Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BOO/TDss.M boot sector infection


  • Please log in to reply
13 replies to this topic

#1 batman03

batman03

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 24 November 2011 - 03:16 AM

HELLO,

I am using Windows Vista, and i have avira free antivirus installed,
when i make system scan i get this window

Posted Image

and form time to time i get this message

Posted Image


Please help me fix this problem. thanks in advance
Best regards

Batman

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 24 November 2011 - 02:10 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 batman03

batman03
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 24 November 2011 - 05:38 PM

Hi, thank you for the reply and the interest you gave tp my post
here is the log you requeted:


23:24:02.0466 7816 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
23:24:04.0471 7816 ============================================================
23:24:04.0471 7816 Current date / time: 2011/11/24 23:24:04.0471
23:24:04.0471 7816 SystemInfo:
23:24:04.0471 7816
23:24:04.0472 7816 OS Version: 6.0.6000 ServicePack: 0.0
23:24:04.0472 7816 Product type: Workstation
23:24:04.0472 7816 ComputerName: PC-STATIONS-POM
23:24:04.0472 7816 UserName: messi anuar
23:24:04.0472 7816 Windows directory: C:\Windows
23:24:04.0472 7816 System windows directory: C:\Windows
23:24:04.0472 7816 Processor architecture: Intel x86
23:24:04.0472 7816 Number of processors: 2
23:24:04.0472 7816 Page size: 0x1000
23:24:04.0472 7816 Boot type: Normal boot
23:24:04.0472 7816 ============================================================
23:24:09.0862 7816 Initialize success
23:25:48.0692 3028 ============================================================
23:25:48.0692 3028 Scan started
23:25:48.0692 3028 Mode: Manual;
23:25:48.0693 3028 ============================================================
23:25:49.0621 3028 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
23:25:49.0628 3028 ACPI - ok
23:25:49.0824 3028 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
23:25:49.0834 3028 adp94xx - ok
23:25:49.0988 3028 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
23:25:49.0995 3028 adpahci - ok
23:25:50.0050 3028 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
23:25:50.0086 3028 adpu160m - ok
23:25:50.0258 3028 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
23:25:50.0262 3028 adpu320 - ok
23:25:50.0468 3028 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
23:25:50.0476 3028 AFD - ok
23:25:50.0680 3028 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
23:25:50.0682 3028 agp440 - ok
23:25:50.0724 3028 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
23:25:50.0727 3028 aic78xx - ok
23:25:50.0782 3028 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
23:25:50.0784 3028 aliide - ok
23:25:50.0975 3028 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
23:25:50.0977 3028 amdagp - ok
23:25:51.0007 3028 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
23:25:51.0009 3028 amdide - ok
23:25:51.0162 3028 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
23:25:51.0164 3028 AmdK7 - ok
23:25:51.0201 3028 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
23:25:51.0203 3028 AmdK8 - ok
23:25:51.0584 3028 ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
23:25:51.0588 3028 ApfiltrService - ok
23:25:51.0732 3028 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
23:25:51.0734 3028 arc - ok
23:25:51.0869 3028 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
23:25:51.0871 3028 arcsas - ok
23:25:52.0015 3028 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
23:25:52.0017 3028 AsyncMac - ok
23:25:52.0094 3028 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
23:25:52.0097 3028 atapi - ok
23:25:52.0305 3028 athr (42a781b795b36a7182ded8b55c245153) C:\Windows\system32\DRIVERS\athr.sys
23:25:52.0326 3028 athr - ok
23:25:52.0628 3028 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
23:25:52.0630 3028 avgntflt - ok
23:25:52.0895 3028 avipbb (912d23140cd05980f6cdae790ddafc8d) C:\Windows\system32\DRIVERS\avipbb.sys
23:25:52.0899 3028 avipbb - ok
23:25:53.0040 3028 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
23:25:53.0042 3028 avkmgr - ok
23:25:53.0237 3028 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
23:25:53.0238 3028 Beep - ok
23:25:53.0290 3028 blbdrive - ok
23:25:53.0356 3028 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
23:25:53.0358 3028 bowser - ok
23:25:53.0495 3028 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
23:25:53.0498 3028 BrFiltLo - ok
23:25:53.0538 3028 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
23:25:53.0540 3028 BrFiltUp - ok
23:25:53.0642 3028 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
23:25:53.0644 3028 Brserid - ok
23:25:53.0754 3028 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
23:25:53.0756 3028 BrSerWdm - ok
23:25:53.0867 3028 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
23:25:53.0869 3028 BrUsbMdm - ok
23:25:53.0931 3028 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
23:25:53.0933 3028 BrUsbSer - ok
23:25:54.0084 3028 BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
23:25:54.0085 3028 BthEnum - ok
23:25:54.0240 3028 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
23:25:54.0242 3028 BTHMODEM - ok
23:25:54.0309 3028 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
23:25:54.0312 3028 BthPan - ok
23:25:54.0485 3028 BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
23:25:54.0490 3028 BTHPORT - ok
23:25:54.0598 3028 BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
23:25:54.0601 3028 BTHUSB - ok
23:25:54.0668 3028 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
23:25:54.0671 3028 cdfs - ok
23:25:54.0781 3028 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
23:25:54.0784 3028 cdrom - ok
23:25:54.0893 3028 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
23:25:54.0895 3028 circlass - ok
23:25:55.0030 3028 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
23:25:55.0036 3028 CLFS - ok
23:25:55.0286 3028 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
23:25:55.0287 3028 CmBatt - ok
23:25:55.0336 3028 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
23:25:55.0358 3028 cmdide - ok
23:25:55.0485 3028 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
23:25:55.0486 3028 Compbatt - ok
23:25:55.0525 3028 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
23:25:55.0527 3028 crcdisk - ok
23:25:55.0607 3028 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
23:25:55.0609 3028 Crusoe - ok
23:25:55.0706 3028 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
23:25:55.0708 3028 DfsC - ok
23:25:55.0874 3028 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
23:25:55.0876 3028 disk - ok
23:25:55.0970 3028 DLABMFSM (a0500678a33802d8954153839301d539) C:\Windows\system32\Drivers\DLABMFSM.SYS
23:25:55.0972 3028 DLABMFSM - ok
23:25:56.0033 3028 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\Windows\system32\Drivers\DLABOIOM.SYS
23:25:56.0035 3028 DLABOIOM - ok
23:25:56.0144 3028 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\Windows\system32\Drivers\DLACDBHM.SYS
23:25:56.0146 3028 DLACDBHM - ok
23:25:56.0201 3028 DLADResM (86dfc5bae3878cfabde1430475bd52a7) C:\Windows\system32\Drivers\DLADResM.SYS
23:25:56.0202 3028 DLADResM - ok
23:25:56.0275 3028 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\Windows\system32\Drivers\DLAIFS_M.SYS
23:25:56.0278 3028 DLAIFS_M - ok
23:25:56.0358 3028 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\Windows\system32\Drivers\DLAOPIOM.SYS
23:25:56.0360 3028 DLAOPIOM - ok
23:25:56.0441 3028 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\Windows\system32\Drivers\DLAPoolM.SYS
23:25:56.0447 3028 DLAPoolM - ok
23:25:56.0539 3028 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\Windows\system32\Drivers\DLARTL_M.SYS
23:25:56.0541 3028 DLARTL_M - ok
23:25:56.0618 3028 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\Windows\system32\Drivers\DLAUDFAM.SYS
23:25:56.0622 3028 DLAUDFAM - ok
23:25:56.0727 3028 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\Windows\system32\Drivers\DLAUDF_M.SYS
23:25:56.0730 3028 DLAUDF_M - ok
23:25:56.0906 3028 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
23:25:56.0908 3028 DMICall - ok
23:25:57.0112 3028 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
23:25:57.0113 3028 drmkaud - ok
23:25:57.0188 3028 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\Windows\system32\Drivers\DRVMCDB.SYS
23:25:57.0192 3028 DRVMCDB - ok
23:25:57.0333 3028 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\Windows\system32\Drivers\DRVNDDM.SYS
23:25:57.0335 3028 DRVNDDM - ok
23:25:57.0474 3028 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
23:25:57.0489 3028 DXGKrnl - ok
23:25:57.0630 3028 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:25:57.0635 3028 E1G60 - ok
23:25:57.0803 3028 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
23:25:57.0809 3028 Ecache - ok
23:25:58.0021 3028 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
23:25:58.0030 3028 elxstor - ok
23:25:58.0208 3028 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
23:25:58.0222 3028 fastfat - ok
23:25:58.0264 3028 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
23:25:58.0266 3028 fdc - ok
23:25:58.0362 3028 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
23:25:58.0364 3028 FileInfo - ok
23:25:58.0487 3028 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
23:25:58.0489 3028 Filetrace - ok
23:25:58.0631 3028 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
23:25:58.0633 3028 flpydisk - ok
23:25:58.0708 3028 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
23:25:58.0718 3028 FltMgr - ok
23:25:58.0844 3028 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
23:25:58.0845 3028 Fs_Rec - ok
23:25:58.0956 3028 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
23:25:58.0958 3028 gagp30kx - ok
23:25:59.0142 3028 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
23:25:59.0143 3028 GEARAspiWDM - ok
23:25:59.0363 3028 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
23:25:59.0369 3028 HdAudAddService - ok
23:25:59.0404 3028 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:25:59.0406 3028 HDAudBus - ok
23:25:59.0529 3028 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
23:25:59.0532 3028 HidBth - ok
23:25:59.0592 3028 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
23:25:59.0594 3028 HidIr - ok
23:25:59.0753 3028 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
23:25:59.0754 3028 HidUsb - ok
23:25:59.0819 3028 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
23:25:59.0821 3028 HpCISSs - ok
23:26:00.0017 3028 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\Windows\system32\drivers\hpfxbulk.sys
23:26:00.0018 3028 HPFXBULK - ok
23:26:00.0114 3028 HPFXFAX (f728db73a87231e27b6ba34d71ce2edb) C:\Windows\system32\drivers\hpfxfax.sys
23:26:00.0116 3028 HPFXFAX - ok
23:26:00.0300 3028 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:26:00.0306 3028 HSFHWAZL - ok
23:26:00.0416 3028 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:26:00.0440 3028 HSF_DPV - ok
23:26:00.0537 3028 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:26:00.0545 3028 HSXHWAZL - ok
23:26:00.0636 3028 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
23:26:00.0647 3028 HTTP - ok
23:26:00.0712 3028 hwdatacard - ok
23:26:00.0808 3028 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
23:26:00.0810 3028 i2omp - ok
23:26:00.0931 3028 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
23:26:00.0933 3028 i8042prt - ok
23:26:01.0052 3028 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys
23:26:01.0056 3028 iaStor - ok
23:26:01.0190 3028 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
23:26:01.0197 3028 iaStorV - ok
23:26:01.0401 3028 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
23:26:01.0403 3028 iirsp - ok
23:26:01.0579 3028 IntcAzAudAddService (6f62bafe6150f3952f877051c65786fe) C:\Windows\system32\drivers\RTKVHDA.sys
23:26:01.0626 3028 IntcAzAudAddService - ok
23:26:01.0768 3028 intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
23:26:01.0770 3028 intelide - ok
23:26:01.0820 3028 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
23:26:01.0822 3028 intelppm - ok
23:26:02.0011 3028 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:26:02.0013 3028 IpFilterDriver - ok
23:26:02.0046 3028 IpInIp - ok
23:26:02.0112 3028 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
23:26:02.0114 3028 IPMIDRV - ok
23:26:02.0244 3028 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
23:26:02.0247 3028 IPNAT - ok
23:26:02.0283 3028 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
23:26:02.0284 3028 IRENUM - ok
23:26:02.0331 3028 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
23:26:02.0333 3028 isapnp - ok
23:26:02.0473 3028 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
23:26:02.0480 3028 iScsiPrt - ok
23:26:02.0524 3028 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
23:26:02.0533 3028 iteatapi - ok
23:26:02.0653 3028 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
23:26:02.0655 3028 iteraid - ok
23:26:02.0710 3028 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
23:26:02.0712 3028 kbdclass - ok
23:26:02.0833 3028 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
23:26:02.0835 3028 kbdhid - ok
23:26:02.0923 3028 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
23:26:02.0982 3028 KSecDD - ok
23:26:03.0215 3028 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
23:26:03.0217 3028 lltdio - ok
23:26:03.0316 3028 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
23:26:03.0318 3028 LSI_FC - ok
23:26:03.0447 3028 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
23:26:03.0450 3028 LSI_SAS - ok
23:26:03.0539 3028 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
23:26:03.0541 3028 LSI_SCSI - ok
23:26:03.0635 3028 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
23:26:03.0638 3028 luafv - ok
23:26:03.0729 3028 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
23:26:03.0733 3028 mcdbus - ok
23:26:03.0849 3028 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:26:03.0851 3028 mdmxsdk - ok
23:26:03.0903 3028 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
23:26:03.0905 3028 megasas - ok
23:26:04.0008 3028 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
23:26:04.0010 3028 Modem - ok
23:26:04.0044 3028 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
23:26:04.0046 3028 monitor - ok
23:26:04.0135 3028 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
23:26:04.0137 3028 mouclass - ok
23:26:04.0211 3028 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
23:26:04.0213 3028 mouhid - ok
23:26:04.0236 3028 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
23:26:04.0238 3028 MountMgr - ok
23:26:04.0293 3028 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
23:26:04.0295 3028 mpio - ok
23:26:04.0389 3028 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
23:26:04.0393 3028 mpsdrv - ok
23:26:04.0444 3028 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
23:26:04.0446 3028 Mraid35x - ok
23:26:04.0515 3028 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
23:26:04.0518 3028 MRxDAV - ok
23:26:04.0646 3028 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:26:04.0650 3028 mrxsmb - ok
23:26:04.0711 3028 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:26:04.0717 3028 mrxsmb10 - ok
23:26:04.0828 3028 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:26:04.0830 3028 mrxsmb20 - ok
23:26:04.0906 3028 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
23:26:04.0908 3028 msahci - ok
23:26:05.0059 3028 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
23:26:05.0062 3028 msdsm - ok
23:26:05.0141 3028 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
23:26:05.0143 3028 Msfs - ok
23:26:05.0197 3028 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
23:26:05.0198 3028 msisadrv - ok
23:26:05.0297 3028 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
23:26:05.0299 3028 MSKSSRV - ok
23:26:05.0392 3028 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
23:26:05.0394 3028 MSPCLOCK - ok
23:26:05.0502 3028 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
23:26:05.0504 3028 MSPQM - ok
23:26:05.0579 3028 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
23:26:05.0583 3028 MsRPC - ok
23:26:05.0645 3028 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
23:26:05.0646 3028 mssmbios - ok
23:26:05.0723 3028 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
23:26:05.0747 3028 MSTEE - ok
23:26:05.0840 3028 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
23:26:05.0843 3028 Mup - ok
23:26:05.0943 3028 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
23:26:05.0949 3028 NativeWifiP - ok
23:26:06.0253 3028 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
23:26:06.0265 3028 NDIS - ok
23:26:06.0420 3028 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
23:26:06.0424 3028 NdisTapi - ok
23:26:06.0458 3028 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
23:26:06.0460 3028 Ndisuio - ok
23:26:06.0502 3028 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
23:26:06.0508 3028 NdisWan - ok
23:26:06.0646 3028 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
23:26:06.0649 3028 NDProxy - ok
23:26:06.0829 3028 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
23:26:06.0831 3028 NetBIOS - ok
23:26:06.0877 3028 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
23:26:06.0882 3028 netbt - ok
23:26:07.0155 3028 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
23:26:07.0212 3028 NETw4v32 - ok
23:26:07.0349 3028 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
23:26:07.0351 3028 nfrd960 - ok
23:26:07.0443 3028 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\Windows\system32\drivers\nmwcd.sys
23:26:07.0447 3028 nmwcd - ok
23:26:07.0584 3028 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\Windows\system32\drivers\nmwcdc.sys
23:26:07.0585 3028 nmwcdc - ok
23:26:07.0629 3028 nmwcdcj (4c3726467d67483f054c88f058e9c153) C:\Windows\system32\drivers\nmwcdcj.sys
23:26:07.0631 3028 nmwcdcj - ok
23:26:07.0756 3028 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\Windows\system32\drivers\nmwcdcm.sys
23:26:07.0757 3028 nmwcdcm - ok
23:26:07.0817 3028 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
23:26:07.0819 3028 Npfs - ok
23:26:07.0932 3028 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
23:26:07.0934 3028 nsiproxy - ok
23:26:08.0125 3028 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
23:26:08.0151 3028 Ntfs - ok
23:26:08.0333 3028 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
23:26:08.0359 3028 ntrigdigi - ok
23:26:08.0489 3028 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
23:26:08.0494 3028 Null - ok
23:26:08.0857 3028 nvlddmkm (442eac1b12acf1bad6f1224167e034c8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:26:09.0177 3028 nvlddmkm - ok
23:26:09.0323 3028 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
23:26:09.0326 3028 nvraid - ok
23:26:09.0361 3028 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
23:26:09.0365 3028 nvstor - ok
23:26:09.0522 3028 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
23:26:09.0525 3028 nv_agp - ok
23:26:09.0551 3028 NwlnkFlt - ok
23:26:09.0578 3028 NwlnkFwd - ok
23:26:09.0741 3028 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
23:26:09.0743 3028 ohci1394 - ok
23:26:09.0933 3028 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
23:26:09.0936 3028 Parport - ok
23:26:09.0972 3028 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
23:26:09.0975 3028 partmgr - ok
23:26:10.0140 3028 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
23:26:10.0142 3028 Parvdm - ok
23:26:10.0199 3028 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
23:26:10.0204 3028 pci - ok
23:26:10.0333 3028 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
23:26:10.0335 3028 pciide - ok
23:26:10.0414 3028 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
23:26:10.0418 3028 pcmcia - ok
23:26:10.0571 3028 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
23:26:10.0591 3028 PEAUTH - ok
23:26:10.0810 3028 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
23:26:10.0812 3028 PptpMiniport - ok
23:26:10.0853 3028 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
23:26:10.0855 3028 Processor - ok
23:26:11.0023 3028 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
23:26:11.0025 3028 PSched - ok
23:26:11.0116 3028 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
23:26:11.0120 3028 PxHelp20 - ok
23:26:11.0277 3028 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
23:26:11.0298 3028 ql2300 - ok
23:26:11.0439 3028 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
23:26:11.0443 3028 ql40xx - ok
23:26:11.0515 3028 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
23:26:11.0517 3028 QWAVEdrv - ok
23:26:11.0662 3028 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
23:26:11.0664 3028 RasAcd - ok
23:26:11.0711 3028 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:26:11.0714 3028 Rasl2tp - ok
23:26:11.0771 3028 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
23:26:11.0773 3028 RasPppoe - ok
23:26:11.0908 3028 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
23:26:11.0914 3028 rdbss - ok
23:26:11.0944 3028 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:26:11.0945 3028 RDPCDD - ok
23:26:12.0011 3028 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
23:26:12.0017 3028 rdpdr - ok
23:26:12.0174 3028 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
23:26:12.0176 3028 RDPENCDD - ok
23:26:12.0242 3028 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
23:26:12.0247 3028 RDPWD - ok
23:26:12.0309 3028 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
23:26:12.0311 3028 regi - ok
23:26:12.0486 3028 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
23:26:12.0493 3028 RFCOMM - ok
23:26:12.0635 3028 RMCAST (8804bcb4383859f66ffd51f049a1d744) C:\Windows\system32\DRIVERS\RMCAST.sys
23:26:12.0638 3028 RMCAST - ok
23:26:12.0708 3028 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
23:26:12.0711 3028 rspndr - ok
23:26:12.0849 3028 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
23:26:12.0885 3028 sbp2port - ok
23:26:12.0966 3028 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:26:12.0968 3028 secdrv - ok
23:26:13.0103 3028 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
23:26:13.0105 3028 Serenum - ok
23:26:13.0142 3028 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
23:26:13.0145 3028 Serial - ok
23:26:13.0193 3028 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
23:26:13.0195 3028 sermouse - ok
23:26:13.0375 3028 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
23:26:13.0377 3028 SFEP - ok
23:26:13.0428 3028 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
23:26:13.0430 3028 sffdisk - ok
23:26:13.0535 3028 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
23:26:13.0541 3028 sffp_mmc - ok
23:26:13.0587 3028 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
23:26:13.0589 3028 sffp_sd - ok
23:26:13.0658 3028 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
23:26:13.0660 3028 sfloppy - ok
23:26:13.0757 3028 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
23:26:13.0759 3028 sisagp - ok
23:26:13.0813 3028 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
23:26:13.0823 3028 SiSRaid2 - ok
23:26:13.0945 3028 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
23:26:13.0948 3028 SiSRaid4 - ok
23:26:14.0023 3028 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
23:26:14.0027 3028 Smb - ok
23:26:14.0438 3028 SNP2UVC (b2cdacedfae3fe6a547b30155136d510) C:\Windows\system32\DRIVERS\snp2uvc.sys
23:26:14.0584 3028 SNP2UVC - ok
23:26:14.0708 3028 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
23:26:14.0710 3028 spldr - ok
23:26:14.0796 3028 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
23:26:14.0804 3028 srv - ok
23:26:14.0937 3028 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
23:26:14.0941 3028 srv2 - ok
23:26:14.0983 3028 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
23:26:14.0987 3028 srvnet - ok
23:26:15.0225 3028 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
23:26:15.0228 3028 ssmdrv - ok
23:26:15.0390 3028 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
23:26:15.0393 3028 swenum - ok
23:26:15.0556 3028 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
23:26:15.0558 3028 Symc8xx - ok
23:26:15.0593 3028 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
23:26:15.0596 3028 Sym_hi - ok
23:26:15.0704 3028 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
23:26:15.0706 3028 Sym_u3 - ok
23:26:15.0850 3028 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
23:26:15.0871 3028 Tcpip - ok
23:26:16.0027 3028 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
23:26:16.0041 3028 Tcpip6 - ok
23:26:16.0252 3028 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
23:26:16.0254 3028 tcpipreg - ok
23:26:16.0290 3028 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
23:26:16.0292 3028 TDPIPE - ok
23:26:16.0427 3028 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
23:26:16.0429 3028 TDTCP - ok
23:26:16.0500 3028 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
23:26:16.0503 3028 tdx - ok
23:26:16.0584 3028 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
23:26:16.0586 3028 TermDD - ok
23:26:16.0707 3028 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
23:26:16.0721 3028 ti21sony - ok
23:26:16.0850 3028 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:26:16.0852 3028 tssecsrv - ok
23:26:16.0980 3028 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
23:26:16.0984 3028 tunmp - ok
23:26:17.0035 3028 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
23:26:17.0037 3028 tunnel - ok
23:26:17.0134 3028 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
23:26:17.0153 3028 uagp35 - ok
23:26:17.0317 3028 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
23:26:17.0323 3028 udfs - ok
23:26:17.0392 3028 UIUSys - ok
23:26:17.0449 3028 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
23:26:17.0451 3028 uliagpkx - ok
23:26:17.0600 3028 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
23:26:17.0605 3028 uliahci - ok
23:26:17.0752 3028 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
23:26:17.0756 3028 UlSata - ok
23:26:17.0848 3028 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
23:26:17.0852 3028 ulsata2 - ok
23:26:17.0981 3028 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
23:26:17.0983 3028 umbus - ok
23:26:18.0102 3028 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
23:26:18.0103 3028 UnlockerDriver5 - ok
23:26:18.0326 3028 usbccgp (51480458e6e9863f856ebf35aae801b4) C:\Windows\system32\DRIVERS\usbccgp.sys
23:26:18.0332 3028 usbccgp - ok
23:26:18.0414 3028 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
23:26:18.0417 3028 usbcir - ok
23:26:18.0568 3028 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
23:26:18.0570 3028 usbehci - ok
23:26:18.0616 3028 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
23:26:18.0621 3028 usbhub - ok
23:26:18.0759 3028 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
23:26:18.0761 3028 usbohci - ok
23:26:18.0811 3028 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
23:26:18.0836 3028 usbprint - ok
23:26:18.0985 3028 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
23:26:18.0988 3028 usbscan - ok
23:26:19.0064 3028 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:26:19.0068 3028 USBSTOR - ok
23:26:19.0266 3028 usbuhci (4013315fed70a2d293b998cbba4022ee) C:\Windows\system32\DRIVERS\usbuhci.sys
23:26:19.0268 3028 usbuhci - ok
23:26:19.0468 3028 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
23:26:19.0472 3028 usbvideo - ok
23:26:19.0760 3028 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
23:26:19.0764 3028 vga - ok
23:26:19.0797 3028 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
23:26:19.0799 3028 VgaSave - ok
23:26:19.0923 3028 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
23:26:19.0953 3028 viaagp - ok
23:26:20.0031 3028 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
23:26:20.0033 3028 ViaC7 - ok
23:26:20.0148 3028 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
23:26:20.0149 3028 viaide - ok
23:26:20.0191 3028 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
23:26:20.0194 3028 volmgr - ok
23:26:20.0260 3028 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
23:26:20.0270 3028 volmgrx - ok
23:26:20.0343 3028 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
23:26:20.0350 3028 volsnap - ok
23:26:20.0408 3028 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
23:26:20.0413 3028 vsmraid - ok
23:26:20.0618 3028 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
23:26:20.0619 3028 WacomPen - ok
23:26:20.0664 3028 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
23:26:20.0667 3028 Wanarp - ok
23:26:20.0700 3028 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
23:26:20.0702 3028 Wanarpv6 - ok
23:26:20.0864 3028 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
23:26:20.0866 3028 Wd - ok
23:26:20.0935 3028 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
23:26:20.0948 3028 Wdf01000 - ok
23:26:21.0141 3028 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
23:26:21.0146 3028 WimFltr - ok
23:26:21.0385 3028 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:26:21.0402 3028 winachsf - ok
23:26:21.0646 3028 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
23:26:21.0648 3028 WmiAcpi - ok
23:26:21.0859 3028 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
23:26:21.0862 3028 WpdUsb - ok
23:26:21.0927 3028 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
23:26:21.0929 3028 ws2ifsl - ok
23:26:22.0169 3028 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:26:22.0173 3028 WUDFRd - ok
23:26:22.0389 3028 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
23:26:22.0391 3028 XAudio - ok
23:26:22.0565 3028 yukonwlh (2d07e65ed0023bb10b13a912b27dfb1a) C:\Windows\system32\DRIVERS\yk60x86.sys
23:26:22.0571 3028 yukonwlh - ok
23:26:22.0657 3028 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
23:26:22.0658 3028 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
23:26:22.0658 3028 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
23:26:22.0684 3028 Boot (0x1200) (74989792b918480fc0be720c6d779300) \Device\Harddisk0\DR0\Partition0
23:26:22.0686 3028 \Device\Harddisk0\DR0\Partition0 - ok
23:26:22.0691 3028 ============================================================
23:26:22.0691 3028 Scan finished
23:26:22.0691 3028 ============================================================
23:26:22.0718 0468 Detected object count: 1
23:26:22.0718 0468 Actual detected object count: 1
23:26:28.0738 0468 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
23:26:28.0739 0468 \Device\Harddisk0\DR0 - ok
23:26:28.0783 0468 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
23:26:50.0800 4000 Deinitialize success
Best regards

Batman

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 24 November 2011 - 05:39 PM

Very good :)

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 batman03

batman03
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 25 November 2011 - 11:37 AM

sorry for the delay Here is the report:

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6000
Number of processors #2
==============================================
>Drivers
==============================================
0x8C2BA000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 7626752 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 156.65 )
0x82400000 C:\Windows\system32\ntkrnlpa.exe 3805184 bytes (Microsoft Corporation, NT Kernel & System)
0x82400000 PnpManager 3805184 bytes
0x82400000 RAW 3805184 bytes
0x82400000 WMIxWDM 3805184 bytes
0x8CDD8000 C:\Windows\system32\DRIVERS\NETw4v32.sys 2260992 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x97800000 Win32k 2097152 bytes
0x97800000 C:\Windows\System32\win32k.sys 2097152 bytes (Microsoft Corporation, Pilote Win32 multi-utilisateurs)
0x8E840000 C:\Windows\system32\drivers\RTKVHDA.sys 1835008 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0x882F8000 C:\Windows\System32\Drivers\Ntfs.sys 1081344 bytes (Microsoft Corporation, Pilote du système de fichiers NT)
0x8808C000 C:\Windows\system32\drivers\ndis.sys 1064960 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8E4FD000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1060864 bytes (Conexant Systems, Inc., HSF_DP driver)
0x8051F000 C:\Windows\system32\CI.dll 921600 bytes (Microsoft Corporation, Module d’intégrité du code)
0xA1D22000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8EB0B000 C:\Windows\System32\drivers\tcpip.sys 872448 bytes (Microsoft Corporation, TCP/IP Driver)
0x8CA5A000 C:\Windows\system32\drivers\ti21sony.sys 835584 bytes (Texas Instruments, ti21sony.sys)
0x90342000 C:\Windows\System32\Drivers\dump_iaStor.sys 778240 bytes
0x80620000 C:\Windows\system32\drivers\iastor.sys 778240 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8E449000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 737280 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x806DE000 C:\Windows\system32\drivers\iastorv.sys 655360 bytes (Intel Corporation, Intel Matrix Storage Manager driver (base))
0x8C21D000 C:\Windows\System32\drivers\dxgkrnl.sys 643072 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x9FA04000 C:\Windows\system32\drivers\spsys.sys 581632 bytes (Microsoft Corporation, security processor)
0x804A4000 C:\Windows\system32\drivers\Wdf01000.sys 503808 bytes (Microsoft Corporation, WDF dynamique)
0x8828E000 C:\Windows\System32\Drivers\ksecdd.sys 434176 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xA06D7000 C:\Windows\system32\drivers\HTTP.sys 430080 bytes (Microsoft Corporation, HTTP Pile du protocole)
0x80266000 C:\Windows\system32\mcupdate_GenuineIntel.dll 393216 bytes (Microsoft Corporation, Intel Microcode Update Library)
0xA0E69000 C:\Windows\System32\DRIVERS\srv.sys 331776 bytes (Microsoft Corporation, Server driver)
0x8077E000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8EA82000 C:\Windows\system32\drivers\afd.sys 290816 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80461000 C:\Windows\system32\drivers\acpi.sys 274432 bytes (Microsoft Corporation, Pilote ACPI pour NT)
0x8CD55000 C:\Windows\system32\DRIVERS\storport.sys 262144 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8CB34000 C:\Windows\system32\DRIVERS\yk60x86.sys 258048 bytes (Marvell, NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller)
0x8E227000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 249856 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x8CBC3000 C:\Windows\system32\DRIVERS\USBPORT.SYS 249856 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x8021A000 C:\Windows\system32\CLFS.SYS 241664 bytes (Microsoft Corporation, Common Log File System Driver)
0x8EFC5000 C:\Windows\system32\DRIVERS\rdbss.sys 241664 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xA0F30000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x88028000 C:\Windows\system32\drivers\NETIO.SYS 233472 bytes (Microsoft Corporation, Network I/O Subsystem)
0x88258000 C:\Windows\system32\drivers\volsnap.sys 221184 bytes (Microsoft Corporation, Pilote de cliché instantané du volume)
0x827A1000 ACPI_HAL 212992 bytes
0x827A1000 C:\Windows\system32\hal.dll 212992 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8CC40000 C:\Windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x8EA50000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x881B1000 C:\Windows\system32\drivers\fltmgr.sys 200704 bytes (Microsoft Corporation, Gestionnaire de filtres de système de fichiers Microsoft)
0x9FB50000 C:\Windows\system32\DRIVERS\RMCAST.sys 196608 bytes (Microsoft Corporation, Reliable Multicast Transport)
0xA28E6000 C:\Windows\System32\Drivers\RDPWD.SYS 188416 bytes (Microsoft Corporation, RDP Terminal Stack Driver)
0x8E289000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8CD95000 C:\Windows\system32\DRIVERS\msiscsi.sys 176128 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x88061000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x9FB25000 C:\Windows\system32\DRIVERS\nwifi.sys 176128 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x8CC74000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x807C8000 C:\Windows\system32\DRIVERS\pcmcia.sys 172032 bytes (Microsoft Corporation, Pilote de bus PCMCIA)
0x8CA1E000 C:\Windows\system32\DRIVERS\Apfiltr.sys 167936 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0xA1C06000 C:\Windows\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0x8CC9E000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8EF54000 C:\Windows\system32\DRIVERS\avipbb.sys 151552 bytes (Avira GmbH, Avira Driver for Security Enhancement)
0x8E264000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x88233000 C:\Windows\System32\drivers\ecache.sys 151552 bytes (Microsoft Corporation, Special Memory Device Cache)
0x80434000 C:\Windows\system32\drivers\pci.sys 151552 bytes (Microsoft Corporation, Énumérateur Plug-and-Play PCI pour NT)
0xA0EFA000 C:\Windows\System32\DRIVERS\srv2.sys 147456 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8CD10000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x88201000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8E81F000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xA0F87000 C:\Windows\system32\drivers\mrxdav.sys 131072 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x881E2000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0xA0F69000 C:\Windows\system32\DRIVERS\mrxsmb.sys 122880 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x8CCC4000 C:\Windows\system32\DRIVERS\mcdbus.sys 118784 bytes (MagicISO, Inc., MagicISO SCSI Host Controller)
0x9B2A3000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, Pilote de filtre de virtualisation de fichier LUA)
0xA0638000 C:\Windows\System32\DRIVERS\srvnet.sys 110592 bytes (Microsoft Corporation, Server Network driver)
0x9B28A000 C:\Windows\system32\DRIVERS\avgntflt.sys 102400 bytes (Avira GmbH, Avira Minifilter Driver)
0xA0FA7000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x9B231000 C:\Windows\System32\Drivers\DLAIFS_M.SYS 102400 bytes (Roxio, Drive Letter Access Component)
0x8EAF2000 C:\Windows\System32\drivers\fwpkclnt.sys 102400 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8CDC0000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x8EA06000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Client MUP Surrogate Driver)
0x9C229000 C:\Windows\System32\Drivers\DLAUDF_M.SYS 94208 bytes (Roxio, Drive Letter Access Component)
0x8819A000 C:\Windows\System32\Drivers\DRVMCDB.SYS 94208 bytes (Sonic Solutions, Device Driver)
0x8CD3E000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x8BDA1000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x9B21B000 C:\Windows\System32\Drivers\DLAUDFAM.SYS 90112 bytes (Roxio, Drive Letter Access Component)
0x8EA3A000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, Planificateur de paquets QoS)
0x8EADD000 C:\Windows\system32\DRIVERS\tdx.sys 86016 bytes (Microsoft Corporation, TDI Translation Driver)
0xA0E14000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0xA0624000 C:\Windows\System32\drivers\mpsdrv.sys 81920 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8EAC9000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8CA47000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, Pilote de port i8042)
0x8CCFD000 C:\Windows\system32\DRIVERS\raspptp.sys 77824 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x9FB12000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x8EA27000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8C20B000 C:\Windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0xA0F1E000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 73728 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0xA0E02000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x88222000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x80608000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0xA0610000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x89178000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8040B000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x891D8000 C:\Windows\System32\Drivers\NDProxy.SYS 65536 bytes (Microsoft Corporation, NDIS Proxy)
0x89108000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x8EF35000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8800A000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x88019000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x88C2D000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8CCE1000 C:\Windows\system32\DRIVERS\termdd.sys 61440 bytes (Microsoft Corporation, Terminal Server Driver)
0x80425000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8CB26000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x9B810000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8BC70000 C:\Windows\system32\DRIVERS\intelppm.sys 57344 bytes (Microsoft Corporation, Processor Device Driver)
0x8E803000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8E811000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x807F2000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8BC0A000 C:\Windows\system32\DRIVERS\usbehci.sys 57344 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8EE3A000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8E21A000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Pilote de périphérique modem)
0x8CCF0000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8BC23000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8020D000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x8EF79000 C:\Windows\system32\DRIVERS\avkmgr.sys 49152 bytes (Avira GmbH, Avira Manager Driver)
0xA0740000 C:\Windows\System32\DRIVERS\tssecsrv.sys 49152 bytes (Microsoft Corporation, TS Security Filter Driver)
0x8E20E000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x98A50000 C:\Windows\System32\Drivers\DRVNDDM.SYS 45056 bytes (Roxio, Device Driver Manager)
0x8C200000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Pilote de la classe Clavier)
0x8CA13000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Pilote de la classe Souris)
0x8E203000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8CD33000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x98A66000 C:\Windows\System32\drivers\tcpipreg.sys 45056 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8CA08000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x98AF5000 C:\Windows\system32\drivers\tdtcp.sys 45056 bytes (Microsoft Corporation, TCP Transport Driver)
0x8BC7E000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8BC18000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8041B000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x96B88000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8BC00000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x96BB0000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8EA1D000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x88190000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0x96BBA000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xAA5D3000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x88001000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8930D000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0xB0382000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x8025D000 C:\Windows\system32\PSHED.dll 36864 bytes (Microsoft Corporation, Pilote d’erreurs matérielles spécifiques à une plateforme)
0x89316000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x9B800000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x892E9000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x80204000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x89343000 C:\Windows\system32\drivers\ws2ifsl.sys 36864 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0x80618000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80255000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x9AE50000 C:\Windows\System32\Drivers\DLABMFSM.SYS 32768 bytes (Roxio, Drive Letter Access Component)
0x802C6000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xB8340000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, Pilote de filtre souris HID)
0x80459000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x892D4000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x89254000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x80600000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x9AE40000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x8BCEB000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8BCAC000 C:\Windows\System32\Drivers\DLABOIOM.SYS 28672 bytes (Roxio, Drive Letter Access Component)
0x8BC9E000 C:\Windows\System32\Drivers\GEARAspiWDM.sys 28672 bytes (GEAR Software Inc., CD/DVD Class Filter Driver)
0x8BCDD000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x80404000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8BCE4000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x893B8000 C:\Windows\System32\Drivers\DLAOPIOM.SYS 24576 bytes (Roxio, Drive Letter Access Component)
0x893E8000 C:\Windows\System32\Drivers\DLARTL_M.SYS 24576 bytes (Roxio, Shared Driver Component)
0x893C4000 C:\Windows\system32\DRIVERS\ssmdrv.sys 24576 bytes (Avira GmbH, AVIRA SnapShot Driver)
0x8BDDC000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xA134B000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x80201000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8BC4F000 C:\Windows\System32\Drivers\DLAPoolM.SYS 12288 bytes (Roxio, Drive Letter Access Component)
0x8BC61000 C:\Windows\system32\DRIVERS\SFEP.sys 12288 bytes (Sony Corporation, Sony Firmware Extension Parser driver)
0x80402000 C:\Windows\System32\Drivers\DLACDBHM.SYS 8192 bytes (Roxio, Shared Driver Component)
0xA065F000 C:\Windows\system32\drivers\regi.sys 8192 bytes (InterVideo, regi driver)
0x8938C000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xA1D18000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0x9AC4B000 C:\Windows\System32\Drivers\DLADResM.SYS 4096 bytes (Roxio, Drive Letter Access Component)
0x8E2D7000 C:\Windows\system32\DRIVERS\DMICall.sys 4096 bytes (Sony Corporation, Windows 2000 DMI Call Kernel Driver)
==============================================
>Stealth
==============================================
Best regards

Batman

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 25 November 2011 - 08:10 PM

Is Avira still complaining?

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 batman03

batman03
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 26 November 2011 - 03:10 PM

Hi,
till now, i think it's ok for avira, i made a system scan and no infection was found.

Here is the log of Security check:


Results of screen317's Security Check version 0.99.24
Windows Vista x86
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Avira Free Antivirus
ESET Online Scanner v3
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 20
Java™ 6 Update 2
Out of date Java installed!
Adobe Flash Player ( 10.1.102.64) Flash Player Out of Date!
Mozilla Firefox (3.6.18) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````


MinitoolBox log

MiniToolBox by Farbar
Ran by messaoudi anouar (administrator) on 26-11-2011 at 19:08:53
Windows Vista ™ Home Premium (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller = Connexion au réseau local (Connected)
Intel® Wireless WiFi Link 4965AGN = Connexion réseau sans fil (Media disconnected)


# ----------------------------------
# Configuration du protocole IPv4
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=wireless_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_9 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_10 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ppp_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# Fin de la configuration du protocole IPv4



Configuration IP de Windows

Nom de l'h“te . . . . . . . . . . : PC-STATIONS-POMPAGE
Suffixe DNS principal . . . . . . :
Type de noeud. . . . . . . . . . : Hybride
Routage IP activ‚ . . . . . . . . : Non
Proxy WINS activ‚ . . . . . . . . : Non

Carte r‚seau sans fil Connexion r‚seau sans filے:

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Adresse physique . . . . . . . . . . . : 00-1D-E0-BF-A2-E9
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Ethernet Connexion au r‚seau local :

Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Adresse physique . . . . . . . . . . . : 00-1A-80-B7-76-27
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui
Adresse IPv4. . . . . . . . . . . : 10.46.15.102(pr‚f‚r‚)
Masque de sous-r‚seau. . . .ے. . . . . : 255.255.255.0
Passerelle par d‚faut. . . .ے. . . . . : 10.46.15.1
Serveurs DNS. . . . . . . . . . . . . : 192.168.2.243
80.246.0.3
NetBIOS sur Tcpip. . . . . . . . . . . : Activ‚

Carte Tunnel Connexion au r‚seau local* :

Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : isatap.{A29BFC0C-ED6E-4F2B-BFDA-76F99E5EBA74}
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui
Adresse IPv6 de liaison locale. . : fe80::5efe:10.46.15.102%17(pr‚f‚r‚)
Passerelle par d‚faut. . . .ے. . . . . :
Serveurs DNS. . . . . . . . . . . . . : 192.168.2.243
80.246.0.3
NetBIOS sur TCPIP. . . . . . . . . . . : D‚sactiv‚

Carte Tunnel Connexion au r‚seau local* 6 :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Adresse physique . . . . . . . . . . . : 02-00-54-55-4E-01
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Tunnel Connexion au r‚seau local* 9 :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : 6TO4 Adapter
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui

Carte Tunnel Connexion au r‚seau local* 12 :

Statut du m‚dia. . . . . . . . . . . . : M‚dia d‚connect‚
Suffixe DNS propre … la connexion. . . :
Description. . . . . . . . . . . . . . : isatap.{F2E07619-E903-4EE7-9F47-343F676EC588}
Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP activ‚. . . . . . . . . . . . . . : Non
Configuration automatique activ‚e. . . : Oui
Serveur : UnKnown
Address: 192.168.2.243:53

Nom : google.com
Addresses: 209.85.147.99, 209.85.147.103, 209.85.147.104, 209.85.147.105
209.85.147.106, 209.85.147.147



Envoi d'une requˆte 'ping' sur google.com [209.85.147.147] avec 32 octets de donn‚es :



R‚ponse de 209.85.147.147ے: octets=32 temps=1034 ms TTL=49

R‚ponse de 209.85.147.147ے: octets=32 temps=1115 ms TTL=50



Statistiques Ping pour 209.85.147.147:

Paquetsے: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),

Dur‚e approximative des boucles en millisecondes :

Minimum = 1034ms, Maximum = 1115ms, Moyenne = 1074ms

Serveur : UnKnown
Address: 192.168.2.243:53

Nom : yahoo.com
Addresses: 98.137.149.56, 98.139.180.149, 209.191.122.70, 72.30.2.43



Envoi d'une requˆte 'ping' sur yahoo.com [98.139.180.149] avec 32 octets de donn‚es :



R‚ponse de 98.139.180.149ے: octets=32 temps=1199 ms TTL=45

R‚ponse de 98.139.180.149ے: octets=32 temps=1020 ms TTL=45



Statistiques Ping pour 98.139.180.149:

Paquetsے: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),

Dur‚e approximative des boucles en millisecondes :

Minimum = 1020ms, Maximum = 1199ms, Moyenne = 1109ms

Serveur : UnKnown
Address: 192.168.2.243:53

Nom : bleepingcomputer.com
Address: 208.43.87.2



Envoi d'une requˆte 'ping' sur bleepingcomputer.com [208.43.87.2] avec 32 octets de donn‚es :



R‚ponse de 208.43.87.2ے: Impossible de joindre l'h“te de destination.

R‚ponse de 208.43.87.2ے: Impossible de joindre l'h“te de destination.



Statistiques Ping pour 208.43.87.2:

Paquetsے: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),



Envoi d'une requˆte 'Ping' 127.0.0.1 avec 32 octets de donn‚es :



R‚ponse de 127.0.0.1ے: octets=32 temps<1ms TTL=128

R‚ponse de 127.0.0.1ے: octets=32 temps<1ms TTL=128



Statistiques Ping pour 127.0.0.1:

Paquetsے: envoy‚s = 2, re‡us = 2, perdus = 0 (perte 0%),

Dur‚e approximative des boucles en millisecondes :

Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms

===========================================================================
Liste d'Interfaces
9 ...00 1d e0 bf a2 e9 ...... Intel® Wireless WiFi Link 4965AGN
8 ...00 1a 80 b7 76 27 ...... Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
17 ...00 00 00 00 00 00 00 e0 isatap.{A29BFC0C-ED6E-4F2B-BFDA-76F99E5EBA74}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
18 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
15 ...00 00 00 00 00 00 00 e0 isatap.{F2E07619-E903-4EE7-9F47-343F676EC588}
===========================================================================

IPv4 Table de routage
===========================================================================
Itin‚raires actifsے:
Destination r‚seau Masque r‚seau Adr. passerelle Adr. interface M‚trique
0.0.0.0 0.0.0.0 10.46.15.1 10.46.15.102 276
10.46.15.0 255.255.255.0 On-link 10.46.15.102 276
10.46.15.102 255.255.255.255 On-link 10.46.15.102 276
10.46.15.255 255.255.255.255 On-link 10.46.15.102 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.46.15.102 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.46.15.102 276
===========================================================================
Itin‚raires persistantsے:
Adresse r‚seau Masque r‚seau Adresse passerelle M‚trique
0.0.0.0 0.0.0.0 10.46.15.1 Par d‚faut
===========================================================================

IPv6 Table de routage
===========================================================================
Itin‚raires actifsے:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
17 281 fe80::5efe:10.46.15.102/128
On-link
1 306 ff00::/8 On-link
===========================================================================
Itin‚raires persistantsے:
Aucun
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 02 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 03 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 04 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 05 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 06 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 07 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 08 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 09 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 10 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\idmmbc.dll [206256] (Tonec Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/26/2011 01:13:07 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Accès refusé.

Error: (11/26/2011 01:13:05 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Accès refusé.

Error: (11/25/2011 10:53:39 PM) (Source: VzCdbSvc) (User: )
Description: Echec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019)

Error: (11/25/2011 08:33:50 AM) (Source: VzCdbSvc) (User: )
Description: Echec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019)

Error: (11/25/2011 08:21:54 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Accès refusé.

Error: (11/25/2011 08:21:50 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Accès refusé.

Error: (11/25/2011 00:26:45 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Accès refusé.

Error: (11/25/2011 00:26:44 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Accès refusé.

Error: (11/24/2011 11:28:55 PM) (Source: VzCdbSvc) (User: )
Description: Echec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code d'erreur = 0x80042019)

Error: (11/24/2011 09:49:37 PM) (Source: System Restore) (User: )
Description: Impossible de créer le point de restauration planifié. Informations supplémentaires : (0x800423f4).


System errors:
=============
Error: (11/25/2011 10:54:48 PM) (Source: Service Control Manager) (User: )
Description: Bandoo Coordinator%%3

Error: (11/25/2011 10:54:48 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/25/2011 10:08:59 PM) (Source: BROWSER) (User: )
Description: Le service Explorateur d'ordinateur a rencontré un nombre d'échecs trop important en essayant de retrouver la copie de sauvegarde de la liste sur le transport \Device\NetBT_Tcpip_{A29BFC0C-ED6E-4F2B-BFDA-76F99E5EBA74}.
L'explorateur secondaire s'arrête.

Error: (11/25/2011 04:20:15 PM) (Source: ipnathlp) (User: )
Description: L'agent proxy DNS n'a pas pu allouer 0 octets de mémoire. Ceci peut indiquer que le système n'a plus beaucoup de mémoire virtuelle, ou que le gestionnaire de mémoire a rencontré une erreur interne.

Error: (11/25/2011 08:34:20 AM) (Source: Service Control Manager) (User: )
Description: Bandoo Coordinator%%3

Error: (11/25/2011 08:34:20 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/24/2011 11:29:20 PM) (Source: Service Control Manager) (User: )
Description: Bandoo Coordinator%%3

Error: (11/24/2011 11:29:20 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/24/2011 09:14:15 PM) (Source: Service Control Manager) (User: )
Description: 1Redémarrer le serviceInfrastructure de gestion Windows%%1056

Error: (11/24/2011 09:14:15 PM) (Source: Service Control Manager) (User: )
Description: Partage de connexion Internet (ICS)Gestionnaire de connexions d'accès distant%%1070


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================


(Version: 1.1.0.0-ALL)
(Version: 1.3.0.0-FRA)
(Version: 1.4.0.0-FRA)
(Version: 2.0.0.0-FRA)
1500 Best-Selling Home Plans - CD3DHA (Version: 1.6.0)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
3D Home Architect Design Suite Deluxe 8 (Version: 8.0)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 10 Plugin (Version: 10.1.102.64)
Adobe Reader 8.2.5 - Français (Version: 8.2.5)
Alps Pointing-device for VAIO
Analyseur et SDK MSXML 4.0 SP2 (Version: 4.20.9818.0)
Archiveur WinRAR
Athan Basic 4.1
AutoCAD 2008 - Français (Version: 17.1.51.0)
AutoUpdate (Version: 1.1)
Avira Free Antivirus (Version: 12.0.0.861)
Cambridge Advanced Learner's Dictionary
Canon LBP2900
CCFile 3.6
Click to Disc (Version: 1.0.00.11080)
Click to Disc Editor (Version: 1.0.00)
DivX Codec (Version: 6.6.1)
DivX Converter (Version: 6.5)
DivX Player (Version: 6.4.3)
ESET Online Scanner v3
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) (Version: 9.00.2047.00)
FLAV FLV to MP3 Converter 2.58.15
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.2.0603
GearDrvs (Version: 1)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.79)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
ICQ7.2 (Version: 7.2)
Inkscape 0.48+SAGE (Version: 0.48+SAGE)
Installation Windows Live (Version: 14.0.8117.0416)
Installation Windows Live (Version: 14.0.8117.416)
IntegraXor 3.6 (Version: 3.60.4040)
Internet Download Manager
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 20 (Version: 6.0.200)
K-Lite Codec Pack 4.5.3 (Full) (Version: 4.5.3)
Lecteur CANALPLAY 2.4 (Version: 2.4.0.1)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - fra (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0)
Microsoft Office Access MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Professional Plus 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Visio Professional 2003 (Version: 11.0.3216.5614)
Microsoft Office Word MUI (French) 2007 (Version: 12.0.4518.1014)
Microsoft SQL Server Native Client (Version: 9.00.2047.00)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XML Parser (Version: 8.70.1104.04)
Module de compatibilité pour Microsoft Office System 2007 (Version: 12.0.6514.5001)
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Moyea FLV Editor Lite version: 1.1.1.846
Mozilla Firefox (3.6.18) (Version: 3.6.18 (en-GB))
Mp3 Audio Editor v6.9.6
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Transfer (Version: 1.3.01.13160)
My Club VAIO (Version: 2.1)
Nero 8 (Version: 8.10.214)
Nokia Connectivity Cable Driver (Version: 6.83.9.0)
Nokia PC Suite (Version: 6.83.14.1)
Norton 360 (Version: 1.2.0.10)
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
Outil de restauration de données VAIO (Version: 1.0.03.10030)
Outil de téléchargement Windows Live (Version: 14.0.8014.1029)
Outil VAIO Media Registration 6.0 (Version: 6.0.10)
Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1) (Version: 11/03/2006 6.82.0.1)
PC Connectivity Solution (Version: 7.7.10.0)
Petit Larousse 2010
Primo (Version: 1.00.0000)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5449)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Easy Media Creator Home (Version: 9.1.095)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Runtime (Version: 1.00.0000)
Save Flash 4.3 (Version: 4.3)
Setting Utility Series (Version: 3.1.00.09240)
Skype™ 4.2 (Version: 4.2.187)
Snowy - Fish Frenzy (Version: 1.0)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Sony Picture Utility (Version: 4.3.00.06180)
Sony Video Shared Library (Version: 3.3.00)
TELL ME MORE
Tencent QQ (Version: 1.51.1910.0)
The Learning Tool 1.2.2
ThinkTanks (Version: 32.0.0.0)
Unlocker 1.9.0 (Version: 1.9.0)
USB Video Device (Version: 5.8.39200.100)
VAIO Content Folder Setting (Version: 1.0.01.09270)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 2.1.00.09284)
VAIO Content Metadata Manager Setting (Version: 2.1.00.09281)
VAIO Content Metadata XML Interface Library (Version: 2.1.00.09202)
VAIO Control Center (Version: 2.1.00.09190)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130)
VAIO Entertainment Platform (Version: 3.0.00.06280)
VAIO Event Service (Version: 3.3.00.11020)
VAIO Launcher (Version: 1.1.00.11210)
Vaio Marketing Tools
VAIO Media (Version: 6.0.10)
VAIO Media 6.0 (Version: 6.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.1
VAIO Media Redistribution 6.0 (Version: 6.0.10)
VAIO Media Registration Tool (Version: 6.0.10)
VAIO Movie Story (Version: 1.1.00.10160)
VAIO Movie Story Template Data (Version: 1.1.00.09281)
VAIO MusicBox (Version: 1.1.01.09240)
VAIO MusicBox Sample Music (Version: 1.0.01.09210)
VAIO Original Function Setting (Version: 1.2.00.11100)
VAIO Power Management (Version: 2.3.01.10310)
VAIO Smart Network (Version: 1.2.00.11260)
VAIO Update 4 (Version: 4.0.0.08240)
VAIO Wallpaper Contents (Version: 1.0.00.09200)
VCRedistSetup (Version: 1.0.0)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
WinDVD for VAIO (Version: 8.0-B8.411)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 2045.81 MB
Available physical RAM: 896.34 MB
Total Pagefile: 4302.66 MB
Available Pagefile: 2908.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:225.4 GB) (Free:121.23 GB) NTFS
5 Drive g: (200709172059) (CDROM) (Total:0.68 GB) (Free:0 GB) CDFS

========================= Users: ========================================

comptes d'utilisateurs de \\PC-STATIONS-POM

Administrateur Invit‚ messaoudi anouar
La commande s'est termin‚e correctement.


**** End of log ****

and here is Malwarebytes log

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8248

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

26/11/2011 21:03:45
mbam-log-2011-11-26 (21-03-45).txt

Scan type: Quick scan
Objects scanned: 190973
Time elapsed: 11 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Best regards

Batman

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 26 November 2011 - 03:17 PM

We have to take care of several other problems.

You're running two AV programs, Avira and Norton.
One of them has to go.
If Norton use this tool to uninstall it: https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?docid=20080710133834EN&lg=english&ct=united+states&product=home&version=1&pvid=f-home&entsrc=redirect_pubweb

"hosts" file is missing and we have to recreate it.

Open Notepad.
Paste the following text into it:

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#  	102.54.94.97 	rhino.acme.com      	# source server
#   	38.25.63.10 	x.acme.com          	# x client host

127.0.0.1   	localhost
::1         	localhost

Go File>Save As and...

1. Name the file hosts. (no extension; make sure there is just a "dot" at the end <--- VERY IMPORTANT!)
2. Make sure, "Save as type:" is set to "All Files (*.*)
3. File is saved to C:\WINDOWS\SYSTEM32\DRIVERS\ETC folder

Posted Image

===========================================================

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box into the main textfield:
    :dir
    C:\WINDOWS\SYSTEM32\DRIVERS\ETC
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 batman03

batman03
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 27 November 2011 - 01:07 AM

Hello,

Here is the log:


SystemLook 30.07.11 by jpshortstuff
Log created at 06:52 on 27/11/2011 by messaoudi anouar
Administrator - Elevation successful

========== dir ==========

C:\WINDOWS\SYSTEM32\DRIVERS\ETC - Parameters: "(none)"

---Files---
hosts --a---- 735 bytes [05:49 27/11/2011] [05:49 27/11/2011]
hosts.ics --a---- 443 bytes [07:34 16/08/2009] [22:05 26/11/2011]
lmhosts.sam --a---- 3683 bytes [06:38 02/11/2006] [21:41 18/09/2006]
networks --a---- 407 bytes [10:23 02/11/2006] [21:41 18/09/2006]
protocol --a---- 1358 bytes [10:23 02/11/2006] [21:41 18/09/2006]
services --a---- 17244 bytes [10:23 02/11/2006] [21:41 18/09/2006]

---Folders---
None found.

-= EOF =-
Best regards

Batman

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 27 November 2011 - 01:36 AM

Good job :)

How is computer doing?

Did you uninstall one of your AV programs?

You also don't have any service pack installed but do NOT do anything about it yet.

Run couple more steps for me...

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 batman03

batman03
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 27 November 2011 - 10:37 AM

Hello, and thank you for your help, I think everything is ok now, :thumbup2:
ESET scanner didn't find any infection

Posted Image

can u give me some tips to help me keep my computer safe, because I use internet often, and what AV software shall I use?
Thanks a lot my friend.
Best regards

Batman

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 27 November 2011 - 11:30 AM

Good news :)

You'll find some tips toward the end of this message.

Update Adobe Flash Player
Download the Latest Adobe Flash for Firefox and IE Without Any Extras: http://www.404techsupport.com/2010/04/27/download-the-latest-adobe-flash-for-firefox-and-ie-without-any-extras/

============================================================================

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

========================================================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/

2. Make sure, Windows Updates are current (including Service Pack 2 installation and upgrading Internet Explorer to version 9!!!)

3. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

4. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

5. Run Temporary File Cleaner (TFC) weekly.

6. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

10. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 batman03

batman03
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Algeria
  • Local time:12:46 AM

Posted 28 November 2011 - 06:14 AM

Thanks a lot, I'll try my best to keep my computer safe.

Thank you again.

My best wishs
Best regards

Batman

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:46 PM

Posted 28 November 2011 - 09:44 PM

You're very welcome Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users