Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus - help!!!!


  • Please log in to reply
18 replies to this topic

#1 blasky

blasky

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 14 December 2011 - 03:03 PM

Hi All -

New to the forum and I have the google redirect virus. I am not a "techie" per se, but am really good at following instructions. Was wondering if anyone could walk me through the removal process Step-by-Step so I dont mess anything up on my PC, and can get rid of this once and for all. Been so annoying not being able to do proper searches. Also now my browsers (chrome and IE are really starting to run slow) and lately my bottomw menu bar along the bottom of my screen has been disappearing (right now I cannot see my start menu, clock ,etc... or any open apps on the bottom). Would really like to get rid of this if I could.

Thanks so much.. and appreciate any help.suggestions, tips.

Brian

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:19 AM

Posted 14 December 2011 - 04:12 PM

Hello and welcome

Please run the tool here How to remove Google Redirects

When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 blasky

blasky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 14 December 2011 - 11:53 PM

Hi Boopme -

Thanks for the quick reply. I proceeded with Step 1 as described: clicked on the link. downloaded the Kapersky TTDSKiller app, renamed it, and then ran the scan. After about 11 seconds, the scan completed (processed 265 objects) and No Threats Found.

Seems weird since all the symptom I am experience seem like a redirect infection. Now what? Run Malwarebytes? Mind you... I did not disable my virus programs currently running... but only because the instructions did not specify to do so.

Any advice, tips, suggestions greatly appreciated.

Thanks,

Brian

#4 dewalt

dewalt

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:08:19 AM

Posted 15 December 2011 - 02:53 AM

I am also having this problem. Very annoying. I had (at least I hope this is the right tense), the Win 7 Security 2012 malware/trojan and have gotten most of it cleaned up. Have backed up both HDs, multiple partitions in second by Cobian Backup 10 as was recommended elsewhere in BleepingComputer. Windows 7 Ultimate

I would also like to run the above mentioned log and post it for help, but do not want to intrude on someone else's thread. So I will run the log or whatever was mentioned above (cannot see it since in reply mode) then wait for someone to tell me where to post it for help.

Do not want to interfere until Blasty gets his problem resolved

Thanks in advance.

Fairweather

#5 Monkey2000

Monkey2000

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:19 PM

Posted 15 December 2011 - 08:47 AM

I had the same issue for two clients, one using a windows xp machine and one using a windows 7 machine. The below link helped after several hours on running 10 different virus checks and a rebuild. I can promise the below method will fix the issue however it seemed to work a treat on the two desktops i worked on.

http://www.brighthub.com/internet/security-privacy/articles/73919.aspx

download Rkill and TDSSKILLER onto a usb stick.

Reboot into safe mode with networking

Run Rkill - this will pinpoint the where the location of the virus might be.

Then after running RKILL run TDSSKILLER, this will pick on the infected file and remove/cure it.

This might require a reboot, if it does reboot back into safe mode with networking and test if google redirection has rectified itself.

I hope this helps

Andy

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:19 AM

Posted 15 December 2011 - 02:23 PM

Yes please run MBAM ..
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 blasky

blasky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 19 December 2011 - 02:56 AM

Ok.. figured out how to get the report from TDSSkiller. Zero (0) threats found. here is the report from step 1. Will wait for your next instructions:



23:51:20.0770 1444 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
23:51:21.0238 1444 ============================================================
23:51:21.0238 1444 Current date / time: 2011/12/18 23:51:21.0238
23:51:21.0238 1444 SystemInfo:
23:51:21.0238 1444
23:51:21.0238 1444 OS Version: 6.1.7601 ServicePack: 1.0
23:51:21.0238 1444 Product type: Workstation
23:51:21.0238 1444 ComputerName: BRIAN-HP
23:51:21.0238 1444 UserName: Brian
23:51:21.0238 1444 Windows directory: C:\Windows
23:51:21.0238 1444 System windows directory: C:\Windows
23:51:21.0238 1444 Running under WOW64
23:51:21.0238 1444 Processor architecture: Intel x64
23:51:21.0238 1444 Number of processors: 4
23:51:21.0238 1444 Page size: 0x1000
23:51:21.0238 1444 Boot type: Normal boot
23:51:21.0238 1444 ============================================================
23:51:21.0753 1444 Initialize success
23:51:23.0251 5596 ============================================================
23:51:23.0251 5596 Scan started
23:51:23.0251 5596 Mode: Manual;
23:51:23.0251 5596 ============================================================
23:51:23.0703 5596 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:51:23.0719 5596 1394ohci - ok
23:51:23.0812 5596 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:51:23.0812 5596 ACPI - ok
23:51:23.0906 5596 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:51:23.0906 5596 AcpiPmi - ok
23:51:24.0015 5596 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:51:24.0015 5596 adp94xx - ok
23:51:24.0124 5596 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:51:24.0124 5596 adpahci - ok
23:51:24.0218 5596 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:51:24.0218 5596 adpu320 - ok
23:51:24.0343 5596 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
23:51:24.0358 5596 AFD - ok
23:51:24.0468 5596 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
23:51:24.0514 5596 AgereSoftModem - ok
23:51:24.0608 5596 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:51:24.0608 5596 agp440 - ok
23:51:24.0702 5596 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:51:24.0702 5596 aliide - ok
23:51:24.0795 5596 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:51:24.0795 5596 amdide - ok
23:51:24.0889 5596 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:51:24.0889 5596 AmdK8 - ok
23:51:24.0967 5596 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:51:24.0967 5596 AmdPPM - ok
23:51:25.0076 5596 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:51:25.0076 5596 amdsata - ok
23:51:25.0185 5596 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:51:25.0185 5596 amdsbs - ok
23:51:25.0294 5596 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:51:25.0294 5596 amdxata - ok
23:51:25.0388 5596 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:51:25.0388 5596 AppID - ok
23:51:25.0513 5596 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:51:25.0513 5596 arc - ok
23:51:25.0591 5596 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:51:25.0591 5596 arcsas - ok
23:51:25.0684 5596 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:51:25.0700 5596 AsyncMac - ok
23:51:25.0794 5596 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:51:25.0794 5596 atapi - ok
23:51:25.0903 5596 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
23:51:25.0950 5596 athr - ok
23:51:26.0090 5596 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
23:51:26.0090 5596 AVGIDSDriver - ok
23:51:26.0168 5596 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
23:51:26.0168 5596 AVGIDSEH - ok
23:51:26.0262 5596 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
23:51:26.0262 5596 AVGIDSFilter - ok
23:51:26.0371 5596 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
23:51:26.0371 5596 Avgldx64 - ok
23:51:26.0386 5596 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
23:51:26.0386 5596 Avgmfx64 - ok
23:51:26.0511 5596 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
23:51:26.0511 5596 Avgrkx64 - ok
23:51:26.0589 5596 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
23:51:26.0589 5596 Avgtdia - ok
23:51:26.0730 5596 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:51:26.0730 5596 b06bdrv - ok
23:51:26.0839 5596 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:51:26.0839 5596 b57nd60a - ok
23:51:27.0088 5596 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:51:27.0120 5596 BCM43XX - ok
23:51:27.0229 5596 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:51:27.0229 5596 Beep - ok
23:51:27.0354 5596 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:51:27.0354 5596 blbdrive - ok
23:51:27.0447 5596 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:51:27.0447 5596 bowser - ok
23:51:27.0494 5596 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:51:27.0494 5596 BrFiltLo - ok
23:51:27.0588 5596 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:51:27.0588 5596 BrFiltUp - ok
23:51:27.0713 5596 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
23:51:27.0713 5596 Brserid - ok
23:51:27.0806 5596 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:51:27.0806 5596 BrSerWdm - ok
23:51:27.0915 5596 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:51:27.0915 5596 BrUsbMdm - ok
23:51:28.0009 5596 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:51:28.0009 5596 BrUsbSer - ok
23:51:28.0118 5596 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
23:51:28.0118 5596 BthEnum - ok
23:51:28.0212 5596 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:51:28.0212 5596 BTHMODEM - ok
23:51:28.0305 5596 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
23:51:28.0305 5596 BthPan - ok
23:51:28.0415 5596 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
23:51:28.0446 5596 BTHPORT - ok
23:51:28.0555 5596 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
23:51:28.0555 5596 BTHUSB - ok
23:51:28.0602 5596 catchme - ok
23:51:28.0695 5596 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:51:28.0695 5596 cdfs - ok
23:51:28.0789 5596 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
23:51:28.0789 5596 cdrom - ok
23:51:28.0929 5596 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:51:28.0929 5596 circlass - ok
23:51:29.0023 5596 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:51:29.0023 5596 CLFS - ok
23:51:29.0132 5596 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:51:29.0132 5596 CmBatt - ok
23:51:29.0226 5596 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:51:29.0226 5596 cmdide - ok
23:51:29.0335 5596 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
23:51:29.0335 5596 CNG - ok
23:51:29.0444 5596 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:51:29.0444 5596 Compbatt - ok
23:51:29.0522 5596 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:51:29.0522 5596 CompositeBus - ok
23:51:29.0616 5596 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:51:29.0616 5596 crcdisk - ok
23:51:29.0756 5596 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:51:29.0756 5596 DfsC - ok
23:51:29.0834 5596 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:51:29.0834 5596 discache - ok
23:51:29.0959 5596 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:51:29.0959 5596 Disk - ok
23:51:30.0053 5596 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:51:30.0053 5596 drmkaud - ok
23:51:30.0162 5596 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:51:30.0177 5596 DXGKrnl - ok
23:51:30.0333 5596 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:51:30.0380 5596 ebdrv - ok
23:51:30.0505 5596 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:51:30.0521 5596 elxstor - ok
23:51:30.0583 5596 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:51:30.0583 5596 ErrDev - ok
23:51:30.0739 5596 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:51:30.0739 5596 exfat - ok
23:51:30.0833 5596 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:51:30.0833 5596 fastfat - ok
23:51:30.0926 5596 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:51:30.0926 5596 fdc - ok
23:51:31.0020 5596 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:51:31.0020 5596 FileInfo - ok
23:51:31.0098 5596 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:51:31.0098 5596 Filetrace - ok
23:51:31.0207 5596 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:51:31.0207 5596 flpydisk - ok
23:51:31.0301 5596 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:51:31.0301 5596 FltMgr - ok
23:51:31.0410 5596 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:51:31.0425 5596 FsDepends - ok
23:51:31.0519 5596 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
23:51:31.0519 5596 Fs_Rec - ok
23:51:31.0613 5596 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:51:31.0613 5596 fvevol - ok
23:51:31.0706 5596 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:51:31.0706 5596 gagp30kx - ok
23:51:31.0847 5596 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:51:31.0847 5596 hcw85cir - ok
23:51:31.0956 5596 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:51:31.0971 5596 HdAudAddService - ok
23:51:32.0065 5596 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:51:32.0065 5596 HDAudBus - ok
23:51:32.0190 5596 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
23:51:32.0190 5596 HECIx64 - ok
23:51:32.0268 5596 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:51:32.0268 5596 HidBatt - ok
23:51:32.0361 5596 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:51:32.0361 5596 HidBth - ok
23:51:32.0455 5596 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:51:32.0471 5596 HidIr - ok
23:51:32.0580 5596 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
23:51:32.0580 5596 HidUsb - ok
23:51:32.0783 5596 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:51:32.0783 5596 HpSAMD - ok
23:51:32.0923 5596 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:51:32.0939 5596 HTTP - ok
23:51:33.0048 5596 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:51:33.0048 5596 hwpolicy - ok
23:51:33.0126 5596 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:51:33.0126 5596 i8042prt - ok
23:51:33.0219 5596 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\DRIVERS\iaStor.sys
23:51:33.0219 5596 iaStor - ok
23:51:33.0360 5596 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:51:33.0360 5596 iaStorV - ok
23:51:33.0719 5596 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:51:33.0968 5596 igfx - ok
23:51:34.0109 5596 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:51:34.0109 5596 iirsp - ok
23:51:34.0218 5596 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
23:51:34.0249 5596 IntcAzAudAddService - ok
23:51:34.0343 5596 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
23:51:34.0374 5596 IntcDAud - ok
23:51:34.0467 5596 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:51:34.0467 5596 intelide - ok
23:51:34.0514 5596 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:51:34.0514 5596 intelppm - ok
23:51:34.0561 5596 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:51:34.0561 5596 IpFilterDriver - ok
23:51:34.0623 5596 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:51:34.0639 5596 IPMIDRV - ok
23:51:34.0748 5596 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:51:34.0748 5596 IPNAT - ok
23:51:34.0764 5596 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:51:34.0779 5596 IRENUM - ok
23:51:34.0811 5596 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:51:34.0811 5596 isapnp - ok
23:51:34.0857 5596 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:51:34.0857 5596 iScsiPrt - ok
23:51:34.0920 5596 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:51:34.0920 5596 kbdclass - ok
23:51:34.0982 5596 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:51:34.0998 5596 kbdhid - ok
23:51:35.0045 5596 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
23:51:35.0045 5596 KSecDD - ok
23:51:35.0076 5596 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
23:51:35.0076 5596 KSecPkg - ok
23:51:35.0185 5596 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:51:35.0185 5596 ksthunk - ok
23:51:35.0310 5596 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:51:35.0310 5596 lltdio - ok
23:51:35.0450 5596 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:51:35.0450 5596 LSI_FC - ok
23:51:35.0481 5596 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:51:35.0497 5596 LSI_SAS - ok
23:51:35.0528 5596 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:51:35.0528 5596 LSI_SAS2 - ok
23:51:35.0669 5596 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:51:35.0669 5596 LSI_SCSI - ok
23:51:35.0684 5596 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:51:35.0684 5596 luafv - ok
23:51:35.0793 5596 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:51:35.0793 5596 megasas - ok
23:51:35.0840 5596 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:51:35.0840 5596 MegaSR - ok
23:51:35.0871 5596 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:51:35.0871 5596 Modem - ok
23:51:35.0903 5596 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:51:35.0903 5596 monitor - ok
23:51:35.0949 5596 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
23:51:35.0949 5596 mouclass - ok
23:51:35.0996 5596 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:51:35.0996 5596 mouhid - ok
23:51:36.0059 5596 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:51:36.0059 5596 mountmgr - ok
23:51:36.0090 5596 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:51:36.0105 5596 mpio - ok
23:51:36.0137 5596 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:51:36.0137 5596 mpsdrv - ok
23:51:36.0183 5596 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:51:36.0183 5596 MRxDAV - ok
23:51:36.0230 5596 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:51:36.0246 5596 mrxsmb - ok
23:51:36.0293 5596 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:51:36.0293 5596 mrxsmb10 - ok
23:51:36.0355 5596 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:51:36.0355 5596 mrxsmb20 - ok
23:51:36.0402 5596 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:51:36.0402 5596 msahci - ok
23:51:36.0449 5596 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:51:36.0449 5596 msdsm - ok
23:51:36.0495 5596 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:51:36.0511 5596 Msfs - ok
23:51:36.0527 5596 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:51:36.0527 5596 mshidkmdf - ok
23:51:36.0573 5596 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:51:36.0573 5596 msisadrv - ok
23:51:36.0667 5596 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:51:36.0667 5596 MSKSSRV - ok
23:51:36.0698 5596 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:51:36.0698 5596 MSPCLOCK - ok
23:51:36.0714 5596 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:51:36.0714 5596 MSPQM - ok
23:51:36.0776 5596 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:51:36.0792 5596 MsRPC - ok
23:51:36.0823 5596 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:51:36.0823 5596 mssmbios - ok
23:51:36.0870 5596 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:51:36.0870 5596 MSTEE - ok
23:51:36.0885 5596 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:51:36.0885 5596 MTConfig - ok
23:51:36.0917 5596 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:51:36.0917 5596 Mup - ok
23:51:37.0010 5596 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:51:37.0026 5596 NativeWifiP - ok
23:51:37.0104 5596 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:51:37.0119 5596 NDIS - ok
23:51:37.0166 5596 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:51:37.0166 5596 NdisCap - ok
23:51:37.0197 5596 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:51:37.0197 5596 NdisTapi - ok
23:51:37.0260 5596 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:51:37.0260 5596 Ndisuio - ok
23:51:37.0291 5596 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:51:37.0291 5596 NdisWan - ok
23:51:37.0338 5596 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:51:37.0338 5596 NDProxy - ok
23:51:37.0385 5596 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:51:37.0385 5596 NetBIOS - ok
23:51:37.0431 5596 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:51:37.0431 5596 NetBT - ok
23:51:37.0681 5596 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
23:51:37.0837 5596 netw5v64 - ok
23:51:37.0915 5596 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:51:37.0915 5596 nfrd960 - ok
23:51:37.0962 5596 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:51:37.0962 5596 Npfs - ok
23:51:37.0993 5596 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:51:37.0993 5596 nsiproxy - ok
23:51:38.0071 5596 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:51:38.0118 5596 Ntfs - ok
23:51:38.0180 5596 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:51:38.0180 5596 Null - ok
23:51:38.0227 5596 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:51:38.0227 5596 nvraid - ok
23:51:38.0274 5596 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:51:38.0274 5596 nvstor - ok
23:51:38.0321 5596 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:51:38.0321 5596 nv_agp - ok
23:51:38.0352 5596 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:51:38.0367 5596 ohci1394 - ok
23:51:38.0430 5596 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:51:38.0430 5596 Parport - ok
23:51:38.0477 5596 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
23:51:38.0477 5596 partmgr - ok
23:51:38.0523 5596 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:51:38.0523 5596 pci - ok
23:51:38.0555 5596 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:51:38.0555 5596 pciide - ok
23:51:38.0586 5596 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:51:38.0586 5596 pcmcia - ok
23:51:38.0617 5596 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:51:38.0617 5596 pcw - ok
23:51:38.0664 5596 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:51:38.0679 5596 PEAUTH - ok
23:51:38.0851 5596 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:51:38.0851 5596 PptpMiniport - ok
23:51:38.0882 5596 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:51:38.0882 5596 Processor - ok
23:51:38.0929 5596 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:51:38.0945 5596 Psched - ok
23:51:39.0054 5596 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:51:39.0069 5596 ql2300 - ok
23:51:39.0101 5596 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:51:39.0101 5596 ql40xx - ok
23:51:39.0147 5596 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:51:39.0147 5596 QWAVEdrv - ok
23:51:39.0179 5596 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:51:39.0179 5596 RasAcd - ok
23:51:39.0225 5596 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:51:39.0225 5596 RasAgileVpn - ok
23:51:39.0272 5596 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:51:39.0288 5596 Rasl2tp - ok
23:51:39.0366 5596 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:51:39.0381 5596 RasPppoe - ok
23:51:39.0397 5596 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:51:39.0397 5596 RasSstp - ok
23:51:39.0444 5596 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:51:39.0459 5596 rdbss - ok
23:51:39.0491 5596 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:51:39.0491 5596 rdpbus - ok
23:51:39.0522 5596 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:51:39.0522 5596 RDPCDD - ok
23:51:39.0537 5596 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:51:39.0537 5596 RDPENCDD - ok
23:51:39.0569 5596 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:51:39.0569 5596 RDPREFMP - ok
23:51:39.0600 5596 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
23:51:39.0615 5596 RDPWD - ok
23:51:39.0662 5596 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:51:39.0678 5596 rdyboost - ok
23:51:39.0771 5596 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
23:51:39.0771 5596 RFCOMM - ok
23:51:39.0834 5596 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:51:39.0849 5596 rspndr - ok
23:51:39.0943 5596 RSUSBSTOR (79bad3e977966af21df982def5a99c76) C:\Windows\system32\Drivers\RtsUStor.sys
23:51:39.0974 5596 RSUSBSTOR - ok
23:51:40.0021 5596 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:51:40.0052 5596 RTL8167 - ok
23:51:40.0161 5596 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:51:40.0161 5596 sbp2port - ok
23:51:40.0208 5596 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:51:40.0208 5596 scfilter - ok
23:51:40.0302 5596 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
23:51:40.0317 5596 sdbus - ok
23:51:40.0427 5596 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:51:40.0442 5596 secdrv - ok
23:51:40.0489 5596 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:51:40.0489 5596 Serenum - ok
23:51:40.0520 5596 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:51:40.0520 5596 Serial - ok
23:51:40.0567 5596 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:51:40.0567 5596 sermouse - ok
23:51:40.0614 5596 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:51:40.0614 5596 sffdisk - ok
23:51:40.0645 5596 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:51:40.0645 5596 sffp_mmc - ok
23:51:40.0661 5596 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:51:40.0661 5596 sffp_sd - ok
23:51:40.0707 5596 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:51:40.0707 5596 sfloppy - ok
23:51:40.0770 5596 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:51:40.0770 5596 SiSRaid2 - ok
23:51:40.0801 5596 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:51:40.0817 5596 SiSRaid4 - ok
23:51:40.0863 5596 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:51:40.0863 5596 Smb - ok
23:51:40.0957 5596 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:51:40.0957 5596 spldr - ok
23:51:41.0019 5596 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:51:41.0019 5596 srv - ok
23:51:41.0066 5596 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:51:41.0066 5596 srv2 - ok
23:51:41.0129 5596 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:51:41.0129 5596 SrvHsfHDA - ok
23:51:41.0175 5596 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:51:41.0222 5596 SrvHsfV92 - ok
23:51:41.0269 5596 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:51:41.0285 5596 SrvHsfWinac - ok
23:51:41.0331 5596 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:51:41.0347 5596 srvnet - ok
23:51:41.0394 5596 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:51:41.0394 5596 stexstor - ok
23:51:41.0456 5596 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
23:51:41.0456 5596 StillCam - ok
23:51:41.0519 5596 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:51:41.0519 5596 swenum - ok
23:51:41.0628 5596 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
23:51:41.0628 5596 SynTP - ok
23:51:41.0737 5596 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
23:51:41.0753 5596 Tcpip - ok
23:51:41.0831 5596 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
23:51:41.0862 5596 TCPIP6 - ok
23:51:41.0909 5596 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:51:41.0909 5596 tcpipreg - ok
23:51:41.0971 5596 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:51:41.0971 5596 TDPIPE - ok
23:51:41.0971 5596 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
23:51:41.0987 5596 TDTCP - ok
23:51:42.0033 5596 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:51:42.0033 5596 tdx - ok
23:51:42.0065 5596 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:51:42.0080 5596 TermDD - ok
23:51:42.0143 5596 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:51:42.0143 5596 tssecsrv - ok
23:51:42.0189 5596 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:51:42.0205 5596 TsUsbFlt - ok
23:51:42.0252 5596 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:51:42.0252 5596 tunnel - ok
23:51:42.0299 5596 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:51:42.0299 5596 uagp35 - ok
23:51:42.0345 5596 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:51:42.0345 5596 udfs - ok
23:51:42.0423 5596 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:51:42.0423 5596 uliagpkx - ok
23:51:42.0470 5596 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
23:51:42.0470 5596 umbus - ok
23:51:42.0517 5596 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:51:42.0517 5596 UmPass - ok
23:51:42.0595 5596 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:51:42.0595 5596 usbccgp - ok
23:51:42.0657 5596 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:51:42.0657 5596 usbcir - ok
23:51:42.0689 5596 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
23:51:42.0689 5596 usbehci - ok
23:51:42.0735 5596 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:51:42.0735 5596 usbhub - ok
23:51:42.0798 5596 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
23:51:42.0798 5596 usbohci - ok
23:51:42.0845 5596 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:51:42.0845 5596 usbprint - ok
23:51:42.0891 5596 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:51:42.0891 5596 usbscan - ok
23:51:42.0938 5596 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:51:42.0938 5596 USBSTOR - ok
23:51:42.0969 5596 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
23:51:42.0969 5596 usbuhci - ok
23:51:43.0032 5596 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:51:43.0032 5596 usbvideo - ok
23:51:43.0094 5596 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:51:43.0094 5596 vdrvroot - ok
23:51:43.0125 5596 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:51:43.0125 5596 vga - ok
23:51:43.0157 5596 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:51:43.0157 5596 VgaSave - ok
23:51:43.0188 5596 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:51:43.0203 5596 vhdmp - ok
23:51:43.0235 5596 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:51:43.0235 5596 viaide - ok
23:51:43.0266 5596 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:51:43.0266 5596 volmgr - ok
23:51:43.0313 5596 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:51:43.0328 5596 volmgrx - ok
23:51:43.0375 5596 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:51:43.0375 5596 volsnap - ok
23:51:43.0453 5596 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:51:43.0453 5596 vsmraid - ok
23:51:43.0484 5596 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:51:43.0500 5596 vwifibus - ok
23:51:43.0515 5596 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:51:43.0515 5596 vwififlt - ok
23:51:43.0578 5596 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:51:43.0578 5596 WacomPen - ok
23:51:43.0640 5596 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:51:43.0640 5596 WANARP - ok
23:51:43.0656 5596 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:51:43.0656 5596 Wanarpv6 - ok
23:51:43.0703 5596 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:51:43.0703 5596 Wd - ok
23:51:43.0734 5596 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:51:43.0734 5596 Wdf01000 - ok
23:51:43.0859 5596 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:51:43.0859 5596 WfpLwf - ok
23:51:43.0874 5596 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:51:43.0874 5596 WIMMount - ok
23:51:44.0015 5596 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:51:44.0015 5596 WmiAcpi - ok
23:51:44.0077 5596 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:51:44.0077 5596 ws2ifsl - ok
23:51:44.0124 5596 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:51:44.0124 5596 WudfPf - ok
23:51:44.0155 5596 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:51:44.0171 5596 WUDFRd - ok
23:51:44.0295 5596 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
23:51:44.0295 5596 yukonw7 - ok
23:51:44.0358 5596 MBR (0x1B8) (5c4054ea432571f0f3b823730721274e) \Device\Harddisk0\DR0
23:51:44.0358 5596 \Device\Harddisk0\DR0 - ok
23:51:44.0358 5596 Boot (0x1200) (95ff04af780731cf74cfa828c46d282a) \Device\Harddisk0\DR0\Partition0
23:51:44.0373 5596 \Device\Harddisk0\DR0\Partition0 - ok
23:51:44.0389 5596 Boot (0x1200) (3491b27be302004a5c9a87bc3a07dfcd) \Device\Harddisk0\DR0\Partition1
23:51:44.0389 5596 \Device\Harddisk0\DR0\Partition1 - ok
23:51:44.0420 5596 Boot (0x1200) (40f62bc6a702943b8566901565642637) \Device\Harddisk0\DR0\Partition2
23:51:44.0420 5596 \Device\Harddisk0\DR0\Partition2 - ok
23:51:44.0436 5596 Boot (0x1200) (8656fdbe17f6f4873b739fe900a06261) \Device\Harddisk0\DR0\Partition3
23:51:44.0436 5596 \Device\Harddisk0\DR0\Partition3 - ok
23:51:44.0436 5596 ============================================================
23:51:44.0436 5596 Scan finished
23:51:44.0436 5596 ============================================================
23:51:44.0451 5488 Detected object count: 0
23:51:44.0451 5488 Actual detected object count: 0

#8 blasky

blasky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 19 December 2011 - 03:01 AM

ps - the above is the Report from TDSS killer. I was not able to save to my desktop as a .TXT file.

And in answer to your other questions:

1. Yes, I work off a wireless router at home.
2. I have a netbook that also uses this same router.
3. The infected computer runs Google Chrome or IE.
4. The netbook (non-infected; yet) runs Chrome, IE, and Firefox. Not redirecting (Been using the netbook lately to do my internet searches - what a pain).

Hope this helps...

Brian

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:19 AM

Posted 19 December 2011 - 08:24 PM

Ok, did you run the Minitoolbox on the infected PC?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 blasky

blasky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 19 December 2011 - 08:48 PM

MiniToolBox results below:


MiniToolBox by Farbar
Ran by Brian (administrator) on 19-12-2011 at 17:36:07
Microsoft Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

46.4.179.109 google.com
46.4.179.109 yahoo.com
46.4.179.109 bing.com
46.4.179.109 facebook.com
127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 4313 802.11b/g/n = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Brian-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 4313 802.11b/g/n
Physical Address. . . . . . . . . : 00-26-82-D9-D5-DC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1d:40b:69d7:8d66%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.180.178(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, December 19, 2011 11:20:20 AM
Lease Expires . . . . . . . . . . : Monday, December 19, 2011 8:58:51 PM
Default Gateway . . . . . . . . . : 192.168.180.1
DHCP Server . . . . . . . . . . . : 192.168.180.1
DHCPv6 IAID . . . . . . . . . . . : 301999746
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-1B-7D-B8-90-FB-A6-AD-57-DE
DNS Servers . . . . . . . . . . . : 192.168.180.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:78:2866:3f57:4b4d(Preferred)
Link-local IPv6 Address . . . . . : fe80::78:2866:3f57:4b4d%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{CE32FA3A-B375-448C-AFB3-D4AD862AD178}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: CBTL000055
Address: 192.168.180.1

Name: google.com
Addresses: 74.125.224.242
74.125.224.241
74.125.224.240
74.125.224.243
74.125.224.244


Pinging google.com [46.4.179.109] with 32 bytes of data:
Reply from 178.63.74.10: TTL expired in transit.
Reply from 178.63.74.10: TTL expired in transit.

Ping statistics for 46.4.179.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Server: CBTL000055
Address: 192.168.180.1

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43


Pinging yahoo.com [46.4.179.109] with 32 bytes of data:
Reply from 178.63.74.10: TTL expired in transit.
Reply from 178.63.74.10: TTL expired in transit.

Ping statistics for 46.4.179.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Server: CBTL000055
Address: 192.168.180.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 26 82 d9 d5 dc ......Broadcom 4313 802.11b/g/n
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.180.1 192.168.180.178 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.180.0 255.255.255.0 On-link 192.168.180.178 281
192.168.180.178 255.255.255.255 On-link 192.168.180.178 281
192.168.180.255 255.255.255.255 On-link 192.168.180.178 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.180.178 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.180.178 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:78:2866:3f57:4b4d/128
On-link
11 281 fe80::/64 On-link
12 306 fe80::/64 On-link
11 281 fe80::1d:40b:69d7:8d66/128
On-link
12 306 fe80::78:2866:3f57:4b4d/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/19/2011 02:06:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: jvm.dll, version: 16.3.0.1, time stamp: 0x4bc3c8dc
Exception code: 0xc0000005
Fault offset: 0x000c7ed2
Faulting process id: 0x166c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (12/19/2011 11:18:55 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (12/19/2011 11:18:55 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (12/19/2011 11:18:55 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (12/19/2011 11:18:14 AM) (Source: PerfNet) (User: )
Description:

Error: (12/18/2011 11:25:01 PM) (Source: PerfNet) (User: )
Description:

Error: (12/18/2011 11:24:35 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (12/18/2011 11:24:35 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (12/18/2011 11:24:35 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (12/18/2011 07:44:44 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle


System errors:
=============
Error: (12/19/2011 11:36:53 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{CE32FA3A-B375-448C-AFB3-D4AD862AD178}.
The backup browser is stopping.

Error: (12/19/2011 11:18:13 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (12/19/2011 11:17:13 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:01:42 AM on ?12/?19/?2011 was unexpected.

Error: (12/18/2011 11:27:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (12/18/2011 11:27:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (12/18/2011 11:27:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (12/18/2011 11:27:38 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (12/18/2011 11:27:38 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (12/18/2011 11:27:38 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (12/18/2011 11:27:29 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (12/19/2011 02:06:51 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255djvm.dll16.3.0.14bc3c8dcc0000005000c7ed2166c01ccbe8372d2e5eaC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\PROGRA~2\Java\jre6\bin\client\jvm.dllc097c32a-2a8d-11e1-b870-878b32ad2dff

Error: (12/19/2011 11:18:55 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (12/19/2011 11:18:55 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (12/19/2011 11:18:55 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (12/19/2011 11:18:14 AM) (Source: PerfNet)(User: )
Description:

Error: (12/18/2011 11:25:01 PM) (Source: PerfNet)(User: )
Description:

Error: (12/18/2011 11:24:35 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (12/18/2011 11:24:35 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (12/18/2011 11:24:35 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (12/18/2011 07:44:44 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.7)
Adobe Reader 9.4.6 MUI (Version: 9.4.6)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
AVG 2012 (Version: 12.0.1872)
AVG 2012 (Version: 12.0.1873)
AVG 2012 (Version: 12.0.1890)
AVG 2012 (Version: 12.0.2108)
AVG 2012 (Version: 2012.0.1890)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Brother MFL-Pro Suite MFC-7840W (Version: 1.0.1.0)
Build-a-lot 2 (Version: 2.2.0.95)
CCleaner (Version: 3.05)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite (Version: 7.0.3003)
CyberLink MediaShow (Version: 5.0.1616)
CyberLink PowerDVD 9 (Version: 9.0.1.4217)
CyberLink YouCam (Version: 3.0.2511)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
Final Drive Nitro (Version: 2.2.0.95)
Google Apps Migration For Microsoft® Exchange 2.3.900.359 (Version: 2.3.900.359)
Google Calendar Sync
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2318.1946)
Google Update Helper (Version: 1.3.21.69)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Documentation (Version: 1.1.0.0)
HP Game Console
HP Games (Version: 1.0.1.3)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.0.112.1)
HP Support Assistant (Version: 5.1.10.7)
HP Wireless Assistant (Version: 4.0.9.0)
HPAsset component for HP Active Support Library (Version: 3.0.0.6)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2131)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 20 (Version: 6.0.200)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
KODAK Gallery Upload Software (Version: 2.09)
LabelPrint (Version: 2.5.2907)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2003 Primary Interop Assemblies (Version: 11.0.6553.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.0.657.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
QuickBooks (Version: 21.0.4006.904)
QuickBooks Pro 2011 (Version: 21.0.4006.904)
Quicken 2008 (Version: 17.1.1.24)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.69.80.9)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30117)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.278)
RtVOsd (Version: 1.0.6)
Skype™ 5.5 (Version: 5.5.124)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.17.4)
TWC Customer Controls (Version: 11)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Software Update
Yahoo! Toolbar
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3893.86 MB
Available physical RAM: 1798.84 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 5285.01 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.77 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:449.47 GB) (Free:367.61 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:16 GB) (Free:2.31 GB) NTFS

========================= Users: ========================================

User accounts for \\BRIAN-HP

Administrator Brian Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:19 AM

Posted 19 December 2011 - 11:59 PM

Ok, I think I see it.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1 <<<== Use this one first.

Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 blasky

blasky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 20 December 2011 - 02:16 AM

Hi Boopme -

Did as directed. Reset the host file. Downloaded MBAM. Disabled AVG Free 2012 Edition and then ran the scan. (I have MS Security Essentials installed on the computer, but the start menu shortcut is broken, and I was unable to locate the actual program to turn it off). Ran MBAM anyhow, but no threats were detected. Log below.... I can however uninstall MS Sec Essentials through the control panel. Please advise after reading my log.

Thank you again... Blasky


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8400

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/19/2011 11:11:01 PM
mbam-log-2011-12-19 (23-11-01).txt

Scan type: Quick scan
Objects scanned: 201181
Time elapsed: 8 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:19 AM

Posted 20 December 2011 - 02:31 PM

OK, Yes Uninstall it there and reboot. Get a new one here... MSE

Edited by boopme, 20 December 2011 - 02:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 blasky

blasky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 20 December 2011 - 05:56 PM

Hi Boopme -

just tried to uninstall MSE and got the following pop-up message "The feature you are trying to use is on a network resource that is unavailable. Click OK to try again, or enter an alternate path to a folder containing the installation package "epp.msi" in the box below. I hit OK, and then got another pop-up window "The path c:\199ec1925d458b9ee044\amd\64\epp.msi cannot be found. Verify that you have access to this location and try again, or try to find the installation package 'epp.msi' in a folder from which you cn install the product Microsoft Security Client.

Try installing a new one without uninstalling the existing? If not, please advise....

Thank you,

Blasky

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:19 AM

Posted 28 December 2011 - 04:43 PM

Were you able to " find the installation package 'epp.msi' in a folder from which you cn install the product Microsoft Security Client."
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users