Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Websearch Results Redirecting


  • This topic is locked This topic is locked
11 replies to this topic

#1 jbowden919

jbowden919

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 02:50 PM

I am running Windows 7, 64 bit.

Within the last couple of days, every time I do a Google search, and click on a result (a link), it acts like it is taking me to the link specified, but after a few moments, I am redirected to a different website that looks like a search engine. Each time I click on a different link on Google, the website it takes me to is a different search engine with advertisements on it.

It does this in Firefox and Internet Explorer.

I have run Malware Bytes, AVG, Adaware, and I also have the full retail version of Webroot.

I ran one scan, however, I forgot which one it was, that told me it consrv.dll was infected.

Any help is greatly appreciated. I have read similar problems to mine, but none of them seem to be exactly like mine.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 07 October 2011 - 03:49 PM

Hello and welcome.

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal Instructions

If it finds something make sure Cure is selected
Next click Continue then Reboot now
A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jbowden919

jbowden919
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 03:55 PM

Hello, and thank you for such a quick reply.

I am on a wireless router. My laptop, running on Vista, does not redirect. I also noticed that on that machine, when I went to google, my search results page did not have ads at the top of the page...and I searched for the exact thing I did on my desktop (the PC with the problem).

This is the link that randomly opened by itself in a new tab on my desktop pc

http://admirablesearchsystem.com/?search=disney+world+military+discount+2011&subid=15&key=66634406e1104b006778&f=1

I currently use Internet Explorer, and only use Firefox occaisonally.

I will do the things you asked me to do and post my results.

#4 jbowden919

jbowden919
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 03:58 PM

I tried running the MiniToolBox, checking all the boxes you asked me to check, and it gave me this message:

The ordinal 1108 could not be located in the dynamic link library WSOCK32.dll

This is the log, otherwise, from MiniToolBox:

l thMiniToolBox by Farbar
Ran by Jasmine (administrator) on 07-10-2011 at 16:56:05
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
# Any other entries you had go here (new line no # no space);
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

========================= IP Configuration: ================================The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Desktop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Dynex

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Dynex
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 38-59-F9-5F-7A-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::94c5:f14f:c255:87ee%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, October 07, 2011 4:45:51 PM
Lease Expires . . . . . . . . . . : Monday, November 13, 2147 11:24:21 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 221796857
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C4-D2-BE-78-2B-CB-B2-9B-73
DNS Servers . . . . . . . . . . . : 8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Dynex
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 78-2B-CB-B2-9B-73
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ddad:99c6:16a7:f336%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, October 07, 2011 4:45:47 PM
Lease Expires . . . . . . . . . . : Monday, November 13, 2147 11:24:21 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 242756555
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C4-D2-BE-78-2B-CB-B2-9B-73
DNS Servers . . . . . . . . . . . : 192.168.2.1
209.143.0.10
66.209.140.124
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Dynex:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Dynex
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:142b:ef5:3f57:fdfb(Preferred)
Link-local IPv6 Address . . . . . : fe80::142b:ef5:3f57:fdfb%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Pinging google.com [74.125.225.83] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 74.125.225.83:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging yahoo.com [72.30.2.43] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 72.30.2.43:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...38 59 f9 5f 7a 0f ......DW1501 Wireless-N WLAN Half-Mini Card
11...78 2b cb b2 9b 73 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.4 20
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.4 276
192.168.2.0 255.255.255.0 On-link 192.168.2.5 281
192.168.2.4 255.255.255.255 On-link 192.168.2.4 276
192.168.2.5 255.255.255.255 On-link 192.168.2.5 281
192.168.2.255 255.255.255.255 On-link 192.168.2.4 276
192.168.2.255 255.255.255.255 On-link 192.168.2.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.4 276
224.0.0.0 240.0.0.0 On-link 192.168.2.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.4 276
255.255.255.255 255.255.255.255 On-link 192.168.2.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
13 281 fe80::/64 On-link
13 281 fe80::94c5:f14f:c255:87ee/128
On-link
11 276 fe80::ddad:99c6:16a7:f336/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/07/2011 04:46:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 04:10:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 02:50:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 01:30:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 01:22:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 01:20:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 11:52:57 AM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80071a90.

Error: (10/07/2011 11:52:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 11:46:47 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2011 11:06:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/07/2011 04:46:33 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/07/2011 04:46:01 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Partizan

Error: (10/07/2011 04:45:49 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error:
%%183

Error: (10/07/2011 04:45:49 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall Authorization Driver service failed to start due to the following error:
%%183

Error: (10/07/2011 04:10:52 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (10/07/2011 04:10:52 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/07/2011 04:10:52 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/07/2011 04:10:47 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/07/2011 04:10:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: SYSTEM)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 21

Error: (10/07/2011 04:10:22 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (10/07/2011 04:46:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 04:10:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 02:50:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 01:30:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 01:22:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 01:20:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 11:52:57 AM) (Source: System Restore)(User: )
Description: Windows Update0x80071a90

Error: (10/07/2011 11:52:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2011 11:46:47 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2011 11:06:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Ad-Aware (Version: 9.5.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.0.1.129)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Photoshop Lightroom 3.4.1 64-bit (Version: 3.4.2)
Adobe Reader X (10.1.1) (Version: 10.1.1)
AKVIS ArtSuite (Version: 6.6.2143.7356)
AKVIS ArtWork (Version: 4.0.1026.7184)
AKVIS Chameleon (Version: 7.0.1591.7231)
AKVIS Coloriage (Version: 7.5.906.6958)
AKVIS Decorator (Version: 2.0.416.7012)
AKVIS Enhancer (Version: 11.5.1577.6946)
AKVIS Lightshop (Version: 3.0.843.7004)
AKVIS Magnifier (Version: 4.0.819.7322)
AKVIS MultiBrush (Version: 5.5.1344.6870)
AKVIS Noise Buster (Version: 7.5.2457.6947)
AKVIS Refocus (Version: 1.0.149.7428)
AKVIS Retoucher (Version: 4.5.760.7187)
AKVIS SmartMask (Version: 3.0.1027.7011)
Alien Skin Blow Up
Alien Skin Bokeh 2
Alien Skin Exposure 3
Alien Skin Eye Candy 6
Alien Skin Image Doctor 1.0
AMD APP SDK Runtime (Version: 2.4.595.10)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.10419)
ATI Catalyst Install Manager (Version: 3.0.825.0)
B/W Styler 1.05 (Plugin)
B/W Styler 1.05 (Standalone/Lightroom)
Best Buy pc app (Version: 3.1.0.0)
BitTorrent (Version: 7.2.1)
Bonjour (Version: 3.0.0.2)
Brother MFL-Pro Suite MFC-J615W (Version: 1.0.4.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0419.2218.38209)
Catalyst Control Center InstallProxy (Version: 2011.0419.2218.38209)
Catalyst Control Center Localization All (Version: 2011.0419.2218.38209)
ccc-utility64 (Version: 2011.0419.2218.38209)
CCC Help Chinese Standard (Version: 2011.0419.2217.38209)
CCC Help Chinese Traditional (Version: 2011.0419.2217.38209)
CCC Help Czech (Version: 2011.0419.2217.38209)
CCC Help Danish (Version: 2011.0419.2217.38209)
CCC Help Dutch (Version: 2011.0419.2217.38209)
CCC Help English (Version: 2011.0419.2217.38209)
CCC Help Finnish (Version: 2011.0419.2217.38209)
CCC Help French (Version: 2011.0419.2217.38209)
CCC Help German (Version: 2011.0419.2217.38209)
CCC Help Greek (Version: 2011.0419.2217.38209)
CCC Help Hungarian (Version: 2011.0419.2217.38209)
CCC Help Italian (Version: 2011.0419.2217.38209)
CCC Help Japanese (Version: 2011.0419.2217.38209)
CCC Help Korean (Version: 2011.0419.2217.38209)
CCC Help Norwegian (Version: 2011.0419.2217.38209)
CCC Help Polish (Version: 2011.0419.2217.38209)
CCC Help Portuguese (Version: 2011.0419.2217.38209)
CCC Help Russian (Version: 2011.0419.2217.38209)
CCC Help Spanish (Version: 2011.0419.2217.38209)
CCC Help Swedish (Version: 2011.0419.2217.38209)
CCC Help Thai (Version: 2011.0419.2217.38209)
CCC Help Turkish (Version: 2011.0419.2217.38209)
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.0.6)
Dell Stage (Version: 1.5.420.0)
Dell Support Center (Version: 3.1.5803.11)
Dell VideoStage (Version: 1.2.0.1712)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card (Version: 5.60.48.35)
eM Client (Version: 3.0.10206.0)
eZsuite (Version: 3.5.7.0)
HL-2240 (Version: 1.0.4.0)
Imagenomic Noiseware 4.2 Professional Plug-in (build 4205)
Imagenomic Portraiture 2.3 Plug-in (build 2308)
Imagenomic RealGrain 1.1 Plug-in (build 1103)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 6.0.1 (x86 en-US) (Version: 6.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
PDF Settings CS5 (Version: 10.0)
PhotoShowExpress (Version: 2.0.063)
QuickTime (Version: 7.70.80.34)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
RIFT (Version: 1.0.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Safari (Version: 5.34.50.0)
ScanSoft PaperPort 11 (Version: 11.2.0000)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
StartNow Toolbar (Version: 2.3.0)
SUPERAntiSpyware (Version: 5.0.1128)
THX TruStudio PC (Version: 1.0)
UnHackMe 5.99 release
Uninstall DreamSuite Bonus
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
vGrabber (Version: 1.14)
Webroot Software (Version: 7.0.11.25)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 15.5 (Version: 15.5.9510)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8174.45 MB
Available physical RAM: 5551.64 MB
Total Pagefile: 16347.09 MB
Available Pagefile: 13267.73 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.64 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1383.98 GB) (Free:1308.76 GB) NTFS
3 Drive e: (FreeAgent Drive) (Fixed) (Total:1397.26 GB) (Free:949.48 GB) NTFS
8 Drive j: (My Book) (Fixed) (Total:465.65 GB) (Free:425.71 GB) FAT32
11 Drive m: (EOS_DIGITAL) (Removable) (Total:7.39 GB) (Free:6.71 GB) FAT32

========================= Users: ========================================

User accounts for \\DESKTOP

Administrator Guest Jasmine

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#5 jbowden919

jbowden919
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 04:08 PM

This is from Malware Bytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7896

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/7/2011 5:07:40 PM
mbam-log-2011-10-07 (17-07-40).txt

Scan type: Quick scan
Objects scanned: 191665
Time elapsed: 3 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 07 October 2011 - 08:21 PM

Hello, took me a while as i had to figure out some thing in that log
This line says you have the Zeroaccess rootkit
Catalog5 01 mswsock.dll [File Not found] ()

You did run TDSS as you didn't mention the outcome. It should pick it up.

A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

It should pick it up
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 jbowden919

jbowden919
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 08:43 PM

Hello,

I ran Superantispyware and it came up with 2 threats. one I was able to get rid of, the other was something to do with convrs.dll and I didn't do anything with that, as I didn't want to harm something important.

I also ran TDSSkiller and this is the log, after it came up with no threats.

21:40:05.0300 1492 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
21:40:05.0628 1492 ============================================================
21:40:05.0628 1492 Current date / time: 2011/10/07 21:40:05.0628
21:40:05.0628 1492 SystemInfo:
21:40:05.0628 1492
21:40:05.0628 1492 OS Version: 6.1.7601 ServicePack: 1.0
21:40:05.0628 1492 Product type: Workstation
21:40:05.0628 1492 ComputerName: DESKTOP
21:40:05.0628 1492 UserName: Jasmine
21:40:05.0628 1492 Windows directory: C:\Windows
21:40:05.0628 1492 System windows directory: C:\Windows
21:40:05.0628 1492 Running under WOW64
21:40:05.0628 1492 Processor architecture: Intel x64
21:40:05.0628 1492 Number of processors: 8
21:40:05.0628 1492 Page size: 0x1000
21:40:05.0628 1492 Boot type: Normal boot
21:40:05.0628 1492 ============================================================
21:40:22.0055 1492 Initialize success
21:40:23.0974 6860 ============================================================
21:40:23.0974 6860 Scan started
21:40:23.0974 6860 Mode: Manual;
21:40:23.0974 6860 ============================================================
21:40:28.0139 6860 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:40:28.0154 6860 1394ohci - ok
21:40:28.0170 6860 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:40:28.0170 6860 ACPI - ok
21:40:28.0186 6860 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:40:28.0186 6860 AcpiPmi - ok
21:40:28.0248 6860 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:40:28.0248 6860 adp94xx - ok
21:40:28.0264 6860 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:40:28.0279 6860 adpahci - ok
21:40:28.0295 6860 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:40:28.0295 6860 adpu320 - ok
21:40:28.0342 6860 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:40:28.0342 6860 AFD - ok
21:40:28.0373 6860 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:40:28.0373 6860 agp440 - ok
21:40:28.0373 6860 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:40:28.0373 6860 aliide - ok
21:40:28.0388 6860 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:40:28.0388 6860 amdide - ok
21:40:28.0404 6860 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:40:28.0404 6860 AmdK8 - ok
21:40:28.0529 6860 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
21:40:28.0669 6860 amdkmdag - ok
21:40:28.0716 6860 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
21:40:28.0716 6860 amdkmdap - ok
21:40:28.0732 6860 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:40:28.0732 6860 AmdPPM - ok
21:40:28.0763 6860 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:40:28.0763 6860 amdsata - ok
21:40:28.0794 6860 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:40:28.0794 6860 amdsbs - ok
21:40:28.0810 6860 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:40:28.0810 6860 amdxata - ok
21:40:28.0825 6860 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:40:28.0825 6860 AppID - ok
21:40:28.0825 6860 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:40:28.0841 6860 arc - ok
21:40:28.0856 6860 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:40:28.0856 6860 arcsas - ok
21:40:28.0888 6860 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:40:28.0888 6860 AsyncMac - ok
21:40:28.0903 6860 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:40:28.0903 6860 atapi - ok
21:40:28.0966 6860 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
21:40:28.0966 6860 AtiHDAudioService - ok
21:40:28.0981 6860 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:40:28.0997 6860 b06bdrv - ok
21:40:29.0012 6860 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:40:29.0012 6860 b57nd60a - ok
21:40:29.0075 6860 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:40:29.0075 6860 BCM43XX - ok
21:40:29.0106 6860 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:40:29.0122 6860 Beep - ok
21:40:29.0137 6860 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:40:29.0137 6860 blbdrive - ok
21:40:29.0153 6860 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:40:29.0153 6860 bowser - ok
21:40:29.0168 6860 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:40:29.0168 6860 BrFiltLo - ok
21:40:29.0184 6860 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:40:29.0184 6860 BrFiltUp - ok
21:40:29.0215 6860 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:40:29.0231 6860 Brserid - ok
21:40:29.0231 6860 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:40:29.0231 6860 BrSerWdm - ok
21:40:29.0246 6860 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:40:29.0246 6860 BrUsbMdm - ok
21:40:29.0262 6860 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:40:29.0262 6860 BrUsbSer - ok
21:40:29.0262 6860 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:40:29.0262 6860 BTHMODEM - ok
21:40:29.0293 6860 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:40:29.0293 6860 cdfs - ok
21:40:29.0309 6860 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:40:29.0309 6860 cdrom - ok
21:40:29.0324 6860 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:40:29.0324 6860 circlass - ok
21:40:29.0356 6860 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:40:29.0356 6860 CLFS - ok
21:40:29.0371 6860 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:40:29.0371 6860 CmBatt - ok
21:40:29.0387 6860 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:40:29.0387 6860 cmdide - ok
21:40:29.0418 6860 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
21:40:29.0418 6860 CNG - ok
21:40:29.0434 6860 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:40:29.0434 6860 Compbatt - ok
21:40:29.0465 6860 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:40:29.0465 6860 CompositeBus - ok
21:40:29.0480 6860 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:40:29.0480 6860 crcdisk - ok
21:40:29.0527 6860 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:40:29.0527 6860 DfsC - ok
21:40:29.0543 6860 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:40:29.0543 6860 discache - ok
21:40:29.0558 6860 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:40:29.0574 6860 Disk - ok
21:40:29.0590 6860 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:40:29.0590 6860 drmkaud - ok
21:40:29.0621 6860 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:40:29.0636 6860 DXGKrnl - ok
21:40:29.0714 6860 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:40:29.0777 6860 ebdrv - ok
21:40:29.0792 6860 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:40:29.0808 6860 elxstor - ok
21:40:29.0808 6860 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:40:29.0808 6860 ErrDev - ok
21:40:29.0824 6860 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:40:29.0824 6860 exfat - ok
21:40:29.0839 6860 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:40:29.0839 6860 fastfat - ok
21:40:29.0855 6860 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:40:29.0855 6860 fdc - ok
21:40:29.0870 6860 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:40:29.0870 6860 FileInfo - ok
21:40:29.0886 6860 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:40:29.0886 6860 Filetrace - ok
21:40:29.0902 6860 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:40:29.0902 6860 flpydisk - ok
21:40:29.0917 6860 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:40:29.0917 6860 FltMgr - ok
21:40:29.0933 6860 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:40:29.0933 6860 FsDepends - ok
21:40:29.0948 6860 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:40:29.0948 6860 Fs_Rec - ok
21:40:29.0980 6860 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:40:29.0980 6860 fvevol - ok
21:40:29.0995 6860 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:40:29.0995 6860 gagp30kx - ok
21:40:30.0042 6860 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:40:30.0042 6860 GEARAspiWDM - ok
21:40:30.0058 6860 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:40:30.0058 6860 hcw85cir - ok
21:40:30.0089 6860 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:40:30.0089 6860 HdAudAddService - ok
21:40:30.0104 6860 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:40:30.0104 6860 HDAudBus - ok
21:40:30.0136 6860 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:40:30.0136 6860 HidBatt - ok
21:40:30.0151 6860 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:40:30.0151 6860 HidBth - ok
21:40:30.0167 6860 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:40:30.0167 6860 HidIr - ok
21:40:30.0198 6860 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:40:30.0198 6860 HidUsb - ok
21:40:30.0229 6860 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:40:30.0229 6860 HpSAMD - ok
21:40:30.0245 6860 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:40:30.0260 6860 HTTP - ok
21:40:30.0276 6860 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:40:30.0276 6860 hwpolicy - ok
21:40:30.0292 6860 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:40:30.0292 6860 i8042prt - ok
21:40:30.0323 6860 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
21:40:30.0323 6860 iaStor - ok
21:40:30.0370 6860 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:40:30.0370 6860 iaStorV - ok
21:40:30.0401 6860 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:40:30.0401 6860 iirsp - ok
21:40:30.0432 6860 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
21:40:30.0432 6860 Impcd - ok
21:40:30.0479 6860 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
21:40:30.0494 6860 IntcAzAudAddService - ok
21:40:30.0526 6860 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:40:30.0526 6860 IntcDAud - ok
21:40:30.0557 6860 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:40:30.0557 6860 intelide - ok
21:40:30.0572 6860 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:40:30.0572 6860 intelppm - ok
21:40:30.0588 6860 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:40:30.0604 6860 IpFilterDriver - ok
21:40:30.0604 6860 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:40:30.0604 6860 IPMIDRV - ok
21:40:30.0619 6860 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:40:30.0619 6860 IPNAT - ok
21:40:30.0666 6860 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:40:30.0666 6860 IRENUM - ok
21:40:30.0682 6860 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:40:30.0682 6860 isapnp - ok
21:40:30.0697 6860 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:40:30.0697 6860 iScsiPrt - ok
21:40:30.0728 6860 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:40:30.0728 6860 k57nd60a - ok
21:40:30.0744 6860 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:40:30.0744 6860 kbdclass - ok
21:40:30.0760 6860 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:40:30.0760 6860 kbdhid - ok
21:40:30.0775 6860 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
21:40:30.0775 6860 KSecDD - ok
21:40:30.0791 6860 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
21:40:30.0791 6860 KSecPkg - ok
21:40:30.0806 6860 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:40:30.0822 6860 ksthunk - ok
21:40:30.0900 6860 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
21:40:30.0900 6860 Lavasoft Kernexplorer - ok
21:40:30.0931 6860 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
21:40:30.0931 6860 Lbd - ok
21:40:30.0947 6860 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:40:30.0947 6860 lltdio - ok
21:40:30.0962 6860 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:40:30.0978 6860 LSI_FC - ok
21:40:30.0994 6860 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:40:30.0994 6860 LSI_SAS - ok
21:40:31.0009 6860 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:40:31.0009 6860 LSI_SAS2 - ok
21:40:31.0025 6860 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:40:31.0025 6860 LSI_SCSI - ok
21:40:31.0056 6860 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:40:31.0056 6860 luafv - ok
21:40:31.0087 6860 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
21:40:31.0087 6860 MBAMProtector - ok
21:40:31.0103 6860 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:40:31.0103 6860 megasas - ok
21:40:31.0134 6860 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:40:31.0134 6860 MegaSR - ok
21:40:31.0165 6860 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
21:40:31.0165 6860 MEIx64 - ok
21:40:31.0196 6860 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:40:31.0196 6860 Modem - ok
21:40:31.0212 6860 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:40:31.0212 6860 monitor - ok
21:40:31.0228 6860 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:40:31.0243 6860 mouclass - ok
21:40:31.0274 6860 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:40:31.0274 6860 mouhid - ok
21:40:31.0290 6860 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:40:31.0290 6860 mountmgr - ok
21:40:31.0306 6860 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:40:31.0306 6860 mpio - ok
21:40:31.0337 6860 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:40:31.0337 6860 mpsdrv - ok
21:40:31.0368 6860 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:40:31.0368 6860 MRxDAV - ok
21:40:31.0399 6860 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:40:31.0399 6860 mrxsmb - ok
21:40:31.0415 6860 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:40:31.0415 6860 mrxsmb10 - ok
21:40:31.0446 6860 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:40:31.0446 6860 mrxsmb20 - ok
21:40:31.0462 6860 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:40:31.0462 6860 msahci - ok
21:40:31.0493 6860 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:40:31.0493 6860 msdsm - ok
21:40:31.0524 6860 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:40:31.0524 6860 Msfs - ok
21:40:31.0540 6860 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:40:31.0540 6860 mshidkmdf - ok
21:40:31.0555 6860 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:40:31.0555 6860 msisadrv - ok
21:40:31.0571 6860 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:40:31.0571 6860 MSKSSRV - ok
21:40:31.0602 6860 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:40:31.0602 6860 MSPCLOCK - ok
21:40:31.0618 6860 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:40:31.0618 6860 MSPQM - ok
21:40:31.0664 6860 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:40:31.0664 6860 MsRPC - ok
21:40:31.0680 6860 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:40:31.0696 6860 mssmbios - ok
21:40:31.0711 6860 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:40:31.0711 6860 MSTEE - ok
21:40:31.0727 6860 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:40:31.0727 6860 MTConfig - ok
21:40:31.0758 6860 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:40:31.0758 6860 Mup - ok
21:40:31.0789 6860 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:40:31.0805 6860 NativeWifiP - ok
21:40:31.0836 6860 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
21:40:31.0852 6860 NDIS - ok
21:40:31.0883 6860 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:40:31.0898 6860 NdisCap - ok
21:40:31.0914 6860 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:40:31.0914 6860 NdisTapi - ok
21:40:31.0945 6860 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:40:31.0945 6860 Ndisuio - ok
21:40:31.0961 6860 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:40:31.0961 6860 NdisWan - ok
21:40:31.0992 6860 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:40:31.0992 6860 NDProxy - ok
21:40:32.0008 6860 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:40:32.0008 6860 NetBIOS - ok
21:40:32.0023 6860 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:40:32.0023 6860 NetBT - ok
21:40:32.0086 6860 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:40:32.0086 6860 nfrd960 - ok
21:40:32.0117 6860 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:40:32.0117 6860 Npfs - ok
21:40:32.0132 6860 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:40:32.0132 6860 nsiproxy - ok
21:40:32.0195 6860 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:40:32.0226 6860 Ntfs - ok
21:40:32.0273 6860 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:40:32.0273 6860 Null - ok
21:40:32.0320 6860 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:40:32.0335 6860 nvraid - ok
21:40:32.0351 6860 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:40:32.0351 6860 nvstor - ok
21:40:32.0366 6860 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:40:32.0382 6860 nv_agp - ok
21:40:32.0398 6860 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:40:32.0398 6860 ohci1394 - ok
21:40:32.0460 6860 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:40:32.0460 6860 Parport - ok
21:40:32.0476 6860 Partizan - ok
21:40:32.0538 6860 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:40:32.0538 6860 partmgr - ok
21:40:32.0585 6860 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
21:40:32.0585 6860 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
21:40:32.0632 6860 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:40:32.0632 6860 pci - ok
21:40:32.0663 6860 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:40:32.0663 6860 pciide - ok
21:40:32.0694 6860 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:40:32.0694 6860 pcmcia - ok
21:40:32.0710 6860 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:40:32.0710 6860 pcw - ok
21:40:32.0741 6860 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:40:32.0756 6860 PEAUTH - ok
21:40:32.0803 6860 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:40:32.0803 6860 PptpMiniport - ok
21:40:32.0819 6860 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:40:32.0819 6860 Processor - ok
21:40:32.0850 6860 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:40:32.0850 6860 Psched - ok
21:40:32.0881 6860 pwipf6 (e13e8c164432d9ff0d2d51d3d02ffeae) C:\Windows\system32\DRIVERS\pwipf6.sys
21:40:32.0881 6860 pwipf6 - ok
21:40:32.0928 6860 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:40:32.0928 6860 PxHlpa64 - ok
21:40:32.0975 6860 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:40:33.0006 6860 ql2300 - ok
21:40:33.0037 6860 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:40:33.0037 6860 ql40xx - ok
21:40:33.0053 6860 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:40:33.0053 6860 QWAVEdrv - ok
21:40:33.0068 6860 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:40:33.0084 6860 RasAcd - ok
21:40:33.0100 6860 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:40:33.0100 6860 RasAgileVpn - ok
21:40:33.0115 6860 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:40:33.0115 6860 Rasl2tp - ok
21:40:33.0146 6860 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:40:33.0146 6860 RasPppoe - ok
21:40:33.0162 6860 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:40:33.0162 6860 RasSstp - ok
21:40:33.0193 6860 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:40:33.0193 6860 rdbss - ok
21:40:33.0224 6860 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:40:33.0224 6860 rdpbus - ok
21:40:33.0240 6860 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:40:33.0240 6860 RDPCDD - ok
21:40:33.0256 6860 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:40:33.0256 6860 RDPENCDD - ok
21:40:33.0271 6860 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:40:33.0271 6860 RDPREFMP - ok
21:40:33.0287 6860 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:40:33.0287 6860 RDPWD - ok
21:40:33.0318 6860 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:40:33.0334 6860 rdyboost - ok
21:40:33.0334 6860 RegGuard - ok
21:40:33.0396 6860 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:40:33.0396 6860 rspndr - ok
21:40:33.0443 6860 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:40:33.0443 6860 SASDIFSV - ok
21:40:33.0474 6860 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:40:33.0474 6860 SASKUTIL - ok
21:40:33.0490 6860 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:40:33.0490 6860 sbp2port - ok
21:40:33.0521 6860 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:40:33.0521 6860 scfilter - ok
21:40:33.0568 6860 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:40:33.0568 6860 secdrv - ok
21:40:33.0599 6860 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:40:33.0599 6860 Serenum - ok
21:40:33.0646 6860 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:40:33.0646 6860 Serial - ok
21:40:33.0677 6860 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:40:33.0677 6860 sermouse - ok
21:40:33.0692 6860 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:40:33.0692 6860 sffdisk - ok
21:40:33.0708 6860 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:40:33.0708 6860 sffp_mmc - ok
21:40:33.0739 6860 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:40:33.0739 6860 sffp_sd - ok
21:40:33.0755 6860 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:40:33.0755 6860 sfloppy - ok
21:40:33.0786 6860 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:40:33.0786 6860 SiSRaid2 - ok
21:40:33.0802 6860 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:40:33.0802 6860 SiSRaid4 - ok
21:40:33.0848 6860 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:40:33.0848 6860 Smb - ok
21:40:33.0895 6860 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:40:33.0895 6860 spldr - ok
21:40:33.0973 6860 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:40:33.0989 6860 srv - ok
21:40:34.0004 6860 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:40:34.0004 6860 srv2 - ok
21:40:34.0020 6860 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:40:34.0036 6860 srvnet - ok
21:40:34.0051 6860 ssfmonm (53e966abded5c56dc1a655f1945bdc6b) C:\Windows\system32\DRIVERS\ssfmonm.sys
21:40:34.0051 6860 ssfmonm - ok
21:40:34.0082 6860 ssidrv (1f22b15808a1d9a5637e52dec860fa28) C:\Windows\system32\DRIVERS\ssidrv.sys
21:40:34.0082 6860 ssidrv - ok
21:40:34.0098 6860 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:40:34.0098 6860 stexstor - ok
21:40:34.0129 6860 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
21:40:34.0129 6860 StillCam - ok
21:40:34.0160 6860 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:40:34.0160 6860 swenum - ok
21:40:34.0238 6860 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
21:40:34.0270 6860 Tcpip - ok
21:40:34.0348 6860 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
21:40:34.0363 6860 TCPIP6 - ok
21:40:34.0410 6860 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:40:34.0410 6860 tcpipreg - ok
21:40:34.0472 6860 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:40:34.0472 6860 TDPIPE - ok
21:40:34.0472 6860 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:40:34.0472 6860 TDTCP - ok
21:40:34.0488 6860 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:40:34.0504 6860 tdx - ok
21:40:34.0504 6860 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:40:34.0504 6860 TermDD - ok
21:40:34.0535 6860 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:40:34.0535 6860 tssecsrv - ok
21:40:34.0550 6860 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:40:34.0550 6860 TsUsbFlt - ok
21:40:34.0550 6860 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:40:34.0566 6860 TsUsbGD - ok
21:40:34.0582 6860 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:40:34.0582 6860 tunnel - ok
21:40:34.0597 6860 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:40:34.0597 6860 uagp35 - ok
21:40:34.0613 6860 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:40:34.0613 6860 udfs - ok
21:40:34.0644 6860 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:40:34.0644 6860 uliagpkx - ok
21:40:34.0675 6860 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:40:34.0675 6860 umbus - ok
21:40:34.0691 6860 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:40:34.0691 6860 UmPass - ok
21:40:34.0722 6860 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
21:40:34.0722 6860 usbccgp - ok
21:40:34.0738 6860 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:40:34.0738 6860 usbcir - ok
21:40:34.0753 6860 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:40:34.0753 6860 usbehci - ok
21:40:34.0784 6860 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:40:34.0800 6860 usbhub - ok
21:40:34.0816 6860 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:40:34.0816 6860 usbohci - ok
21:40:34.0831 6860 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:40:34.0831 6860 usbprint - ok
21:40:34.0847 6860 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:40:34.0847 6860 USBSTOR - ok
21:40:34.0878 6860 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:40:34.0878 6860 usbuhci - ok
21:40:34.0894 6860 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:40:34.0894 6860 vdrvroot - ok
21:40:34.0909 6860 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:40:34.0909 6860 vga - ok
21:40:34.0925 6860 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:40:34.0925 6860 VgaSave - ok
21:40:34.0956 6860 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:40:34.0956 6860 vhdmp - ok
21:40:34.0956 6860 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:40:34.0956 6860 viaide - ok
21:40:34.0972 6860 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:40:34.0972 6860 volmgr - ok
21:40:34.0987 6860 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:40:35.0003 6860 volmgrx - ok
21:40:35.0003 6860 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:40:35.0018 6860 volsnap - ok
21:40:35.0034 6860 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:40:35.0034 6860 vsmraid - ok
21:40:35.0050 6860 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
21:40:35.0050 6860 vwifibus - ok
21:40:35.0065 6860 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
21:40:35.0065 6860 vwififlt - ok
21:40:35.0081 6860 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:40:35.0081 6860 WacomPen - ok
21:40:35.0096 6860 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:40:35.0096 6860 WANARP - ok
21:40:35.0096 6860 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:40:35.0096 6860 Wanarpv6 - ok
21:40:35.0128 6860 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:40:35.0128 6860 Wd - ok
21:40:35.0159 6860 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:40:35.0159 6860 Wdf01000 - ok
21:40:35.0206 6860 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:40:35.0206 6860 WfpLwf - ok
21:40:35.0221 6860 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:40:35.0221 6860 WIMMount - ok
21:40:35.0237 6860 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:40:35.0237 6860 WmiAcpi - ok
21:40:35.0268 6860 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:40:35.0268 6860 ws2ifsl - ok
21:40:35.0284 6860 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:40:35.0284 6860 WudfPf - ok
21:40:35.0315 6860 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:40:35.0315 6860 WUDFRd - ok
21:40:35.0330 6860 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:40:35.0346 6860 \Device\Harddisk0\DR0 - ok
21:40:35.0346 6860 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
21:40:35.0346 6860 \Device\Harddisk1\DR1 - ok
21:40:35.0346 6860 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
21:40:35.0362 6860 \Device\Harddisk3\DR3 - ok
21:40:35.0377 6860 MBR (0x1B8) (bbb0a0725ad66f38b1a32135f3cb55d6) \Device\Harddisk7\DR7
21:40:35.0377 6860 \Device\Harddisk7\DR7 - ok
21:40:35.0377 6860 Boot (0x1200) (b62406def7eabb219f81a44604b189e3) \Device\Harddisk0\DR0\Partition0
21:40:35.0377 6860 \Device\Harddisk0\DR0\Partition0 - ok
21:40:35.0377 6860 Boot (0x1200) (bba4080b4c94eac42fe6594307e4d3bb) \Device\Harddisk0\DR0\Partition1
21:40:35.0393 6860 \Device\Harddisk0\DR0\Partition1 - ok
21:40:35.0393 6860 Boot (0x1200) (03afde98ca5cd2cc3b5b421289973dda) \Device\Harddisk1\DR1\Partition0
21:40:35.0393 6860 \Device\Harddisk1\DR1\Partition0 - ok
21:40:35.0393 6860 Boot (0x1200) (49051e49fdf691a2e474314327f50ff0) \Device\Harddisk3\DR3\Partition0
21:40:35.0393 6860 \Device\Harddisk3\DR3\Partition0 - ok
21:40:35.0393 6860 Boot (0x1200) (8a9976a6ec53e398259a926e8845f9d8) \Device\Harddisk7\DR7\Partition0
21:40:35.0393 6860 \Device\Harddisk7\DR7\Partition0 - ok
21:40:35.0393 6860 ============================================================
21:40:35.0393 6860 Scan finished
21:40:35.0393 6860 ============================================================
21:40:35.0393 5020 Detected object count: 0
21:40:35.0393 5020 Actual detected object count: 0
21:41:30.0689 6384 Deinitialize success

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 07 October 2011 - 09:09 PM

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


ThreatExpert's awareness of the file "convs.dll":
Across all ThreatExpert reports, the file "convs.dll" has always been identified as a threat.
http://www.threatexpert.com/files/convs.dll.html
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 jbowden919

jbowden919
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 09:25 PM

That did not cure the problem. It is still redirecting me.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 07 October 2011 - 09:39 PM

Wello,I can on;y think it is a ZeroAccess rootkit and we cannot see it.
We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 jbowden919

jbowden919
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 07 October 2011 - 09:44 PM

I've already done that. Thanks.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 07 October 2011 - 09:45 PM

Thanks.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users