Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

get-answers-fast and other redirects


  • Please log in to reply
12 replies to this topic

#1 andypierce

andypierce

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 29 November 2011 - 08:46 PM

I have tried everything and have been infected for a while. I come here with hat in hand. If someone can help, I will have a restored faith in humanity.

BC AdBot (Login to Remove)

 


#2 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 29 November 2011 - 10:36 PM

I ran TDSSkiller

22:27:23.0797 4276 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
22:27:24.0549 4276 ============================================================
22:27:24.0549 4276 Current date / time: 2011/11/29 22:27:24.0549
22:27:24.0549 4276 SystemInfo:
22:27:24.0549 4276
22:27:24.0549 4276 OS Version: 6.0.6002 ServicePack: 2.0
22:27:24.0549 4276 Product type: Workstation
22:27:24.0550 4276 ComputerName: ANDYANDKRIST-PC
22:27:24.0550 4276 UserName: Andy and Kristen
22:27:24.0550 4276 Windows directory: C:\Windows
22:27:24.0550 4276 System windows directory: C:\Windows
22:27:24.0550 4276 Running under WOW64
22:27:24.0550 4276 Processor architecture: Intel x64
22:27:24.0550 4276 Number of processors: 3
22:27:24.0550 4276 Page size: 0x1000
22:27:24.0550 4276 Boot type: Normal boot
22:27:24.0550 4276 ============================================================
22:27:24.0992 4276 Initialize success
22:27:40.0666 3412 ============================================================
22:27:40.0666 3412 Scan started
22:27:40.0666 3412 Mode: Manual; SigCheck; TDLFS;
22:27:40.0666 3412 ============================================================
22:27:41.0087 3412 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
22:27:41.0334 3412 ACPI - ok
22:27:41.0395 3412 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
22:27:41.0470 3412 adp94xx - ok
22:27:41.0510 3412 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
22:27:41.0566 3412 adpahci - ok
22:27:41.0591 3412 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
22:27:41.0633 3412 adpu160m - ok
22:27:41.0652 3412 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
22:27:41.0689 3412 adpu320 - ok
22:27:41.0735 3412 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
22:27:42.0050 3412 AFD - ok
22:27:42.0204 3412 AgereSoftModem (385471f8147e1bd6a08c031e3aad3910) C:\Windows\system32\DRIVERS\agrsm64.sys
22:27:42.0514 3412 AgereSoftModem - ok
22:27:42.0616 3412 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
22:27:42.0656 3412 agp440 - ok
22:27:42.0694 3412 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
22:27:42.0730 3412 aic78xx - ok
22:27:42.0752 3412 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
22:27:42.0780 3412 aliide - ok
22:27:42.0797 3412 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
22:27:42.0836 3412 amdide - ok
22:27:42.0855 3412 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
22:27:43.0052 3412 AmdK8 - ok
22:27:43.0205 3412 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
22:27:43.0257 3412 arc - ok
22:27:43.0295 3412 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
22:27:43.0349 3412 arcsas - ok
22:27:43.0393 3412 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
22:27:43.0494 3412 AsyncMac - ok
22:27:43.0527 3412 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
22:27:43.0567 3412 atapi - ok
22:27:43.0629 3412 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
22:27:43.0734 3412 avgntflt - ok
22:27:43.0762 3412 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
22:27:43.0778 3412 avipbb - ok
22:27:43.0830 3412 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
22:27:43.0916 3412 blbdrive - ok
22:27:43.0978 3412 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
22:27:44.0056 3412 bowser - ok
22:27:44.0136 3412 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
22:27:44.0315 3412 BrFiltLo - ok
22:27:44.0459 3412 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
22:27:44.0554 3412 BrFiltUp - ok
22:27:44.0674 3412 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
22:27:44.0926 3412 Brserid - ok
22:27:45.0003 3412 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
22:27:45.0113 3412 BrSerWdm - ok
22:27:45.0153 3412 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
22:27:45.0293 3412 BrUsbMdm - ok
22:27:45.0312 3412 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
22:27:45.0416 3412 BrUsbSer - ok
22:27:45.0436 3412 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
22:27:45.0556 3412 BTHMODEM - ok
22:27:45.0602 3412 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
22:27:45.0688 3412 cdfs - ok
22:27:45.0718 3412 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
22:27:45.0776 3412 cdrom - ok
22:27:45.0833 3412 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
22:27:45.0941 3412 cfwids - ok
22:27:45.0963 3412 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
22:27:46.0077 3412 circlass - ok
22:27:46.0127 3412 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
22:27:46.0178 3412 CLFS - ok
22:27:46.0236 3412 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
22:27:46.0262 3412 cmdide - ok
22:27:46.0286 3412 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
22:27:46.0316 3412 Compbatt - ok
22:27:46.0343 3412 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
22:27:46.0380 3412 crcdisk - ok
22:27:46.0429 3412 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
22:27:46.0517 3412 DfsC - ok
22:27:46.0586 3412 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
22:27:46.0633 3412 disk - ok
22:27:46.0679 3412 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
22:27:46.0769 3412 drmkaud - ok
22:27:46.0824 3412 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
22:27:46.0887 3412 DXGKrnl - ok
22:27:46.0909 3412 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
22:27:46.0986 3412 E1G60 - ok
22:27:47.0041 3412 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
22:27:47.0083 3412 Ecache - ok
22:27:47.0119 3412 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
22:27:47.0177 3412 elxstor - ok
22:27:47.0219 3412 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
22:27:47.0283 3412 ErrDev - ok
22:27:47.0369 3412 esgiguard - ok
22:27:47.0513 3412 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
22:27:47.0715 3412 exfat - ok
22:27:47.0797 3412 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
22:27:47.0889 3412 fastfat - ok
22:27:47.0930 3412 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
22:27:48.0006 3412 fdc - ok
22:27:48.0031 3412 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
22:27:48.0066 3412 FileInfo - ok
22:27:48.0103 3412 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
22:27:48.0188 3412 Filetrace - ok
22:27:48.0214 3412 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:27:48.0300 3412 flpydisk - ok
22:27:48.0351 3412 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
22:27:48.0392 3412 FltMgr - ok
22:27:48.0430 3412 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
22:27:48.0515 3412 Fs_Rec - ok
22:27:48.0617 3412 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
22:27:48.0657 3412 gagp30kx - ok
22:27:48.0702 3412 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:27:48.0794 3412 GEARAspiWDM - ok
22:27:48.0839 3412 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
22:27:48.0952 3412 HdAudAddService - ok
22:27:48.0996 3412 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:27:49.0103 3412 HDAudBus - ok
22:27:49.0131 3412 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
22:27:49.0241 3412 HidBth - ok
22:27:49.0264 3412 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
22:27:49.0367 3412 HidIr - ok
22:27:49.0403 3412 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
22:27:49.0460 3412 HidUsb - ok
22:27:49.0484 3412 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
22:27:49.0514 3412 HpCISSs - ok
22:27:49.0579 3412 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
22:27:49.0680 3412 HTTP - ok
22:27:49.0699 3412 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
22:27:49.0729 3412 i2omp - ok
22:27:49.0754 3412 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
22:27:49.0807 3412 i8042prt - ok
22:27:49.0834 3412 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
22:27:49.0884 3412 iaStorV - ok
22:27:49.0920 3412 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
22:27:49.0956 3412 iirsp - ok
22:27:50.0022 3412 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys
22:27:50.0124 3412 int15 - ok
22:27:50.0216 3412 IntcAzAudAddService (2c62599e693372a9221c262b8040e3ac) C:\Windows\system32\drivers\RTKVHD64.sys
22:27:50.0415 3412 IntcAzAudAddService - ok
22:27:50.0483 3412 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
22:27:50.0520 3412 intelide - ok
22:27:50.0538 3412 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
22:27:50.0611 3412 intelppm - ok
22:27:50.0659 3412 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:27:50.0724 3412 IpFilterDriver - ok
22:27:50.0738 3412 IpInIp - ok
22:27:50.0764 3412 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
22:27:50.0845 3412 IPMIDRV - ok
22:27:50.0868 3412 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
22:27:50.0935 3412 IPNAT - ok
22:27:50.0970 3412 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
22:27:51.0035 3412 IRENUM - ok
22:27:51.0053 3412 is3srv - ok
22:27:51.0074 3412 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
22:27:51.0108 3412 isapnp - ok
22:27:51.0150 3412 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
22:27:51.0185 3412 iScsiPrt - ok
22:27:51.0206 3412 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
22:27:51.0267 3412 iteatapi - ok
22:27:51.0285 3412 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
22:27:51.0313 3412 iteraid - ok
22:27:51.0338 3412 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
22:27:51.0364 3412 kbdclass - ok
22:27:51.0400 3412 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
22:27:51.0453 3412 kbdhid - ok
22:27:51.0630 3412 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
22:27:51.0720 3412 KSecDD - ok
22:27:52.0021 3412 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
22:27:52.0140 3412 ksthunk - ok
22:27:52.0580 3412 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
22:27:52.0706 3412 lltdio - ok
22:27:53.0172 3412 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
22:27:53.0223 3412 LSI_FC - ok
22:27:53.0589 3412 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
22:27:53.0641 3412 LSI_SAS - ok
22:27:54.0051 3412 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
22:27:54.0100 3412 LSI_SCSI - ok
22:27:54.0188 3412 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
22:27:54.0294 3412 luafv - ok
22:27:55.0188 3412 LVUVC64 (4350876ab0d0c77d0b40a1c85935c96b) C:\Windows\system32\DRIVERS\lvuvc64.sys
22:27:55.0684 3412 LVUVC64 - ok
22:27:55.0858 3412 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
22:27:56.0012 3412 MBAMProtector - ok
22:27:56.0275 3412 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
22:27:56.0322 3412 megasas - ok
22:27:56.0415 3412 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
22:27:56.0490 3412 MegaSR - ok
22:27:56.0714 3412 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
22:27:56.0840 3412 mfeapfk - ok
22:27:57.0167 3412 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
22:27:57.0372 3412 mfeavfk - ok
22:27:57.0956 3412 mfeavfk01 - ok
22:27:58.0086 3412 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
22:27:58.0304 3412 mfefirek - ok
22:27:58.0656 3412 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
22:27:58.0878 3412 mfehidk - ok
22:27:59.0020 3412 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
22:27:59.0204 3412 mfenlfk - ok
22:27:59.0449 3412 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
22:27:59.0611 3412 mferkdet - ok
22:27:59.0853 3412 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
22:28:00.0013 3412 mfewfpk - ok
22:28:00.0239 3412 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
22:28:00.0336 3412 Modem - ok
22:28:00.0852 3412 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
22:28:00.0943 3412 monitor - ok
22:28:01.0147 3412 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
22:28:01.0190 3412 mouclass - ok
22:28:01.0333 3412 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
22:28:01.0450 3412 mouhid - ok
22:28:01.0586 3412 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
22:28:01.0631 3412 MountMgr - ok
22:28:01.0988 3412 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
22:28:02.0049 3412 mpio - ok
22:28:02.0129 3412 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
22:28:02.0234 3412 mpsdrv - ok
22:28:02.0356 3412 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
22:28:02.0403 3412 Mraid35x - ok
22:28:02.0723 3412 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
22:28:02.0819 3412 MRxDAV - ok
22:28:03.0152 3412 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:28:03.0376 3412 mrxsmb - ok
22:28:03.0737 3412 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:28:03.0932 3412 mrxsmb10 - ok
22:28:04.0125 3412 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:28:04.0178 3412 mrxsmb20 - ok
22:28:04.0569 3412 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
22:28:04.0610 3412 msahci - ok
22:28:04.0767 3412 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
22:28:04.0817 3412 msdsm - ok
22:28:05.0143 3412 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
22:28:05.0252 3412 Msfs - ok
22:28:05.0475 3412 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
22:28:05.0515 3412 msisadrv - ok
22:28:05.0707 3412 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
22:28:05.0804 3412 MSKSSRV - ok
22:28:05.0840 3412 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
22:28:05.0941 3412 MSPCLOCK - ok
22:28:05.0994 3412 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
22:28:06.0111 3412 MSPQM - ok
22:28:06.0176 3412 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
22:28:06.0241 3412 MsRPC - ok
22:28:06.0310 3412 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
22:28:06.0338 3412 mssmbios - ok
22:28:06.0372 3412 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
22:28:06.0497 3412 MSTEE - ok
22:28:06.0522 3412 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
22:28:06.0564 3412 Mup - ok
22:28:06.0624 3412 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
22:28:06.0708 3412 NativeWifiP - ok
22:28:06.0890 3412 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
22:28:06.0992 3412 NDIS - ok
22:28:07.0153 3412 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
22:28:07.0259 3412 NdisTapi - ok
22:28:07.0591 3412 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
22:28:07.0695 3412 Ndisuio - ok
22:28:08.0128 3412 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
22:28:08.0261 3412 NdisWan - ok
22:28:08.0533 3412 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
22:28:08.0653 3412 NDProxy - ok
22:28:08.0787 3412 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
22:28:08.0883 3412 NetBIOS - ok
22:28:09.0215 3412 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
22:28:09.0324 3412 netbt - ok
22:28:09.0441 3412 netr7364 (4d457321124ef6031875da01e9c402b3) C:\Windows\system32\DRIVERS\WUSB54GCx64.sys
22:28:09.0683 3412 netr7364 - ok
22:28:09.0775 3412 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
22:28:09.0819 3412 nfrd960 - ok
22:28:10.0058 3412 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
22:28:10.0147 3412 Npfs - ok
22:28:10.0547 3412 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
22:28:10.0658 3412 nsiproxy - ok
22:28:11.0130 3412 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
22:28:11.0313 3412 Ntfs - ok
22:28:11.0835 3412 NTIDrvr (7d397449aaf52b0e7c79b64f6ad4473e) C:\Windows\system32\Drivers\NTIDrvr.sys
22:28:12.0006 3412 NTIDrvr - ok
22:28:12.0139 3412 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
22:28:12.0243 3412 Null - ok
22:28:12.0997 3412 NVENETFD (211d111d01d4b74015d4e58e84588f86) C:\Windows\system32\DRIVERS\nvmfdx64.sys
22:28:13.0248 3412 NVENETFD - ok
22:28:13.0660 3412 NVHDA (73b0abbca290a5709a193c3b6877d34e) C:\Windows\system32\drivers\nvhda64v.sys
22:28:13.0818 3412 NVHDA - ok
22:28:15.0252 3412 nvlddmkm (6169ddfb59e5106523bb660cc12a3657) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:28:15.0850 3412 nvlddmkm - ok
22:28:16.0158 3412 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
22:28:16.0210 3412 nvraid - ok
22:28:16.0303 3412 nvsmu (f6c6d8298dd85507f680437ec2e6899c) C:\Windows\system32\DRIVERS\nvsmu.sys
22:28:16.0318 3412 nvsmu - ok
22:28:16.0472 3412 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
22:28:16.0514 3412 nvstor - ok
22:28:16.0549 3412 nvstor64 (14e8409cce4bfc7591f8697a8748dc5b) C:\Windows\system32\DRIVERS\nvstor64.sys
22:28:16.0566 3412 nvstor64 - ok
22:28:16.0595 3412 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
22:28:16.0628 3412 nv_agp - ok
22:28:16.0638 3412 NwlnkFlt - ok
22:28:16.0650 3412 NwlnkFwd - ok
22:28:16.0690 3412 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
22:28:16.0738 3412 ohci1394 - ok
22:28:16.0775 3412 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
22:28:16.0870 3412 Parport - ok
22:28:16.0913 3412 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
22:28:16.0960 3412 partmgr - ok
22:28:17.0044 3412 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
22:28:17.0108 3412 pci - ok
22:28:17.0170 3412 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
22:28:17.0211 3412 pciide - ok
22:28:17.0243 3412 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
22:28:17.0308 3412 pcmcia - ok
22:28:17.0664 3412 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
22:28:17.0879 3412 PEAUTH - ok
22:28:18.0043 3412 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
22:28:18.0132 3412 PptpMiniport - ok
22:28:18.0162 3412 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
22:28:18.0224 3412 Processor - ok
22:28:18.0291 3412 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
22:28:18.0352 3412 PSched - ok
22:28:18.0397 3412 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
22:28:18.0550 3412 ql2300 - ok
22:28:18.0588 3412 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
22:28:18.0642 3412 ql40xx - ok
22:28:18.0679 3412 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
22:28:18.0767 3412 QWAVEdrv - ok
22:28:18.0799 3412 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
22:28:18.0914 3412 RasAcd - ok
22:28:18.0965 3412 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:28:19.0050 3412 Rasl2tp - ok
22:28:19.0098 3412 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
22:28:19.0175 3412 RasPppoe - ok
22:28:19.0215 3412 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
22:28:19.0272 3412 RasSstp - ok
22:28:19.0321 3412 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
22:28:19.0419 3412 rdbss - ok
22:28:19.0447 3412 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:28:19.0538 3412 RDPCDD - ok
22:28:19.0570 3412 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
22:28:19.0692 3412 rdpdr - ok
22:28:19.0705 3412 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
22:28:19.0763 3412 RDPENCDD - ok
22:28:19.0819 3412 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
22:28:19.0899 3412 RDPWD - ok
22:28:19.0951 3412 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
22:28:20.0046 3412 rspndr - ok
22:28:20.0109 3412 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
22:28:20.0140 3412 sbp2port - ok
22:28:20.0205 3412 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
22:28:20.0298 3412 Serenum - ok
22:28:20.0325 3412 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
22:28:20.0416 3412 Serial - ok
22:28:20.0441 3412 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
22:28:20.0509 3412 sermouse - ok
22:28:20.0553 3412 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
22:28:20.0623 3412 sffdisk - ok
22:28:20.0648 3412 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
22:28:20.0712 3412 sffp_mmc - ok
22:28:20.0733 3412 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
22:28:20.0800 3412 sffp_sd - ok
22:28:20.0839 3412 sfloppy (40567781f0785c4a69411d1b40da8987) C:\Windows\system32\DRIVERS\sfloppy.sys
22:28:20.0905 3412 sfloppy - ok
22:28:20.0970 3412 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
22:28:21.0004 3412 SiSRaid2 - ok
22:28:21.0023 3412 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
22:28:21.0067 3412 SiSRaid4 - ok
22:28:21.0121 3412 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
22:28:21.0215 3412 Smb - ok
22:28:21.0300 3412 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
22:28:21.0337 3412 spldr - ok
22:28:21.0388 3412 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
22:28:21.0510 3412 srv - ok
22:28:21.0551 3412 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
22:28:21.0634 3412 srv2 - ok
22:28:21.0678 3412 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
22:28:21.0715 3412 srvnet - ok
22:28:21.0759 3412 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
22:28:21.0800 3412 swenum - ok
22:28:21.0865 3412 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
22:28:21.0908 3412 Symc8xx - ok
22:28:22.0156 3412 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
22:28:22.0206 3412 Sym_hi - ok
22:28:22.0596 3412 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
22:28:22.0639 3412 Sym_u3 - ok
22:28:22.0650 3412 szkg5 - ok
22:28:23.0159 3412 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
22:28:23.0446 3412 Tcpip - ok
22:28:23.0783 3412 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
22:28:23.0883 3412 Tcpip6 - ok
22:28:24.0154 3412 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
22:28:24.0265 3412 tcpipreg - ok
22:28:24.0304 3412 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
22:28:24.0396 3412 TDPIPE - ok
22:28:24.0907 3412 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
22:28:25.0024 3412 TDTCP - ok
22:28:25.0237 3412 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
22:28:25.0345 3412 tdx - ok
22:28:25.0636 3412 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
22:28:25.0682 3412 TermDD - ok
22:28:26.0057 3412 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:28:26.0146 3412 tssecsrv - ok
22:28:26.0183 3412 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
22:28:26.0244 3412 tunmp - ok
22:28:26.0304 3412 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
22:28:26.0366 3412 tunnel - ok
22:28:26.0392 3412 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
22:28:26.0432 3412 uagp35 - ok
22:28:26.0459 3412 UBHelper (00c8ce31657624a125fdb90efd554371) C:\Windows\system32\drivers\UBHelper.sys
22:28:26.0629 3412 UBHelper - ok
22:28:26.0885 3412 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
22:28:26.0996 3412 udfs - ok
22:28:27.0157 3412 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
22:28:27.0204 3412 uliagpkx - ok
22:28:27.0272 3412 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
22:28:27.0333 3412 uliahci - ok
22:28:27.0368 3412 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
22:28:27.0420 3412 UlSata - ok
22:28:27.0447 3412 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
22:28:27.0512 3412 ulsata2 - ok
22:28:27.0540 3412 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
22:28:27.0640 3412 umbus - ok
22:28:27.0786 3412 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:28:27.0866 3412 USBAAPL64 - ok
22:28:27.0972 3412 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
22:28:28.0066 3412 usbaudio - ok
22:28:28.0102 3412 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
22:28:28.0187 3412 usbccgp - ok
22:28:28.0224 3412 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
22:28:28.0383 3412 usbcir - ok
22:28:28.0760 3412 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
22:28:28.0859 3412 usbehci - ok
22:28:29.0083 3412 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
22:28:29.0188 3412 usbhub - ok
22:28:29.0226 3412 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
22:28:29.0309 3412 usbohci - ok
22:28:29.0348 3412 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
22:28:29.0479 3412 usbprint - ok
22:28:29.0807 3412 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:28:29.0868 3412 USBSTOR - ok
22:28:29.0900 3412 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
22:28:29.0954 3412 usbuhci - ok
22:28:30.0004 3412 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
22:28:30.0073 3412 usbvideo - ok
22:28:30.0109 3412 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
22:28:30.0212 3412 vga - ok
22:28:30.0240 3412 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
22:28:30.0309 3412 VgaSave - ok
22:28:30.0337 3412 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
22:28:30.0362 3412 viaide - ok
22:28:30.0388 3412 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
22:28:30.0419 3412 volmgr - ok
22:28:30.0480 3412 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
22:28:30.0525 3412 volmgrx - ok
22:28:30.0634 3412 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
22:28:30.0681 3412 volsnap - ok
22:28:30.0728 3412 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
22:28:30.0777 3412 vsmraid - ok
22:28:30.0826 3412 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
22:28:30.0911 3412 WacomPen - ok
22:28:31.0063 3412 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
22:28:31.0168 3412 Wanarp - ok
22:28:31.0176 3412 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
22:28:31.0239 3412 Wanarpv6 - ok
22:28:31.0309 3412 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
22:28:31.0353 3412 Wd - ok
22:28:31.0405 3412 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
22:28:31.0618 3412 WDC_SAM - ok
22:28:31.0670 3412 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
22:28:31.0754 3412 Wdf01000 - ok
22:28:31.0856 3412 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:28:31.0923 3412 WmiAcpi - ok
22:28:31.0972 3412 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
22:28:32.0048 3412 WpdUsb - ok
22:28:32.0084 3412 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
22:28:32.0194 3412 ws2ifsl - ok
22:28:32.0243 3412 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:28:32.0346 3412 WUDFRd - ok
22:28:32.0394 3412 MBR (0x1B8) (ef932eaa6ef4c94e66a7f6ceec7eb422) \Device\Harddisk0\DR0
22:28:33.0402 3412 \Device\Harddisk0\DR0 - ok
22:28:33.0435 3412 Boot (0x1200) (ce5ecc6a9953b79e6a66baf5a557c637) \Device\Harddisk0\DR0\Partition0
22:28:33.0436 3412 \Device\Harddisk0\DR0\Partition0 - ok
22:28:33.0460 3412 Boot (0x1200) (30d97b04df45726063ffbed6a6edc894) \Device\Harddisk0\DR0\Partition1
22:28:33.0461 3412 \Device\Harddisk0\DR0\Partition1 - ok
22:28:33.0462 3412 ============================================================
22:28:33.0462 3412 Scan finished
22:28:33.0462 3412 ============================================================
22:28:33.0491 4064 Detected object count: 0
22:28:33.0491 4064 Actual detected object count: 0
22:31:38.0523 4880 Deinitialize success

#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:38 PM

Posted 29 November 2011 - 11:36 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#4 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 30 November 2011 - 07:36 PM

checkup.txt:

Results of screen317's Security Check version 0.99.24
Windows Vista x64
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
ESET Online Scanner v3
McAfee Internet Security Suite
McAfee Virtual Technician
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Adobe Flash Player 9 (Out of date Flash Player installed!)
Adobe Flash Player ( 10.3.181.26) Flash Player Out of Date!
Mozilla Firefox (3.6.24) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````

#5 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 30 November 2011 - 07:52 PM

minitoolbox:

MiniToolBox by Farbar
Ran by Andy and Kristen (administrator) on 30-11-2011 at 19:48:27
Windows ™ Vista Home Premium Service Pack 2 (X64)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : AndyandKrist-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Networking Controller
Physical Address. . . . . . . . . : 00-1D-72-A5-CD-34
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b8da:37bd:7e70:9493%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 30, 2011 7:43:35 PM
Lease Expires . . . . . . . . . . : Thursday, December 01, 2011 7:43:35 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218109651
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0C-C8-EC-5E-00-1D-72-A5-CD-34
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{A5F9A929-8C54-4047-A14A-95F18EB46ECB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14c5:13a0:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::14c5:13a0:3f57:fefc%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.210
74.125.226.211
74.125.226.212
74.125.226.208
74.125.226.209



Pinging google.com [74.125.226.241] with 32 bytes of data:

Reply from 74.125.226.241: bytes=32 time=29ms TTL=53

Reply from 74.125.226.241: bytes=32 time=37ms TTL=53



Ping statistics for 74.125.226.241:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 29ms, Maximum = 37ms, Average = 33ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=84ms TTL=49

Reply from 209.191.122.70: bytes=32 time=75ms TTL=49



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 75ms, Maximum = 84ms, Average = 79ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 1d 72 a5 cd 34 ...... NVIDIA nForce 10/100/1000 Mbps Networking Controller
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.{A5F9A929-8C54-4047-A14A-95F18EB46ECB}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:14c5:13a0:3f57:fefc/128
On-link
10 276 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::14c5:13a0:3f57:fefc/128
On-link
10 276 fe80::b8da:37bd:7e70:9493/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\nvLsp64.dll [189440] (NVIDIA)
x64-Catalog9 02 C:\Windows\System32\nvLsp64.dll [189440] (NVIDIA)
x64-Catalog9 03 C:\Windows\System32\nvLsp64.dll [189440] (NVIDIA)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\nvLsp64.dll [189440] (NVIDIA)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/30/2011 07:46:18 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY SUITE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/30/2011 07:46:18 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY SUITE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/30/2011 07:45:02 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/30/2011 07:45:02 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/30/2011 07:43:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2011 07:28:07 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY SUITE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/30/2011 07:28:07 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY SUITE.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/30/2011 07:27:58 PM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 5392 (0x1510)

Thread address : 0x0000000077B46ECA

Thread message :

Build VSCORE.14.4.0.380 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\PROGRAM FILES\ACER\EMPOWERING TECHNOLOGY\NOTIFICATIONCENTER\FRAMEWORK.NOTIFICATIONCENTER.EXE
by C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (11/30/2011 07:20:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (11/30/2011 07:20:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (11/30/2011 07:44:37 PM) (Source: Service Control Manager) (User: )
Description: is3srv
szkg5

Error: (11/30/2011 07:43:33 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:42:05 PM on 11/30/2011 was unexpected.

Error: (11/30/2011 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: McAfee McShield150001Restart the service

Error: (11/30/2011 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (11/30/2011 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (11/30/2011 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (11/30/2011 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (11/30/2011 07:27:59 PM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (11/30/2011 07:21:00 PM) (Source: Service Control Manager) (User: )
Description: is3srv
szkg5

Error: (11/30/2011 07:20:48 PM) (Source: Service Control Manager) (User: )
Description: 30000stisvc


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acer Arcade Live Main Page (Version: 1.1.1331)
Acer Assist
Acer DV Magician (Version: 1.5.0920)
Acer DVDivine (Version: 3.2.1705)
Acer Empowering Technology (Version: 3.0.3008)
Acer eRecovery Management (Version: 3.0.3013)
Acer GameZone Console DTV 2.0.1.1
Acer HomeMedia (Version: 1.4.1331)
Acer HomeMedia Connect (Version: 1.4.4931)
Acer HomeMedia Trial Creator (Version: 1.4.1331)
Acer Registration
Acer ScreenSaver (Version: 4.01.0422)
Acer SlideShow DVD (Version: 1.5.1109)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 10 Plugin (Version: 10.3.181.26)
Adobe Flash Player 9 ActiveX (Version: 9)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Reader 8.2.6 (Version: 8.2.6)
Age of Empires Online (Version: 1.0.0000.129)
Agere Systems PCI-SV92EX Soft Modem
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.8.255.384)
AV Input Selection (Version: 1.02.0047)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.704)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.11)
CCScore (Version: 8.02.0000.0001)
CLUE Classic
DVDVideoSoftTB Toolbar (Version: )
ESET Online Scanner v3
eSobi v2 (Version: 2.0.3.000189)
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
fflink (Version: 6.02.1001.0001)
Free Audio CD Burner version 1.4
Free YouTube to MP3 Converter version 3.8
Google Talk Plugin (Version: 2.5.8.4958)
Hitman Pro 3.5 (Version: 3.5.9.130)
iTunes (Version: 10.5.0.142)
Kodak EasyShare software
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC (Version: 1.0)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
McAfee Internet Security Suite (Version: 11.0.623)
McAfee Virtual Technician (Version: 6.0.0.0)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Monopoly by Parker Brothers (Version: 1.0.406.0)
Mozilla Firefox (3.6.24) (Version: 3.6.24 (en-US))
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
netbrdg (Version: 7.01.0000.0001)
NTI Backup Now 5 (Version: 5.1.2.606)
NTI Backup Now Standard (Version: 5.1.2.606)
NTI Media Maker 8 (Version: 8.0.2.6329)
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager (Version: 1.00.6776)
OfotoXMI (Version: 8.02.1000.0001)
Picasa 3 (Version: 3.8)
PolarClock3 Screen Saver
Quick Startup 2.8.0.718
QuickTime (Version: 7.70.80.34)
Realtek High Definition Audio Driver (Version: 6.0.1.5591)
SFR (Version: 8.01.0000.0001)
SHASTA (Version: 7.01.0000.0001)
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.1 (Version: 5.1.112)
Sophos confic-a Cleanup Tool (Version: 1.0)
Spybot - Search & Destroy (Version: 1.6.2)
SQLXML 3.0 SP3 (Version: 3.30.3457.0)
staticcr (Version: 8.02.0000.0001)
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VPRINTOL (Version: 8.02.0000.0001)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR archiver
WIRELESS (Version: 8.02.0000.0001)
Xfire (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3837.62 MB
Available physical RAM: 2078.45 MB
Total Pagefile: 7879.75 MB
Available Pagefile: 5790.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3999.49 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:138.62 GB) (Free:17.93 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:140.97 GB) (Free:140.88 GB) NTFS

========================= Users: ========================================

User accounts for \\ANDYANDKRIST-PC

Administrator Andy and Kristen Guest


**** End of log ****

#6 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 30 November 2011 - 08:08 PM

Malwarebytes:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8281

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

11/30/2011 8:07:46 PM
mbam-log-2011-11-30 (20-07-46).txt

Scan type: Quick scan
Objects scanned: 173494
Time elapsed: 5 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:38 PM

Posted 30 November 2011 - 09:11 PM

..and GMER....

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 30 November 2011 - 09:19 PM

The gmer.log file was empty and the program told me that it detected nothing.

Please let me know if I can help in any other way. Thanks again.

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:38 PM

Posted 30 November 2011 - 09:58 PM

Which browser is getting redirected?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 December 2011 - 12:07 AM

firefox, though I believe IE was, too.

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:38 PM

Posted 01 December 2011 - 12:10 AM

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 andypierce

andypierce
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 December 2011 - 07:20 PM

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-01 19:10:09
-----------------------------
19:10:09.098 OS Version: Windows x64 6.0.6002 Service Pack 2
19:10:09.099 Number of processors: 3 586 0x202
19:10:09.100 ComputerName: ANDYANDKRIST-PC UserName:
19:10:10.341 Initialize success
19:11:14.185 AVAST engine defs: 11120101
19:11:54.157 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
19:11:54.163 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 6
19:11:56.180 Disk 0 MBR read successfully
19:11:56.186 Disk 0 MBR scan
19:11:56.199 Disk 0 unknown MBR code
19:11:56.206 Service scanning
19:12:06.129 Modules scanning
19:12:06.136 Disk 0 trace - called modules:
19:12:06.153 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys
19:12:06.162 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dd2790]
19:12:06.171 3 CLASSPNP.SYS[fffffa6000ee3c33] -> nt!IofCallDriver -> [0xfffffa8003cce930]
19:12:06.178 5 acpi.sys[fffffa60008fefde] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa80041035b0]
19:12:06.919 AVAST engine scan C:\Windows
19:12:26.951 AVAST engine scan C:\Windows\system32
19:16:22.290 AVAST engine scan C:\Windows\system32\drivers
19:16:43.347 AVAST engine scan C:\Users\Andy and Kristen
19:19:12.910 Disk 0 MBR has been saved successfully to "C:\Users\Andy and Kristen\Desktop\MBR.dat"
19:19:13.018 The log file has been saved successfully to "C:\Users\Andy and Kristen\Desktop\aswMBR.txt"

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:38 PM

Posted 01 December 2011 - 10:38 PM

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users