Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Results are getting redirected


  • Please log in to reply
5 replies to this topic

#1 junky_2003

junky_2003

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:55 PM

Posted 06 September 2011 - 01:56 PM

Hello :

I am using Windows 7 Home Edition.
My pc was infected with trojan. I was able to get rid of most of the symptoms through Trend Micro AV and malwarebytes. However, I think that my machine is still infected because the search links always redirect me to malicious sites (never happens because Trend Micro prevents that site from opening).

Please help.

Rgds
-dj

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 PM

Posted 06 September 2011 - 02:20 PM

Hello and welcome. Please run these and post the logs.
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal Instructions

If it finds something make sure Cure is selected
Next click Continue then Reboot now
A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 junky_2003

junky_2003
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:55 PM

Posted 07 September 2011 - 10:58 PM

Hello :

Thanks for replying.
Yes, I do use forefox and most likely the infection was when I was using that browser only. I do use router but luckily this issue is with only one laptop.

Here are the logs you requested. Unfortunately TDSS Killer did not find anything. I did have difficulty downloading it into my laptop though. I downloaded it in a different machine and renamed the file to 123.com

MiniToolBox by Farbar
Ran by Ninni (administrator) on 07-09-2011 at 15:38:35
Windows 7 Home Premium (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled mldversion=version2
add address name="Wireless Network Connection 2" address=192.168.16.2


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ninni-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-26-C7-89-10-27
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-C7-89-10-27
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-26-C7-89-10-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::61d3:2b37:7d61:f9a6%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.123(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, September 07, 2011 2:50:40 PM
Lease Expires . . . . . . . . . . : Thursday, September 08, 2011 2:50:40 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 369108679
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-84-D3-3A-60-EB-69-97-1D-D8
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 60-EB-69-97-1D-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 18-F4-6A-DF-81-B0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AD4DD695-EC8A-4312-86AC-148DF1A7FBD1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{26164F81-8FDC-4523-9D18-AB82A6F66DF0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BAB4189F-7243-482B-B86A-425F540D83A9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{80197DAD-EEC2-4796-8AF2-5626CBCB26B8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AD9AEF4D-93DE-44E5-867D-876D86F11C52}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2459:381f:9d4b:2a28(Preferred)
Link-local IPv6 Address . . . . . : fe80::2459:381f:9d4b:2a28%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Pinging google.com [74.125.73.147] with 32 bytes of data:
Reply from 74.125.73.147: bytes=32 time=41ms TTL=53
Reply from 74.125.73.147: bytes=32 time=39ms TTL=52

Ping statistics for 74.125.73.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 41ms, Average = 40ms

Pinging yahoo.com [72.30.2.43] with 32 bytes of data:
Reply from 72.30.2.43: bytes=32 time=120ms TTL=55
Reply from 72.30.2.43: bytes=32 time=101ms TTL=56

Ping statistics for 72.30.2.43:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 101ms, Maximum = 120ms, Average = 110ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...00 26 c7 89 10 27 ......Microsoft Virtual WiFi Miniport Adapter #2
16...00 26 c7 89 10 27 ......Microsoft Virtual WiFi Miniport Adapter
15...00 26 c7 89 10 26 ......Intel® WiFi Link 1000 BGN
13...60 eb 69 97 1d d8 ......Broadcom NetLink ™ Gigabit Ethernet
12...18 f4 6a df 81 b0 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.123 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.123 281
192.168.1.123 255.255.255.255 On-link 192.168.1.123 281
192.168.1.255 255.255.255.255 On-link 192.168.1.123 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.123 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.123 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:2459:381f:9d4b:2a28/128
On-link
15 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::2459:381f:9d4b:2a28/128
On-link
15 281 fe80::61d3:2b37:7d61:f9a6/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 mswsock.dll [File Not found] ()
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 mswsock.dll [File Not found] ()
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/06/2011 02:28:25 PM) (Source: Microsoft Office 14) (User: )
Description: Microsoft Word: Accepted Safe Mode action : Word failed to start correctly last time. Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Word in safe mode?.
Accepted Safe Mode action : Microsoft Word.

Error: (09/05/2011 00:25:29 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=4F8}
The client was unable to connect to an Application Virtualization Server (rc 16D1190A-0000E028)

Error: (09/05/2011 00:25:29 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=4F8}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.5138.5002.sft' (rc 16D1190A-0000E028, original rc 16D1190A-0000E028).

Error: (09/05/2011 08:10:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (09/04/2011 07:20:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (09/03/2011 04:29:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: atieclxx.exe, version: 6.14.11.1062, time stamp: 0x4c2aae53
Faulting module name: atiadlxx.dll, version: 6.14.10.1054, time stamp: 0x4c2aa295
Exception code: 0xc0000005
Fault offset: 0x000000000001f078
Faulting process id: 0x54c
Faulting application start time: 0xatieclxx.exe0
Faulting application path: atieclxx.exe1
Faulting module path: atieclxx.exe2
Report Id: atieclxx.exe3

Error: (09/03/2011 10:09:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (09/03/2011 08:30:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (09/03/2011 08:22:59 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (09/03/2011 06:53:16 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 5.0.0.4183 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f30

Start Time: 01cc6a2eac3d7e9b

Termination Time: 60000

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 17953fde-d623-11e0-a03c-18f46adf81b0


System errors:
=============
Error: (09/07/2011 02:54:45 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (09/07/2011 02:53:10 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (09/07/2011 02:51:22 PM) (Source: Service Control Manager) (User: )
Description: The Oasis2Service service failed to start due to the following error:
%%1053

Error: (09/07/2011 02:51:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Oasis2Service service to connect.

Error: (09/07/2011 02:50:24 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error:
%%183

Error: (09/07/2011 02:50:24 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall Authorization Driver service failed to start due to the following error:
%%183

Error: (09/06/2011 03:30:05 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (09/06/2011 03:29:04 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (09/06/2011 03:26:24 PM) (Source: Service Control Manager) (User: )
Description: The SeaPort service failed to start due to the following error:
%%1053

Error: (09/06/2011 03:26:24 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SeaPort service to connect.


Microsoft Office Sessions:
=========================
Error: (09/06/2011 02:28:25 PM) (Source: Microsoft Office 14)(User: )
Description: Microsoft WordWord failed to start correctly last time. Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Word in safe mode?

Error: (09/05/2011 00:25:29 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=4F8}
16D1190A-0000E028

Error: (09/05/2011 00:25:29 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=4F8}
http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.5138.5002.sft16D1190A-0000E02816D1190A-0000E028

Error: (09/05/2011 08:10:57 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Ninni\Desktop\SoftonicDownloader_for_imgburn.exe

Error: (09/04/2011 07:20:37 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Ninni\Desktop\SoftonicDownloader_for_imgburn.exe

Error: (09/03/2011 04:29:24 PM) (Source: Application Error)(User: )
Description: atieclxx.exe6.14.11.10624c2aae53atiadlxx.dll6.14.10.10544c2aa295c0000005000000000001f07854c01cc6a4b76b07688C:\windows\system32\atieclxx.exeC:\windows\system32\atiadlxx.dllcad9afe0-d673-11e0-9e68-18f46adf81b0

Error: (09/03/2011 10:09:55 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Ninni\Desktop\SoftonicDownloader_for_imgburn.exe

Error: (09/03/2011 08:30:03 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Ninni\Desktop\SoftonicDownloader_for_imgburn.exe

Error: (09/03/2011 08:22:59 AM) (Source: ATIeRecord)(User: )
Description:

Error: (09/03/2011 06:53:16 AM) (Source: Application Hang)(User: )
Description: firefox.exe5.0.0.41831f3001cc6a2eac3d7e9b60000C:\Program Files (x86)\Mozilla Firefox\firefox.exe17953fde-d623-11e0-a03c-18f46adf81b0


=========================== Installed Programs ============================

Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.7)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader 9.0.1 (Version: 9.0.1)
AIM 7
Amazon Add to Wish List IE Extension 1.1 (Version: 1.1)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
ARO 2011 (Version: 7.0)
ASUS RT-N56U Wireless Router Utilities (Version: 4.1.6.6)
ATI Catalyst Install Manager (Version: 3.0.782.0)
Audible Download Manager (Version: 6.6.0.13)
Bonjour (Version: 2.0.5.0)
Broadcom Gigabit NetLink Controller (Version: 12.52.01)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0629.2222.38338)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0629.2222.38338)
Catalyst Control Center InstallProxy (Version: 2010.0629.2222.38338)
Catalyst Control Center Localization All (Version: 2010.0629.2222.38338)
ccc-core-static (Version: 2010.0629.2222.38338)
ccc-utility64 (Version: 2010.0629.2222.38338)
CCC Help Chinese Standard (Version: 2010.0629.2221.38338)
CCC Help Chinese Traditional (Version: 2010.0629.2221.38338)
CCC Help Czech (Version: 2010.0629.2221.38338)
CCC Help Danish (Version: 2010.0629.2221.38338)
CCC Help Dutch (Version: 2010.0629.2221.38338)
CCC Help English (Version: 2010.0629.2221.38338)
CCC Help Finnish (Version: 2010.0629.2221.38338)
CCC Help French (Version: 2010.0629.2221.38338)
CCC Help German (Version: 2010.0629.2221.38338)
CCC Help Greek (Version: 2010.0629.2221.38338)
CCC Help Hungarian (Version: 2010.0629.2221.38338)
CCC Help Italian (Version: 2010.0629.2221.38338)
CCC Help Japanese (Version: 2010.0629.2221.38338)
CCC Help Korean (Version: 2010.0629.2221.38338)
CCC Help Norwegian (Version: 2010.0629.2221.38338)
CCC Help Polish (Version: 2010.0629.2221.38338)
CCC Help Portuguese (Version: 2010.0629.2221.38338)
CCC Help Russian (Version: 2010.0629.2221.38338)
CCC Help Spanish (Version: 2010.0629.2221.38338)
CCC Help Swedish (Version: 2010.0629.2221.38338)
CCC Help Thai (Version: 2010.0629.2221.38338)
CCC Help Turkish (Version: 2010.0629.2221.38338)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
CyberLink YouCam (Version: 3.0.2603)
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726)
DiskAid 4.63 (Version: 4.63)
DivX Setup (Version: 2.2.1.2)
DivX Web Player (Version: 1.5.0)
Download Updater (AOL LLC)
EditPlus 3
Energy Management (Version: 5.4.1.6)
Flickr Uploadr 3.2.1
Giraffic Video Accelerator (Version: 0.86.111.230)
Google Talk Plugin (Version: 2.2.2.0)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.1.2003.1856)
Google Update Helper (Version: 1.3.21.65)
ImgBurn (Version: 2.5.4.0)
Intel AppUp(SM) center (Version: 19079)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.0000)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® Turbo Boost Technology Driver (Version: 01.00.01.1002)
Intel® Wireless Display (Version: 1.2.15.0)
iTunes (Version: 10.2.2.14)
JMicron Flash Media Controller Driver (Version: 1.0.41.2)
Junk Mail filter update (Version: 15.4.3502.0922)
Kidzui
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.2.1.1200)
Lenovo DirectShare (Version: 1.0.1.38)
Lenovo EasyCamera (Version: 1.10.0510.01)
Lenovo MuteSync (Version: 1.0.0.2)
Lenovo OneKey Recovery (Version: 7.0.1230)
Lenovo ReadyComm 5 (Version: 5.1.1.22)
Lenovo ReadyComm 5.0 Service (Version: 5.0.0.1)
Lenovo SlideNav (Version: 2.0.1230.0003)
Lenovo Smile Dock (Version: 2.0.201.1)
Lenovo SplitScreen (Version: 1.00.1823.0001)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Media Player Codec Pack 3.9.6
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 6.0.1 (x86 en-US) (Version: 6.0.1)
MSN Toolbar (Version: 4.0.0396.0)
MSN Toolbar Platform (Version: 4.0.0417.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Oasis2Service 1.0 (Version: 1.0.0)
Onekey Theater (Version: 2.0.1.8)
ooVoo (Version: 2.2.4.25)
Picasa 3 (Version: 3.8)
Play Movie (Version: 1.5.1.6121)
PM FASTrack v6 (Version: 6.0.0)
PMP 4.1.1 TechFaq360
Power2Go (Version: 5.6.0.4809d4)
PowerXpressHybrid (Version: 1.00.0000)
PX Profile Update (Version: 1.00.1.)
QuickTime (Version: 7.69.80.9)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6110)
RealUpgrade 1.1 (Version: 1.1.0)
Safari (Version: 5.33.21.1)
Skype™ 5.5 (Version: 5.5.114)
Synaptics Pointing Device Driver (Version: 15.0.19.1)
Trend Micro Internet Security (Version: 17.50)
TuneUp Companion 2.0.9 (Version: 2.0.9)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Veoh Web Player (Version: 1.1.2.0000)
VeriFace (Version: 3.6.0.1211)
VLC media player 1.0.1 (Version: 1.0.1)
Vuze (Version: 4.6)
Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (Version: 01/06/2010 6.2.0.9416)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (Version: 10/19/2009 5.4.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.00 beta 3 (32-bit) (Version: 4.00.3)
WinZip 15.0 (Version: 15.0.9334)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 3892.48 MB
Available physical RAM: 1440.32 MB
Total Pagefile: 7783.1 MB
Available Pagefile: 4873.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3983.52 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:420.33 GB) (Free:275.92 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:28.46 GB) NTFS

========================= Users: ========================================

User accounts for \\NINNI-PC

Administrator Guest Ninni

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


TDSS Killer Logs
===========================================================================
2011/09/07 22:21:42.0265 7152 TDSS rootkit removing tool 2.5.19.0 Sep 6 2011 19:23:56
2011/09/07 22:21:42.0842 7152 ================================================================================
2011/09/07 22:21:42.0842 7152 SystemInfo:
2011/09/07 22:21:42.0842 7152
2011/09/07 22:21:42.0842 7152 OS Version: 6.1.7600 ServicePack: 0.0
2011/09/07 22:21:42.0842 7152 Product type: Workstation
2011/09/07 22:21:42.0842 7152 ComputerName: NINNI-PC
2011/09/07 22:21:42.0842 7152 UserName: Ninni
2011/09/07 22:21:42.0842 7152 Windows directory: C:\windows
2011/09/07 22:21:42.0842 7152 System windows directory: C:\windows
2011/09/07 22:21:42.0842 7152 Running under WOW64
2011/09/07 22:21:42.0842 7152 Processor architecture: Intel x64
2011/09/07 22:21:42.0842 7152 Number of processors: 4
2011/09/07 22:21:42.0842 7152 Page size: 0x1000
2011/09/07 22:21:42.0842 7152 Boot type: Normal boot
2011/09/07 22:21:42.0842 7152 ================================================================================
2011/09/07 22:21:49.0301 7152 Initialize success
2011/09/07 22:22:14.0169 7504 ================================================================================
2011/09/07 22:22:14.0169 7504 Scan started
2011/09/07 22:22:14.0169 7504 Mode: Manual;
2011/09/07 22:22:14.0169 7504 ================================================================================
2011/09/07 22:22:23.0930 7504 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
2011/09/07 22:22:24.0700 7504 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
2011/09/07 22:22:24.0973 7504 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
2011/09/07 22:22:25.0519 7504 ACPIVPC (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
2011/09/07 22:22:26.0379 7504 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/09/07 22:22:27.0353 7504 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/09/07 22:22:27.0943 7504 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/09/07 22:22:28.0600 7504 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys
2011/09/07 22:22:29.0169 7504 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
2011/09/07 22:22:30.0098 7504 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
2011/09/07 22:22:30.0512 7504 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
2011/09/07 22:22:31.0024 7504 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/09/07 22:22:31.0961 7504 amdkmdag (2ae6aa3632589ac805432863d3605ea9) C:\windows\system32\DRIVERS\atikmdag.sys
2011/09/07 22:22:32.0618 7504 amdkmdap (206c28bfa8d52250d163b85e891527e5) C:\windows\system32\DRIVERS\atikmpag.sys
2011/09/07 22:22:32.0987 7504 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/09/07 22:22:33.0420 7504 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
2011/09/07 22:22:33.0693 7504 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/09/07 22:22:33.0825 7504 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
2011/09/07 22:22:33.0996 7504 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
2011/09/07 22:22:34.0159 7504 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/09/07 22:22:34.0204 7504 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/09/07 22:22:34.0319 7504 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/09/07 22:22:34.0467 7504 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
2011/09/07 22:22:34.0937 7504 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/09/07 22:22:35.0201 7504 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/09/07 22:22:35.0473 7504 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/09/07 22:22:35.0673 7504 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/09/07 22:22:36.0005 7504 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
2011/09/07 22:22:36.0119 7504 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/09/07 22:22:36.0159 7504 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/09/07 22:22:36.0311 7504 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
2011/09/07 22:22:36.0565 7504 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/09/07 22:22:36.0897 7504 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/09/07 22:22:37.0248 7504 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/09/07 22:22:37.0596 7504 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/09/07 22:22:37.0983 7504 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
2011/09/07 22:22:38.0335 7504 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/09/07 22:22:38.0818 7504 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
2011/09/07 22:22:39.0303 7504 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys
2011/09/07 22:22:39.0791 7504 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys
2011/09/07 22:22:40.0217 7504 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\windows\system32\drivers\btusbflt.sys
2011/09/07 22:22:40.0692 7504 btwaudio (a72a9101f9730db7332714e566614e4d) C:\windows\system32\drivers\btwaudio.sys
2011/09/07 22:22:41.0175 7504 btwavdt (5ceec634b617525f2b6ad29f871033f7) C:\windows\system32\drivers\btwavdt.sys
2011/09/07 22:22:41.0586 7504 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\windows\system32\DRIVERS\btwl2cap.sys
2011/09/07 22:22:41.0816 7504 btwrchid (2af5604d28bef77b7cf4b9d232fe7cd3) C:\windows\system32\DRIVERS\btwrchid.sys
2011/09/07 22:22:42.0116 7504 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/09/07 22:22:42.0588 7504 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
2011/09/07 22:22:42.0873 7504 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/09/07 22:22:43.0343 7504 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/09/07 22:22:43.0848 7504 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/09/07 22:22:44.0138 7504 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
2011/09/07 22:22:44.0415 7504 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
2011/09/07 22:22:44.0756 7504 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/09/07 22:22:45.0144 7504 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/09/07 22:22:45.0427 7504 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/09/07 22:22:45.0857 7504 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\windows\system32\DRIVERS\ctxusbm.sys
2011/09/07 22:22:46.0134 7504 dc3d (76e02db615a03801d698199a2bc4a06a) C:\windows\system32\DRIVERS\dc3d.sys
2011/09/07 22:22:46.0444 7504 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
2011/09/07 22:22:46.0702 7504 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/09/07 22:22:46.0902 7504 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/09/07 22:22:47.0219 7504 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/09/07 22:22:47.0452 7504 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\windows\System32\drivers\dxgkrnl.sys
2011/09/07 22:22:48.0532 7504 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/09/07 22:22:49.0600 7504 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/09/07 22:22:49.0973 7504 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
2011/09/07 22:22:50.0617 7504 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/09/07 22:22:51.0368 7504 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/09/07 22:22:52.0439 7504 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/09/07 22:22:52.0877 7504 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/09/07 22:22:53.0429 7504 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/09/07 22:22:53.0695 7504 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/09/07 22:22:54.0036 7504 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
2011/09/07 22:22:54.0736 7504 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/09/07 22:22:55.0132 7504 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
2011/09/07 22:22:55.0530 7504 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/09/07 22:22:55.0856 7504 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/09/07 22:22:56.0162 7504 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/09/07 22:22:57.0818 7504 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/07 22:22:58.0391 7504 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/09/07 22:22:58.0836 7504 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
2011/09/07 22:22:59.0090 7504 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/09/07 22:22:59.0443 7504 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
2011/09/07 22:22:59.0825 7504 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/09/07 22:23:00.0073 7504 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/09/07 22:23:00.0426 7504 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/09/07 22:23:00.0863 7504 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
2011/09/07 22:23:01.0411 7504 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/09/07 22:23:01.0804 7504 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
2011/09/07 22:23:02.0540 7504 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
2011/09/07 22:23:02.0926 7504 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
2011/09/07 22:23:03.0472 7504 iaStor (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys
2011/09/07 22:23:04.0052 7504 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
2011/09/07 22:23:05.0557 7504 igfx (fbacbed7a37b3223822470ff1d8ea00f) C:\windows\system32\DRIVERS\igdkmd64.sys
2011/09/07 22:23:07.0482 7504 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/09/07 22:23:07.0838 7504 Impcd (36fdf367a1dabff903e2214023d71368) C:\windows\system32\DRIVERS\Impcd.sys
2011/09/07 22:23:08.0717 7504 IntcAzAudAddService (30ce3b186d3f661050be6fed23d842ba) C:\windows\system32\drivers\RTKVHD64.sys
2011/09/07 22:23:08.0962 7504 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
2011/09/07 22:23:09.0817 7504 intelkmd (fbacbed7a37b3223822470ff1d8ea00f) C:\windows\system32\DRIVERS\igdpmd64.sys
2011/09/07 22:23:11.0357 7504 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/09/07 22:23:11.0686 7504 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/09/07 22:23:11.0979 7504 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/09/07 22:23:12.0367 7504 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/09/07 22:23:12.0615 7504 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/09/07 22:23:12.0951 7504 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
2011/09/07 22:23:13.0238 7504 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
2011/09/07 22:23:13.0977 7504 JMCR (3926c8c55a2cd2c94888be39b4beb629) C:\windows\system32\DRIVERS\jmcr.sys
2011/09/07 22:23:14.0514 7504 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\windows\system32\DRIVERS\k57nd60a.sys
2011/09/07 22:23:14.0866 7504 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
2011/09/07 22:23:15.0182 7504 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
2011/09/07 22:23:15.0418 7504 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
2011/09/07 22:23:16.0008 7504 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
2011/09/07 22:23:16.0604 7504 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/09/07 22:23:17.0167 7504 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
2011/09/07 22:23:17.0541 7504 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/09/07 22:23:18.0294 7504 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/09/07 22:23:18.0551 7504 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/09/07 22:23:18.0826 7504 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/09/07 22:23:19.0058 7504 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/09/07 22:23:19.0607 7504 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/09/07 22:23:19.0892 7504 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/09/07 22:23:20.0223 7504 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/09/07 22:23:20.0535 7504 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/09/07 22:23:20.0774 7504 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/09/07 22:23:21.0031 7504 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
2011/09/07 22:23:21.0416 7504 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/09/07 22:23:21.0668 7504 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
2011/09/07 22:23:22.0012 7504 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
2011/09/07 22:23:22.0539 7504 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/09/07 22:23:22.0777 7504 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
2011/09/07 22:23:23.0083 7504 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/09/07 22:23:23.0526 7504 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/09/07 22:23:23.0897 7504 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/09/07 22:23:24.0295 7504 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
2011/09/07 22:23:24.0879 7504 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
2011/09/07 22:23:25.0367 7504 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/09/07 22:23:25.0732 7504 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/09/07 22:23:26.0027 7504 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
2011/09/07 22:23:26.0395 7504 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/09/07 22:23:26.0794 7504 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/09/07 22:23:27.0050 7504 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/09/07 22:23:27.0366 7504 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
2011/09/07 22:23:27.0685 7504 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
2011/09/07 22:23:27.0915 7504 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/09/07 22:23:28.0154 7504 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/09/07 22:23:28.0366 7504 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/09/07 22:23:28.0984 7504 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/09/07 22:23:29.0450 7504 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
2011/09/07 22:23:29.0976 7504 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/09/07 22:23:30.0509 7504 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/09/07 22:23:30.0979 7504 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
2011/09/07 22:23:31.0219 7504 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
2011/09/07 22:23:31.0518 7504 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
2011/09/07 22:23:31.0781 7504 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/09/07 22:23:32.0034 7504 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
2011/09/07 22:23:32.0906 7504 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\windows\system32\DRIVERS\NETw5s64.sys
2011/09/07 22:23:35.0110 7504 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
2011/09/07 22:23:36.0244 7504 NetworkX (2263727032e9b19231a706046b8c82d3) C:\windows\system32\ckldrv.sys
2011/09/07 22:23:36.0604 7504 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/09/07 22:23:37.0043 7504 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/09/07 22:23:37.0383 7504 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/09/07 22:23:38.0057 7504 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
2011/09/07 22:23:38.0977 7504 NuidFltr (4c08a14d04e62963e96e0bb57bbc953b) C:\windows\system32\DRIVERS\NuidFltr.sys
2011/09/07 22:23:39.0055 7504 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/09/07 22:23:39.0126 7504 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
2011/09/07 22:23:39.0237 7504 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
2011/09/07 22:23:39.0354 7504 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
2011/09/07 22:23:39.0435 7504 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
2011/09/07 22:23:39.0946 7504 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/09/07 22:23:40.0191 7504 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
2011/09/07 22:23:40.0550 7504 PcaSp60 (5eacb8a19cad7057806fbbf9550165e1) C:\windows\system32\DRIVERS\PcaSp60.sys
2011/09/07 22:23:40.0764 7504 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
2011/09/07 22:23:40.0929 7504 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
2011/09/07 22:23:41.0256 7504 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/09/07 22:23:41.0529 7504 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/09/07 22:23:41.0890 7504 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/09/07 22:23:42.0484 7504 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
2011/09/07 22:23:42.0819 7504 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
2011/09/07 22:23:43.0114 7504 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/09/07 22:23:43.0526 7504 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
2011/09/07 22:23:43.0959 7504 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/09/07 22:23:44.0297 7504 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/09/07 22:23:44.0552 7504 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/09/07 22:23:44.0720 7504 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/09/07 22:23:44.0923 7504 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/09/07 22:23:45.0184 7504 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/09/07 22:23:45.0448 7504 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/09/07 22:23:45.0642 7504 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/09/07 22:23:45.0812 7504 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
2011/09/07 22:23:46.0068 7504 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/09/07 22:23:46.0244 7504 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/09/07 22:23:46.0450 7504 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/09/07 22:23:46.0675 7504 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/09/07 22:23:47.0008 7504 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
2011/09/07 22:23:47.0260 7504 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
2011/09/07 22:23:47.0538 7504 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
2011/09/07 22:23:47.0708 7504 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\windows\system32\Drivers\RimUsb_AMD64.sys
2011/09/07 22:23:47.0897 7504 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/09/07 22:23:48.0162 7504 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\windows\system32\drivers\RtHDMIVX.sys
2011/09/07 22:23:48.0473 7504 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
2011/09/07 22:23:48.0877 7504 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
2011/09/07 22:23:49.0112 7504 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\windows\system32\DRIVERS\sdbus.sys
2011/09/07 22:23:49.0425 7504 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/09/07 22:23:49.0748 7504 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/09/07 22:23:50.0029 7504 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/09/07 22:23:50.0380 7504 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/09/07 22:23:50.0683 7504 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
2011/09/07 22:23:50.0887 7504 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
2011/09/07 22:23:51.0081 7504 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
2011/09/07 22:23:51.0299 7504 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/09/07 22:23:51.0620 7504 Sftfs (72cd52403efc137290cb5a328510ebca) C:\windows\system32\DRIVERS\Sftfslh.sys
2011/09/07 22:23:51.0928 7504 Sftplay (31a36ef71af36eabcc4b4f8ab8f76465) C:\windows\system32\DRIVERS\Sftplaylh.sys
2011/09/07 22:23:52.0331 7504 Sftredir (2d969194fcc8eb41ed1d52863bfe7f52) C:\windows\system32\DRIVERS\Sftredirlh.sys
2011/09/07 22:23:52.0706 7504 Sftvol (08b36d2f63af3ca2248458a4280c0c50) C:\windows\system32\DRIVERS\Sftvollh.sys
2011/09/07 22:23:52.0983 7504 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/09/07 22:23:53.0294 7504 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/09/07 22:23:53.0546 7504 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/09/07 22:23:53.0853 7504 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/09/07 22:23:54.0513 7504 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
2011/09/07 22:23:55.0615 7504 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
2011/09/07 22:23:55.0898 7504 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
2011/09/07 22:23:56.0089 7504 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/09/07 22:23:56.0526 7504 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
2011/09/07 22:23:56.0980 7504 SynTP (c7e556d216cc864e24ffa797b5c1dd14) C:\windows\system32\DRIVERS\SynTP.sys
2011/09/07 22:23:57.0485 7504 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\windows\system32\DRIVERS\taphss.sys
2011/09/07 22:23:58.0119 7504 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\windows\system32\drivers\tcpip.sys
2011/09/07 22:23:58.0951 7504 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\windows\system32\DRIVERS\tcpip.sys
2011/09/07 22:23:59.0385 7504 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
2011/09/07 22:23:59.0859 7504 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/09/07 22:23:59.0935 7504 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/09/07 22:23:59.0987 7504 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
2011/09/07 22:24:00.0138 7504 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
2011/09/07 22:24:00.0493 7504 tmlwf (35a6aeb61c7cf21b10cc05bda47339b5) C:\windows\system32\DRIVERS\tmlwf.sys
2011/09/07 22:24:01.0030 7504 tmpreflt (1889f49a828b1cf0e2866cdd325875b0) C:\windows\system32\DRIVERS\tmpreflt.sys
2011/09/07 22:24:01.0552 7504 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\windows\system32\DRIVERS\tmtdi.sys
2011/09/07 22:24:01.0980 7504 tmwfp (a4670e50c15d7bce7226e4b62700df09) C:\windows\system32\DRIVERS\tmwfp.sys
2011/09/07 22:24:02.0341 7504 tmxpflt (8b97ba7e28bd39a2bc4a2bb66a83fec0) C:\windows\system32\DRIVERS\tmxpflt.sys
2011/09/07 22:24:02.0636 7504 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/09/07 22:24:03.0135 7504 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
2011/09/07 22:24:03.0446 7504 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/09/07 22:24:03.0885 7504 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
2011/09/07 22:24:04.0256 7504 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
2011/09/07 22:24:04.0459 7504 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
2011/09/07 22:24:04.0651 7504 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/09/07 22:24:04.0915 7504 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
2011/09/07 22:24:05.0096 7504 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
2011/09/07 22:24:05.0202 7504 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
2011/09/07 22:24:05.0295 7504 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\drivers\usbehci.sys
2011/09/07 22:24:05.0377 7504 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
2011/09/07 22:24:05.0505 7504 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\drivers\usbohci.sys
2011/09/07 22:24:05.0795 7504 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/09/07 22:24:06.0025 7504 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/09/07 22:24:06.0264 7504 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
2011/09/07 22:24:06.0499 7504 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
2011/09/07 22:24:06.0600 7504 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
2011/09/07 22:24:06.0652 7504 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/09/07 22:24:06.0697 7504 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/09/07 22:24:06.0771 7504 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
2011/09/07 22:24:06.0833 7504 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
2011/09/07 22:24:06.0945 7504 vm332avs (f9126b4a657924f523e45c3ca8081b5e) C:\windows\system32\Drivers\vm332avs.sys
2011/09/07 22:24:07.0256 7504 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
2011/09/07 22:24:07.0628 7504 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
2011/09/07 22:24:07.0883 7504 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
2011/09/07 22:24:08.0284 7504 vsapint (3a5862d9a4fe4bbb2ffa1700e2b21b9b) C:\windows\system32\DRIVERS\vsapint.sys
2011/09/07 22:24:08.0605 7504 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/09/07 22:24:08.0839 7504 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/09/07 22:24:09.0000 7504 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/09/07 22:24:09.0307 7504 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
2011/09/07 22:24:09.0647 7504 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/09/07 22:24:10.0057 7504 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
2011/09/07 22:24:10.0119 7504 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
2011/09/07 22:24:10.0364 7504 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/09/07 22:24:10.0623 7504 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/09/07 22:24:10.0948 7504 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\windows\system32\DRIVERS\WDKMD.sys
2011/09/07 22:24:11.0207 7504 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
2011/09/07 22:24:11.0397 7504 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/09/07 22:24:11.0581 7504 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
2011/09/07 22:24:11.0869 7504 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/09/07 22:24:12.0238 7504 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
2011/09/07 22:24:12.0487 7504 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/09/07 22:24:12.0743 7504 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/09/07 22:24:13.0050 7504 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
2011/09/07 22:24:13.0306 7504 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
2011/09/07 22:24:13.0610 7504 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/09/07 22:24:13.0879 7504 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl
2011/09/07 22:24:14.0073 7504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/09/07 22:24:14.0139 7504 Boot (0x1200) (7fc4fa8e027ab731b963ce3640486c94) \Device\Harddisk0\DR0\Partition0
2011/09/07 22:24:14.0173 7504 Boot (0x1200) (bf807ae8c3d84b02599bcfa2b5a61bf2) \Device\Harddisk0\DR0\Partition1
2011/09/07 22:24:14.0223 7504 Boot (0x1200) (fa800152ea4cdc44bfe1de69a39d1bcd) \Device\Harddisk0\DR0\Partition2
2011/09/07 22:24:14.0230 7504 ================================================================================
2011/09/07 22:24:14.0230 7504 Scan finished
2011/09/07 22:24:14.0230 7504 ================================================================================
2011/09/07 22:24:14.0247 7496 Detected object count: 0
2011/09/07 22:24:14.0247 7496 Actual detected object count: 0
2011/09/07 22:24:52.0065 2264 Deinitialize success


MBAM Logs
============================================================================================
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7674

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/7/2011 10:57:22 PM
mbam-log-2011-09-07 (22-57-22).txt

Scan type: Quick scan
Objects scanned: 204850
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 PM

Posted 08 September 2011 - 02:49 PM

Ok, not much showing here,we'll do one more .

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 junky_2003

junky_2003
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:55 PM

Posted 09 September 2011 - 08:40 AM

Hello :

I am attaching the ESET scanner results. However, even after that search results from both IE amd firefox are getting redirected.

C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\upgrade[1].cab a variant of Win32/Adware.OneStep.R application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\upgrade[1].cab a variant of Win32/Adware.OneStep.T application deleted - quarantined
C:\Windows\Temp\QUE853.tmp\upgrade.exe a variant of Win32/Adware.OneStep.T application deleted - quarantined
C:\Windows\Temp\QUEF6E0.tmp\upgrade.exe a variant of Win32/Adware.OneStep.R application deleted - quarantined

Kindly let me know the next steps.

Rgds
-dj

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:55 PM

Posted 09 September 2011 - 10:11 PM

OK, using FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date

If you still redirect then we need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users