Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help Me With Removing Google Redirect Virus


  • Please log in to reply
9 replies to this topic

#1 nrdominguez

nrdominguez

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 26 October 2011 - 03:17 PM

I think my computer has been infected with the Google Redirect virus as I am experiencing the symptoms that seem to be associated with it. I would appreciate any help someone can offer to help remove this. Thank you.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:04 AM

Posted 26 October 2011 - 03:38 PM

Hello and welcome.
I moved you to the Am I Infected forum.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal Instructions

If it finds something make sure Cure is selected
Next click Continue then Reboot now
A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 nrdominguez

nrdominguez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 26 October 2011 - 05:10 PM

MiniToolBox by Farbar
Ran by nichole (administrator) on 26-10-2011 at 14:38:47
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost



74.55.76.230 www.google-analytics.com.
74.55.76.230 ad-emea.doubleclick.net.
74.55.76.230 www.statcounter.com.
178.250.45.15 www.google-analytics.com.
178.250.45.15 ad-emea.doubleclick.net.
178.250.45.15 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : nichole-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mshome.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Liljegreen
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 0C-60-76-33-02-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::35bf:45ac:19:7fbe%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.1.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, October 26, 2011 8:28:03 AM
Lease Expires . . . . . . . . . . : Thursday, October 27, 2011 1:09:58 PM
Default Gateway . . . . . . . . . : 10.10.1.1
DHCP Server . . . . . . . . . . . : 10.10.1.1
DHCPv6 IAID . . . . . . . . . . . : 319578230
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-47-79-CD-00-26-22-9C-C4-08
DNS Servers . . . . . . . . . . . : fe80::f45b:4a24:c131:838%12
192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
mshome.net

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-22-9C-C4-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Liljegreen:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Liljegreen
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E8971B8D-F752-4D25-A64B-A284B973702D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3833:381a:f5f5:fe92(Preferred)
Link-local IPv6 Address . . . . . : fe80::3833:381a:f5f5:fe92%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: fe80::f45b:4a24:c131:838

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.224.180] with 32 bytes of data:
Reply from 74.125.224.180: bytes=32 time=13ms TTL=54
Reply from 74.125.224.180: bytes=32 time=13ms TTL=54

Ping statistics for 74.125.224.180:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 13ms, Average = 13ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: fe80::f45b:4a24:c131:838

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=115ms TTL=44
Reply from 98.139.180.149: bytes=32 time=113ms TTL=44

Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 113ms, Maximum = 115ms, Average = 114ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...0c 60 76 33 02 ae ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...00 26 22 9c c4 08 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.109 25
10.10.1.0 255.255.255.0 On-link 10.10.1.109 281
10.10.1.109 255.255.255.255 On-link 10.10.1.109 281
10.10.1.255 255.255.255.255 On-link 10.10.1.109 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.10.1.109 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.10.1.109 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:3833:381a:f5f5:fe92/128
On-link
12 281 fe80::/64 On-link
14 306 fe80::/64 On-link
12 281 fe80::35bf:45ac:19:7fbe/128
On-link
14 306 fe80::3833:381a:f5f5:fe92/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/26/2011 08:27:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35508152

Error: (10/26/2011 08:27:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35508152

Error: (10/26/2011 08:27:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2011 10:36:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1170

Error: (10/25/2011 10:36:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1170

Error: (10/25/2011 10:36:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2011 09:33:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1451

Error: (10/25/2011 09:33:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1451

Error: (10/25/2011 09:33:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/25/2011 03:49:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 247714


System errors:
=============

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Activate Norton Online Backup (Version: 1.1.20.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader 9.4.2 (Version: 9.4.2)
Adobe Shockwave Player (Version: 11.0)
Alps Touch Pad Driver
AMD USB Filter Driver (Version: 1.0.11.86)
Apple Application Support (Version: 1.3.2)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.2.120)
Atheros Driver Installation Program (Version: 9.0)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Bonjour (Version: 2.0.3.0)
Brother MFL-Pro Suite MFC-8460N (Version: 1.0.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Previews Common (Version: 2009.0702.1239.20840)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840)
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840)
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840)
ccc-core-static (Version: 2009.0702.1239.20840)
ccc-utility64 (Version: 2009.0702.1239.20840)
CCC Help Chinese Standard (Version: 2009.0702.1238.20840)
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840)
CCC Help Czech (Version: 2009.0702.1238.20840)
CCC Help Danish (Version: 2009.0702.1238.20840)
CCC Help Dutch (Version: 2009.0702.1238.20840)
CCC Help English (Version: 2009.0702.1238.20840)
CCC Help Finnish (Version: 2009.0702.1238.20840)
CCC Help French (Version: 2009.0702.1238.20840)
CCC Help German (Version: 2009.0702.1238.20840)
CCC Help Greek (Version: 2009.0702.1238.20840)
CCC Help Hungarian (Version: 2009.0702.1238.20840)
CCC Help Italian (Version: 2009.0702.1238.20840)
CCC Help Japanese (Version: 2009.0702.1238.20840)
CCC Help Korean (Version: 2009.0702.1238.20840)
CCC Help Norwegian (Version: 2009.0702.1238.20840)
CCC Help Polish (Version: 2009.0702.1238.20840)
CCC Help Portuguese (Version: 2009.0702.1238.20840)
CCC Help Russian (Version: 2009.0702.1238.20840)
CCC Help Spanish (Version: 2009.0702.1238.20840)
CCC Help Swedish (Version: 2009.0702.1238.20840)
CCC Help Thai (Version: 2009.0702.1238.20840)
CCC Help Turkish (Version: 2009.0702.1238.20840)
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
CyberLink DVD Suite (Version: 6.0.3101)
ENE CIR Receiver Driver (Version: 2.7.3.519)
Foxit Reader (Version: 3.1.4.1125)
Foxit Toolbar (Version: 4.1.0.5)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
Homepage Protection (Version: )
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SlingPlayer (Version: 2.1.1.60)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.0.1913)
HP Quick Launch Buttons (Version: 6.50.5.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Support Assistant (Version: 6.0.5.4)
HP Update (Version: 5.001.000.014)
HP User Guides 0146 (Version: 1.02.0002)
HP Wireless Assistant (Version: 3.50.12.1)
IDT Audio (Version: 1.0.6217.0)
iTunes (Version: 10.0.0.68)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 23 (Version: 6.0.230)
JMicron Flash Media Controller Driver (Version: 1.0.31.3)
Junk Mail filter update (Version: 14.0.8064.206)
LabelPrint (Version: 2.5.1913)
LightScribe System Software (Version: 1.18.13.1)
LSI HDA Modem (Version: 2.2.97)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.68.75.0)
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
RealUpgrade 1.0 (Version: 1.0.0)
SmartWebPrinting (Version: 140.0.186.000)
SofTest Bar Edition (Version: 10.0.0.1047)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8064.0206)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3836.2 MB
Available physical RAM: 2462.71 MB
Total Pagefile: 7670.59 MB
Available Pagefile: 6022.99 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.32 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:284.61 GB) (Free:228.57 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.18 GB) (Free:2.2 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

========================= Users: ========================================

User accounts for \\NICHOLE-PC

Administrator Guest nichole

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


14:57:39.0732 4336 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
14:57:40.0153 4336 ============================================================
14:57:40.0153 4336 Current date / time: 2011/10/26 14:57:40.0153
14:57:40.0153 4336 SystemInfo:
14:57:40.0153 4336
14:57:40.0153 4336 OS Version: 6.1.7601 ServicePack: 1.0
14:57:40.0153 4336 Product type: Workstation
14:57:40.0153 4336 ComputerName: NICHOLE-PC
14:57:40.0153 4336 UserName: nichole
14:57:40.0153 4336 Windows directory: C:\Windows
14:57:40.0153 4336 System windows directory: C:\Windows
14:57:40.0153 4336 Running under WOW64
14:57:40.0153 4336 Processor architecture: Intel x64
14:57:40.0153 4336 Number of processors: 2
14:57:40.0153 4336 Page size: 0x1000
14:57:40.0153 4336 Boot type: Normal boot
14:57:40.0153 4336 ============================================================
14:57:40.0808 4336 Initialize success
14:57:45.0332 4640 ============================================================
14:57:45.0332 4640 Scan started
14:57:45.0332 4640 Mode: Manual;
14:57:45.0332 4640 ============================================================
14:57:45.0941 4640 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:57:45.0941 4640 1394ohci - ok
14:57:45.0987 4640 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
14:57:45.0987 4640 Accelerometer - ok
14:57:46.0019 4640 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:57:46.0034 4640 ACPI - ok
14:57:46.0065 4640 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:57:46.0065 4640 AcpiPmi - ok
14:57:46.0112 4640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:57:46.0112 4640 adp94xx - ok
14:57:46.0143 4640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:57:46.0159 4640 adpahci - ok
14:57:46.0175 4640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:57:46.0175 4640 adpu320 - ok
14:57:46.0237 4640 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:57:46.0237 4640 AFD - ok
14:57:46.0315 4640 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\Windows\system32\DRIVERS\agrsm64.sys
14:57:46.0331 4640 AgereSoftModem - ok
14:57:46.0346 4640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:57:46.0346 4640 agp440 - ok
14:57:46.0377 4640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:57:46.0377 4640 aliide - ok
14:57:46.0393 4640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:57:46.0393 4640 amdide - ok
14:57:46.0424 4640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:57:46.0424 4640 AmdK8 - ok
14:57:46.0440 4640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:57:46.0440 4640 AmdPPM - ok
14:57:46.0487 4640 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:57:46.0487 4640 amdsata - ok
14:57:46.0518 4640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:57:46.0533 4640 amdsbs - ok
14:57:46.0549 4640 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:57:46.0549 4640 amdxata - ok
14:57:46.0596 4640 ApfiltrService (05f1a0a81a98cf27e3f028213fb6c36a) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:57:46.0596 4640 ApfiltrService - ok
14:57:46.0627 4640 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:57:46.0627 4640 AppID - ok
14:57:46.0674 4640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:57:46.0674 4640 arc - ok
14:57:46.0721 4640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:57:46.0721 4640 arcsas - ok
14:57:46.0752 4640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:46.0752 4640 AsyncMac - ok
14:57:46.0783 4640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:57:46.0783 4640 atapi - ok
14:57:46.0861 4640 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
14:57:46.0877 4640 athr - ok
14:57:46.0939 4640 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
14:57:46.0939 4640 AtiHdmiService - ok
14:57:47.0126 4640 atikmdag (c5758bf1dfd762a5b17041ff061b7750) C:\Windows\system32\DRIVERS\atikmdag.sys
14:57:47.0173 4640 atikmdag - ok
14:57:47.0189 4640 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
14:57:47.0189 4640 AtiPcie - ok
14:57:47.0251 4640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:57:47.0251 4640 b06bdrv - ok
14:57:47.0282 4640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:47.0282 4640 b57nd60a - ok
14:57:47.0298 4640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:57:47.0298 4640 Beep - ok
14:57:47.0360 4640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:47.0360 4640 blbdrive - ok
14:57:47.0407 4640 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:57:47.0407 4640 bowser - ok
14:57:47.0438 4640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:57:47.0438 4640 BrFiltLo - ok
14:57:47.0438 4640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:57:47.0454 4640 BrFiltUp - ok
14:57:47.0485 4640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
14:57:47.0485 4640 Brserid - ok
14:57:47.0501 4640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:47.0501 4640 BrSerWdm - ok
14:57:47.0516 4640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:47.0516 4640 BrUsbMdm - ok
14:57:47.0532 4640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
14:57:47.0532 4640 BrUsbSer - ok
14:57:47.0563 4640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:57:47.0563 4640 BTHMODEM - ok
14:57:47.0594 4640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:57:47.0594 4640 cdfs - ok
14:57:47.0641 4640 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:57:47.0641 4640 cdrom - ok
14:57:47.0688 4640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:57:47.0688 4640 circlass - ok
14:57:47.0719 4640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:57:47.0719 4640 CLFS - ok
14:57:47.0750 4640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:57:47.0750 4640 CmBatt - ok
14:57:47.0766 4640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:57:47.0766 4640 cmdide - ok
14:57:47.0813 4640 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
14:57:47.0813 4640 CNG - ok
14:57:47.0844 4640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:57:47.0844 4640 Compbatt - ok
14:57:47.0875 4640 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:57:47.0875 4640 CompositeBus - ok
14:57:47.0906 4640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:57:47.0906 4640 crcdisk - ok
14:57:47.0969 4640 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:57:47.0969 4640 DfsC - ok
14:57:47.0984 4640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:57:48.0000 4640 discache - ok
14:57:48.0031 4640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:57:48.0031 4640 Disk - ok
14:57:48.0047 4640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:57:48.0047 4640 drmkaud - ok
14:57:48.0109 4640 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:57:48.0125 4640 DXGKrnl - ok
14:57:48.0234 4640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:57:48.0249 4640 ebdrv - ok
14:57:48.0296 4640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:57:48.0296 4640 elxstor - ok
14:57:48.0327 4640 enecir (a9ec08727c64d985678f5b64c03823f0) C:\Windows\system32\DRIVERS\enecir.sys
14:57:48.0327 4640 enecir - ok
14:57:48.0359 4640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:57:48.0359 4640 ErrDev - ok
14:57:48.0390 4640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:57:48.0390 4640 exfat - ok
14:57:48.0405 4640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:57:48.0405 4640 fastfat - ok
14:57:48.0437 4640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:57:48.0437 4640 fdc - ok
14:57:48.0468 4640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:57:48.0468 4640 FileInfo - ok
14:57:48.0483 4640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:57:48.0483 4640 Filetrace - ok
14:57:48.0499 4640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:57:48.0499 4640 flpydisk - ok
14:57:48.0546 4640 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:57:48.0546 4640 FltMgr - ok
14:57:48.0577 4640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:57:48.0577 4640 FsDepends - ok
14:57:48.0593 4640 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:57:48.0593 4640 Fs_Rec - ok
14:57:48.0624 4640 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:57:48.0624 4640 fvevol - ok
14:57:48.0655 4640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:57:48.0655 4640 gagp30kx - ok
14:57:48.0702 4640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:48.0702 4640 GEARAspiWDM - ok
14:57:48.0717 4640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:57:48.0717 4640 hcw85cir - ok
14:57:48.0780 4640 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:57:48.0795 4640 HdAudAddService - ok
14:57:48.0842 4640 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:57:48.0842 4640 HDAudBus - ok
14:57:48.0873 4640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:57:48.0873 4640 HidBatt - ok
14:57:48.0905 4640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:57:48.0905 4640 HidBth - ok
14:57:48.0936 4640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:57:48.0936 4640 HidIr - ok
14:57:48.0951 4640 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
14:57:48.0951 4640 HidUsb - ok
14:57:49.0029 4640 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
14:57:49.0029 4640 hpdskflt - ok
14:57:49.0061 4640 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:57:49.0061 4640 HpqKbFiltr - ok
14:57:49.0107 4640 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:57:49.0107 4640 HpSAMD - ok
14:57:49.0154 4640 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:57:49.0170 4640 HTTP - ok
14:57:49.0201 4640 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:57:49.0201 4640 hwpolicy - ok
14:57:49.0217 4640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:57:49.0217 4640 i8042prt - ok
14:57:49.0248 4640 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:57:49.0263 4640 iaStorV - ok
14:57:49.0575 4640 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:57:49.0607 4640 igfx - ok
14:57:49.0638 4640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:57:49.0638 4640 iirsp - ok
14:57:49.0653 4640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:57:49.0653 4640 intelide - ok
14:57:49.0685 4640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:57:49.0685 4640 intelppm - ok
14:57:49.0716 4640 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:49.0716 4640 IpFilterDriver - ok
14:57:49.0731 4640 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:57:49.0731 4640 IPMIDRV - ok
14:57:49.0763 4640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:57:49.0763 4640 IPNAT - ok
14:57:49.0794 4640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:57:49.0794 4640 IRENUM - ok
14:57:49.0825 4640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:57:49.0825 4640 isapnp - ok
14:57:49.0841 4640 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:57:49.0856 4640 iScsiPrt - ok
14:57:49.0887 4640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:57:49.0887 4640 kbdclass - ok
14:57:49.0903 4640 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:57:49.0919 4640 kbdhid - ok
14:57:49.0934 4640 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
14:57:49.0934 4640 KSecDD - ok
14:57:49.0965 4640 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
14:57:49.0965 4640 KSecPkg - ok
14:57:49.0981 4640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:57:49.0981 4640 ksthunk - ok
14:57:50.0028 4640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:57:50.0028 4640 lltdio - ok
14:57:50.0075 4640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:57:50.0075 4640 LSI_FC - ok
14:57:50.0090 4640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:57:50.0090 4640 LSI_SAS - ok
14:57:50.0106 4640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:57:50.0106 4640 LSI_SAS2 - ok
14:57:50.0137 4640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:57:50.0137 4640 LSI_SCSI - ok
14:57:50.0153 4640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:57:50.0153 4640 luafv - ok
14:57:50.0199 4640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:57:50.0199 4640 megasas - ok
14:57:50.0215 4640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:57:50.0215 4640 MegaSR - ok
14:57:50.0246 4640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:57:50.0246 4640 Modem - ok
14:57:50.0277 4640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:57:50.0277 4640 monitor - ok
14:57:50.0324 4640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
14:57:50.0324 4640 mouclass - ok
14:57:50.0355 4640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:57:50.0355 4640 mouhid - ok
14:57:50.0402 4640 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:57:50.0402 4640 mountmgr - ok
14:57:50.0433 4640 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:57:50.0449 4640 mpio - ok
14:57:50.0480 4640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:57:50.0480 4640 mpsdrv - ok
14:57:50.0527 4640 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:57:50.0527 4640 MRxDAV - ok
14:57:50.0574 4640 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:50.0574 4640 mrxsmb - ok
14:57:50.0605 4640 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:50.0621 4640 mrxsmb10 - ok
14:57:50.0636 4640 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:50.0636 4640 mrxsmb20 - ok
14:57:50.0667 4640 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:57:50.0667 4640 msahci - ok
14:57:50.0683 4640 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:57:50.0699 4640 msdsm - ok
14:57:50.0745 4640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:57:50.0745 4640 Msfs - ok
14:57:50.0777 4640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:57:50.0777 4640 mshidkmdf - ok
14:57:50.0792 4640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:57:50.0792 4640 msisadrv - ok
14:57:50.0823 4640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:57:50.0823 4640 MSKSSRV - ok
14:57:50.0839 4640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:50.0839 4640 MSPCLOCK - ok
14:57:50.0855 4640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:57:50.0855 4640 MSPQM - ok
14:57:50.0901 4640 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:57:50.0901 4640 MsRPC - ok
14:57:50.0917 4640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:57:50.0917 4640 mssmbios - ok
14:57:50.0933 4640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:57:50.0933 4640 MSTEE - ok
14:57:50.0964 4640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:57:50.0964 4640 MTConfig - ok
14:57:50.0979 4640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:57:50.0979 4640 Mup - ok
14:57:51.0011 4640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:57:51.0011 4640 NativeWifiP - ok
14:57:51.0073 4640 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:57:51.0089 4640 NDIS - ok
14:57:51.0104 4640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:51.0104 4640 NdisCap - ok
14:57:51.0120 4640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:51.0120 4640 NdisTapi - ok
14:57:51.0167 4640 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:51.0167 4640 Ndisuio - ok
14:57:51.0198 4640 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:51.0198 4640 NdisWan - ok
14:57:51.0245 4640 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:57:51.0245 4640 NDProxy - ok
14:57:51.0260 4640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:57:51.0260 4640 NetBIOS - ok
14:57:51.0307 4640 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:57:51.0323 4640 NetBT - ok
14:57:51.0479 4640 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:57:51.0510 4640 netw5v64 - ok
14:57:51.0557 4640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:57:51.0557 4640 nfrd960 - ok
14:57:51.0588 4640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:57:51.0588 4640 Npfs - ok
14:57:51.0603 4640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:57:51.0603 4640 nsiproxy - ok
14:57:51.0681 4640 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:57:51.0681 4640 Ntfs - ok
14:57:51.0713 4640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:57:51.0713 4640 Null - ok
14:57:51.0744 4640 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:57:51.0744 4640 nvraid - ok
14:57:51.0775 4640 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:57:51.0791 4640 nvstor - ok
14:57:51.0806 4640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:57:51.0822 4640 nv_agp - ok
14:57:51.0853 4640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:57:51.0853 4640 ohci1394 - ok
14:57:51.0900 4640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:57:51.0900 4640 Parport - ok
14:57:51.0931 4640 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:57:51.0931 4640 partmgr - ok
14:57:51.0962 4640 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:57:51.0962 4640 pci - ok
14:57:51.0978 4640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:57:51.0978 4640 pciide - ok
14:57:52.0009 4640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:52.0009 4640 pcmcia - ok
14:57:52.0025 4640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:57:52.0025 4640 pcw - ok
14:57:52.0056 4640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:57:52.0056 4640 PEAUTH - ok
14:57:52.0134 4640 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:57:52.0149 4640 PptpMiniport - ok
14:57:52.0165 4640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:57:52.0165 4640 Processor - ok
14:57:52.0212 4640 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:57:52.0227 4640 Psched - ok
14:57:52.0290 4640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:57:52.0321 4640 ql2300 - ok
14:57:52.0321 4640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:52.0321 4640 ql40xx - ok
14:57:52.0352 4640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:57:52.0352 4640 QWAVEdrv - ok
14:57:52.0368 4640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:57:52.0368 4640 RasAcd - ok
14:57:52.0399 4640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:52.0399 4640 RasAgileVpn - ok
14:57:52.0430 4640 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:52.0430 4640 Rasl2tp - ok
14:57:52.0446 4640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:52.0461 4640 RasPppoe - ok
14:57:52.0477 4640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:57:52.0477 4640 RasSstp - ok
14:57:52.0508 4640 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:57:52.0508 4640 rdbss - ok
14:57:52.0524 4640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:52.0524 4640 rdpbus - ok
14:57:52.0539 4640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:52.0539 4640 RDPCDD - ok
14:57:52.0571 4640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:57:52.0571 4640 RDPENCDD - ok
14:57:52.0586 4640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:57:52.0586 4640 RDPREFMP - ok
14:57:52.0617 4640 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:57:52.0617 4640 RDPWD - ok
14:57:52.0664 4640 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:57:52.0664 4640 rdyboost - ok
14:57:52.0727 4640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:57:52.0727 4640 rspndr - ok
14:57:52.0758 4640 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:57:52.0758 4640 RTL8167 - ok
14:57:52.0805 4640 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:57:52.0805 4640 sbp2port - ok
14:57:52.0836 4640 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:57:52.0836 4640 scfilter - ok
14:57:52.0898 4640 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
14:57:52.0898 4640 sdbus - ok
14:57:52.0914 4640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:57:52.0914 4640 secdrv - ok
14:57:52.0961 4640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:57:52.0961 4640 Serenum - ok
14:57:52.0976 4640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:57:52.0976 4640 Serial - ok
14:57:52.0992 4640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:57:52.0992 4640 sermouse - ok
14:57:53.0039 4640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:57:53.0039 4640 sffdisk - ok
14:57:53.0054 4640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:57:53.0054 4640 sffp_mmc - ok
14:57:53.0070 4640 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:57:53.0070 4640 sffp_sd - ok
14:57:53.0085 4640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:53.0085 4640 sfloppy - ok
14:57:53.0132 4640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:53.0132 4640 SiSRaid2 - ok
14:57:53.0148 4640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:53.0148 4640 SiSRaid4 - ok
14:57:53.0179 4640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:57:53.0179 4640 Smb - ok
14:57:53.0195 4640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:57:53.0195 4640 spldr - ok
14:57:53.0241 4640 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:57:53.0241 4640 srv - ok
14:57:53.0288 4640 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:57:53.0288 4640 srv2 - ok
14:57:53.0319 4640 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:57:53.0335 4640 SrvHsfHDA - ok
14:57:53.0366 4640 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:57:53.0382 4640 SrvHsfV92 - ok
14:57:53.0413 4640 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:57:53.0413 4640 SrvHsfWinac - ok
14:57:53.0429 4640 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:57:53.0429 4640 srvnet - ok
14:57:53.0475 4640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:57:53.0475 4640 stexstor - ok
14:57:53.0522 4640 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
14:57:53.0538 4640 STHDA - ok
14:57:53.0585 4640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:57:53.0585 4640 swenum - ok
14:57:53.0678 4640 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
14:57:53.0694 4640 Tcpip - ok
14:57:53.0772 4640 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
14:57:53.0787 4640 TCPIP6 - ok
14:57:53.0819 4640 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:57:53.0819 4640 tcpipreg - ok
14:57:53.0850 4640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:57:53.0850 4640 TDPIPE - ok
14:57:53.0865 4640 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:57:53.0865 4640 TDTCP - ok
14:57:53.0897 4640 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:57:53.0897 4640 tdx - ok
14:57:53.0912 4640 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:57:53.0912 4640 TermDD - ok
14:57:53.0959 4640 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:53.0959 4640 tssecsrv - ok
14:57:54.0006 4640 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:57:54.0006 4640 TsUsbFlt - ok
14:57:54.0053 4640 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:57:54.0053 4640 tunnel - ok
14:57:54.0084 4640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:57:54.0099 4640 uagp35 - ok
14:57:54.0131 4640 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:57:54.0146 4640 udfs - ok
14:57:54.0177 4640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:57:54.0177 4640 uliagpkx - ok
14:57:54.0193 4640 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:57:54.0209 4640 umbus - ok
14:57:54.0224 4640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:57:54.0224 4640 UmPass - ok
14:57:54.0271 4640 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
14:57:54.0271 4640 USBAAPL64 - ok
14:57:54.0318 4640 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:54.0318 4640 usbccgp - ok
14:57:54.0365 4640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:57:54.0380 4640 usbcir - ok
14:57:54.0411 4640 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:57:54.0411 4640 usbehci - ok
14:57:54.0458 4640 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
14:57:54.0458 4640 usbfilter - ok
14:57:54.0536 4640 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:57:54.0536 4640 usbhub - ok
14:57:54.0567 4640 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:57:54.0567 4640 usbohci - ok
14:57:54.0583 4640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:57:54.0599 4640 usbprint - ok
14:57:54.0614 4640 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:57:54.0614 4640 usbscan - ok
14:57:54.0661 4640 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:54.0661 4640 USBSTOR - ok
14:57:54.0692 4640 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:57:54.0692 4640 usbuhci - ok
14:57:54.0723 4640 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:57:54.0723 4640 usbvideo - ok
14:57:54.0770 4640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:57:54.0770 4640 vdrvroot - ok
14:57:54.0801 4640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:54.0801 4640 vga - ok
14:57:54.0833 4640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:57:54.0833 4640 VgaSave - ok
14:57:54.0848 4640 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:57:54.0848 4640 vhdmp - ok
14:57:54.0879 4640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:57:54.0879 4640 viaide - ok
14:57:54.0911 4640 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:57:54.0911 4640 volmgr - ok
14:57:54.0957 4640 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:57:54.0957 4640 volmgrx - ok
14:57:54.0989 4640 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:57:54.0989 4640 volsnap - ok
14:57:55.0020 4640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:55.0020 4640 vsmraid - ok
14:57:55.0035 4640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:57:55.0035 4640 vwifibus - ok
14:57:55.0051 4640 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:57:55.0051 4640 vwififlt - ok
14:57:55.0098 4640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:57:55.0098 4640 WacomPen - ok
14:57:55.0129 4640 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:57:55.0129 4640 WANARP - ok
14:57:55.0129 4640 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:57:55.0129 4640 Wanarpv6 - ok
14:57:55.0191 4640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:57:55.0191 4640 Wd - ok
14:57:55.0223 4640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:57:55.0238 4640 Wdf01000 - ok
14:57:55.0269 4640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:55.0269 4640 WfpLwf - ok
14:57:55.0301 4640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:57:55.0301 4640 WIMMount - ok
14:57:55.0347 4640 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:57:55.0347 4640 WinUsb - ok
14:57:55.0379 4640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:57:55.0379 4640 WmiAcpi - ok
14:57:55.0410 4640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:57:55.0410 4640 ws2ifsl - ok
14:57:55.0457 4640 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:57:55.0457 4640 WudfPf - ok
14:57:55.0488 4640 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:55.0503 4640 WUDFRd - ok
14:57:55.0535 4640 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
14:57:55.0535 4640 yukonw7 - ok
14:57:55.0566 4640 MBR (0x1B8) (6487db94871e90719426ef580af6fed2) \Device\Harddisk0\DR0
14:57:55.0581 4640 \Device\Harddisk0\DR0 - ok
14:57:55.0597 4640 Boot (0x1200) (3e0e86c52011a2092df22aa8a6f2482a) \Device\Harddisk0\DR0\Partition0
14:57:55.0597 4640 \Device\Harddisk0\DR0\Partition0 - ok
14:57:55.0613 4640 Boot (0x1200) (3e0356a76997db61f25108824cb805dd) \Device\Harddisk0\DR0\Partition1
14:57:55.0613 4640 \Device\Harddisk0\DR0\Partition1 - ok
14:57:55.0628 4640 Boot (0x1200) (6fa764f26807450420ebc2834abde5c4) \Device\Harddisk0\DR0\Partition2
14:57:55.0644 4640 \Device\Harddisk0\DR0\Partition2 - ok
14:57:55.0659 4640 Boot (0x1200) (cee707ebff553a3adf37c0e56d2bff67) \Device\Harddisk0\DR0\Partition3
14:57:55.0659 4640 \Device\Harddisk0\DR0\Partition3 - ok
14:57:55.0659 4640 ============================================================
14:57:55.0659 4640 Scan finished
14:57:55.0659 4640 ============================================================
14:57:55.0675 4496 Detected object count: 0
14:57:55.0675 4496 Actual detected object count: 0
14:58:04.0973 4632 Deinitialize success


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8025

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

10/26/2011 3:05:38 PM
mbam-log-2011-10-26 (15-05-38).txt

Scan type: Quick scan
Objects scanned: 176513
Time elapsed: 2 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by boopme, 26 October 2011 - 09:24 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:04 AM

Posted 26 October 2011 - 09:37 PM

Hello, I see we need to do a couple things and you should be good.

Your HOSTS file is infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


You need to update to Java 7 and either update Adobe reader to 10 or X or remove it as I see you also have Fox-it Reader.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u1-windows-i586-s.exe (or jre-7u1-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional


>>>>>
Foxit Reader (Version: 3.1.4.1125) << Remove this older one.
Foxit Toolbar (Version: 4.1.0.5)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 nrdominguez

nrdominguez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 01 November 2011 - 12:14 PM

Hello there,

I followed your last set of instruction. I thought I replied several days ago, but I do not see my last post. Since then, I have noticed that I am still getting redirected. Are there additional steps I need to take?

Thanks,

NRD

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:04 AM

Posted 01 November 2011 - 12:20 PM

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

If still redirecting>>>
Change your DNS Servers:
  • Go to Posted Image > Run... and in the open box, type: cmd
  • Press OK or Hit Enter.
  • At the command prompt, type or copy/paste: ipconfig /flushdns
  • Hit Enter.
  • You will get a confirmation that the flush was successful.
  • Close the command box.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 nrdominguez

nrdominguez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 01 November 2011 - 12:26 PM

I do use a router both at home and at the office. I also do use Firefox. I changed the DNS server and will let you know if this works. Thank you.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:04 AM

Posted 01 November 2011 - 12:34 PM

Are the other machines on the router redirecting?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 nrdominguez

nrdominguez
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:04 AM

Posted 01 November 2011 - 12:44 PM

There are no other machines.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:04 AM

Posted 01 November 2011 - 01:03 PM

The problem is actually based in your router.
Open MBAM in normal mode and click Update tab, select Check for Updates
Next disconnect your system from the internet, and your router, then…
Open MBAM in normal mode and click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected,

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE



Once you have ran Malwarebytes' Anti-Malware on the infected system, and reset the router to its default configuration you can reconnect to the internet, and router. Then return to this site to post your logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users