Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google links redirect to ad sites


  • This topic is locked This topic is locked
12 replies to this topic

#1 gdtms24

gdtms24

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 12:32 PM

So with in the last 48 hours I have had a problem with my computer. yesterday I got hit with Win 7 Security 2012 so I followed the instructions on this sites spyware removal guide and used Mbam and it took care of the problem I also used the progam from secunia and updated all of my programs. This morning though I clicked a google link and it redirected me to some other site.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 PM

Posted 11 December 2011 - 01:33 PM

Hello and welcome.

Please run these next.


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my review.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 gdtms24

gdtms24
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 01:47 PM

MiniToolBox by Farbar
Ran by K (administrator) on 11-12-2011 at 13:43:03
Microsoft Windows 7 Ultimate Service Pack 1 (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

D-Link DWA-552 XtremeN Desktop Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : K-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-21-91-FA-EF-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : D-Link DWA-552 XtremeN Desktop Adapter
Physical Address. . . . . . . . . : 00-21-91-FA-EF-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::556c:786a:c107:42f7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.194(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, December 11, 2011 12:19:35 PM
Lease Expires . . . . . . . . . . : Monday, December 12, 2011 12:19:35 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 218112401
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C1-6C-BA-00-23-54-0A-54-C4
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-23-54-0A-54-C4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9CC29D1F-1A73-4C7A-8AC7-DDAA3EBA4F03}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D6885688-F2F0-4757-B45E-9040DC25E219}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.227.49] with 32 bytes of data:
Reply from 74.125.227.49: bytes=32 time=59ms TTL=51
Reply from 74.125.227.49: bytes=32 time=59ms TTL=51

Ping statistics for 74.125.227.49:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 59ms, Maximum = 59ms, Average = 59ms

Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=95ms TTL=49
Reply from 98.137.149.56: bytes=32 time=93ms TTL=49

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 95ms, Average = 94ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...06 21 91 fa ef 99 ......Microsoft Virtual WiFi Miniport Adapter
11...00 21 91 fa ef 99 ......D-Link DWA-552 XtremeN Desktop Adapter
10...00 23 54 0a 54 c4 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.194 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.194 281
192.168.0.194 255.255.255.255 On-link 192.168.0.194 281
192.168.0.255 255.255.255.255 On-link 192.168.0.194 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.194 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.194 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::556c:786a:c107:42f7/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/11/2011 00:13:28 PM) (Source: MsiInstaller) (User: K)K
Description: Product: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - Update '{AC76BA86-A550-0000-A550-7A8C40000940}' could not be installed. Error code 1642. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/10/2011 08:26:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: ejyahoorecorder.exe, version: 1.2.3.0, time stamp: 0x4576081d
Faulting module name: ejyahoorecorder.exe, version: 1.2.3.0, time stamp: 0x4576081d
Exception code: 0xc0000005
Fault offset: 0x00010db0
Faulting process id: 0x1d8c
Faulting application start time: 0xejyahoorecorder.exe0
Faulting application path: ejyahoorecorder.exe1
Faulting module path: ejyahoorecorder.exe2
Report Id: ejyahoorecorder.exe3

Error: (12/09/2011 09:21:06 AM) (Source: Application Hang) (User: )
Description: The program YahooMessenger.exe version 11.0.0.2014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6ff0

Start Time: 01ccb5b0726fa2cb

Termination Time: 46

Application Path: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

Report Id: 067ea5ca-2271-11e1-8b8f-0023540a54c4

Error: (12/06/2011 09:56:28 AM) (Source: Application Hang) (User: )
Description: The program uTorrent.exe version 3.0.0.25460 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7530

Start Time: 01ccb3cdad239ebe

Termination Time: 7926

Application Path: C:\Program Files\uTorrent\uTorrent.exe

Report Id: 734560ad-201a-11e1-8b8f-0023540a54c4

Error: (12/01/2011 09:30:11 AM) (Source: Application Hang) (User: )
Description: The program YahooMessenger.exe version 11.0.0.2014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5a14

Start Time: 01ccae1aa23e4f3e

Termination Time: 738

Application Path: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

Report Id: f1af9d72-1c28-11e1-8b8f-0023540a54c4

Error: (11/28/2011 02:34:57 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 8.0.0.4325 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4120

Start Time: 01ccadfdef065c7c

Termination Time: 24

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 0be9d2c8-19f8-11e1-8b8f-0023540a54c4

Error: (11/18/2011 06:03:52 PM) (Source: Application Hang) (User: )
Description: The program uTorrent.exe version 3.0.0.25460 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 236c

Start Time: 01cca63da02d5013

Termination Time: 10181

Application Path: C:\Program Files\uTorrent\uTorrent.exe

Report Id: 8d1cc8e3-1239-11e1-8b8f-0023540a54c4

Error: (11/18/2011 09:11:14 AM) (Source: Application Hang) (User: )
Description: The program YahooMessenger.exe version 11.0.0.2014 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2444

Start Time: 01cca56e876d5509

Termination Time: 67

Application Path: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

Report Id: 2a7b1d06-11ef-11e1-8b8f-0023540a54c4

Error: (11/04/2011 10:16:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: Acrobat.exe, version: 9.0.0.332, time stamp: 0x4850eb76
Faulting module name: Acrobat.dll, version: 9.0.0.332, time stamp: 0x4850e755
Exception code: 0xc0000005
Fault offset: 0x0029cd4c
Faulting process id: 0x1030
Faulting application start time: 0xAcrobat.exe0
Faulting application path: Acrobat.exe1
Faulting module path: Acrobat.exe2
Report Id: Acrobat.exe3

Error: (11/03/2011 08:44:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: ejyahoorecorder.exe, version: 1.2.3.0, time stamp: 0x4576081d
Faulting module name: ejyahoorecorder.exe, version: 1.2.3.0, time stamp: 0x4576081d
Exception code: 0xc0000005
Fault offset: 0x00010db0
Faulting process id: 0xb70
Faulting application start time: 0xejyahoorecorder.exe0
Faulting application path: ejyahoorecorder.exe1
Faulting module path: ejyahoorecorder.exe2
Report Id: ejyahoorecorder.exe3


System errors:
=============
Error: (12/11/2011 00:19:56 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (12/11/2011 00:19:37 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (12/11/2011 00:19:36 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (12/11/2011 00:19:35 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (12/11/2011 00:19:33 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (12/11/2011 00:19:32 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

Error: (12/11/2011 00:18:23 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (12/11/2011 00:15:49 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (12/11/2011 00:15:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (12/11/2011 09:43:30 AM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (12/11/2011 00:13:28 PM) (Source: MsiInstaller)(User: K)K
Description: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch{AC76BA86-A550-0000-A550-7A8C40000940}1642(NULL)(NULL)(NULL)

Error: (12/10/2011 08:26:49 PM) (Source: Application Error)(User: )
Description: ejyahoorecorder.exe1.2.3.04576081dejyahoorecorder.exe1.2.3.04576081dc000000500010db01d8c01ccb7a3f0e3b6ebC:\Program Files\EjoyStudio\oRipa Yahoo Webcam Recorder1.2.2\files\ejyahoorecorder.exeC:\Program Files\EjoyStudio\oRipa Yahoo Webcam Recorder1.2.2\files\ejyahoorecorder.exe31d80eb0-2397-11e1-a017-0023540a54c4

Error: (12/09/2011 09:21:06 AM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.20146ff001ccb5b0726fa2cb46C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe067ea5ca-2271-11e1-8b8f-0023540a54c4

Error: (12/06/2011 09:56:28 AM) (Source: Application Hang)(User: )
Description: uTorrent.exe3.0.0.25460753001ccb3cdad239ebe7926C:\Program Files\uTorrent\uTorrent.exe734560ad-201a-11e1-8b8f-0023540a54c4

Error: (12/01/2011 09:30:11 AM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.20145a1401ccae1aa23e4f3e738C:\Program Files\Yahoo!\Messenger\YahooMessenger.exef1af9d72-1c28-11e1-8b8f-0023540a54c4

Error: (11/28/2011 02:34:57 PM) (Source: Application Hang)(User: )
Description: firefox.exe8.0.0.4325412001ccadfdef065c7c24C:\Program Files\Mozilla Firefox\firefox.exe0be9d2c8-19f8-11e1-8b8f-0023540a54c4

Error: (11/18/2011 06:03:52 PM) (Source: Application Hang)(User: )
Description: uTorrent.exe3.0.0.25460236c01cca63da02d501310181C:\Program Files\uTorrent\uTorrent.exe8d1cc8e3-1239-11e1-8b8f-0023540a54c4

Error: (11/18/2011 09:11:14 AM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2014244401cca56e876d550967C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe2a7b1d06-11ef-11e1-8b8f-0023540a54c4

Error: (11/04/2011 10:16:41 AM) (Source: Application Error)(User: )
Description: Acrobat.exe9.0.0.3324850eb76Acrobat.dll9.0.0.3324850e755c00000050029cd4c103001cc9b0275ed1612C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exeC:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.dllff1a4a64-06f7-11e1-8296-0023540a54c4

Error: (11/03/2011 08:44:05 PM) (Source: Application Error)(User: )
Description: ejyahoorecorder.exe1.2.3.04576081dejyahoorecorder.exe1.2.3.04576081dc000000500010db0b7001cc9a932b0a3ef9C:\Program Files\EjoyStudio\oRipa Yahoo Webcam Recorder1.2.2\files\ejyahoorecorder.exeC:\Program Files\EjoyStudio\oRipa Yahoo Webcam Recorder1.2.2\files\ejyahoorecorder.exe7a44b562-0686-11e1-8296-0023540a54c4


=========================== Installed Programs ============================

µTorrent (Version: 3.0.0)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 10 Plugin (Version: 10.3.183.11)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Reader X (10.1.1) (Version: 10.1.1)
AutoCAD 2008 - English (Version: 17.1.51.0)
Autodesk DWF Viewer 7 (Version: 7.2.0)
AutoSketch Release 10 (Version: 10.0.0.10)
EatCam Webcam Recorder 5.0 for Yahoo Messenger (Version: 5.0)
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Help (Version: 140.0.2.2)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Logitech High Quality Video (Version: 12.10.1113)
Logitech QuickCam (Version: 11.10.2030)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Mozilla Firefox 8.0 (x86 en-GB) (Version: 8.0)
oRipa Yahoo Webcam Recorder1.2.2 (Version: 1.2.2)
PDF Measure It
PeaZip 3.9
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Skype™ 5.5 (Version: 5.5.124)
VBA (2627.01) (Version: 6.03.00.9402)
VirtualCloneDrive
VLC media player 1.1.11 (Version: 1.1.11)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 2047.3 MB
Available physical RAM: 1158 MB
Total Pagefile: 4094.61 MB
Available Pagefile: 2986.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.88 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.52 GB) (Free:22.9 GB) NTFS
3 Drive d: (TV Movies Music) (Fixed) (Total:931.51 GB) (Free:46.11 GB) NTFS

========================= Users: ========================================

User accounts for \\K-PC

Administrator Guest K

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



13:45:07.0952 2720 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
13:45:08.0335 2720 ============================================================
13:45:08.0335 2720 Current date / time: 2011/12/11 13:45:08.0335
13:45:08.0335 2720 SystemInfo:
13:45:08.0335 2720
13:45:08.0335 2720 OS Version: 6.1.7601 ServicePack: 1.0
13:45:08.0335 2720 Product type: Workstation
13:45:08.0335 2720 ComputerName: K-PC
13:45:08.0335 2720 UserName: K
13:45:08.0335 2720 Windows directory: C:\Windows
13:45:08.0335 2720 System windows directory: C:\Windows
13:45:08.0335 2720 Processor architecture: Intel x86
13:45:08.0335 2720 Number of processors: 2
13:45:08.0335 2720 Page size: 0x1000
13:45:08.0335 2720 Boot type: Normal boot
13:45:08.0335 2720 ============================================================
13:45:16.0832 2720 Initialize success
13:45:18.0532 1168 ============================================================
13:45:18.0532 1168 Scan started
13:45:18.0532 1168 Mode: Manual;
13:45:18.0532 1168 ============================================================
13:45:19.0856 1168 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:45:19.0857 1168 1394ohci - ok
13:45:19.0905 1168 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:45:19.0907 1168 ACPI - ok
13:45:19.0938 1168 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:45:19.0939 1168 AcpiPmi - ok
13:45:20.0007 1168 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:45:20.0010 1168 adp94xx - ok
13:45:20.0027 1168 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:45:20.0029 1168 adpahci - ok
13:45:20.0042 1168 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:45:20.0043 1168 adpu320 - ok
13:45:20.0100 1168 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:45:20.0103 1168 AFD - ok
13:45:20.0122 1168 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:45:20.0123 1168 agp440 - ok
13:45:20.0145 1168 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:45:20.0146 1168 aic78xx - ok
13:45:20.0177 1168 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:45:20.0178 1168 aliide - ok
13:45:20.0215 1168 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:45:20.0215 1168 amdagp - ok
13:45:20.0235 1168 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:45:20.0236 1168 amdide - ok
13:45:20.0267 1168 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:45:20.0268 1168 AmdK8 - ok
13:45:20.0453 1168 amdkmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
13:45:20.0496 1168 amdkmdag - ok
13:45:20.0525 1168 amdkmdap (fb68e1b9cec598f0f69503f3aebb45dd) C:\Windows\system32\DRIVERS\atikmpag.sys
13:45:20.0526 1168 amdkmdap - ok
13:45:20.0546 1168 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:45:20.0547 1168 AmdPPM - ok
13:45:20.0583 1168 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:45:20.0584 1168 amdsata - ok
13:45:20.0618 1168 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:45:20.0620 1168 amdsbs - ok
13:45:20.0642 1168 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:45:20.0643 1168 amdxata - ok
13:45:20.0675 1168 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:45:20.0675 1168 AppID - ok
13:45:20.0711 1168 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:45:20.0712 1168 arc - ok
13:45:20.0730 1168 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:45:20.0731 1168 arcsas - ok
13:45:20.0751 1168 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:20.0752 1168 AsyncMac - ok
13:45:20.0782 1168 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:45:20.0783 1168 atapi - ok
13:45:20.0830 1168 athr (b01751cc563aecac09bbe36aaa21fbef) C:\Windows\system32\DRIVERS\athr.sys
13:45:20.0837 1168 athr - ok
13:45:21.0002 1168 atikmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
13:45:21.0044 1168 atikmdag - ok
13:45:21.0137 1168 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:45:21.0140 1168 b06bdrv - ok
13:45:21.0182 1168 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:45:21.0183 1168 b57nd60x - ok
13:45:21.0223 1168 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:45:21.0224 1168 Beep - ok
13:45:21.0237 1168 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:45:21.0237 1168 blbdrive - ok
13:45:21.0274 1168 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:45:21.0275 1168 bowser - ok
13:45:21.0291 1168 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:45:21.0292 1168 BrFiltLo - ok
13:45:21.0305 1168 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:45:21.0305 1168 BrFiltUp - ok
13:45:21.0339 1168 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:45:21.0341 1168 Brserid - ok
13:45:21.0363 1168 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:45:21.0363 1168 BrSerWdm - ok
13:45:21.0377 1168 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:45:21.0378 1168 BrUsbMdm - ok
13:45:21.0389 1168 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:45:21.0390 1168 BrUsbSer - ok
13:45:21.0408 1168 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:45:21.0409 1168 BTHMODEM - ok
13:45:21.0526 1168 catchme - ok
13:45:21.0554 1168 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:45:21.0555 1168 cdfs - ok
13:45:21.0603 1168 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
13:45:21.0604 1168 cdrom - ok
13:45:21.0636 1168 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:45:21.0636 1168 circlass - ok
13:45:21.0660 1168 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:45:21.0664 1168 CLFS - ok
13:45:21.0691 1168 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:45:21.0691 1168 CmBatt - ok
13:45:21.0725 1168 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:45:21.0726 1168 cmdide - ok
13:45:21.0748 1168 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:45:21.0750 1168 CNG - ok
13:45:21.0770 1168 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:45:21.0770 1168 Compbatt - ok
13:45:21.0807 1168 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:45:21.0808 1168 CompositeBus - ok
13:45:21.0830 1168 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:45:21.0830 1168 crcdisk - ok
13:45:21.0879 1168 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
13:45:21.0882 1168 CSC - ok
13:45:21.0937 1168 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:45:21.0938 1168 DfsC - ok
13:45:21.0954 1168 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:45:21.0954 1168 discache - ok
13:45:21.0983 1168 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:45:21.0984 1168 Disk - ok
13:45:22.0022 1168 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:45:22.0023 1168 drmkaud - ok
13:45:22.0065 1168 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:45:22.0070 1168 DXGKrnl - ok
13:45:22.0150 1168 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:45:22.0168 1168 ebdrv - ok
13:45:22.0206 1168 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
13:45:22.0206 1168 ElbyCDIO - ok
13:45:22.0231 1168 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:45:22.0234 1168 elxstor - ok
13:45:22.0261 1168 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:45:22.0262 1168 ErrDev - ok
13:45:22.0292 1168 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:45:22.0293 1168 exfat - ok
13:45:22.0310 1168 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:45:22.0312 1168 fastfat - ok
13:45:22.0341 1168 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:45:22.0342 1168 fdc - ok
13:45:22.0368 1168 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:45:22.0369 1168 FileInfo - ok
13:45:22.0385 1168 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:45:22.0386 1168 Filetrace - ok
13:45:22.0409 1168 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:45:22.0410 1168 flpydisk - ok
13:45:22.0426 1168 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:45:22.0428 1168 FltMgr - ok
13:45:22.0496 1168 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:45:22.0496 1168 FsDepends - ok
13:45:22.0510 1168 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:45:22.0511 1168 Fs_Rec - ok
13:45:22.0572 1168 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:45:22.0573 1168 fvevol - ok
13:45:22.0602 1168 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:45:22.0603 1168 gagp30kx - ok
13:45:22.0626 1168 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:45:22.0627 1168 hcw85cir - ok
13:45:22.0677 1168 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
13:45:22.0679 1168 HdAudAddService - ok
13:45:22.0715 1168 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:45:22.0717 1168 HDAudBus - ok
13:45:22.0725 1168 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:45:22.0726 1168 HidBatt - ok
13:45:22.0739 1168 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:45:22.0740 1168 HidBth - ok
13:45:22.0755 1168 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:45:22.0756 1168 HidIr - ok
13:45:22.0776 1168 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
13:45:22.0776 1168 HidUsb - ok
13:45:22.0812 1168 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:45:22.0813 1168 HpSAMD - ok
13:45:22.0863 1168 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:45:22.0867 1168 HTTP - ok
13:45:22.0897 1168 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:45:22.0897 1168 hwpolicy - ok
13:45:22.0938 1168 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:45:22.0939 1168 i8042prt - ok
13:45:22.0973 1168 iaoner (e6d35f3aa51a65eb35c1f2340154a25e) C:\Windows\system32\drivers\indisuh.sys
13:45:22.0974 1168 iaoner - ok
13:45:23.0068 1168 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:45:23.0071 1168 iaStorV - ok
13:45:23.0143 1168 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:45:23.0143 1168 iirsp - ok
13:45:23.0186 1168 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:45:23.0186 1168 intelide - ok
13:45:23.0201 1168 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:45:23.0202 1168 intelppm - ok
13:45:23.0228 1168 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:45:23.0229 1168 IpFilterDriver - ok
13:45:23.0254 1168 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:45:23.0255 1168 IPMIDRV - ok
13:45:23.0265 1168 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:45:23.0266 1168 IPNAT - ok
13:45:23.0296 1168 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:45:23.0297 1168 IRENUM - ok
13:45:23.0324 1168 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:45:23.0325 1168 isapnp - ok
13:45:23.0347 1168 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:45:23.0349 1168 iScsiPrt - ok
13:45:23.0383 1168 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:45:23.0383 1168 kbdclass - ok
13:45:23.0398 1168 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
13:45:23.0398 1168 kbdhid - ok
13:45:23.0424 1168 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:45:23.0425 1168 KSecDD - ok
13:45:23.0450 1168 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:45:23.0451 1168 KSecPkg - ok
13:45:23.0500 1168 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:45:23.0500 1168 lltdio - ok
13:45:23.0542 1168 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:45:23.0543 1168 LSI_FC - ok
13:45:23.0564 1168 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:45:23.0565 1168 LSI_SAS - ok
13:45:23.0574 1168 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:45:23.0575 1168 LSI_SAS2 - ok
13:45:23.0585 1168 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:45:23.0586 1168 LSI_SCSI - ok
13:45:23.0607 1168 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:45:23.0608 1168 luafv - ok
13:45:23.0686 1168 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\Windows\system32\DRIVERS\LVcKap.sys
13:45:23.0697 1168 LVcKap - ok
13:45:23.0758 1168 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\Windows\system32\DRIVERS\LVMVDrv.sys
13:45:23.0770 1168 LVMVDrv - ok
13:45:23.0807 1168 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
13:45:23.0808 1168 LVPr2Mon - ok
13:45:23.0949 1168 LVUSBSta (a730fc8671a60666d6e877c544dd7cd4) C:\Windows\system32\drivers\lvusbsta.sys
13:45:23.0949 1168 LVUSBSta - ok
13:45:24.0000 1168 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
13:45:24.0000 1168 MBAMProtector - ok
13:45:24.0016 1168 MBAMSwissArmy - ok
13:45:24.0089 1168 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:45:24.0090 1168 megasas - ok
13:45:24.0121 1168 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:45:24.0123 1168 MegaSR - ok
13:45:24.0145 1168 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:45:24.0146 1168 Modem - ok
13:45:24.0178 1168 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:45:24.0178 1168 monitor - ok
13:45:24.0217 1168 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:45:24.0218 1168 mouclass - ok
13:45:24.0235 1168 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:45:24.0236 1168 mouhid - ok
13:45:24.0263 1168 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:45:24.0264 1168 mountmgr - ok
13:45:24.0291 1168 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:45:24.0292 1168 mpio - ok
13:45:24.0320 1168 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:45:24.0321 1168 mpsdrv - ok
13:45:24.0357 1168 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:45:24.0358 1168 MRxDAV - ok
13:45:24.0392 1168 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:45:24.0394 1168 mrxsmb - ok
13:45:24.0424 1168 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:45:24.0426 1168 mrxsmb10 - ok
13:45:24.0441 1168 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:45:24.0442 1168 mrxsmb20 - ok
13:45:24.0483 1168 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:45:24.0484 1168 msahci - ok
13:45:24.0519 1168 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:45:24.0520 1168 msdsm - ok
13:45:24.0569 1168 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:45:24.0570 1168 Msfs - ok
13:45:24.0580 1168 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:45:24.0581 1168 mshidkmdf - ok
13:45:24.0591 1168 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:45:24.0592 1168 msisadrv - ok
13:45:24.0618 1168 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:45:24.0619 1168 MSKSSRV - ok
13:45:24.0637 1168 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:45:24.0638 1168 MSPCLOCK - ok
13:45:24.0646 1168 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:45:24.0647 1168 MSPQM - ok
13:45:24.0668 1168 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:45:24.0670 1168 MsRPC - ok
13:45:24.0689 1168 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:45:24.0690 1168 mssmbios - ok
13:45:24.0821 1168 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:45:24.0822 1168 MSTEE - ok
13:45:24.0883 1168 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:45:24.0884 1168 MTConfig - ok
13:45:24.0928 1168 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
13:45:24.0929 1168 MTsensor - ok
13:45:24.0944 1168 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:45:24.0945 1168 Mup - ok
13:45:24.0985 1168 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:45:24.0988 1168 NativeWifiP - ok
13:45:25.0028 1168 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:45:25.0032 1168 NDIS - ok
13:45:25.0062 1168 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:45:25.0063 1168 NdisCap - ok
13:45:25.0087 1168 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:45:25.0087 1168 NdisTapi - ok
13:45:25.0112 1168 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:45:25.0113 1168 Ndisuio - ok
13:45:25.0148 1168 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:45:25.0149 1168 NdisWan - ok
13:45:25.0213 1168 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:45:25.0213 1168 NDProxy - ok
13:45:25.0275 1168 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:45:25.0276 1168 NetBIOS - ok
13:45:25.0307 1168 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:45:25.0309 1168 NetBT - ok
13:45:25.0353 1168 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:45:25.0354 1168 nfrd960 - ok
13:45:25.0378 1168 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:45:25.0379 1168 Npfs - ok
13:45:25.0399 1168 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:45:25.0400 1168 nsiproxy - ok
13:45:25.0452 1168 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:45:25.0459 1168 Ntfs - ok
13:45:25.0480 1168 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:45:25.0480 1168 Null - ok
13:45:25.0510 1168 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:45:25.0512 1168 nvraid - ok
13:45:25.0545 1168 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:45:25.0546 1168 nvstor - ok
13:45:25.0558 1168 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:45:25.0559 1168 nv_agp - ok
13:45:25.0588 1168 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:45:25.0589 1168 ohci1394 - ok
13:45:25.0657 1168 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:45:25.0657 1168 Parport - ok
13:45:25.0692 1168 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:45:25.0693 1168 partmgr - ok
13:45:25.0712 1168 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:45:25.0712 1168 Parvdm - ok
13:45:25.0770 1168 pbfilter (2f6e885c432927a186c2e352c8a1cbf4) C:\Program Files\PeerBlock\pbfilter.sys
13:45:25.0771 1168 pbfilter - ok
13:45:25.0807 1168 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:45:25.0808 1168 pci - ok
13:45:25.0817 1168 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:45:25.0817 1168 pciide - ok
13:45:25.0842 1168 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:45:25.0843 1168 pcmcia - ok
13:45:25.0866 1168 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:45:25.0867 1168 pcw - ok
13:45:25.0890 1168 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:45:25.0893 1168 PEAUTH - ok
13:45:25.0952 1168 PID_0928 (5bd2c6d982481d548107c602e7ccfbbc) C:\Windows\system32\DRIVERS\LV561AV.SYS
13:45:25.0953 1168 PID_0928 - ok
13:45:25.0998 1168 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:45:25.0999 1168 PptpMiniport - ok
13:45:26.0016 1168 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:45:26.0017 1168 Processor - ok
13:45:26.0059 1168 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:45:26.0061 1168 Psched - ok
13:45:26.0099 1168 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
13:45:26.0100 1168 PSI - ok
13:45:26.0140 1168 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:45:26.0148 1168 ql2300 - ok
13:45:26.0170 1168 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:45:26.0171 1168 ql40xx - ok
13:45:26.0190 1168 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:45:26.0191 1168 QWAVEdrv - ok
13:45:26.0205 1168 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:45:26.0206 1168 RasAcd - ok
13:45:26.0240 1168 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:45:26.0242 1168 RasAgileVpn - ok
13:45:26.0265 1168 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:45:26.0266 1168 Rasl2tp - ok
13:45:26.0298 1168 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:45:26.0299 1168 RasPppoe - ok
13:45:26.0328 1168 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:45:26.0329 1168 RasSstp - ok
13:45:26.0361 1168 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:45:26.0363 1168 rdbss - ok
13:45:26.0381 1168 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:45:26.0382 1168 rdpbus - ok
13:45:26.0413 1168 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:45:26.0414 1168 RDPCDD - ok
13:45:26.0462 1168 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
13:45:26.0463 1168 RDPDR - ok
13:45:26.0482 1168 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:45:26.0482 1168 RDPENCDD - ok
13:45:26.0495 1168 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:45:26.0496 1168 RDPREFMP - ok
13:45:26.0525 1168 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
13:45:26.0525 1168 RdpVideoMiniport - ok
13:45:26.0549 1168 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:45:26.0551 1168 RDPWD - ok
13:45:26.0574 1168 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:45:26.0576 1168 rdyboost - ok
13:45:26.0638 1168 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:45:26.0639 1168 rspndr - ok
13:45:26.0686 1168 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:45:26.0689 1168 RTL8167 - ok
13:45:26.0713 1168 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
13:45:26.0714 1168 s3cap - ok
13:45:26.0753 1168 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:45:26.0754 1168 sbp2port - ok
13:45:26.0786 1168 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:45:26.0787 1168 scfilter - ok
13:45:26.0827 1168 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:45:26.0828 1168 secdrv - ok
13:45:26.0872 1168 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:45:26.0873 1168 Serenum - ok
13:45:26.0885 1168 Serial (14c4cdb1651825452f210bb6ae0c0997) C:\Windows\system32\DRIVERS\serial.sys
13:45:26.0886 1168 Serial - ok
13:45:26.0910 1168 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:45:26.0911 1168 sermouse - ok
13:45:26.0946 1168 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:45:26.0947 1168 sffdisk - ok
13:45:26.0955 1168 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:45:26.0955 1168 sffp_mmc - ok
13:45:26.0965 1168 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:45:26.0966 1168 sffp_sd - ok
13:45:26.0979 1168 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:45:26.0980 1168 sfloppy - ok
13:45:27.0009 1168 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:45:27.0010 1168 sisagp - ok
13:45:27.0040 1168 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:45:27.0041 1168 SiSRaid2 - ok
13:45:27.0062 1168 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:45:27.0063 1168 SiSRaid4 - ok
13:45:27.0088 1168 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:45:27.0089 1168 Smb - ok
13:45:27.0116 1168 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:45:27.0116 1168 spldr - ok
13:45:27.0167 1168 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:45:27.0169 1168 srv - ok
13:45:27.0180 1168 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:45:27.0182 1168 srv2 - ok
13:45:27.0210 1168 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:45:27.0211 1168 srvnet - ok
13:45:27.0242 1168 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:45:27.0243 1168 stexstor - ok
13:45:27.0285 1168 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
13:45:27.0286 1168 StillCam - ok
13:45:27.0326 1168 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
13:45:27.0327 1168 storflt - ok
13:45:27.0348 1168 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
13:45:27.0349 1168 storvsc - ok
13:45:27.0369 1168 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:45:27.0370 1168 swenum - ok
13:45:27.0389 1168 Synth3dVsc - ok
13:45:27.0446 1168 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:45:27.0453 1168 Tcpip - ok
13:45:27.0503 1168 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:45:27.0511 1168 TCPIP6 - ok
13:45:27.0541 1168 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:45:27.0541 1168 tcpipreg - ok
13:45:27.0572 1168 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:45:27.0572 1168 TDPIPE - ok
13:45:27.0581 1168 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:45:27.0582 1168 TDTCP - ok
13:45:27.0615 1168 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:45:27.0616 1168 tdx - ok
13:45:27.0644 1168 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:45:27.0644 1168 TermDD - ok
13:45:27.0695 1168 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:45:27.0696 1168 tssecsrv - ok
13:45:27.0733 1168 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:45:27.0734 1168 TsUsbFlt - ok
13:45:27.0742 1168 tsusbhub - ok
13:45:27.0776 1168 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:45:27.0778 1168 tunnel - ok
13:45:27.0802 1168 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:45:27.0803 1168 uagp35 - ok
13:45:27.0845 1168 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:45:27.0847 1168 udfs - ok
13:45:27.0891 1168 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:45:27.0892 1168 uliagpkx - ok
13:45:27.0921 1168 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
13:45:27.0921 1168 umbus - ok
13:45:27.0947 1168 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:45:27.0948 1168 UmPass - ok
13:45:27.0974 1168 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
13:45:27.0975 1168 usbccgp - ok
13:45:28.0008 1168 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:45:28.0009 1168 usbcir - ok
13:45:28.0034 1168 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
13:45:28.0035 1168 usbehci - ok
13:45:28.0055 1168 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:45:28.0057 1168 usbhub - ok
13:45:28.0069 1168 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
13:45:28.0070 1168 usbohci - ok
13:45:28.0101 1168 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:45:28.0102 1168 usbprint - ok
13:45:28.0120 1168 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:45:28.0121 1168 USBSTOR - ok
13:45:28.0136 1168 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
13:45:28.0136 1168 usbuhci - ok
13:45:28.0167 1168 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys
13:45:28.0168 1168 VClone - ok
13:45:28.0198 1168 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:45:28.0199 1168 vdrvroot - ok
13:45:28.0218 1168 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:45:28.0218 1168 vga - ok
13:45:28.0237 1168 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:45:28.0238 1168 VgaSave - ok
13:45:28.0253 1168 VGPU - ok
13:45:28.0289 1168 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:45:28.0291 1168 vhdmp - ok
13:45:28.0320 1168 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:45:28.0321 1168 viaagp - ok
13:45:28.0340 1168 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:45:28.0341 1168 ViaC7 - ok
13:45:28.0355 1168 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:45:28.0357 1168 viaide - ok
13:45:28.0396 1168 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
13:45:28.0398 1168 vmbus - ok
13:45:28.0427 1168 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
13:45:28.0427 1168 VMBusHID - ok
13:45:28.0449 1168 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:45:28.0450 1168 volmgr - ok
13:45:28.0475 1168 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:45:28.0478 1168 volmgrx - ok
13:45:28.0508 1168 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:45:28.0510 1168 volsnap - ok
13:45:28.0539 1168 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:45:28.0541 1168 vsmraid - ok
13:45:28.0566 1168 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:45:28.0566 1168 vwifibus - ok
13:45:28.0582 1168 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:45:28.0583 1168 vwififlt - ok
13:45:28.0615 1168 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
13:45:28.0616 1168 vwifimp - ok
13:45:28.0642 1168 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:45:28.0643 1168 WacomPen - ok
13:45:28.0690 1168 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:45:28.0691 1168 WANARP - ok
13:45:28.0698 1168 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:45:28.0698 1168 Wanarpv6 - ok
13:45:28.0728 1168 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:45:28.0729 1168 Wd - ok
13:45:28.0758 1168 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:45:28.0762 1168 Wdf01000 - ok
13:45:28.0813 1168 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:45:28.0813 1168 WfpLwf - ok
13:45:28.0833 1168 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:45:28.0834 1168 WIMMount - ok
13:45:28.0888 1168 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
13:45:28.0889 1168 WinUsb - ok
13:45:28.0919 1168 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:45:28.0920 1168 WmiAcpi - ok
13:45:28.0960 1168 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:45:28.0961 1168 ws2ifsl - ok
13:45:28.0999 1168 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
13:45:28.0999 1168 WSDPrintDevice - ok
13:45:29.0041 1168 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:45:29.0043 1168 WudfPf - ok
13:45:29.0070 1168 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:45:29.0072 1168 WUDFRd - ok
13:45:29.0123 1168 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:45:29.0128 1168 \Device\Harddisk0\DR0 - ok
13:45:29.0148 1168 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
13:45:29.0152 1168 \Device\Harddisk1\DR1 - ok
13:45:29.0156 1168 Boot (0x1200) (892648489def1629b78e336bb654fb5f) \Device\Harddisk0\DR0\Partition0
13:45:29.0157 1168 \Device\Harddisk0\DR0\Partition0 - ok
13:45:29.0162 1168 Boot (0x1200) (495ee981dffc4fd26fb5e9e5b64473dd) \Device\Harddisk1\DR1\Partition0
13:45:29.0163 1168 \Device\Harddisk1\DR1\Partition0 - ok
13:45:29.0165 1168 ============================================================
13:45:29.0165 1168 Scan finished
13:45:29.0165 1168 ============================================================
13:45:29.0178 3564 Detected object count: 0
13:45:29.0178 3564 Actual detected object count: 0
13:45:43.0714 5736 Deinitialize success



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8349

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

12/11/2011 1:41:34 PM
mbam-log-2011-12-11 (13-41-29).txt

Scan type: Quick scan
Objects scanned: 166022
Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\kmsemulator.exe (RiskWare.Tool.CK) -> No action taken.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 PM

Posted 11 December 2011 - 02:24 PM

Please Download this file, Click Me
Eight-click on winsockfix.bat and click on Run as Administrator.



Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 gdtms24

gdtms24
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 03:04 PM

GooredFix by jpshortstuff (03.07.10.1)
Log created at 14:55 on 11/12/2011 (K)
Firefox version 8.0 (en-GB)

========== GooredScan ==========

(none)

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [17:07 11/12/2011]
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [17:06 11/12/2011]

C:\Users\K\Application Data\Mozilla\Firefox\Profiles\v99u5swa.default\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(none)

-=E.O.F=-


tried a few links but no redirects one site didnt load.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 PM

Posted 11 December 2011 - 03:29 PM

Probably now need to clear the web browser's cache
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 gdtms24

gdtms24
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 05:51 PM

Did that just got a Popup

#8 gdtms24

gdtms24
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 06:39 PM

I just tried to open my Windows Fire wall and got the windows firewall error code 0x80070424. Should I open a new topic or contiue with this one.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 PM

Posted 11 December 2011 - 07:07 PM

I think we have a ZeroAccess rootkit taking over. Lets get over to the other forum while we can run tools.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and

Malware Removal Logs
and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Include a link back to this topic.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 gdtms24

gdtms24
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 07:54 PM

I saved DDS to my desktop but instead of opening and running it opens up as notepad document

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 PM

Posted 11 December 2011 - 08:09 PM

please download this file: xp_scr_fix.

Unpack the file onto your desktop and double-click it. You will be asked if you wish to merge the file with you registry, say yes.

You should then be able to run DDS.scr.

W7
Please try this download: scr_fix_w7.zip

Vista
please try this: scrfx_vista
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 gdtms24

gdtms24
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:04 PM

Posted 11 December 2011 - 08:25 PM

Thanks got it to run and posted the info from DDS and GEMR in the other forum I pasted the link below.

http://www.bleepingcomputer.com/forums/topic431954.html

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 PM

Posted 12 December 2011 - 05:08 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 3 - 5 days and ALL logs are amswered.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users