 cmdide - ok
22:13:17.0773 1936 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
22:13:17.0773 1936 CNG - ok
22:13:17.0789 1936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:13:17.0789 1936 Compbatt - ok
22:13:17.0820 1936 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:13:17.0820 1936 CompositeBus - ok
22:13:17.0851 1936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:13:17.0851 1936 crcdisk - ok
22:13:17.0914 1936 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:13:17.0914 1936 DfsC - ok
22:13:17.0929 1936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:13:17.0929 1936 discache - ok
22:13:17.0945 1936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:13:17.0960 1936 Disk - ok
22:13:17.0992 1936 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:13:17.0992 1936 drmkaud - ok
22:13:18.0038 1936 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:13:18.0054 1936 DXGKrnl - ok
22:13:18.0116 1936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:13:18.0132 1936 ebdrv - ok
22:13:18.0163 1936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:13:18.0163 1936 elxstor - ok
22:13:18.0179 1936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:13:18.0179 1936 ErrDev - ok
22:13:18.0226 1936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:13:18.0226 1936 exfat - ok
22:13:18.0257 1936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:13:18.0257 1936 fastfat - ok
22:13:18.0272 1936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:13:18.0272 1936 fdc - ok
22:13:18.0304 1936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:13:18.0304 1936 FileInfo - ok
22:13:18.0319 1936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:13:18.0319 1936 Filetrace - ok
22:13:18.0335 1936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:13:18.0335 1936 flpydisk - ok
22:13:18.0366 1936 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:13:18.0366 1936 FltMgr - ok
22:13:18.0397 1936 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:13:18.0397 1936 FsDepends - ok
22:13:18.0428 1936 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:13:18.0428 1936 Fs_Rec - ok
22:13:18.0460 1936 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:13:18.0475 1936 fvevol - ok
22:13:18.0491 1936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:13:18.0491 1936 gagp30kx - ok
22:13:18.0538 1936 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:13:18.0538 1936 GEARAspiWDM - ok
22:13:18.0584 1936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:13:18.0584 1936 hcw85cir - ok
22:13:18.0631 1936 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:13:18.0631 1936 HdAudAddService - ok
22:13:18.0662 1936 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:13:18.0662 1936 HDAudBus - ok
22:13:18.0694 1936 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:13:18.0694 1936 HECIx64 - ok
22:13:18.0709 1936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:13:18.0709 1936 HidBatt - ok
22:13:18.0725 1936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:13:18.0725 1936 HidBth - ok
22:13:18.0740 1936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:13:18.0740 1936 HidIr - ok
22:13:18.0787 1936 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:13:18.0787 1936 HidUsb - ok
22:13:18.0818 1936 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:13:18.0818 1936 HpSAMD - ok
22:13:18.0834 1936 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:13:18.0850 1936 HTTP - ok
22:13:18.0865 1936 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:13:18.0865 1936 hwpolicy - ok
22:13:18.0896 1936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:13:18.0896 1936 i8042prt - ok
22:13:18.0943 1936 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
22:13:18.0943 1936 iaStorV - ok
22:13:18.0959 1936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:13:18.0959 1936 iirsp - ok
22:13:19.0037 1936 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys
22:13:19.0052 1936 IntcAzAudAddService - ok
22:13:19.0084 1936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:13:19.0084 1936 intelide - ok
22:13:19.0115 1936 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:13:19.0115 1936 intelppm - ok
22:13:19.0162 1936 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:13:19.0162 1936 IpFilterDriver - ok
22:13:19.0193 1936 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:13:19.0193 1936 IPMIDRV - ok
22:13:19.0208 1936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:13:19.0208 1936 IPNAT - ok
22:13:19.0240 1936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:13:19.0240 1936 IRENUM - ok
22:13:19.0271 1936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:13:19.0271 1936 isapnp - ok
22:13:19.0286 1936 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:13:19.0286 1936 iScsiPrt - ok
22:13:19.0318 1936 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:13:19.0318 1936 k57nd60a - ok
22:13:19.0333 1936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:13:19.0333 1936 kbdclass - ok
22:13:19.0364 1936 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:13:19.0364 1936 kbdhid - ok
22:13:19.0396 1936 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
22:13:19.0396 1936 KSecDD - ok
22:13:19.0427 1936 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
22:13:19.0427 1936 KSecPkg - ok
22:13:19.0442 1936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:13:19.0442 1936 ksthunk - ok
22:13:19.0474 1936 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:13:19.0474 1936 lltdio - ok
22:13:19.0505 1936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:13:19.0505 1936 LSI_FC - ok
22:13:19.0536 1936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:13:19.0536 1936 LSI_SAS - ok
22:13:19.0552 1936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:13:19.0552 1936 LSI_SAS2 - ok
22:13:19.0598 1936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:13:19.0598 1936 LSI_SCSI - ok
22:13:19.0630 1936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:13:19.0630 1936 luafv - ok
22:13:19.0676 1936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:13:19.0676 1936 megasas - ok
22:13:19.0692 1936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:13:19.0692 1936 MegaSR - ok
22:13:19.0723 1936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:13:19.0723 1936 Modem - ok
22:13:19.0754 1936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:13:19.0754 1936 monitor - ok
22:13:19.0770 1936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:13:19.0770 1936 mouclass - ok
22:13:19.0801 1936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:13:19.0801 1936 mouhid - ok
22:13:19.0817 1936 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:13:19.0817 1936 mountmgr - ok
22:13:19.0832 1936 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:13:19.0848 1936 mpio - ok
22:13:19.0864 1936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:13:19.0864 1936 mpsdrv - ok
22:13:19.0910 1936 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:13:19.0910 1936 MRxDAV - ok
22:13:19.0957 1936 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:13:19.0957 1936 mrxsmb - ok
22:13:19.0988 1936 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:13:19.0988 1936 mrxsmb10 - ok
22:13:20.0020 1936 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:13:20.0020 1936 mrxsmb20 - ok
22:13:20.0051 1936 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
22:13:20.0051 1936 msahci - ok
22:13:20.0066 1936 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:13:20.0066 1936 msdsm - ok
22:13:20.0098 1936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:13:20.0098 1936 Msfs - ok
22:13:20.0113 1936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:13:20.0113 1936 mshidkmdf - ok
22:13:20.0129 1936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:13:20.0129 1936 msisadrv - ok
22:13:20.0160 1936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:13:20.0160 1936 MSKSSRV - ok
22:13:20.0176 1936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:13:20.0176 1936 MSPCLOCK - ok
22:13:20.0191 1936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:13:20.0191 1936 MSPQM - ok
22:13:20.0222 1936 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:13:20.0222 1936 MsRPC - ok
22:13:20.0238 1936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:13:20.0238 1936 mssmbios - ok
22:13:20.0254 1936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:13:20.0269 1936 MSTEE - ok
22:13:20.0332 1936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:13:20.0332 1936 MTConfig - ok
22:13:20.0363 1936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:13:20.0363 1936 Mup - ok
22:13:20.0394 1936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:13:20.0394 1936 NativeWifiP - ok
22:13:20.0441 1936 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:13:20.0441 1936 NDIS - ok
22:13:20.0472 1936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:13:20.0472 1936 NdisCap - ok
22:13:20.0519 1936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:13:20.0519 1936 NdisTapi - ok
22:13:20.0566 1936 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:13:20.0566 1936 Ndisuio - ok
22:13:20.0597 1936 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:13:20.0597 1936 NdisWan - ok
22:13:20.0612 1936 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:13:20.0612 1936 NDProxy - ok
22:13:20.0644 1936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:13:20.0644 1936 NetBIOS - ok
22:13:20.0659 1936 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:13:20.0659 1936 NetBT - ok
22:13:20.0706 1936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:13:20.0706 1936 nfrd960 - ok
22:13:20.0722 1936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:13:20.0737 1936 Npfs - ok
22:13:20.0768 1936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:13:20.0768 1936 nsiproxy - ok
22:13:20.0831 1936 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:13:20.0846 1936 Ntfs - ok
22:13:20.0878 1936 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:13:20.0878 1936 Null - ok
22:13:20.0909 1936 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
22:13:20.0909 1936 nvraid - ok
22:13:20.0940 1936 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
22:13:20.0956 1936 nvstor - ok
22:13:20.0987 1936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:13:20.0987 1936 nv_agp - ok
22:13:21.0018 1936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:13:21.0018 1936 ohci1394 - ok
22:13:21.0065 1936 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:13:21.0065 1936 Parport - ok
22:13:21.0080 1936 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
22:13:21.0080 1936 partmgr - ok
22:13:21.0112 1936 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:13:21.0112 1936 pci - ok
22:13:21.0127 1936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:13:21.0143 1936 pciide - ok
22:13:21.0143 1936 PCLEPCI - ok
22:13:21.0174 1936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:13:21.0174 1936 pcmcia - ok
22:13:21.0174 1936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:13:21.0174 1936 pcw - ok
22:13:21.0205 1936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:13:21.0205 1936 PEAUTH - ok
22:13:21.0330 1936 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:13:21.0330 1936 PptpMiniport - ok
22:13:21.0346 1936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:13:21.0361 1936 Processor - ok
22:13:21.0408 1936 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:13:21.0408 1936 Psched - ok
22:13:21.0455 1936 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:13:21.0455 1936 PxHlpa64 - ok
22:13:21.0502 1936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:13:21.0502 1936 ql2300 - ok
22:13:21.0533 1936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:13:21.0533 1936 ql40xx - ok
22:13:21.0548 1936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:13:21.0548 1936 QWAVEdrv - ok
22:13:21.0580 1936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:13:21.0580 1936 RasAcd - ok
22:13:21.0611 1936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:13:21.0611 1936 RasAgileVpn - ok
22:13:21.0626 1936 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:13:21.0626 1936 Rasl2tp - ok
22:13:21.0642 1936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:13:21.0658 1936 RasPppoe - ok
22:13:21.0689 1936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:13:21.0689 1936 RasSstp - ok
22:13:21.0720 1936 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:13:21.0720 1936 rdbss - ok
22:13:21.0736 1936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:13:21.0736 1936 rdpbus - ok
22:13:21.0767 1936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:13:21.0767 1936 RDPCDD - ok
22:13:21.0798 1936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:13:21.0798 1936 RDPENCDD - ok
22:13:21.0814 1936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:13:21.0814 1936 RDPREFMP - ok
22:13:21.0845 1936 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
22:13:21.0845 1936 RDPWD - ok
22:13:21.0876 1936 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:13:21.0876 1936 rdyboost - ok
22:13:21.0923 1936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:13:21.0923 1936 rspndr - ok
22:13:22.0001 1936 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:13:22.0001 1936 SASDIFSV - ok
22:13:22.0016 1936 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:13:22.0016 1936 SASKUTIL - ok
22:13:22.0048 1936 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:13:22.0048 1936 sbp2port - ok
22:13:22.0048 1936 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:13:22.0048 1936 scfilter - ok
22:13:22.0110 1936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:13:22.0126 1936 secdrv - ok
22:13:22.0157 1936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:13:22.0157 1936 Serenum - ok
22:13:22.0172 1936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:13:22.0172 1936 Serial - ok
22:13:22.0219 1936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:13:22.0219 1936 sermouse - ok
22:13:22.0250 1936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
22:13:22.0250 1936 sffdisk - ok
22:13:22.0266 1936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:13:22.0266 1936 sffp_mmc - ok
22:13:22.0282 1936 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:13:22.0282 1936 sffp_sd - ok
22:13:22.0328 1936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:13:22.0328 1936 sfloppy - ok
22:13:22.0360 1936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:13:22.0360 1936 SiSRaid2 - ok
22:13:22.0406 1936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:13:22.0406 1936 SiSRaid4 - ok
22:13:22.0438 1936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:13:22.0438 1936 Smb - ok
22:13:22.0469 1936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:13:22.0469 1936 spldr - ok
22:13:22.0547 1936 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:13:22.0547 1936 srv - ok
22:13:22.0578 1936 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:13:22.0578 1936 srv2 - ok
22:13:22.0625 1936 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:13:22.0625 1936 srvnet - ok
22:13:22.0656 1936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:13:22.0656 1936 stexstor - ok
22:13:22.0687 1936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:13:22.0687 1936 swenum - ok
22:13:22.0781 1936 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
22:13:22.0796 1936 Tcpip - ok
22:13:22.0859 1936 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
22:13:22.0874 1936 TCPIP6 - ok
22:13:22.0906 1936 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:13:22.0906 1936 tcpipreg - ok
22:13:22.0921 1936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:13:22.0921 1936 TDPIPE - ok
22:13:22.0952 1936 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:13:22.0952 1936 TDTCP - ok
22:13:22.0968 1936 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:13:22.0968 1936 tdx - ok
22:13:22.0999 1936 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:13:22.0999 1936 TermDD - ok
22:13:23.0030 1936 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:13:23.0030 1936 tssecsrv - ok
22:13:23.0062 1936 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:13:23.0062 1936 tunnel - ok
22:13:23.0093 1936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:13:23.0093 1936 uagp35 - ok
22:13:23.0124 1936 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
22:13:23.0124 1936 udfs - ok
22:13:23.0171 1936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:13:23.0171 1936 uliagpkx - ok
22:13:23.0186 1936 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:13:23.0186 1936 umbus - ok
22:13:23.0202 1936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:13:23.0202 1936 UmPass - ok
22:13:23.0264 1936 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:13:23.0264 1936 USBAAPL64 - ok
22:13:23.0296 1936 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
22:13:23.0296 1936 usbccgp - ok
22:13:23.0327 1936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:13:23.0327 1936 usbcir - ok
22:13:23.0342 1936 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
22:13:23.0342 1936 usbehci - ok
22:13:23.0389 1936 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
22:13:23.0405 1936 usbhub - ok
22:13:23.0420 1936 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
22:13:23.0420 1936 usbohci - ok
22:13:23.0436 1936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:13:23.0436 1936 usbprint - ok
22:13:23.0467 1936 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:13:23.0467 1936 usbscan - ok
22:13:23.0514 1936 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:13:23.0514 1936 USBSTOR - ok
22:13:23.0530 1936 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
22:13:23.0530 1936 usbuhci - ok
22:13:23.0561 1936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:13:23.0576 1936 vdrvroot - ok
22:13:23.0592 1936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:13:23.0592 1936 vga - ok
22:13:23.0623 1936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:13:23.0623 1936 VgaSave - ok
22:13:23.0654 1936 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:13:23.0654 1936 vhdmp - ok
22:13:23.0701 1936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:13:23.0701 1936 viaide - ok
22:13:23.0717 1936 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:13:23.0732 1936 volmgr - ok
22:13:23.0748 1936 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:13:23.0748 1936 volmgrx - ok
22:13:23.0764 1936 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:13:23.0764 1936 volsnap - ok
22:13:23.0795 1936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:13:23.0795 1936 vsmraid - ok
22:13:23.0810 1936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:13:23.0810 1936 vwifibus - ok
22:13:23.0857 1936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:13:23.0857 1936 WacomPen - ok
22:13:23.0873 1936 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:23.0873 1936 WANARP - ok
22:13:23.0873 1936 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:23.0873 1936 Wanarpv6 - ok
22:13:23.0920 1936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:13:23.0920 1936 Wd - ok
22:13:23.0951 1936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:13:23.0951 1936 Wdf01000 - ok
22:13:23.0982 1936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:13:23.0982 1936 WfpLwf - ok
22:13:24.0013 1936 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
22:13:24.0029 1936 WimFltr - ok
22:13:24.0044 1936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:13:24.0044 1936 WIMMount - ok
22:13:24.0107 1936 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
22:13:24.0107 1936 WinUsb - ok
22:13:24.0138 1936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:13:24.0138 1936 WmiAcpi - ok
22:13:24.0169 1936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:13:24.0169 1936 ws2ifsl - ok
22:13:24.0200 1936 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
22:13:24.0200 1936 WudfPf - ok
22:13:24.0216 1936 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:13:24.0216 1936 WUDFRd - ok
22:13:24.0232 1936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:13:24.0247 1936 \Device\Harddisk0\DR0 - ok
22:13:24.0247 1936 Boot (0x1200) (d1349f1778e08f2335643a1218a0eb25) \Device\Harddisk0\DR0\Partition0
22:13:24.0263 1936 \Device\Harddisk0\DR0\Partition0 - ok
22:13:24.0278 1936 Boot (0x1200) (cf1363e4ec4b276303702e530069a33f) \Device\Harddisk0\DR0\Partition1
22:13:24.0278 1936 \Device\Harddisk0\DR0\Partition1 - ok
22:13:24.0278 1936 ============================================================
22:13:24.0278 1936 Scan finished
22:13:24.0278 1936 ============================================================
22:13:24.0294 4408 Detected object count: 0
22:13:24.0294 4408 Actual detected object count: 0





Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8099

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

06/11/2011 22:09:16
mbam-log-2011-11-06 (22-09-16).txt

Scan type: Quick scan
Objects scanned: 170741
Time elapsed: 1 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:12 PM

Posted 06 November 2011 - 07:09 PM

Ok, it is not showing up and we'll need a deeper look.

You need to update to Java 7 and Adobe Reader X or 10.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u1-windows-i586-s.exe (or jre-7u1-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional



Now to get that look..
Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Include a link back to this topic.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users