Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have I been hacked?


  • Please log in to reply
11 replies to this topic

#1 Rockett

Rockett

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 26 October 2011 - 12:33 PM

I got a new computer and ended up downloading a few things the other day. Ever since, some of the pictures I had on my computer would randomly disappear. I couldn't find the files at all. Then they would suddenly reappear.

I had a problem with the computer previously, so I took it to best buy to be fixed. They said it was a faulty memory card and replaced it. I don't know if maybe they didn't fix the problem entirely and this is a result of that or if something I downloaded was corrupted.

Please help. Thank you. :)

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 26 October 2011 - 01:29 PM

We can check....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 Rockett

Rockett
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 29 October 2011 - 02:34 AM

Sorry, only just saw that you replied. I promise to have all of this up tomorrow.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 29 October 2011 - 12:35 PM

No problem :)

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 Rockett

Rockett
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 29 October 2011 - 02:12 PM

When I tried to run GMER I got a blue screen that said, "A problem has been detected and Windows has been shut down to prevent damage to your computer." So I didn't try to run GMER again.

Here are my other results:

check up

Results of screen317's Security Check version 0.99.24
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Kaspersky Anti-Virus 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 29
Java™ 6 Update 7
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe
Windows Defender MSASCui.exe
``````````End of Log````````````

-------

MiniToolBox

MiniToolBox by Farbar
Ran by Keisha Sandifer (administrator) on 29-10-2011 at 14:22:52
Windows Vista ™ Home Premium Service Pack 2 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KeishaSandif-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 00881.demo.local
Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-23-4E-4B-2F-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-23-AE-01-68-0A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::50bb:8723:ee6e:2734%11(Preferred)
IPv4 Address. . . . . . . . . . . : 76.111.214.117(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Lease Obtained. . . . . . . . . . : Saturday, October 29, 2011 2:15:56 PM
Lease Expires . . . . . . . . . . : Monday, October 31, 2011 11:14:07 PM
Default Gateway . . . . . . . . . : 76.111.208.1
DHCP Server . . . . . . . . . . . : 76.96.92.133
DHCPv6 IAID . . . . . . . . . . . : 251667374
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-AF-8E-9B-00-23-AE-01-68-0A
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.fl.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:814:2111:b390:298a(Preferred)
Link-local IPv6 Address . . . . . : fe80::814:2111:b390:298a%10(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:4c6f:d675::4c6f:d675(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.00881.demo.local
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.65.103
74.125.65.99
74.125.65.106
74.125.65.104
74.125.65.147
74.125.65.105



Pinging google.com [74.125.159.147] with 32 bytes of data:

Reply from 74.125.159.147: bytes=32 time=40ms TTL=50

Reply from 74.125.159.147: bytes=32 time=42ms TTL=50



Ping statistics for 74.125.159.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 40ms, Maximum = 42ms, Average = 41ms

Server: cdns01.comcast.net
Address: 75.75.75.75

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 67.195.160.76
72.30.2.43
98.137.149.56
98.139.180.149
209.191.122.70



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:

Reply from 72.30.2.43: bytes=32 time=85ms TTL=52

Reply from 72.30.2.43: bytes=32 time=85ms TTL=52



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 85ms, Maximum = 85ms, Average = 85ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 23 4e 4b 2f 7f ...... Dell Wireless 1395 WLAN Mini-Card
11 ...00 23 ae 01 68 0a ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.hsd1.fl.comcast.net.
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
27 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
13 ...00 00 00 00 00 00 00 e0 isatap.00881.demo.local
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 76.111.208.1 76.111.214.117 20
76.111.208.0 255.255.248.0 On-link 76.111.214.117 276
76.111.214.117 255.255.255.255 On-link 76.111.214.117 276
76.111.215.255 255.255.255.255 On-link 76.111.214.117 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 76.111.214.117 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 76.111.214.117 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
27 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:814:2111:b390:298a/128
On-link
27 1025 2002::/16 On-link
27 281 2002:4c6f:d675::4c6f:d675/128
On-link
11 276 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::814:2111:b390:298a/128
On-link
11 276 fe80::50bb:8723:ee6e:2734/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/29/2011 02:16:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2011 03:28:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2011 03:17:26 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft .NET Framework 4 Client Profile - Update 'KB2468871' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\KB2468871v2_20111029_031628619-Microsoft .NET Framework 4 Client Profile-MSP0.txt.

Error: (10/28/2011 10:35:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2605

Error: (10/28/2011 10:35:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2605

Error: (10/28/2011 10:35:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/28/2011 10:35:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1576

Error: (10/28/2011 10:35:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1576

Error: (10/28/2011 10:35:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/28/2011 05:41:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1529


System errors:
=============
Error: (10/29/2011 02:16:31 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/29/2011 03:28:36 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/29/2011 03:23:18 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (10/29/2011 03:17:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: 0x80070643Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008 x86 (KB2468871){596ADB47-108D-482D-85BA-A513621434B7}100

Error: (10/28/2011 00:36:14 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/27/2011 06:27:18 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/27/2011 03:11:44 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/27/2011 03:05:49 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/27/2011 03:02:57 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/27/2011 02:16:38 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (10/29/2011 02:16:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2011 03:28:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2011 03:17:26 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Microsoft .NET Framework 4 Client ProfileKB24688711603C:\Windows\TEMP\KB2468871v2_20111029_031628619-Microsoft .NET Framework 4 Client Profile-MSP0.txt(NULL)

Error: (10/28/2011 10:35:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2605

Error: (10/28/2011 10:35:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2605

Error: (10/28/2011 10:35:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/28/2011 10:35:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1576

Error: (10/28/2011 10:35:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1576

Error: (10/28/2011 10:35:48 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/28/2011 05:41:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1529


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Reader 9 (Version: 9.0.0)
Any Video Converter 3.2.7
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
Cisco EAP-FAST Module (Version: 2.1.3)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant HDA D330 MDC V.92 Modem (Version: 7.74.00)
Dell-eBay (Version: 1.00.0000)
Dell Best of Web (Version: 1.00.0000)
Dell Dock (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell Touchpad (Version: 7.1.103.4)
Dell Wireless WLAN Card Utility (Version: 4.170.77.13)
Digital Line Detect (Version: 1.21)
EDocs
Geek Squad 24 Hour Computer Support (Version: 2.1.322)
GIMP 2.6.11 (Version: 2.6.11)
Google Desktop (Version: -)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer (Version: 4.0.0.002)
GoToAssist 8.0.0.514
Intel® Matrix Storage Manager
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 6 Update 7 (Version: 1.6.0.70)
Kaspersky Anti-Virus 2011 (Version: 11.0.2.556)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MediaDirect (Version: 3.5)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
Modem Diagnostic Tool (Version: 1.0.24.0)
NetWaiting (Version: 2.5.53)
OutlookAddinSetup (Version: 1.0.0)
QuickSet (Version: 8.2.20)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3061.31 MB
Available physical RAM: 1727.72 MB
Total Pagefile: 6336.87 MB
Available Pagefile: 4900.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.35 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:136.74 GB) (Free:94.99 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:4.76 GB) NTFS

========================= Users: ========================================

User accounts for \\KEISHASANDIF-PC

Administrator Guest Keisha Sandifer


**** End of log ****


------------

MBAM log

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8041

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

10/29/2011 2:28:47 PM
mbam-log-2011-10-29 (14-28-47).txt

Scan type: Quick scan
Objects scanned: 160811
Time elapsed: 4 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by Rockett, 29 October 2011 - 02:13 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 29 October 2011 - 02:16 PM

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 Rockett

Rockett
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 29 October 2011 - 02:57 PM

Okay, here's the report:


RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8F806000 C:\Windows\system32\DRIVERS\igdkmd32.sys 6606848 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x8B607000 C:\Windows\system32\DRIVERS\kl1.sys 5382144 bytes (Kaspersky Lab ZAO, Kaspersky Unified Driver)
0x82816000 C:\Windows\system32\ntkrnlpa.exe 3907584 bytes (Microsoft Corporation, NT Kernel & System)
0x82816000 PnpManager 3907584 bytes
0x82816000 RAW 3907584 bytes
0x82816000 WMIxWDM 3907584 bytes
0x98CA0000 Win32k 2113536 bytes
0x98CA0000 C:\Windows\System32\win32k.sys 2113536 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x90002000 C:\Windows\system32\DRIVERS\bcmwl6.sys 1220608 bytes (Broadcom Corporation, Broadcom 802.11 Network Adapter wireless driver)
0x8B400000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x83E0B000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x90400000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1056768 bytes (Conexant Systems, Inc., HSF_DP driver)
0x8B205000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x804DA000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xAB875000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x90932000 C:\Windows\System32\Drivers\dump_iaStor.sys 815104 bytes
0x82E0D000 C:\Windows\system32\drivers\iastor.sys 815104 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x90502000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x8B30A000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x8FE53000 C:\Windows\System32\drivers\dxgkrnl.sys 655360 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8FF57000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x906AD000 C:\Windows\system32\DRIVERS\klif.sys 536576 bytes (Kaspersky Lab, Klif Mini-Filter [fre_wlh_x86])
0x80607000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x82F45000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x80410000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x81454000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x90658000 C:\Windows\system32\drivers\stwrt.sys 348160 bytes (IDT, Inc., NDHF)
0x90187000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0xAB80A000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x98EF0000 C:\Windows\System32\ATMFD.DLL 315392 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0x80739000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x9080F000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80690000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8B560000 C:\Windows\system32\DRIVERS\yk60x86.sys 286720 bytes (Marvell, NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller)
0x80499000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x83F7C000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8FF0A000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x805BA000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 249856 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x908C8000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x83F41000 C:\Windows\system32\drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8154C000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8B510000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x807AF000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x82BD0000 ACPI_HAL 208896 bytes
0x82BD0000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x82EFA000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x90857000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8B5AF000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x90606000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8BBBB000 C:\Windows\system32\DRIVERS\Apfiltr.sys 180224 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x83F16000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x82FC6000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x8140D000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0xAB95D000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8159D000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8BB29000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806E7000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x90633000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8B3DC000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8BB61000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x905C4000 C:\Windows\system32\drivers\IntcHdmi.sys 135168 bytes (Intel® Corporation, Intel® High Definition Audio HDMI)
0x8150C000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x90753000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8152D000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x82EDC000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x814C1000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x8B2EF000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x907E5000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x9014A000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0x814DE000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8BBE7000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x81585000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x9090E000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8B5E9000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xAB9A1000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x90889000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x907A6000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x814F7000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x83FE0000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x83FCC000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x90173000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x907C2000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x901D8000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x81441000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x908B5000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8BB50000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x807E4000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80480000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x82F2C000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x905E5000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8079F000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x9012C000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x82FB6000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8BBAC000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x907D6000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8B551000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8070E000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x83FBD000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x90164000 C:\Windows\system32\DRIVERS\rimmptsk.sys 61440 bytes (REDC, RICOH SD Driver)
0x8FF48000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8072A000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x9013C000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x98EE0000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x908A7000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x9078F000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8078A000 C:\Windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x90925000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x905B7000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x82FF0000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x80683000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0xAB985000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x90747000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8FEF3000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x8FFE4000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x901F4000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x90784000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8B3D1000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8B5DE000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8BB98000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8FEFF000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x80720000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x90800000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x83FF5000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x81437000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x90904000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xAB953000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xAB9C0000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x8BB82000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x90730000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x901EB000 C:\Windows\system32\DRIVERS\klmouflt.sys 36864 bytes (Kaspersky Lab, KLMOUFLT Mouse Device Filter [fre_wlh_x86])
0x82F3C000 C:\Windows\System32\Drivers\PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0x9079D000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x98EC0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8BBA3000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8B5A6000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x806D6000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x82ED4000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0xAB999000 C:\Windows\system32\drivers\BCM42RLY.sys 32768 bytes (Broadcom Corporation, Broadcom iLine10™ PCI Network Adapter Proxy Protocol Driver)
0x80491000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x9089F000 C:\Windows\system32\DRIVERS\klim6.sys 32768 bytes (Kaspersky Lab ZAO, Kaspersky Lab Intermediate Network Driver)
0x806DF000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x90774000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x9077C000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8B549000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0xAB991000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x90740000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x80783000 C:\Windows\system32\DRIVERS\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x80409000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x90739000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x80798000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x8FFEF000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x907BC000 C:\Windows\system32\DRIVERS\kl2.sys 24576 bytes (Kaspersky Lab ZAO, Kaspersky Unified Driver)
0x8FFF5000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xAB871000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x8071D000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x90000000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
==============================================
>Stealth
==============================================

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 29 October 2011 - 03:00 PM

I don't see anything malicious on your computer.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 Rockett

Rockett
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 29 October 2011 - 03:31 PM

Okay, must be left over problems from the memory card, then.

Is it okay if I delete the programs like GMER, Rootkit & the others except for MBAM?

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 29 October 2011 - 03:43 PM

Yes.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 Rockett

Rockett
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 29 October 2011 - 06:31 PM

Thank you for all your help. :D

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 29 October 2011 - 06:57 PM

You're very welcome Posted Image

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users