Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirected on google


  • Please log in to reply
7 replies to this topic

#1 oariel09

oariel09

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 12 November 2011 - 05:58 PM

every time i click on a google link i get redirected to some weird site...any idea what i should do? is this a virus? whats going on?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:16 AM

Posted 12 November 2011 - 10:02 PM

Hello and welcome.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal Instructions

If it finds something make sure Cure is selected
Next click Continue then Reboot now
A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 oariel09

oariel09
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 13 November 2011 - 06:13 PM

MiniToolBox by Farbar
Ran by Owner (administrator) on 13-11-2011 at 17:11:10
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 76-F1-A1-17-5A-72
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 70-F1-A1-17-5A-72
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9d39:d905:f835:93%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, November 12, 2011 10:51:21 AM
Lease Expires . . . . . . . . . . : Wednesday, December 20, 2147 11:39:26 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 326168993
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-5A-49-06-00-26-2D-BE-49-16
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-2D-BE-49-16
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:141e:3e94:3f57:fdf9(Preferred)
Link-local IPv6 Address . . . . . : fe80::141e:3e94:3f57:fdf9%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{03CE9960-55EC-4A4F-950A-2E9C1481721D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{16ACAD41-E1B8-414D-BC42-F8C4549DE2A2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: router.belkin
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.225.19
74.125.225.17
74.125.225.16
74.125.225.18
74.125.225.20


Pinging google.com [74.125.225.19] with 32 bytes of data:
Reply from 74.125.225.19: bytes=32 time=131ms TTL=53
Reply from 74.125.225.19: bytes=32 time=130ms TTL=53

Ping statistics for 74.125.225.19:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 130ms, Maximum = 131ms, Average = 130ms
Server: router.belkin
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
67.195.160.76
72.30.2.43
98.137.149.56


Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=220ms TTL=49
Reply from 98.139.180.149: bytes=32 time=228ms TTL=49

Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 220ms, Maximum = 228ms, Average = 224ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...76 f1 a1 17 5a 72 ......Microsoft Virtual WiFi Miniport Adapter
12...70 f1 a1 17 5a 72 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...00 26 2d be 49 16 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.6 281
192.168.2.6 255.255.255.255 On-link 192.168.2.6 281
192.168.2.255 255.255.255.255 On-link 192.168.2.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:141e:3e94:3f57:fdf9/128
On-link
12 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::141e:3e94:3f57:fdf9/128
On-link
12 281 fe80::9d39:d905:f835:93/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/13/2011 05:02:08 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/13/2011 05:02:08 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/13/2011 05:02:06 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/13/2011 05:02:06 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/13/2011 05:02:06 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/13/2011 05:02:06 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/12/2011 10:49:30 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/12/2011 10:49:30 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/11/2011 03:59:44 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (11/11/2011 03:59:44 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)


System errors:
=============
Error: (11/12/2011 03:13:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.

Error: (11/12/2011 03:13:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (11/12/2011 10:49:13 AM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Error: (11/08/2011 10:47:32 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WebrootSpySweeperService service.

Error: (11/07/2011 08:21:31 PM) (Source: DCOM) (User: Owner)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}Owner-PCOwnerS-1-5-21-1627140866-3317878230-2824307467-1000LocalHost (Using LRPC)

Error: (11/07/2011 08:21:31 PM) (Source: DCOM) (User: Owner)
Description: application-specificLocalActivation{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}Owner-PCOwnerS-1-5-21-1627140866-3317878230-2824307467-1000LocalHost (Using LRPC)

Error: (11/07/2011 08:01:16 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{89EE09CF-FCB7-42DC-AE34-1223CC547892}.
The master browser is stopping or an election is being forced.

Error: (11/07/2011 04:21:18 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service.

Error: (11/06/2011 06:21:14 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service.

Error: (11/06/2011 07:53:21 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:51:47 AM on ?11/?6/?2011 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.4.3 MUI (Version: 9.4.3)
Adobe Shockwave Player (Version: 11.0)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.12.2.0)
Atheros Driver Installation Program (Version: 5.2)
Bonjour (Version: 3.0.0.2)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant HD Audio (Version: 4.98.60.50)
CROME 1.5.3
CyberLink DVD Suite (Version: 7.0.2111)
CyberLink MediaShow (Version: 4.1.3325)
CyberLink PowerDVD 8 (Version: 8.0.1.1005)
D3DX10 (Version: 15.4.2368.0902)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FrostWire 4.21.5 (Version: 4.21.5.0)
Google Chrome (Version: 15.0.874.106)
Google Update Helper (Version: 1.3.21.79)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Quick Launch Buttons (Version: 6.50.16.1)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing (Version: 131.1.35898)
HP Support Assistant (Version: 6.0.5.4)
HP Update (Version: 5.001.000.014)
HP User Guides 0156 (Version: 1.02.0001)
HP Wireless Assistant (Version: 3.50.11.2)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
iTunes (Version: 10.4.0.80)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ 6 Update 15 (Version: 6.0.150)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2111)
LG USB Modem driver
Malwarebytes' Anti-Malware
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SiteAdvisor (Version: 3.4.143)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office XP Professional (Version: 10.0.2627.01)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mobile Broadband Generic Drivers (Version: 2.03.06.002.14)
Mozilla Firefox (3.6.24) (Version: 3.6.24 (en-US))
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML4 Parser (Version: 1.0.0)
muvee Reveal (Version: 7.0.43.12698)
Nitto 1320 Legends Public Beta 0.10 (Version: 0.10)
Norton Online Backup (Version: 1.2.20.0)
Power2Go (Version: 6.0.3311)
PowerDirector (Version: 7.0.3311)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.70.80.34)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30093)
Recovery Manager (Version: 5.5.2214)
SKIP-BO Castaway Caper™
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Wireless MiFi-2200 Firmware Updates (Version: 1.0.0)
VZAccess Manager (Version: 7.0.10.1)
Webroot Software (Version: 7.0.7.82)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 1979.2 MB
Available physical RAM: 1008.17 MB
Total Pagefile: 3958.39 MB
Available Pagefile: 2384.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.92 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:220.2 GB) (Free:171.38 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.49 GB) (Free:2.09 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#4 oariel09

oariel09
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 13 November 2011 - 06:36 PM

17:29:04.0520 2336 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
17:29:04.0644 2336 ============================================================
17:29:04.0644 2336 Current date / time: 2011/11/13 17:29:04.0644
17:29:04.0644 2336 SystemInfo:
17:29:04.0644 2336
17:29:04.0644 2336 OS Version: 6.1.7601 ServicePack: 1.0
17:29:04.0644 2336 Product type: Workstation
17:29:04.0644 2336 ComputerName: OWNER-PC
17:29:04.0644 2336 UserName: Owner
17:29:04.0644 2336 Windows directory: C:\Windows
17:29:04.0644 2336 System windows directory: C:\Windows
17:29:04.0644 2336 Running under WOW64
17:29:04.0644 2336 Processor architecture: Intel x64
17:29:04.0644 2336 Number of processors: 1
17:29:04.0644 2336 Page size: 0x1000
17:29:04.0644 2336 Boot type: Normal boot
17:29:04.0644 2336 ============================================================
17:29:05.0768 2336 Initialize success
17:29:07.0546 2156 ============================================================
17:29:07.0546 2156 Scan started
17:29:07.0546 2156 Mode: Manual;
17:29:07.0546 2156 ============================================================
17:29:08.0030 2156 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:29:08.0030 2156 1394ohci - ok
17:29:08.0076 2156 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:29:08.0076 2156 ACPI - ok
17:29:08.0108 2156 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:29:08.0108 2156 AcpiPmi - ok
17:29:08.0170 2156 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:29:08.0170 2156 adp94xx - ok
17:29:08.0201 2156 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:29:08.0217 2156 adpahci - ok
17:29:08.0248 2156 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:29:08.0248 2156 adpu320 - ok
17:29:08.0373 2156 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:29:08.0373 2156 AFD - ok
17:29:08.0420 2156 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:29:08.0420 2156 agp440 - ok
17:29:08.0466 2156 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:29:08.0466 2156 aliide - ok
17:29:08.0498 2156 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:29:08.0498 2156 amdide - ok
17:29:08.0529 2156 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:29:08.0529 2156 AmdK8 - ok
17:29:08.0544 2156 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:29:08.0544 2156 AmdPPM - ok
17:29:08.0591 2156 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:29:08.0591 2156 amdsata - ok
17:29:08.0685 2156 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:29:08.0685 2156 amdsbs - ok
17:29:08.0732 2156 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:29:08.0747 2156 amdxata - ok
17:29:08.0794 2156 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:29:08.0794 2156 AppID - ok
17:29:08.0856 2156 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:29:08.0856 2156 arc - ok
17:29:08.0903 2156 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:29:08.0919 2156 arcsas - ok
17:29:08.0950 2156 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:29:08.0950 2156 AsyncMac - ok
17:29:09.0059 2156 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:29:09.0059 2156 atapi - ok
17:29:09.0168 2156 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
17:29:09.0184 2156 athr - ok
17:29:09.0262 2156 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:29:09.0262 2156 b06bdrv - ok
17:29:09.0324 2156 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:29:09.0324 2156 b57nd60a - ok
17:29:09.0356 2156 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:29:09.0356 2156 Beep - ok
17:29:09.0465 2156 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:29:09.0465 2156 blbdrive - ok
17:29:09.0512 2156 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:29:09.0512 2156 bowser - ok
17:29:09.0543 2156 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:29:09.0543 2156 BrFiltLo - ok
17:29:09.0574 2156 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:29:09.0574 2156 BrFiltUp - ok
17:29:09.0621 2156 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:29:09.0621 2156 Brserid - ok
17:29:09.0652 2156 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:29:09.0652 2156 BrSerWdm - ok
17:29:09.0683 2156 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:29:09.0683 2156 BrUsbMdm - ok
17:29:09.0699 2156 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:29:09.0714 2156 BrUsbSer - ok
17:29:09.0730 2156 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:29:09.0730 2156 BTHMODEM - ok
17:29:09.0808 2156 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
17:29:09.0808 2156 CAXHWAZL - ok
17:29:09.0886 2156 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:29:09.0886 2156 cdfs - ok
17:29:09.0933 2156 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:29:09.0933 2156 cdrom - ok
17:29:09.0995 2156 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:29:09.0995 2156 circlass - ok
17:29:10.0026 2156 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:29:10.0026 2156 CLFS - ok
17:29:10.0104 2156 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:29:10.0104 2156 CmBatt - ok
17:29:10.0182 2156 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:29:10.0182 2156 cmdide - ok
17:29:10.0245 2156 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:29:10.0245 2156 CNG - ok
17:29:10.0307 2156 CnxtHdAudService (a44dfdb81dc62b11760881175e5b2266) C:\Windows\system32\drivers\CHDRT64.sys
17:29:10.0307 2156 CnxtHdAudService - ok
17:29:10.0354 2156 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:29:10.0354 2156 Compbatt - ok
17:29:10.0385 2156 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:29:10.0385 2156 CompositeBus - ok
17:29:10.0479 2156 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:29:10.0479 2156 crcdisk - ok
17:29:10.0588 2156 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:29:10.0588 2156 DfsC - ok
17:29:10.0619 2156 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:29:10.0635 2156 discache - ok
17:29:10.0682 2156 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:29:10.0682 2156 Disk - ok
17:29:10.0728 2156 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:29:10.0728 2156 drmkaud - ok
17:29:10.0775 2156 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:29:10.0791 2156 DXGKrnl - ok
17:29:10.0916 2156 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:29:10.0931 2156 ebdrv - ok
17:29:10.0994 2156 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:29:11.0009 2156 elxstor - ok
17:29:11.0040 2156 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:29:11.0040 2156 ErrDev - ok
17:29:11.0087 2156 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:29:11.0103 2156 exfat - ok
17:29:11.0150 2156 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:29:11.0150 2156 fastfat - ok
17:29:11.0212 2156 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:29:11.0212 2156 fdc - ok
17:29:11.0243 2156 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:29:11.0243 2156 FileInfo - ok
17:29:11.0274 2156 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:29:11.0274 2156 Filetrace - ok
17:29:11.0306 2156 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:29:11.0306 2156 flpydisk - ok
17:29:11.0352 2156 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:29:11.0368 2156 FltMgr - ok
17:29:11.0399 2156 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:29:11.0399 2156 FsDepends - ok
17:29:11.0415 2156 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:29:11.0415 2156 Fs_Rec - ok
17:29:11.0462 2156 FTDIBUS (ed07200cff78facfb66ebb0b89f503a4) C:\Windows\system32\drivers\ftdibus.sys
17:29:11.0462 2156 FTDIBUS - ok
17:29:11.0524 2156 FTSER2K (9980e7584484a009e77e9bfa14c0c18a) C:\Windows\system32\drivers\ftser2k.sys
17:29:11.0524 2156 FTSER2K - ok
17:29:11.0571 2156 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:29:11.0586 2156 fvevol - ok
17:29:11.0618 2156 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:29:11.0618 2156 gagp30kx - ok
17:29:11.0680 2156 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:29:11.0680 2156 GEARAspiWDM - ok
17:29:11.0758 2156 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:29:11.0758 2156 hcw85cir - ok
17:29:11.0852 2156 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:29:11.0852 2156 HdAudAddService - ok
17:29:11.0883 2156 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:29:11.0883 2156 HDAudBus - ok
17:29:11.0914 2156 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:29:11.0914 2156 HidBatt - ok
17:29:11.0945 2156 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:29:11.0945 2156 HidBth - ok
17:29:11.0976 2156 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:29:11.0976 2156 HidIr - ok
17:29:12.0039 2156 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:29:12.0039 2156 HidUsb - ok
17:29:12.0273 2156 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:29:12.0273 2156 HpqKbFiltr - ok
17:29:12.0351 2156 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:29:12.0351 2156 HpSAMD - ok
17:29:12.0413 2156 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys
17:29:12.0413 2156 HSF_DPV - ok
17:29:12.0476 2156 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:29:12.0476 2156 HTTP - ok
17:29:12.0522 2156 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:29:12.0522 2156 hwpolicy - ok
17:29:12.0585 2156 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:29:12.0585 2156 i8042prt - ok
17:29:12.0663 2156 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:29:12.0663 2156 iaStorV - ok
17:29:12.0866 2156 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:29:12.0928 2156 igfx - ok
17:29:13.0006 2156 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:29:13.0006 2156 iirsp - ok
17:29:13.0037 2156 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:29:13.0053 2156 intelide - ok
17:29:13.0084 2156 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:29:13.0084 2156 intelppm - ok
17:29:13.0115 2156 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:29:13.0131 2156 IpFilterDriver - ok
17:29:13.0178 2156 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:29:13.0178 2156 IPMIDRV - ok
17:29:13.0209 2156 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:29:13.0209 2156 IPNAT - ok
17:29:13.0256 2156 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:29:13.0256 2156 IRENUM - ok
17:29:13.0287 2156 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:29:13.0287 2156 isapnp - ok
17:29:13.0365 2156 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:29:13.0380 2156 iScsiPrt - ok
17:29:13.0412 2156 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:29:13.0412 2156 kbdclass - ok
17:29:13.0458 2156 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:29:13.0458 2156 kbdhid - ok
17:29:13.0505 2156 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:29:13.0505 2156 KSecDD - ok
17:29:13.0552 2156 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:29:13.0552 2156 KSecPkg - ok
17:29:13.0583 2156 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:29:13.0583 2156 ksthunk - ok
17:29:13.0692 2156 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:29:13.0692 2156 lltdio - ok
17:29:13.0755 2156 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:29:13.0755 2156 LSI_FC - ok
17:29:13.0770 2156 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:29:13.0786 2156 LSI_SAS - ok
17:29:13.0817 2156 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:29:13.0817 2156 LSI_SAS2 - ok
17:29:13.0833 2156 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:29:13.0848 2156 LSI_SCSI - ok
17:29:13.0864 2156 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:29:13.0864 2156 luafv - ok
17:29:13.0958 2156 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:29:13.0958 2156 mdmxsdk - ok
17:29:13.0989 2156 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:29:13.0989 2156 megasas - ok
17:29:14.0051 2156 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:29:14.0051 2156 MegaSR - ok
17:29:14.0098 2156 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:29:14.0098 2156 Modem - ok
17:29:14.0129 2156 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:29:14.0129 2156 monitor - ok
17:29:14.0176 2156 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:29:14.0176 2156 mouclass - ok
17:29:14.0223 2156 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:29:14.0223 2156 mouhid - ok
17:29:14.0254 2156 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:29:14.0254 2156 mountmgr - ok
17:29:14.0285 2156 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:29:14.0301 2156 mpio - ok
17:29:14.0316 2156 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:29:14.0316 2156 mpsdrv - ok
17:29:14.0410 2156 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:29:14.0410 2156 MRxDAV - ok
17:29:14.0457 2156 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:29:14.0457 2156 mrxsmb - ok
17:29:14.0519 2156 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:29:14.0535 2156 mrxsmb10 - ok
17:29:14.0566 2156 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:29:14.0566 2156 mrxsmb20 - ok
17:29:14.0597 2156 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:29:14.0597 2156 msahci - ok
17:29:14.0660 2156 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:29:14.0660 2156 msdsm - ok
17:29:14.0722 2156 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:29:14.0722 2156 Msfs - ok
17:29:14.0800 2156 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:29:14.0800 2156 mshidkmdf - ok
17:29:14.0831 2156 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:29:14.0831 2156 msisadrv - ok
17:29:14.0878 2156 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:29:14.0878 2156 MSKSSRV - ok
17:29:14.0894 2156 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:29:14.0894 2156 MSPCLOCK - ok
17:29:14.0925 2156 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:29:14.0925 2156 MSPQM - ok
17:29:14.0972 2156 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:29:14.0972 2156 MsRPC - ok
17:29:15.0003 2156 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:29:15.0003 2156 mssmbios - ok
17:29:15.0018 2156 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:29:15.0018 2156 MSTEE - ok
17:29:15.0050 2156 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:29:15.0050 2156 MTConfig - ok
17:29:15.0081 2156 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:29:15.0081 2156 Mup - ok
17:29:15.0143 2156 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:29:15.0143 2156 NativeWifiP - ok
17:29:15.0252 2156 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:29:15.0268 2156 NDIS - ok
17:29:15.0284 2156 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:29:15.0284 2156 NdisCap - ok
17:29:15.0330 2156 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:29:15.0330 2156 NdisTapi - ok
17:29:15.0377 2156 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:29:15.0377 2156 Ndisuio - ok
17:29:15.0408 2156 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:29:15.0424 2156 NdisWan - ok
17:29:15.0455 2156 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:29:15.0455 2156 NDProxy - ok
17:29:15.0486 2156 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:29:15.0486 2156 NetBIOS - ok
17:29:15.0580 2156 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:29:15.0580 2156 NetBT - ok
17:29:15.0736 2156 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
17:29:15.0767 2156 netw5v64 - ok
17:29:15.0798 2156 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:29:15.0798 2156 nfrd960 - ok
17:29:15.0861 2156 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:29:15.0861 2156 Npfs - ok
17:29:15.0892 2156 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:29:15.0892 2156 nsiproxy - ok
17:29:15.0970 2156 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:29:15.0970 2156 Ntfs - ok
17:29:16.0001 2156 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:29:16.0001 2156 Null - ok
17:29:16.0032 2156 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:29:16.0032 2156 nvraid - ok
17:29:16.0064 2156 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:29:16.0064 2156 nvstor - ok
17:29:16.0110 2156 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:29:16.0126 2156 nv_agp - ok
17:29:16.0204 2156 NWADI (17bcf5df3c54dcf2af2e164eb84a0169) C:\Windows\system32\DRIVERS\NWADIenum.sys
17:29:16.0204 2156 NWADI - ok
17:29:16.0235 2156 NWUSBCDFIL64 (de3abd010d9734cd4ad4e0ba81f50b63) C:\Windows\system32\DRIVERS\NwUsbCdFil64.sys
17:29:16.0235 2156 NWUSBCDFIL64 - ok
17:29:16.0266 2156 NWUSBModem (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbmdm.sys
17:29:16.0266 2156 NWUSBModem - ok
17:29:16.0298 2156 NWUSBPort (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbser.sys
17:29:16.0298 2156 NWUSBPort - ok
17:29:16.0344 2156 NWUSBPort2 (a3fadcf96abf4803e7a946cd48641ac3) C:\Windows\system32\DRIVERS\nwusbser2.sys
17:29:16.0344 2156 NWUSBPort2 - ok
17:29:16.0391 2156 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:29:16.0391 2156 ohci1394 - ok
17:29:16.0454 2156 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:29:16.0454 2156 Parport - ok
17:29:16.0485 2156 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:29:16.0500 2156 partmgr - ok
17:29:16.0578 2156 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:29:16.0594 2156 pci - ok
17:29:16.0610 2156 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:29:16.0610 2156 pciide - ok
17:29:16.0656 2156 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:29:16.0656 2156 pcmcia - ok
17:29:16.0688 2156 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:29:16.0688 2156 pcw - ok
17:29:16.0734 2156 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:29:16.0734 2156 PEAUTH - ok
17:29:16.0844 2156 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:29:16.0844 2156 PptpMiniport - ok
17:29:16.0875 2156 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:29:16.0875 2156 Processor - ok
17:29:16.0984 2156 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:29:16.0984 2156 Psched - ok
17:29:17.0046 2156 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:29:17.0062 2156 ql2300 - ok
17:29:17.0093 2156 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:29:17.0093 2156 ql40xx - ok
17:29:17.0124 2156 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:29:17.0124 2156 QWAVEdrv - ok
17:29:17.0156 2156 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:29:17.0156 2156 RasAcd - ok
17:29:17.0187 2156 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:29:17.0187 2156 RasAgileVpn - ok
17:29:17.0390 2156 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:29:17.0390 2156 Rasl2tp - ok
17:29:17.0483 2156 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:29:17.0483 2156 RasPppoe - ok
17:29:17.0514 2156 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:29:17.0514 2156 RasSstp - ok
17:29:17.0546 2156 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:29:17.0546 2156 rdbss - ok
17:29:17.0577 2156 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:29:17.0577 2156 rdpbus - ok
17:29:17.0592 2156 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:29:17.0592 2156 RDPCDD - ok
17:29:17.0624 2156 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:29:17.0624 2156 RDPENCDD - ok
17:29:17.0655 2156 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:29:17.0655 2156 RDPREFMP - ok
17:29:17.0702 2156 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:29:17.0702 2156 RDPWD - ok
17:29:17.0748 2156 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:29:17.0748 2156 rdyboost - ok
17:29:17.0873 2156 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:29:17.0873 2156 rspndr - ok
17:29:17.0920 2156 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\System32\Drivers\RtsUStor.sys
17:29:17.0920 2156 RSUSBSTOR - ok
17:29:17.0982 2156 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:29:17.0982 2156 RTL8167 - ok
17:29:18.0014 2156 RtsUIR - ok
17:29:18.0045 2156 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:29:18.0060 2156 sbp2port - ok
17:29:18.0092 2156 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:29:18.0092 2156 scfilter - ok
17:29:18.0154 2156 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
17:29:18.0154 2156 sdbus - ok
17:29:18.0263 2156 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:29:18.0263 2156 Serenum - ok
17:29:18.0294 2156 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:29:18.0294 2156 Serial - ok
17:29:18.0326 2156 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:29:18.0326 2156 sermouse - ok
17:29:18.0357 2156 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:29:18.0372 2156 sffdisk - ok
17:29:18.0388 2156 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:29:18.0388 2156 sffp_mmc - ok
17:29:18.0404 2156 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:29:18.0404 2156 sffp_sd - ok
17:29:18.0435 2156 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:29:18.0435 2156 sfloppy - ok
17:29:18.0482 2156 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:29:18.0482 2156 SiSRaid2 - ok
17:29:18.0544 2156 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:29:18.0544 2156 SiSRaid4 - ok
17:29:18.0622 2156 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:29:18.0622 2156 Smb - ok
17:29:18.0700 2156 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
17:29:18.0700 2156 SMSIVZAM5X64 - ok
17:29:18.0794 2156 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:29:18.0794 2156 spldr - ok
17:29:18.0856 2156 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:29:18.0856 2156 srv - ok
17:29:18.0887 2156 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:29:18.0887 2156 srv2 - ok
17:29:18.0918 2156 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:29:18.0918 2156 SrvHsfHDA - ok
17:29:18.0965 2156 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:29:18.0981 2156 SrvHsfV92 - ok
17:29:19.0028 2156 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:29:19.0028 2156 SrvHsfWinac - ok
17:29:19.0059 2156 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:29:19.0059 2156 srvnet - ok
17:29:19.0152 2156 ssfmonm (a4c4a1fedfbed04b39efae9f1311ed5e) C:\Windows\system32\DRIVERS\ssfmonm.sys
17:29:19.0152 2156 ssfmonm - ok
17:29:19.0199 2156 ssidrv (1cc88f50bd4e6fd6eac5c5365ceb6583) C:\Windows\system32\DRIVERS\ssidrv.sys
17:29:19.0199 2156 ssidrv - ok
17:29:19.0246 2156 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:29:19.0246 2156 stexstor - ok
17:29:19.0308 2156 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:29:19.0308 2156 swenum - ok
17:29:19.0371 2156 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys
17:29:19.0371 2156 SynTP - ok
17:29:19.0464 2156 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:29:19.0464 2156 Tcpip - ok
17:29:19.0542 2156 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:29:19.0558 2156 TCPIP6 - ok
17:29:19.0605 2156 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:29:19.0605 2156 tcpipreg - ok
17:29:19.0652 2156 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:29:19.0652 2156 TDPIPE - ok
17:29:19.0667 2156 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:29:19.0683 2156 TDTCP - ok
17:29:19.0730 2156 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:29:19.0730 2156 tdx - ok
17:29:19.0761 2156 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:29:19.0761 2156 TermDD - ok
17:29:19.0839 2156 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:29:19.0839 2156 tssecsrv - ok
17:29:19.0886 2156 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:29:19.0886 2156 TsUsbFlt - ok
17:29:19.0979 2156 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:29:19.0979 2156 tunnel - ok
17:29:20.0026 2156 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:29:20.0026 2156 uagp35 - ok
17:29:20.0073 2156 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:29:20.0073 2156 udfs - ok
17:29:20.0135 2156 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:29:20.0151 2156 uliagpkx - ok
17:29:20.0182 2156 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:29:20.0182 2156 umbus - ok
17:29:20.0213 2156 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:29:20.0213 2156 UmPass - ok
17:29:20.0260 2156 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:29:20.0276 2156 USBAAPL64 - ok
17:29:20.0354 2156 usbbus (a760351af8b6d9e8d862db3b657a8bdd) C:\Windows\system32\DRIVERS\lgx64bus.sys
17:29:20.0354 2156 usbbus - ok
17:29:20.0400 2156 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
17:29:20.0400 2156 usbccgp - ok
17:29:20.0432 2156 USBCCID - ok
17:29:20.0478 2156 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:29:20.0478 2156 usbcir - ok
17:29:20.0525 2156 UsbDiag (461cc33ce7cc38b696d4f04cd52640e4) C:\Windows\system32\DRIVERS\lgx64diag.sys
17:29:20.0541 2156 UsbDiag - ok
17:29:20.0603 2156 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:29:20.0603 2156 usbehci - ok
17:29:20.0666 2156 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:29:20.0666 2156 usbhub - ok
17:29:20.0728 2156 USBModem (c51cf486a3af418561077dd828ab70a1) C:\Windows\system32\DRIVERS\lgx64modem.sys
17:29:20.0728 2156 USBModem - ok
17:29:20.0759 2156 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:29:20.0759 2156 usbohci - ok
17:29:20.0790 2156 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:29:20.0790 2156 usbprint - ok
17:29:20.0822 2156 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:29:20.0822 2156 USBSTOR - ok
17:29:20.0868 2156 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:29:20.0868 2156 usbuhci - ok
17:29:20.0931 2156 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:29:20.0931 2156 vdrvroot - ok
17:29:20.0962 2156 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:29:20.0962 2156 vga - ok
17:29:20.0993 2156 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:29:20.0993 2156 VgaSave - ok
17:29:21.0040 2156 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:29:21.0040 2156 vhdmp - ok
17:29:21.0102 2156 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:29:21.0102 2156 viaide - ok
17:29:21.0149 2156 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:29:21.0149 2156 volmgr - ok
17:29:21.0212 2156 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:29:21.0212 2156 volmgrx - ok
17:29:21.0243 2156 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:29:21.0243 2156 volsnap - ok
17:29:21.0274 2156 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:29:21.0274 2156 vsmraid - ok
17:29:21.0305 2156 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:29:21.0305 2156 vwifibus - ok
17:29:21.0352 2156 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:29:21.0352 2156 vwififlt - ok
17:29:21.0368 2156 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:29:21.0368 2156 vwifimp - ok
17:29:21.0461 2156 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:29:21.0461 2156 WacomPen - ok
17:29:21.0524 2156 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:29:21.0524 2156 WANARP - ok
17:29:21.0539 2156 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:29:21.0539 2156 Wanarpv6 - ok
17:29:21.0602 2156 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:29:21.0602 2156 Wd - ok
17:29:21.0633 2156 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:29:21.0633 2156 Wdf01000 - ok
17:29:21.0711 2156 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:29:21.0726 2156 WfpLwf - ok
17:29:21.0742 2156 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:29:21.0742 2156 WIMMount - ok
17:29:21.0851 2156 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
17:29:21.0851 2156 winachsf - ok
17:29:21.0945 2156 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:29:21.0945 2156 WinUsb - ok
17:29:21.0992 2156 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:29:21.0992 2156 WmiAcpi - ok
17:29:22.0070 2156 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:29:22.0070 2156 ws2ifsl - ok
17:29:22.0132 2156 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:29:22.0132 2156 WudfPf - ok
17:29:22.0163 2156 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:29:22.0179 2156 WUDFRd - ok
17:29:22.0257 2156 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys
17:29:22.0257 2156 XAudio - ok
17:29:22.0350 2156 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
17:29:22.0350 2156 yukonw7 - ok
17:29:22.0397 2156 MBR (0x1B8) (255087f687b9079c823af15f2c5366f8) \Device\Harddisk0\DR0
17:29:22.0428 2156 \Device\Harddisk0\DR0 - ok
17:29:22.0460 2156 Boot (0x1200) (5af31410074da129bb1140665d82a2b9) \Device\Harddisk0\DR0\Partition0
17:29:22.0522 2156 \Device\Harddisk0\DR0\Partition0 - ok
17:29:22.0538 2156 Boot (0x1200) (74681c72af7fa20eb4bccd3c92a041b7) \Device\Harddisk0\DR0\Partition1
17:29:22.0538 2156 \Device\Harddisk0\DR0\Partition1 - ok
17:29:22.0569 2156 Boot (0x1200) (e4f0e6068e4cae8f2d3042a64c60c0d4) \Device\Harddisk0\DR0\Partition2
17:29:22.0569 2156 \Device\Harddisk0\DR0\Partition2 - ok
17:29:22.0584 2156 ============================================================
17:29:22.0584 2156 Scan finished
17:29:22.0584 2156 ============================================================
17:29:22.0600 4572 Detected object count: 0
17:29:22.0600 4572 Actual detected object count: 0
17:29:25.0330 0808 Deinitialize success

#5 oariel09

oariel09
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 13 November 2011 - 06:51 PM

i already had malware on my computer...i scanned my computer with it and then updated it and scanned again so i will post both results

results 1:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5148

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11/13/2011 5:43:37 PM
mbam-log-2011-11-13 (17-43-37).txt

Scan type: Quick scan
Objects scanned: 146392
Time elapsed: 5 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



results 2:




Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8156

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11/13/2011 5:51:18 PM
mbam-log-2011-11-13 (17-51-18).txt

Scan type: Quick scan
Objects scanned: 177969
Time elapsed: 5 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by boopme, 13 November 2011 - 09:52 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:16 AM

Posted 13 November 2011 - 09:52 PM

Are you still redirecting?

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

I'd recommend you remove the Ask Toolbar ,Microsoft Live Search Toolbar and Yahoo! Toolbars unless you really use one of them.


YOu also need to update to Java 7 and Adobe ReaderX or 10..
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u1-windows-i586-s.exe (or jre-7u1-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional





I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 oariel09

oariel09
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:16 AM

Posted 15 November 2011 - 01:02 AM

Yes i am still redirecting. Yes i am on a router and there are other things connected. to my knowledge none of them are redirecting. i do use firefox and thats what is redirecting. my internet explorer doesnt appear to be redirecting.

C:\Users\Owner\wevtapi.dll Win64/Agent.AC trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.7.windows.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Owner\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.8.windows.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Owner\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.1.5.windows.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\j4zz18tq.default\extensions\{49c3d303-d944-4c91-8a34-df1fb8740611}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\j4zz18tq.default\extensions\{49c3d303-d944-4c91-8a34-df1fb8740611}\chrome\xulcache.jar JS/Agent.NDO trojan cleaned by deleting - quarantined
C:\Users\Owner\Downloads\frostwire-4.21.5.windows.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Owner\FrostWire\Saved\frostwire-4.21.6.windows.exe Win32/OpenCandy application deleted - quarantined

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:16 AM

Posted 15 November 2011 - 01:27 PM

In FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users