Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FF 9.0.1 Hijacked to: http://9newstoday.net/hoj/hoj/index.html


  • Please log in to reply
60 replies to this topic

#1 Hypnotica

Hypnotica

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 18 January 2012 - 08:02 PM

Hi....Every few times I open FF, another window opens to: hxxp://9newstoday.net/hoj/hoj/index.html. Ive run malwarebytes and Spybot, but they don't find anything. Ive read through several threads on this forum and others and didn't want to go any further without asking for help...

Edited by Orange Blossom, 18 January 2012 - 08:26 PM.
Restored content and moved to AII from Windows 7. ~ OB


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:05 AM

Posted 18 January 2012 - 09:51 PM

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

=====================================================================

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 18 January 2012 - 10:39 PM

Thanks for your quick response!

Here are the first two log files:

GOOREDFIX:

========== GooredScan ==========

(none)

========== GooredLog ==========

D:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [16:21 20/12/2011]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [01:25 13/07/2010]

D:\Users\KC\Application Data\Mozilla\Firefox\Profiles\0ncutae3.default\extensions\
(none)

D:\Users\KC\Application Data\Mozilla\Firefox\Profiles\noch8v7t.default\extensions\
{3112ca9c-de6d-4884-a869-9855de68056c} [00:03 16/12/2011]
{37E4D8EA-8BDA-4831-8EA1-89053939A250} [00:03 16/12/2011]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [00:03 16/12/2011]
{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [00:03 16/12/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
(none)

-=E.O.F=-

FSS:

Farbar Service Scanner Version: 18-01-2012 01
Ran by KC (administrator) on 18-01-2012 at 23:08:14
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
===========

File Check:
========
D:\Windows\system32\nsisvc.dll => MD5 is legit
D:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
D:\Windows\system32\dhcpcore.dll => MD5 is legit
D:\Windows\system32\Drivers\afd.sys => MD5 is legit
D:\Windows\system32\Drivers\tdx.sys => MD5 is legit
D:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
D:\Windows\system32\dnsrslvr.dll => MD5 is legit
D:\Windows\system32\mpssvc.dll
[2009-07-13 18:53] - [2009-07-13 20:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

D:\Windows\system32\bfe.dll
[2009-07-13 18:54] - [2009-07-13 20:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

D:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
D:\Windows\system32\SDRSVC.dll
[2009-07-13 18:23] - [2009-07-13 20:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

D:\Windows\system32\vssvc.exe
[2009-07-13 18:24] - [2009-07-13 20:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

D:\Windows\system32\wscsvc.dll => MD5 is legit
D:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
D:\Windows\system32\wuaueng.dll
[2009-07-13 19:15] - [2009-07-13 20:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

D:\Windows\system32\qmgr.dll
[2009-07-13 18:30] - [2009-07-13 20:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

D:\Windows\system32\es.dll => MD5 is legit
D:\Windows\system32\cryptsvc.dll
[2009-07-13 18:33] - [2009-07-13 20:15] - 0135680 ____A (Microsoft Corporation) 9C231178CE4FB385F4B54B0A9080B8A4

D:\Windows\system32\svchost.exe => MD5 is legit
D:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#4 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 18 January 2012 - 10:43 PM

Here are the next one, and the first half of Mini Toolbox:

SECURITY CHECK:

Results of screen317's Security Check version 0.99.24
Windows 7 x86 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

AVG 2012
AVG PC Tuneup
AVG 2012
McAfee Security Scan Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.3
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
SpywareBlaster 4.3
AVG PC Tuneup
Java™ 6 Update 18
Out of date Java installed!
Adobe Flash Player 11.1.102.55
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgemc.exe
``````````End of Log````````````


MINI TOOLBOX:


MiniToolBox by Farbar Version: 18-01-2012
Ran by KC (administrator) on 18-01-2012 at 23:11:14
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Dell Wireless 1395 WLAN Mini-Card = Wireless Network Connection 3 (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection 3 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KC-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-1F-E2-8C-53-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7d:5072:439f:eb33%18(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2012 3:38:49 PM
Lease Expires . . . . . . . . . . : Wednesday, January 18, 2012 11:50:42 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 385884130
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-CD-6C-E9-00-26-82-5C-5C-23
DNS Servers . . . . . . . . . . . : 4.2.2.1
4.2.2.2
10.9.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-21-9B-DE-55-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D5C5FE59-5FCC-4832-94E7-0BA2CF0D6447}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.45.103] with 32 bytes of data:
Reply from 74.125.45.103: bytes=32 time=75ms TTL=53
Reply from 74.125.45.103: bytes=32 time=45ms TTL=53

Ping statistics for 74.125.45.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 75ms, Average = 60ms

Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=121ms TTL=51
Reply from 98.137.149.56: bytes=32 time=104ms TTL=51

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 104ms, Maximum = 121ms, Average = 112ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...00 1f e2 8c 53 fb ......Dell Wireless 1395 WLAN Mini-Card
17...00 21 9b de 55 23 ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.15 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.15 281
192.168.0.15 255.255.255.255 On-link 192.168.0.15 281
192.168.0.255 255.255.255.255 On-link 192.168.0.15 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.15 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.15 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
18 281 fe80::/64 On-link
18 281 fe80::7d:5072:439f:eb33/128
On-link
1 306 ff00::/8 On-link
18 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 mswsock.dll [File Not found] ()
Catalog5 03 D:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 D:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 D:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 D:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 D:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()
Catalog9 38 mswsock.dll [File Not found] ()
Catalog9 39 mswsock.dll [File Not found] ()
Catalog9 40 mswsock.dll [File Not found] ()
Catalog9 41 mswsock.dll [File Not found] ()
Catalog9 42 mswsock.dll [File Not found] ()
Catalog9 43 mswsock.dll [File Not found] ()
Catalog9 44 mswsock.dll [File Not found] ()
Catalog9 45 mswsock.dll [File Not found] ()
Catalog9 46 mswsock.dll [File Not found] ()

#5 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 18 January 2012 - 10:52 PM

For some reason I can't post anything now...I keep getting a server timeout error...

#6 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 18 January 2012 - 10:54 PM

OK...trying very small sections of the rest of Mini Toolbox:

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/18/2012 10:43:32 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/18/2012 09:43:32 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/18/2012 03:21:06 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/18/2012 02:59:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: regedit.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc072
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc0000005
Fault offset: 0x0007114b
Faulting process id: 0x244
Faulting application start time: 0xregedit.exe0
Faulting application path: regedit.exe1
Faulting module path: regedit.exe2
Report Id: regedit.exe3

Error: (01/18/2012 11:20:44 AM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

#7 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 18 January 2012 - 10:56 PM

I will try again in the morning, I keep getting the error message when trying to post more than one line...

Edited by Hypnotica, 18 January 2012 - 10:59 PM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:05 AM

Posted 18 January 2012 - 11:25 PM

Upload MiniToolbox log here: http://www.filedropper.com/
Post download link (copy URL: link):
Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 19 January 2012 - 08:49 AM

http://www.filedropper.com/minitoolboxlogfile

Edited by Hypnotica, 19 January 2012 - 08:50 AM.


#10 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 19 January 2012 - 08:56 AM

Malwarebytes log:

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.19.01

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
KC :: KC-PC [administrator]

Protection: Enabled

1/19/2012 9:50:42 AM
mbam-log-2012-01-19 (09-50-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 176294
Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 19 January 2012 - 08:58 AM

aswMBR log:

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-18 23:59:51
-----------------------------
23:59:51.386 OS Version: Windows 6.1.7600
23:59:51.386 Number of processors: 2 586 0xF0D
23:59:51.389 ComputerName: KC-PC UserName: KC
23:59:53.005 Initialize success
00:04:56.538 AVAST engine defs: 12011801
00:05:58.683 Service scanning
00:06:00.505 Modules scanning
00:06:03.741 Module: D:\Windows\System32\DRIVERS\netbt.sys **SUSPICIOUS**
00:06:09.285 Disk 0 trace - called modules:
00:06:09.314 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86b48ff0]<<
00:06:09.318 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x869929e8]
00:06:09.321 3 CLASSPNP.SYS[8bd7c59e] -> nt!IofCallDriver -> [0x86b01028]
00:06:09.325 \Driver\00000763[0x86b04a48] -> IRP_MJ_CREATE -> 0x86b48ff0
00:06:10.067 AVAST engine scan D:\Windows
00:06:11.987 AVAST engine scan D:\Windows\system32
00:08:00.980 AVAST engine scan D:\Windows\system32\drivers
00:08:09.607 File: D:\Windows\system32\drivers\netbt.sys **INFECTED** Win32:Aluroot-B [Rtk]
00:08:15.323 AVAST engine scan D:\Users\KC
00:08:44.902 The log file has been saved successfully to "D:\Users\KC\Desktop\aswMBR.txt"

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:05 AM

Posted 19 January 2012 - 12:42 PM

Posting MiniToolbox log...

MiniToolBox by Farbar Version: 18-01-2012
Ran by KC (administrator) on 18-01-2012 at 23:11:14
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Dell Wireless 1395 WLAN Mini-Card = Wireless Network Connection 3 (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection 3 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : KC-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-1F-E2-8C-53-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7d:5072:439f:eb33%18(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2012 3:38:49 PM
Lease Expires . . . . . . . . . . : Wednesday, January 18, 2012 11:50:42 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 385884130
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-CD-6C-E9-00-26-82-5C-5C-23
DNS Servers . . . . . . . . . . . : 4.2.2.1
4.2.2.2
10.9.10.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-21-9B-DE-55-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D5C5FE59-5FCC-4832-94E7-0BA2CF0D6447}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.45.103] with 32 bytes of data:
Reply from 74.125.45.103: bytes=32 time=75ms TTL=53
Reply from 74.125.45.103: bytes=32 time=45ms TTL=53

Ping statistics for 74.125.45.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 75ms, Average = 60ms

Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=121ms TTL=51
Reply from 98.137.149.56: bytes=32 time=104ms TTL=51

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 104ms, Maximum = 121ms, Average = 112ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...00 1f e2 8c 53 fb ......Dell Wireless 1395 WLAN Mini-Card
17...00 21 9b de 55 23 ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.15 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.15 281
192.168.0.15 255.255.255.255 On-link 192.168.0.15 281
192.168.0.255 255.255.255.255 On-link 192.168.0.15 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.15 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.15 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
18 281 fe80::/64 On-link
18 281 fe80::7d:5072:439f:eb33/128
On-link
1 306 ff00::/8 On-link
18 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 mswsock.dll [File Not found] ()
Catalog5 03 D:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 D:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 D:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 D:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 D:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()
Catalog9 38 mswsock.dll [File Not found] ()
Catalog9 39 mswsock.dll [File Not found] ()
Catalog9 40 mswsock.dll [File Not found] ()
Catalog9 41 mswsock.dll [File Not found] ()
Catalog9 42 mswsock.dll [File Not found] ()
Catalog9 43 mswsock.dll [File Not found] ()
Catalog9 44 mswsock.dll [File Not found] ()
Catalog9 45 mswsock.dll [File Not found] ()
Catalog9 46 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/18/2012 10:43:32 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/18/2012 09:43:32 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (01/18/2012 03:21:06 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/18/2012 02:59:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: regedit.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc072
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
Exception code: 0xc0000005
Fault offset: 0x0007114b
Faulting process id: 0x244
Faulting application start time: 0xregedit.exe0
Faulting application path: regedit.exe1
Faulting module path: regedit.exe2
Report Id: regedit.exe3

Error: (01/18/2012 11:20:44 AM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/17/2012 07:21:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt> with error: The specified server cannot perform the requested operation.
.

Error: (01/17/2012 07:21:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt> with error: This operation returned because the timeout period expired.
.

Error: (01/17/2012 03:15:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (01/16/2012 06:36:38 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/16/2012 06:24:01 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.


System errors:
=============
Error: (01/18/2012 10:50:52 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 10:21:12 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 09:50:49 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 09:43:32 PM) (Source: DCOM) (User: )
Description: D:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (01/18/2012 09:21:05 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 09:05:13 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (01/18/2012 08:50:51 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 08:50:39 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 08:48:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/18/2012 08:21:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================


µTorrent (Version: 3.1.0)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Advanced SystemCare 3 (Version: 3.6.1)
Airlink101 WLAN Monitor (Version: 1.00.0158.1)
Any Video Converter 3.3.2
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.1901)
AVG 2012 (Version: 12.0.2109)
AVG 2012 (Version: 2012.0.1901)
AVG PC Tuneup (Version: 10.0.0.27)
BlackBerry Device Manager 6.1 (Version: 6.1.0.35)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless Driver (Version: 1.0.0.0)
Broadcom Gigabit NetLink Controller (Version: 12.52.01)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
D3DX10 (Version: 15.4.2368.0902)
Dell Touchpad (Version: 7.1007.115.102)
EasyBCD 1.7.2 (Version: 1.7.2)
Energy Management (Version: 4.3.1.6)
EVEREST Home Edition v2.20 (Version: 2.20)
Gadwin PrintScreen (Version: 4.4)
Game Booster (Version: 1.5.0.96)
Google Chrome (Version: 16.0.912.75)
Google Earth (Version: 6.1.0.5001)
Google Gmail Notifier
Google Update Helper (Version: 1.3.21.79)
IE Privacy Keeper
ieSpell (Version: 2.6.3 (build 814))
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1930)
Intel® Matrix Storage Manager
IrfanView (remove only) (Version: 4.27)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.1.2)
Java™ 6 Update 18 (Version: 6.0.180)
Laptop Integrated Webcam Driver (1.04.01.1011)
Lenovo EasyCamera (Version: 1.9.1106.1)
Lenovo NaturalTouch (Version: 1.0.2.64)
Lenovo Screen Rotation (Version: 1.0.0.2)
magicJack (Version: 2.0.6073.4252)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.50524.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSI Star Cam 370i (Version: 5.20.0.202_WQHL)
MSVCRT (Version: 15.4.2862.0708)
PC Chrono 1.1.0.6
PerformanceTest v6.1 (Version: 6.1)
PIXresizer 2.0.4
Prism Video File Converter
QuickTime (Version: 7.64.17.73)
RealPlayer
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30105)
RealUpgrade 1.0 (Version: 1.0.0)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (Version: 3.51.01)
RocketDock 1.3.5
SigmaTel Audio (Version: 5.10.5210.0)
Skype Click to Call (Version: 5.8.8855)
Skype™ 5.5 (Version: 5.5.124)
Smart Defrag (Version: 1.4.5)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.3 (Version: 4.3.0)
SUPERAntiSpyware Free Edition (Version: 4.33.0.1000)
TeamViewer 5 (Version: 5.0.7904 )
VLC media player 1.0.2 (Version: 1.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinRAR 4.10 beta 5 (32-bit) (Version: 4.10.5)
Yahoo! Messenger
YouTube Downloader 3.5

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3062.04 MB
Available physical RAM: 1611.71 MB
Total Pagefile: 3060.32 MB
Available Pagefile: 1663.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.61 MB

========================= Partitions: =====================================

1 Drive d: (PREMIUM) (Fixed) (Total:62.96 GB) (Free:34.58 GB) NTFS
3 Drive f: (Data) (Fixed) (Total:48.73 GB) (Free:10.58 GB) NTFS

========================= Users: ========================================

User accounts for \\KC-PC

Administrator Guest KC


**** End of log ****

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:05 AM

Posted 19 January 2012 - 12:43 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 Hypnotica

Hypnotica
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 19 January 2012 - 12:52 PM

TDSSKiller log:

13:44:34.0904 4820 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
13:44:35.0444 4820 ============================================================
13:44:35.0444 4820 Current date / time: 2012/01/19 13:44:35.0444
13:44:35.0444 4820 SystemInfo:
13:44:35.0445 4820
13:44:35.0445 4820 OS Version: 6.1.7600 ServicePack: 0.0
13:44:35.0445 4820 Product type: Workstation
13:44:35.0445 4820 ComputerName: KC-PC
13:44:35.0445 4820 UserName: KC
13:44:35.0445 4820 Windows directory: D:\Windows
13:44:35.0445 4820 System windows directory: D:\Windows
13:44:35.0445 4820 Processor architecture: Intel x86
13:44:35.0445 4820 Number of processors: 2
13:44:35.0445 4820 Page size: 0x1000
13:44:35.0445 4820 Boot type: Normal boot
13:44:35.0445 4820 ============================================================
13:44:37.0107 4820 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:44:37.0181 4820 Initialize success
13:44:41.0988 5960 ============================================================
13:44:41.0988 5960 Scan started
13:44:41.0988 5960 Mode: Manual;
13:44:41.0988 5960 ============================================================
13:44:45.0563 5960 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) D:\Windows\system32\DRIVERS\1394ohci.sys
13:44:45.0566 5960 1394ohci - ok
13:44:45.0619 5960 ACPI (f0e07d144c8685b8774bc32fc8da4df0) D:\Windows\system32\DRIVERS\ACPI.sys
13:44:45.0624 5960 ACPI - ok
13:44:45.0670 5960 AcpiPmi (98d81ca942d19f7d9153b095162ac013) D:\Windows\system32\DRIVERS\acpipmi.sys
13:44:45.0671 5960 AcpiPmi - ok
13:44:45.0742 5960 ACPIVPC (0ff1f2f287e65a66a3b72484b9895785) D:\Windows\system32\DRIVERS\AcpiVpc.sys
13:44:45.0742 5960 ACPIVPC - ok
13:44:45.0918 5960 adp94xx (21e785ebd7dc90a06391141aac7892fb) D:\Windows\system32\DRIVERS\adp94xx.sys
13:44:45.0923 5960 adp94xx - ok
13:44:45.0992 5960 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) D:\Windows\system32\DRIVERS\adpahci.sys
13:44:45.0997 5960 adpahci - ok
13:44:46.0059 5960 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) D:\Windows\system32\DRIVERS\adpu320.sys
13:44:46.0060 5960 adpu320 - ok
13:44:46.0326 5960 AFD (ddc040fdb01ef1712a6b13e52afb104c) D:\Windows\system32\drivers\afd.sys
13:44:46.0331 5960 AFD - ok
13:44:46.0397 5960 agp440 (507812c3054c21cef746b6ee3d04dd6e) D:\Windows\system32\DRIVERS\agp440.sys
13:44:46.0399 5960 agp440 - ok
13:44:46.0472 5960 aic78xx (8b30250d573a8f6b4bd23195160d8707) D:\Windows\system32\DRIVERS\djsvs.sys
13:44:46.0473 5960 aic78xx - ok
13:44:46.0523 5960 aliide (0d40bcf52ea90fc7df2aeab6503dea44) D:\Windows\system32\DRIVERS\aliide.sys
13:44:46.0524 5960 aliide - ok
13:44:46.0542 5960 amdagp (3c6600a0696e90a463771c7422e23ab5) D:\Windows\system32\DRIVERS\amdagp.sys
13:44:46.0543 5960 amdagp - ok
13:44:46.0573 5960 amdide (cd5914170297126b6266860198d1d4f0) D:\Windows\system32\DRIVERS\amdide.sys
13:44:46.0574 5960 amdide - ok
13:44:46.0651 5960 AmdK8 (00dda200d71bac534bf56a9db5dfd666) D:\Windows\system32\DRIVERS\amdk8.sys
13:44:46.0653 5960 AmdK8 - ok
13:44:46.0671 5960 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) D:\Windows\system32\DRIVERS\amdppm.sys
13:44:46.0672 5960 AmdPPM - ok
13:44:46.0736 5960 amdsata (2101a86c25c154f8314b24ef49d7fbc2) D:\Windows\system32\DRIVERS\amdsata.sys
13:44:46.0738 5960 amdsata - ok
13:44:46.0776 5960 amdsbs (ea43af0c423ff267355f74e7a53bdaba) D:\Windows\system32\DRIVERS\amdsbs.sys
13:44:46.0778 5960 amdsbs - ok
13:44:46.0801 5960 amdxata (b81c2b5616f6420a9941ea093a92b150) D:\Windows\system32\DRIVERS\amdxata.sys
13:44:46.0802 5960 amdxata - ok
13:44:46.0877 5960 ApfiltrService (448da519f3b6ffa158c513156053181e) D:\Windows\system32\DRIVERS\Apfiltr.sys
13:44:46.0879 5960 ApfiltrService - ok
13:44:46.0983 5960 AppID (feb834c02ce1e84b6a38f953ca067706) D:\Windows\system32\drivers\appid.sys
13:44:46.0985 5960 AppID - ok
13:44:47.0091 5960 arc (2932004f49677bd84dbc72edb754ffb3) D:\Windows\system32\DRIVERS\arc.sys
13:44:47.0093 5960 arc - ok
13:44:47.0126 5960 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) D:\Windows\system32\DRIVERS\arcsas.sys
13:44:47.0127 5960 arcsas - ok
13:44:47.0163 5960 AsyncMac (add2ade1c2b285ab8378d2daaf991481) D:\Windows\system32\DRIVERS\asyncmac.sys
13:44:47.0165 5960 AsyncMac - ok
13:44:47.0256 5960 atapi (338c86357871c167a96ab976519bf59e) D:\Windows\system32\DRIVERS\atapi.sys
13:44:47.0257 5960 atapi - ok
13:44:47.0352 5960 AVGIDSEH (19a08a6728a6e02099d64268218cd799) D:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:44:47.0353 5960 AVGIDSEH - ok
13:44:47.0396 5960 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) D:\Windows\system32\DRIVERS\avgldx86.sys
13:44:47.0402 5960 Avgldx86 - ok
13:44:47.0486 5960 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) D:\Windows\system32\DRIVERS\avgmfx86.sys
13:44:47.0487 5960 Avgmfx86 - ok
13:44:47.0516 5960 Avgrkx86 (f2038ed7284b79dcef581468121192a9) D:\Windows\system32\DRIVERS\avgrkx86.sys
13:44:47.0517 5960 Avgrkx86 - ok
13:44:47.0624 5960 b06bdrv (1a231abec60fd316ec54c66715543cec) D:\Windows\system32\DRIVERS\bxvbdx.sys
13:44:47.0628 5960 b06bdrv - ok
13:44:47.0735 5960 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) D:\Windows\system32\DRIVERS\b57nd60x.sys
13:44:47.0738 5960 b57nd60x - ok
13:44:47.0936 5960 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) D:\Windows\system32\DRIVERS\bcmwl6.sys
13:44:47.0954 5960 BCM43XX - ok
13:44:48.0151 5960 bcm4sbxp (82dd21bfa8bbe0a3a3833a1bd8e86158) D:\Windows\system32\DRIVERS\bcm4sbxp.sys
13:44:48.0154 5960 bcm4sbxp - ok
13:44:48.0284 5960 Beep (505506526a9d467307b3c393dedaf858) D:\Windows\system32\drivers\Beep.sys
13:44:48.0285 5960 Beep - ok
13:44:48.0318 5960 blbdrive (2287078ed48fcfc477b05b20cf38f36f) D:\Windows\system32\DRIVERS\blbdrive.sys
13:44:48.0320 5960 blbdrive - ok
13:44:48.0438 5960 bowser (fcafaef6798d7b51ff029f99a9898961) D:\Windows\system32\DRIVERS\bowser.sys
13:44:48.0439 5960 bowser - ok
13:44:48.0473 5960 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) D:\Windows\system32\DRIVERS\BrFiltLo.sys
13:44:48.0474 5960 BrFiltLo - ok
13:44:48.0504 5960 BrFiltUp (56801ad62213a41f6497f96dee83755a) D:\Windows\system32\DRIVERS\BrFiltUp.sys
13:44:48.0506 5960 BrFiltUp - ok
13:44:48.0554 5960 Brserid (845b8ce732e67f3b4133164868c666ea) D:\Windows\System32\Drivers\Brserid.sys
13:44:48.0557 5960 Brserid - ok
13:44:48.0586 5960 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) D:\Windows\System32\Drivers\BrSerWdm.sys
13:44:48.0598 5960 BrSerWdm - ok
13:44:48.0615 5960 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) D:\Windows\System32\Drivers\BrUsbMdm.sys
13:44:48.0617 5960 BrUsbMdm - ok
13:44:48.0636 5960 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) D:\Windows\System32\Drivers\BrUsbSer.sys
13:44:48.0643 5960 BrUsbSer - ok
13:44:48.0673 5960 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) D:\Windows\system32\DRIVERS\bthmodem.sys
13:44:48.0674 5960 BTHMODEM - ok
13:44:48.0768 5960 cdfs (77ea11b065e0a8ab902d78145ca51e10) D:\Windows\system32\DRIVERS\cdfs.sys
13:44:48.0769 5960 cdfs - ok
13:44:48.0856 5960 cdrom (ba6e70aa0e6091bc39de29477d866a77) D:\Windows\system32\DRIVERS\cdrom.sys
13:44:48.0859 5960 cdrom - ok
13:44:48.0924 5960 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) D:\Windows\system32\DRIVERS\circlass.sys
13:44:48.0925 5960 circlass - ok
13:44:49.0019 5960 CLFS (635181e0e9bbf16871bf5380d71db02d) D:\Windows\system32\CLFS.sys
13:44:49.0022 5960 CLFS - ok
13:44:49.0131 5960 CmBatt (dea805815e587dad1dd2c502220b5616) D:\Windows\system32\DRIVERS\CmBatt.sys
13:44:49.0132 5960 CmBatt - ok
13:44:49.0157 5960 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) D:\Windows\system32\DRIVERS\cmdide.sys
13:44:49.0158 5960 cmdide - ok
13:44:49.0317 5960 CNG (1b675691ed940766149c93e8f4488d68) D:\Windows\system32\Drivers\cng.sys
13:44:49.0325 5960 CNG - ok
13:44:49.0425 5960 CnxtHdAudService (57a9d210b834990e09188dbd1de7f8c6) D:\Windows\system32\drivers\CHDRT32.sys
13:44:49.0429 5960 CnxtHdAudService - ok
13:44:49.0505 5960 Compbatt (a6023d3823c37043986713f118a89bee) D:\Windows\system32\DRIVERS\compbatt.sys
13:44:49.0506 5960 Compbatt - ok
13:44:49.0547 5960 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) D:\Windows\system32\DRIVERS\CompositeBus.sys
13:44:49.0548 5960 CompositeBus - ok
13:44:49.0627 5960 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) D:\Windows\system32\DRIVERS\crcdisk.sys
13:44:49.0628 5960 crcdisk - ok
13:44:49.0794 5960 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) D:\Windows\system32\Drivers\dfsc.sys
13:44:49.0796 5960 DfsC - ok
13:44:49.0826 5960 discache (1a050b0274bfb3890703d490f330c0da) D:\Windows\system32\drivers\discache.sys
13:44:49.0827 5960 discache - ok
13:44:49.0903 5960 Disk (565003f326f99802e68ca78f2a68e9ff) D:\Windows\system32\DRIVERS\disk.sys
13:44:49.0904 5960 Disk - ok
13:44:50.0102 5960 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) D:\Windows\system32\drivers\drmkaud.sys
13:44:50.0104 5960 drmkaud - ok
13:44:50.0325 5960 DXGKrnl (39806cfeddcc55e686a49bccd2972f23) D:\Windows\System32\drivers\dxgkrnl.sys
13:44:50.0331 5960 DXGKrnl - ok
13:44:50.0584 5960 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) D:\Windows\system32\DRIVERS\evbdx.sys
13:44:50.0743 5960 ebdrv - ok
13:44:50.0912 5960 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) D:\Windows\system32\DRIVERS\elxstor.sys
13:44:50.0922 5960 elxstor - ok
13:44:50.0958 5960 ErrDev (8fc3208352dd3912c94367a206ab3f11) D:\Windows\system32\DRIVERS\errdev.sys
13:44:50.0961 5960 ErrDev - ok
13:44:51.0057 5960 exfat (2dc9108d74081149cc8b651d3a26207f) D:\Windows\system32\drivers\exfat.sys
13:44:51.0064 5960 exfat - ok
13:44:51.0100 5960 fastfat (7e0ab74553476622fb6ae36f73d97d35) D:\Windows\system32\drivers\fastfat.sys
13:44:51.0102 5960 fastfat - ok
13:44:51.0147 5960 fdc (e817a017f82df2a1f8cfdbda29388b29) D:\Windows\system32\DRIVERS\fdc.sys
13:44:51.0148 5960 fdc - ok
13:44:51.0255 5960 FileInfo (6cf00369c97f3cf563be99be983d13d8) D:\Windows\system32\drivers\fileinfo.sys
13:44:51.0259 5960 FileInfo - ok
13:44:51.0281 5960 Filetrace (42c51dc94c91da21cb9196eb64c45db9) D:\Windows\system32\drivers\filetrace.sys
13:44:51.0284 5960 Filetrace - ok
13:44:51.0302 5960 flpydisk (87907aa70cb3c56600f1c2fb8841579b) D:\Windows\system32\DRIVERS\flpydisk.sys
13:44:51.0304 5960 flpydisk - ok
13:44:51.0335 5960 FltMgr (7520ec808e0c35e0ee6f841294316653) D:\Windows\system32\drivers\fltmgr.sys
13:44:51.0340 5960 FltMgr - ok
13:44:51.0379 5960 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) D:\Windows\system32\drivers\FsDepends.sys
13:44:51.0382 5960 FsDepends - ok
13:44:51.0412 5960 Fs_Rec (a574b4360e438977038aae4bf60d79a2) D:\Windows\system32\drivers\Fs_Rec.sys
13:44:51.0415 5960 Fs_Rec - ok
13:44:51.0443 5960 fvevol (5592f5dba26282d24d2b080eb438a4d7) D:\Windows\system32\DRIVERS\fvevol.sys
13:44:51.0449 5960 fvevol - ok
13:44:51.0570 5960 gagp30kx (65ee0c7a58b65e74ae05637418153938) D:\Windows\system32\DRIVERS\gagp30kx.sys
13:44:51.0571 5960 gagp30kx - ok
13:44:51.0620 5960 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) D:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:44:51.0621 5960 GEARAspiWDM - ok
13:44:51.0702 5960 hcw85cir (c44e3c2bab6837db337ddee7544736db) D:\Windows\system32\drivers\hcw85cir.sys
13:44:51.0705 5960 hcw85cir - ok
13:44:51.0828 5960 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) D:\Windows\system32\drivers\HdAudio.sys
13:44:51.0830 5960 HdAudAddService - ok
13:44:51.0875 5960 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) D:\Windows\system32\DRIVERS\HDAudBus.sys
13:44:51.0876 5960 HDAudBus - ok
13:44:51.0911 5960 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) D:\Windows\system32\DRIVERS\HidBatt.sys
13:44:51.0912 5960 HidBatt - ok
13:44:51.0930 5960 HidBth (89448f40e6df260c206a193a4683ba78) D:\Windows\system32\DRIVERS\hidbth.sys
13:44:51.0931 5960 HidBth - ok
13:44:51.0979 5960 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) D:\Windows\system32\DRIVERS\hidir.sys
13:44:51.0980 5960 HidIr - ok
13:44:52.0244 5960 HidUsb (25072fb35ac90b25f9e4e3bacf774102) D:\Windows\system32\DRIVERS\hidusb.sys
13:44:52.0246 5960 HidUsb - ok
13:44:52.0307 5960 HpSAMD (295fdc419039090eb8b49ffdbb374549) D:\Windows\system32\DRIVERS\HpSAMD.sys
13:44:52.0308 5960 HpSAMD - ok
13:44:52.0360 5960 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) D:\Windows\system32\drivers\HTTP.sys
13:44:52.0364 5960 HTTP - ok
13:44:52.0416 5960 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) D:\Windows\system32\drivers\hwpolicy.sys
13:44:52.0417 5960 hwpolicy - ok
13:44:52.0535 5960 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) D:\Windows\system32\DRIVERS\i8042prt.sys
13:44:52.0538 5960 i8042prt - ok
13:44:52.0618 5960 iaStor (d483687eace0c065ee772481a96e05f5) D:\Windows\system32\DRIVERS\iaStor.sys
13:44:52.0621 5960 iaStor - ok
13:44:52.0708 5960 iaStorV (934af4d7c5f457b9f0743f4299b77b67) D:\Windows\system32\DRIVERS\iaStorV.sys
13:44:52.0717 5960 iaStorV - ok
13:44:52.0972 5960 igfx (9467514ea189475a6e7fdc5d7bde9d3f) D:\Windows\system32\DRIVERS\igdkmd32.sys
13:44:53.0175 5960 igfx - ok
13:44:53.0294 5960 iirsp (4173ff5708f3236cf25195fecd742915) D:\Windows\system32\DRIVERS\iirsp.sys
13:44:53.0296 5960 iirsp - ok
13:44:53.0331 5960 intelide (a0f12f2c9ba6c72f3987ce780e77c130) D:\Windows\system32\DRIVERS\intelide.sys
13:44:53.0333 5960 intelide - ok
13:44:53.0372 5960 intelppm (3b514d27bfc4accb4037bc6685f766e0) D:\Windows\system32\DRIVERS\intelppm.sys
13:44:53.0373 5960 intelppm - ok
13:44:53.0427 5960 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) D:\Windows\system32\DRIVERS\ipfltdrv.sys
13:44:53.0429 5960 IpFilterDriver - ok
13:44:53.0447 5960 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) D:\Windows\system32\DRIVERS\IPMIDrv.sys
13:44:53.0448 5960 IPMIDRV - ok
13:44:53.0467 5960 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) D:\Windows\system32\drivers\ipnat.sys
13:44:53.0470 5960 IPNAT - ok
13:44:53.0593 5960 IRENUM (42996cff20a3084a56017b7902307e9f) D:\Windows\system32\drivers\irenum.sys
13:44:53.0594 5960 IRENUM - ok
13:44:53.0622 5960 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) D:\Windows\system32\DRIVERS\isapnp.sys
13:44:53.0623 5960 isapnp - ok
13:44:53.0662 5960 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) D:\Windows\system32\DRIVERS\msiscsi.sys
13:44:53.0664 5960 iScsiPrt - ok
13:44:53.0725 5960 k57nd60x (54c47d350df2abc2ccd78b7587f77ead) D:\Windows\system32\DRIVERS\k57nd60x.sys
13:44:53.0732 5960 k57nd60x - ok
13:44:53.0856 5960 kbdclass (adef52ca1aeae82b50df86b56413107e) D:\Windows\system32\DRIVERS\kbdclass.sys
13:44:53.0859 5960 kbdclass - ok
13:44:53.0902 5960 kbdhid (3d9f0ebf350edcfd6498057301455964) D:\Windows\system32\DRIVERS\kbdhid.sys
13:44:53.0903 5960 kbdhid - ok
13:44:53.0935 5960 KSecDD (e36a061ec11b373826905b21be10948f) D:\Windows\system32\Drivers\ksecdd.sys
13:44:53.0936 5960 KSecDD - ok
13:44:53.0976 5960 KSecPkg (26c046977e85b95036453d7b88ba1820) D:\Windows\system32\Drivers\ksecpkg.sys
13:44:53.0979 5960 KSecPkg - ok
13:44:54.0313 5960 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) D:\Windows\system32\DRIVERS\lltdio.sys
13:44:54.0314 5960 lltdio - ok
13:44:54.0412 5960 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) D:\Windows\system32\DRIVERS\lsi_fc.sys
13:44:54.0414 5960 LSI_FC - ok
13:44:54.0445 5960 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) D:\Windows\system32\DRIVERS\lsi_sas.sys
13:44:54.0447 5960 LSI_SAS - ok
13:44:54.0476 5960 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) D:\Windows\system32\DRIVERS\lsi_sas2.sys
13:44:54.0478 5960 LSI_SAS2 - ok
13:44:54.0513 5960 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) D:\Windows\system32\DRIVERS\lsi_scsi.sys
13:44:54.0514 5960 LSI_SCSI - ok
13:44:54.0559 5960 luafv (6703e366cc18d3b6e534f5cf7df39cee) D:\Windows\system32\drivers\luafv.sys
13:44:54.0562 5960 luafv - ok
13:44:54.0683 5960 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) D:\Windows\system32\drivers\mbam.sys
13:44:54.0684 5960 MBAMProtector - ok
13:44:54.0758 5960 megasas (0fff5b045293002ab38eb1fd1fc2fb74) D:\Windows\system32\DRIVERS\megasas.sys
13:44:54.0759 5960 megasas - ok
13:44:54.0807 5960 MegaSR (dcbab2920c75f390caf1d29f675d03d6) D:\Windows\system32\DRIVERS\MegaSR.sys
13:44:54.0809 5960 MegaSR - ok
13:44:54.0910 5960 Modem (f001861e5700ee84e2d4e52c712f4964) D:\Windows\system32\drivers\modem.sys
13:44:54.0912 5960 Modem - ok
13:44:54.0945 5960 monitor (79d10964de86b292320e9dfe02282a23) D:\Windows\system32\DRIVERS\monitor.sys
13:44:54.0946 5960 monitor - ok
13:44:54.0982 5960 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) D:\Windows\system32\DRIVERS\mouclass.sys
13:44:54.0983 5960 mouclass - ok
13:44:55.0021 5960 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) D:\Windows\system32\DRIVERS\mouhid.sys
13:44:55.0022 5960 mouhid - ok
13:44:55.0051 5960 mountmgr (921c18727c5920d6c0300736646931c2) D:\Windows\system32\drivers\mountmgr.sys
13:44:55.0054 5960 mountmgr - ok
13:44:55.0082 5960 mpio (2af5997438c55fb79d33d015c30e1974) D:\Windows\system32\DRIVERS\mpio.sys
13:44:55.0084 5960 mpio - ok
13:44:55.0175 5960 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) D:\Windows\system32\drivers\mpsdrv.sys
13:44:55.0176 5960 mpsdrv - ok
13:44:55.0208 5960 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) D:\Windows\system32\drivers\mrxdav.sys
13:44:55.0209 5960 MRxDAV - ok
13:44:55.0261 5960 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) D:\Windows\system32\DRIVERS\mrxsmb.sys
13:44:55.0263 5960 mrxsmb - ok
13:44:55.0311 5960 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) D:\Windows\system32\DRIVERS\mrxsmb10.sys
13:44:55.0313 5960 mrxsmb10 - ok
13:44:55.0344 5960 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) D:\Windows\system32\DRIVERS\mrxsmb20.sys
13:44:55.0348 5960 mrxsmb20 - ok
13:44:55.0441 5960 msahci (4326d168944123f38dd3b2d9c37a0b12) D:\Windows\system32\DRIVERS\msahci.sys
13:44:55.0442 5960 msahci - ok
13:44:55.0473 5960 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) D:\Windows\system32\DRIVERS\msdsm.sys
13:44:55.0475 5960 msdsm - ok
13:44:55.0539 5960 Msfs (daefb28e3af5a76abcc2c3078c07327f) D:\Windows\system32\drivers\Msfs.sys
13:44:55.0542 5960 Msfs - ok
13:44:55.0569 5960 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) D:\Windows\System32\drivers\mshidkmdf.sys
13:44:55.0570 5960 mshidkmdf - ok
13:44:55.0602 5960 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) D:\Windows\system32\DRIVERS\msisadrv.sys
13:44:55.0604 5960 msisadrv - ok
13:44:55.0709 5960 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) D:\Windows\system32\drivers\MSKSSRV.sys
13:44:55.0710 5960 MSKSSRV - ok
13:44:55.0753 5960 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) D:\Windows\system32\drivers\MSPCLOCK.sys
13:44:55.0755 5960 MSPCLOCK - ok
13:44:55.0790 5960 MSPQM (f456e973590d663b1073e9c463b40932) D:\Windows\system32\drivers\MSPQM.sys
13:44:55.0791 5960 MSPQM - ok
13:44:55.0829 5960 MsRPC (0e008fc4819d238c51d7c93e7b41e560) D:\Windows\system32\drivers\MsRPC.sys
13:44:55.0834 5960 MsRPC - ok
13:44:55.0874 5960 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) D:\Windows\system32\DRIVERS\mssmbios.sys
13:44:55.0875 5960 mssmbios - ok
13:44:55.0963 5960 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) D:\Windows\system32\drivers\MSTEE.sys
13:44:55.0965 5960 MSTEE - ok
13:44:56.0475 5960 MTConfig (33599130f44e1f34631cea241de8ac84) D:\Windows\system32\DRIVERS\MTConfig.sys
13:44:56.0477 5960 MTConfig - ok
13:44:56.0549 5960 Mup (159fad02f64e6381758c990f753bcc80) D:\Windows\system32\Drivers\mup.sys
13:44:56.0550 5960 Mup - ok
13:44:56.0621 5960 NativeWifiP (26384429fcd85d83746f63e798ab1480) D:\Windows\system32\DRIVERS\nwifi.sys
13:44:56.0628 5960 NativeWifiP - ok
13:44:56.0733 5960 NDIS (23759d175a0a9baaf04d05047bc135a8) D:\Windows\system32\drivers\ndis.sys
13:44:56.0738 5960 NDIS - ok
13:44:56.0813 5960 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) D:\Windows\system32\DRIVERS\ndiscap.sys
13:44:56.0814 5960 NdisCap - ok
13:44:56.0863 5960 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) D:\Windows\system32\DRIVERS\ndistapi.sys
13:44:56.0865 5960 NdisTapi - ok
13:44:56.0954 5960 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) D:\Windows\system32\DRIVERS\ndisuio.sys
13:44:56.0955 5960 Ndisuio - ok
13:44:56.0986 5960 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) D:\Windows\system32\DRIVERS\ndiswan.sys
13:44:56.0990 5960 NdisWan - ok
13:44:57.0073 5960 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) D:\Windows\system32\drivers\NDProxy.sys
13:44:57.0077 5960 NDProxy - ok
13:44:57.0120 5960 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) D:\Windows\system32\DRIVERS\netbios.sys
13:44:57.0121 5960 NetBIOS - ok
13:44:57.0197 5960 NetBT (89787d97413d0f27e5080ce8ff812071) D:\Windows\system32\DRIVERS\netbt.sys
13:44:57.0203 5960 NetBT ( Virus.Win32.ZAccess.k ) - infected
13:44:57.0203 5960 NetBT - detected Virus.Win32.ZAccess.k (0)
13:44:57.0305 5960 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) D:\Windows\system32\DRIVERS\nfrd960.sys
13:44:57.0307 5960 nfrd960 - ok
13:44:57.0341 5960 Npfs (1db262a9f8c087e8153d89bef3d2235f) D:\Windows\system32\drivers\Npfs.sys
13:44:57.0344 5960 Npfs - ok
13:44:57.0410 5960 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) D:\Windows\system32\drivers\nsiproxy.sys
13:44:57.0412 5960 nsiproxy - ok
13:44:57.0492 5960 Ntfs (3795dcd21f740ee799fb7223234215af) D:\Windows\system32\drivers\Ntfs.sys
13:44:57.0516 5960 Ntfs - ok
13:44:57.0586 5960 Null (f9756a98d69098dca8945d62858a812c) D:\Windows\system32\drivers\Null.sys
13:44:57.0588 5960 Null - ok
13:44:57.0677 5960 nvraid (3f3d04b1d08d43c16ea7963954ec768d) D:\Windows\system32\DRIVERS\nvraid.sys
13:44:57.0678 5960 nvraid - ok
13:44:57.0711 5960 nvstor (c99f251a5de63c6f129cf71933aced0f) D:\Windows\system32\DRIVERS\nvstor.sys
13:44:57.0712 5960 nvstor - ok
13:44:57.0743 5960 nv_agp (5a0983915f02bae73267cc2a041f717d) D:\Windows\system32\DRIVERS\nv_agp.sys
13:44:57.0745 5960 nv_agp - ok
13:44:57.0861 5960 OEM02Dev (19cac780b858822055f46c58a111723c) D:\Windows\system32\DRIVERS\OEM02Dev.sys
13:44:57.0867 5960 OEM02Dev - ok
13:44:57.0920 5960 OEM02Vfx (86326062a90494bdd79ce383511d7d69) D:\Windows\system32\DRIVERS\OEM02Vfx.sys
13:44:57.0921 5960 OEM02Vfx - ok
13:44:57.0955 5960 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) D:\Windows\system32\DRIVERS\ohci1394.sys
13:44:57.0958 5960 ohci1394 - ok
13:44:58.0203 5960 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) D:\Windows\system32\DRIVERS\parport.sys
13:44:58.0204 5960 Parport - ok
13:44:58.0237 5960 partmgr (ff4218952b51de44fe910953a3e686b9) D:\Windows\system32\drivers\partmgr.sys
13:44:58.0239 5960 partmgr - ok
13:44:58.0272 5960 Parvdm (eb0a59f29c19b86479d36b35983daadc) D:\Windows\system32\DRIVERS\parvdm.sys
13:44:58.0273 5960 Parvdm - ok
13:44:58.0341 5960 pci (c858cb77c577780ecc456a892e7e7d0f) D:\Windows\system32\DRIVERS\pci.sys
13:44:58.0343 5960 pci - ok
13:44:58.0381 5960 pciide (afe86f419014db4e5593f69ffe26ce0a) D:\Windows\system32\DRIVERS\pciide.sys
13:44:58.0382 5960 pciide - ok
13:44:58.0421 5960 pcmcia (f396431b31693e71e8a80687ef523506) D:\Windows\system32\DRIVERS\pcmcia.sys
13:44:58.0423 5960 pcmcia - ok
13:44:58.0488 5960 pcw (250f6b43d2b613172035c6747aeeb19f) D:\Windows\system32\drivers\pcw.sys
13:44:58.0490 5960 pcw - ok
13:44:58.0550 5960 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) D:\Windows\system32\drivers\peauth.sys
13:44:58.0564 5960 PEAUTH - ok
13:44:58.0675 5960 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) D:\Windows\system32\DRIVERS\raspptp.sys
13:44:58.0678 5960 PptpMiniport - ok
13:44:58.0745 5960 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) D:\Windows\system32\DRIVERS\processr.sys
13:44:58.0746 5960 Processor - ok
13:44:58.0825 5960 Psched (6270ccae2a86de6d146529fe55b3246a) D:\Windows\system32\DRIVERS\pacer.sys
13:44:58.0826 5960 Psched - ok
13:44:58.0903 5960 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) D:\Windows\system32\DRIVERS\ql2300.sys
13:44:58.0914 5960 ql2300 - ok
13:44:59.0018 5960 ql40xx (b4dd51dd25182244b86737dc51af2270) D:\Windows\system32\DRIVERS\ql40xx.sys
13:44:59.0019 5960 ql40xx - ok
13:44:59.0061 5960 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) D:\Windows\system32\drivers\qwavedrv.sys
13:44:59.0063 5960 QWAVEdrv - ok
13:44:59.0096 5960 RasAcd (30a81b53c766d0133bb86d234e5556ab) D:\Windows\system32\DRIVERS\rasacd.sys
13:44:59.0097 5960 RasAcd - ok
13:44:59.0150 5960 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) D:\Windows\system32\DRIVERS\AgileVpn.sys
13:44:59.0154 5960 RasAgileVpn - ok
13:44:59.0193 5960 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) D:\Windows\system32\DRIVERS\rasl2tp.sys
13:44:59.0196 5960 Rasl2tp - ok
13:44:59.0296 5960 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) D:\Windows\system32\DRIVERS\raspppoe.sys
13:44:59.0299 5960 RasPppoe - ok
13:44:59.0340 5960 RasSstp (44101f495a83ea6401d886e7fd70096b) D:\Windows\system32\DRIVERS\rassstp.sys
13:44:59.0343 5960 RasSstp - ok
13:44:59.0386 5960 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) D:\Windows\system32\DRIVERS\rdbss.sys
13:44:59.0391 5960 rdbss - ok
13:44:59.0429 5960 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) D:\Windows\system32\DRIVERS\rdpbus.sys
13:44:59.0430 5960 rdpbus - ok
13:44:59.0455 5960 RDPCDD (1e016846895b15a99f9a176a05029075) D:\Windows\system32\DRIVERS\RDPCDD.sys
13:44:59.0456 5960 RDPCDD - ok
13:44:59.0563 5960 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) D:\Windows\system32\drivers\rdpencdd.sys
13:44:59.0565 5960 RDPENCDD - ok
13:44:59.0622 5960 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) D:\Windows\system32\drivers\rdprefmp.sys
13:44:59.0623 5960 RDPREFMP - ok
13:44:59.0648 5960 RDPWD (801371ba9782282892d00aadb08ee367) D:\Windows\system32\drivers\RDPWD.sys
13:44:59.0654 5960 RDPWD - ok
13:44:59.0696 5960 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) D:\Windows\system32\drivers\rdyboost.sys
13:44:59.0698 5960 rdyboost - ok
13:44:59.0825 5960 rimmptsk (355aac141b214bef1dbc1483afd9bd50) D:\Windows\system32\DRIVERS\rimmptsk.sys
13:44:59.0827 5960 rimmptsk - ok
13:44:59.0868 5960 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) D:\Windows\system32\DRIVERS\rimsptsk.sys
13:44:59.0871 5960 rimsptsk - ok
13:44:59.0946 5960 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) D:\Windows\system32\Drivers\RimUsb.sys
13:44:59.0947 5960 RimUsb - ok
13:45:00.0188 5960 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) D:\Windows\system32\DRIVERS\RimSerial.sys
13:45:00.0191 5960 RimVSerPort - ok
13:45:00.0255 5960 rismxdp (d231b577024aa324af13a42f3a807d10) D:\Windows\system32\DRIVERS\rixdptsk.sys
13:45:00.0257 5960 rismxdp - ok
13:45:00.0304 5960 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) D:\Windows\system32\Drivers\RootMdm.sys
13:45:00.0305 5960 ROOTMODEM - ok
13:45:00.0424 5960 rspndr (032b0d36ad92b582d869879f5af5b928) D:\Windows\system32\DRIVERS\rspndr.sys
13:45:00.0427 5960 rspndr - ok
13:45:00.0496 5960 RSUSBSTOR (83f7a29b659771e60cd71999ef57aa0c) D:\Windows\system32\Drivers\RtsUStor.sys
13:45:00.0501 5960 RSUSBSTOR - ok
13:45:00.0591 5960 RTL8192cu (0d371ae4ebc2b1b334ed84485b20dd0c) D:\Windows\system32\DRIVERS\RTL8192cu.sys
13:45:00.0619 5960 RTL8192cu - ok
13:45:00.0700 5960 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:45:00.0702 5960 SASDIFSV - ok
13:45:00.0720 5960 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) D:\Program Files\SUPERAntiSpyware\SASENUM.SYS
13:45:00.0721 5960 SASENUM - ok
13:45:00.0743 5960 SASKUTIL (c7d81c10d3befeee41f3408714637438) D:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
13:45:00.0746 5960 SASKUTIL - ok
13:45:00.0874 5960 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) D:\Windows\system32\DRIVERS\sbp2port.sys
13:45:00.0877 5960 sbp2port - ok
13:45:00.0944 5960 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) D:\Windows\system32\DRIVERS\scfilter.sys
13:45:00.0947 5960 scfilter - ok
13:45:01.0001 5960 sdbus (7b48cff3a475fe849dea65ec4d35c425) D:\Windows\system32\DRIVERS\sdbus.sys
13:45:01.0002 5960 sdbus - ok
13:45:01.0113 5960 secdrv (90a3935d05b494a5a39d37e71f09a677) D:\Windows\system32\drivers\secdrv.sys
13:45:01.0116 5960 secdrv - ok
13:45:01.0170 5960 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) D:\Windows\system32\DRIVERS\serenum.sys
13:45:01.0172 5960 Serenum - ok
13:45:01.0192 5960 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) D:\Windows\system32\DRIVERS\serial.sys
13:45:01.0195 5960 Serial - ok
13:45:01.0231 5960 sermouse (79bffb520327ff916a582dfea17aa813) D:\Windows\system32\DRIVERS\sermouse.sys
13:45:01.0232 5960 sermouse - ok
13:45:01.0264 5960 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) D:\Windows\system32\DRIVERS\sffdisk.sys
13:45:01.0266 5960 sffdisk - ok
13:45:01.0301 5960 sffp_mmc (932a68ee27833cfd57c1639d375f2731) D:\Windows\system32\DRIVERS\sffp_mmc.sys
13:45:01.0302 5960 sffp_mmc - ok
13:45:01.0320 5960 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) D:\Windows\system32\DRIVERS\sffp_sd.sys
13:45:01.0321 5960 sffp_sd - ok
13:45:01.0537 5960 sfloppy (db96666cc8312ebc45032f30b007a547) D:\Windows\system32\DRIVERS\sfloppy.sys
13:45:01.0540 5960 sfloppy - ok
13:45:01.0631 5960 sisagp (2565cac0dc9fe0371bdce60832582b2e) D:\Windows\system32\DRIVERS\sisagp.sys
13:45:01.0633 5960 sisagp - ok
13:45:01.0684 5960 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) D:\Windows\system32\DRIVERS\SiSRaid2.sys
13:45:01.0687 5960 SiSRaid2 - ok
13:45:01.0727 5960 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) D:\Windows\system32\DRIVERS\sisraid4.sys
13:45:01.0730 5960 SiSRaid4 - ok
13:45:01.0773 5960 Smb (3e21c083b8a01cb70ba1f09303010fce) D:\Windows\system32\DRIVERS\smb.sys
13:45:01.0774 5960 Smb - ok
13:45:01.0841 5960 spldr (95cf1ae7527fb70f7816563cbc09d942) D:\Windows\system32\drivers\spldr.sys
13:45:01.0843 5960 spldr - ok
13:45:01.0981 5960 srv (2ba4ebc7dfba845a1edbe1f75913be33) D:\Windows\system32\DRIVERS\srv.sys
13:45:01.0984 5960 srv - ok
13:45:02.0039 5960 srv2 (dce7e10feaabd4cae95948b3de5340bb) D:\Windows\system32\DRIVERS\srv2.sys
13:45:02.0041 5960 srv2 - ok
13:45:02.0136 5960 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) D:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:45:02.0138 5960 SrvHsfHDA - ok
13:45:02.0203 5960 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) D:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:45:02.0211 5960 SrvHsfV92 - ok
13:45:02.0329 5960 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) D:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:45:02.0336 5960 SrvHsfWinac - ok
13:45:02.0397 5960 srvnet (b5665baa2120b8a54e22e9cd07c05106) D:\Windows\system32\DRIVERS\srvnet.sys
13:45:02.0401 5960 srvnet - ok
13:45:02.0458 5960 stexstor (db32d325c192b801df274bfd12a7e72b) D:\Windows\system32\DRIVERS\stexstor.sys
13:45:02.0460 5960 stexstor - ok
13:45:02.0571 5960 STHDA (68a0d39e357dd7a234b1d4f1e844c615) D:\Windows\system32\drivers\stwrt.sys
13:45:02.0574 5960 STHDA - ok
13:45:02.0611 5960 swenum (e58c78a848add9610a4db6d214af5224) D:\Windows\system32\DRIVERS\swenum.sys
13:45:02.0612 5960 swenum - ok
13:45:02.0714 5960 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) D:\Windows\system32\drivers\tcpip.sys
13:45:02.0724 5960 Tcpip - ok
13:45:02.0872 5960 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) D:\Windows\system32\DRIVERS\tcpip.sys
13:45:02.0890 5960 TCPIP6 - ok
13:45:02.0925 5960 tcpipreg (e64444523add154f86567c469bc0b17f) D:\Windows\system32\drivers\tcpipreg.sys
13:45:02.0926 5960 tcpipreg - ok
13:45:02.0964 5960 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) D:\Windows\system32\drivers\tdpipe.sys
13:45:02.0965 5960 TDPIPE - ok
13:45:02.0986 5960 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) D:\Windows\system32\drivers\tdtcp.sys
13:45:02.0987 5960 TDTCP - ok
13:45:03.0037 5960 tdx (cb39e896a2a83702d1737bfd402b3542) D:\Windows\system32\DRIVERS\tdx.sys
13:45:03.0039 5960 tdx - ok
13:45:03.0074 5960 TermDD (c36f41ee20e6999dbf4b0425963268a5) D:\Windows\system32\DRIVERS\termdd.sys
13:45:03.0075 5960 TermDD - ok
13:45:03.0129 5960 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) D:\Windows\system32\DRIVERS\tssecsrv.sys
13:45:03.0131 5960 tssecsrv - ok
13:45:03.0248 5960 tunnel (3e461d890a97f9d4c168f5fda36e1d00) D:\Windows\system32\DRIVERS\tunnel.sys
13:45:03.0249 5960 tunnel - ok
13:45:03.0285 5960 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) D:\Windows\system32\DRIVERS\uagp35.sys
13:45:03.0287 5960 uagp35 - ok
13:45:03.0326 5960 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) D:\Windows\system32\DRIVERS\udfs.sys
13:45:03.0328 5960 udfs - ok
13:45:03.0383 5960 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) D:\Windows\system32\DRIVERS\uliagpkx.sys
13:45:03.0386 5960 uliagpkx - ok
13:45:03.0516 5960 umbus (049b3a50b3d646baeeee9eec9b0668dc) D:\Windows\system32\DRIVERS\umbus.sys
13:45:03.0519 5960 umbus - ok
13:45:03.0549 5960 UmPass (7550ad0c6998ba1cb4843e920ee0feac) D:\Windows\system32\DRIVERS\umpass.sys
13:45:03.0550 5960 UmPass - ok
13:45:03.0600 5960 usbaudio (2436a42aab4ad48a9b714e5b0f344627) D:\Windows\system32\drivers\usbaudio.sys
13:45:03.0601 5960 usbaudio - ok
13:45:03.0636 5960 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) D:\Windows\system32\DRIVERS\usbccgp.sys
13:45:03.0638 5960 usbccgp - ok
13:45:03.0676 5960 usbcir (04ec7cec62ec3b6d9354eee93327fc82) D:\Windows\system32\DRIVERS\usbcir.sys
13:45:03.0678 5960 usbcir - ok
13:45:03.0708 5960 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) D:\Windows\system32\DRIVERS\usbehci.sys
13:45:03.0710 5960 usbehci - ok
13:45:03.0843 5960 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) D:\Windows\system32\DRIVERS\usbhub.sys
13:45:03.0846 5960 usbhub - ok
13:45:03.0876 5960 usbohci (a6fb7957ea7afb1165991e54ce934b74) D:\Windows\system32\DRIVERS\usbohci.sys
13:45:03.0877 5960 usbohci - ok
13:45:03.0905 5960 usbprint (797d862fe0875e75c7cc4c1ad7b30252) D:\Windows\system32\DRIVERS\usbprint.sys
13:45:03.0906 5960 usbprint - ok
13:45:03.0939 5960 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) D:\Windows\system32\DRIVERS\USBSTOR.SYS
13:45:03.0940 5960 USBSTOR - ok
13:45:03.0964 5960 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) D:\Windows\system32\DRIVERS\usbuhci.sys
13:45:03.0966 5960 usbuhci - ok
13:45:04.0244 5960 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) D:\Windows\system32\Drivers\usbvideo.sys
13:45:04.0251 5960 usbvideo - ok
13:45:04.0373 5960 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) D:\Windows\system32\DRIVERS\vdrvroot.sys
13:45:04.0376 5960 vdrvroot - ok
13:45:04.0408 5960 vga (17c408214ea61696cec9c66e388b14f3) D:\Windows\system32\DRIVERS\vgapnp.sys
13:45:04.0409 5960 vga - ok
13:45:04.0437 5960 VgaSave (8e38096ad5c8570a6f1570a61e251561) D:\Windows\System32\drivers\vga.sys
13:45:04.0438 5960 VgaSave - ok
13:45:04.0475 5960 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) D:\Windows\system32\DRIVERS\vhdmp.sys
13:45:04.0477 5960 vhdmp - ok
13:45:04.0508 5960 viaagp (c829317a37b4bea8f39735d4b076e923) D:\Windows\system32\DRIVERS\viaagp.sys
13:45:04.0511 5960 viaagp - ok
13:45:04.0548 5960 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) D:\Windows\system32\DRIVERS\viac7.sys
13:45:04.0550 5960 ViaC7 - ok
13:45:04.0577 5960 viaide (e43574f6a56a0ee11809b48c09e4fd3c) D:\Windows\system32\DRIVERS\viaide.sys
13:45:04.0578 5960 viaide - ok
13:45:04.0691 5960 vm331avs (e37e2dc65ae295cc0c27f31d566045c6) D:\Windows\system32\Drivers\vm331avs.sys
13:45:04.0696 5960 vm331avs - ok
13:45:04.0737 5960 volmgr (384e5a2aa49934295171e499f86ba6f3) D:\Windows\system32\DRIVERS\volmgr.sys
13:45:04.0738 5960 volmgr - ok
13:45:04.0785 5960 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) D:\Windows\system32\drivers\volmgrx.sys
13:45:04.0788 5960 volmgrx - ok
13:45:04.0829 5960 volsnap (58df9d2481a56edde167e51b334d44fd) D:\Windows\system32\DRIVERS\volsnap.sys
13:45:04.0831 5960 volsnap - ok
13:45:04.0943 5960 vsmraid (9dfa0cc2f8855a04816729651175b631) D:\Windows\system32\DRIVERS\vsmraid.sys
13:45:04.0947 5960 vsmraid - ok
13:45:04.0983 5960 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) D:\Windows\system32\DRIVERS\vwifibus.sys
13:45:04.0984 5960 vwifibus - ok
13:45:05.0036 5960 vwififlt (7090d3436eeb4e7da3373090a23448f7) D:\Windows\system32\DRIVERS\vwififlt.sys
13:45:05.0039 5960 vwififlt - ok
13:45:05.0084 5960 WacomPen (de3721e89c653aa281428c8a69745d90) D:\Windows\system32\DRIVERS\wacompen.sys
13:45:05.0087 5960 WacomPen - ok
13:45:05.0135 5960 WANARP (692a712062146e96d28ba0b7d75de31b) D:\Windows\system32\DRIVERS\wanarp.sys
13:45:05.0139 5960 WANARP - ok
13:45:05.0148 5960 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) D:\Windows\system32\DRIVERS\wanarp.sys
13:45:05.0149 5960 Wanarpv6 - ok
13:45:05.0265 5960 Wd (1112a9badacb47b7c0bb0392e3158dff) D:\Windows\system32\DRIVERS\wd.sys
13:45:05.0267 5960 Wd - ok
13:45:05.0315 5960 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) D:\Windows\system32\drivers\Wdf01000.sys
13:45:05.0326 5960 Wdf01000 - ok
13:45:05.0418 5960 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) D:\Windows\system32\DRIVERS\wfplwf.sys
13:45:05.0420 5960 WfpLwf - ok
13:45:05.0453 5960 WIMMount (5cf95b35e59e2a38023836fff31be64c) D:\Windows\system32\drivers\wimmount.sys
13:45:05.0455 5960 WIMMount - ok
13:45:05.0592 5960 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) D:\Windows\system32\DRIVERS\WinUsb.sys
13:45:05.0593 5960 WinUsb - ok
13:45:05.0640 5960 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) D:\Windows\system32\DRIVERS\wmiacpi.sys
13:45:05.0641 5960 WmiAcpi - ok
13:45:05.0678 5960 ws2ifsl (6db3276587b853bf886b69528fdb048c) D:\Windows\system32\drivers\ws2ifsl.sys
13:45:05.0679 5960 ws2ifsl - ok
13:45:05.0722 5960 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) D:\Windows\system32\drivers\WudfPf.sys
13:45:05.0724 5960 WudfPf - ok
13:45:05.0789 5960 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) D:\Windows\system32\DRIVERS\WUDFRd.sys
13:45:05.0791 5960 WUDFRd - ok
13:45:05.0982 5960 yukonw7 (30b73eb97218a16cbc6de535782a1b35) D:\Windows\system32\DRIVERS\yk62x86.sys
13:45:05.0991 5960 yukonw7 - ok
13:45:06.0204 5960 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:45:06.0266 5960 \Device\Harddisk0\DR0 - ok
13:45:06.0271 5960 Boot (0x1200) (b679c7d263aee29a68a6c203b94428b6) \Device\Harddisk0\DR0\Partition0
13:45:06.0273 5960 \Device\Harddisk0\DR0\Partition0 - ok
13:45:06.0315 5960 Boot (0x1200) (38471b9137ab2237f65e7418fb3122a7) \Device\Harddisk0\DR0\Partition1
13:45:06.0317 5960 \Device\Harddisk0\DR0\Partition1 - ok
13:45:06.0334 5960 Boot (0x1200) (240cf8ca76f2a80bc067ec89399b712c) \Device\Harddisk0\DR0\Partition2
13:45:06.0335 5960 \Device\Harddisk0\DR0\Partition2 - ok
13:45:06.0336 5960 ============================================================
13:45:06.0336 5960 Scan finished
13:45:06.0336 5960 ============================================================
13:45:06.0353 3480 Detected object count: 1
13:45:06.0353 3480 Actual detected object count: 1
13:45:22.0681 3480 Backup copy found, using it..
13:45:22.0697 3480 D:\Windows\system32\DRIVERS\netbt.sys - will be cured on reboot
13:45:26.0915 3480 NetBT ( Virus.Win32.ZAccess.k ) - User select action: Cure
13:45:33.0550 1824 Deinitialize success

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:05 AM

Posted 19 January 2012 - 01:02 PM

Very well :)

Post new aswMBR log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users