Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help getting rid of Google Redirect Virus


  • Please log in to reply
11 replies to this topic

#1 aineoin

aineoin

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 01:45 PM

I've run AdAware, CCleanter, SpyBot Search and Destroy, Hitman Pro 3.5, TDSSkiller, and Avira Anti Virus programs. Still being redirected from search engine results. Another forum suggested combofix, and combofix says to start by asking for help and having someone direct you through the process. Here I am, asking for help :) If this doesn't work I'll probably try a system restore to last week ... Thanks.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of malware logs in this topic. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:28 PM

Posted 23 January 2012 - 02:06 PM

Hello, do not run ComboFix yet..
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?

May we see your TDSS log and this.
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices <<--SKIP
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 02:41 PM

Hello, do not run ComboFix yet..
Are you on a router? Are other machines on it,if so are they redirecting?


I'm using my laptop at home. Other household computers don't seem to be redirecting.

Do you use Firefox?


Yes.

May we see your TDSS log and this.


I'll run it again and get the log.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices <<--SKIP
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Will do. Thanks.

#4 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 02:49 PM

This is the info generated in the 'report' link from TDSSkiller.exe

11:46:33.0390 2772 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
11:46:33.0873 2772 ============================================================
11:46:33.0873 2772 Current date / time: 2012/01/23 11:46:33.0873
11:46:33.0873 2772 SystemInfo:
11:46:33.0873 2772
11:46:33.0873 2772 OS Version: 6.0.6002 ServicePack: 2.0
11:46:33.0873 2772 Product type: Workstation
11:46:33.0873 2772 ComputerName: MCDONALD
11:46:33.0873 2772 UserName: Nonie
11:46:33.0873 2772 Windows directory: C:\Windows
11:46:33.0873 2772 System windows directory: C:\Windows
11:46:33.0873 2772 Processor architecture: Intel x86
11:46:33.0873 2772 Number of processors: 2
11:46:33.0873 2772 Page size: 0x1000
11:46:33.0873 2772 Boot type: Normal boot
11:46:33.0873 2772 ============================================================
11:46:35.0667 2772 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:46:35.0792 2772 Initialize success
11:46:39.0318 1644 ============================================================
11:46:39.0318 1644 Scan started
11:46:39.0318 1644 Mode: Manual;
11:46:39.0318 1644 ============================================================
11:46:40.0347 1644 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:46:40.0363 1644 ACPI - ok
11:46:40.0519 1644 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:46:40.0566 1644 adp94xx - ok
11:46:40.0691 1644 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:46:40.0722 1644 adpahci - ok
11:46:40.0925 1644 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:46:40.0971 1644 adpu160m - ok
11:46:41.0159 1644 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:46:41.0190 1644 adpu320 - ok
11:46:41.0455 1644 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:46:41.0455 1644 AFD - ok
11:46:41.0642 1644 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:46:41.0642 1644 agp440 - ok
11:46:41.0876 1644 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:46:41.0876 1644 aic78xx - ok
11:46:42.0063 1644 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
11:46:42.0095 1644 aliide - ok
11:46:42.0297 1644 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:46:42.0313 1644 amdagp - ok
11:46:42.0485 1644 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
11:46:42.0500 1644 amdide - ok
11:46:42.0656 1644 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:46:42.0656 1644 AmdK7 - ok
11:46:42.0859 1644 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
11:46:42.0859 1644 AmdK8 - ok
11:46:43.0046 1644 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:46:43.0062 1644 arc - ok
11:46:43.0140 1644 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:46:43.0171 1644 arcsas - ok
11:46:43.0327 1644 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:46:43.0358 1644 AsyncMac - ok
11:46:43.0421 1644 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:46:43.0421 1644 atapi - ok
11:46:43.0655 1644 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
11:46:43.0655 1644 avgntflt - ok
11:46:43.0733 1644 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
11:46:43.0779 1644 avipbb - ok
11:46:43.0904 1644 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
11:46:43.0920 1644 avkmgr - ok
11:46:44.0107 1644 BCM43XV (34a0a6386256080f52c74076c6157026) C:\Windows\system32\DRIVERS\bcmwl6.sys
11:46:44.0138 1644 BCM43XV - ok
11:46:44.0232 1644 BCM43XX (34a0a6386256080f52c74076c6157026) C:\Windows\system32\DRIVERS\bcmwl6.sys
11:46:44.0263 1644 BCM43XX - ok
11:46:44.0403 1644 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:46:44.0419 1644 Beep - ok
11:46:44.0481 1644 blbdrive - ok
11:46:44.0559 1644 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:46:44.0559 1644 bowser - ok
11:46:44.0684 1644 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:46:44.0715 1644 BrFiltLo - ok
11:46:44.0762 1644 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:46:44.0793 1644 BrFiltUp - ok
11:46:44.0981 1644 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:46:44.0981 1644 Brserid - ok
11:46:45.0027 1644 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:46:45.0059 1644 BrSerWdm - ok
11:46:45.0105 1644 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:46:45.0105 1644 BrUsbMdm - ok
11:46:45.0121 1644 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:46:45.0121 1644 BrUsbSer - ok
11:46:45.0261 1644 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:46:45.0277 1644 BTHMODEM - ok
11:46:45.0355 1644 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:46:45.0402 1644 cdfs - ok
11:46:45.0589 1644 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:46:45.0589 1644 cdrom - ok
11:46:45.0667 1644 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:46:45.0667 1644 circlass - ok
11:46:45.0729 1644 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:46:45.0776 1644 CLFS - ok
11:46:45.0995 1644 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:46:46.0026 1644 CmBatt - ok
11:46:46.0088 1644 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
11:46:46.0119 1644 cmdide - ok
11:46:46.0307 1644 CnxtHdAudService (a4d44ab8423791db757b38150ec599a4) C:\Windows\system32\drivers\CHDRT32.sys
11:46:46.0338 1644 CnxtHdAudService - ok
11:46:46.0478 1644 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:46:46.0478 1644 Compbatt - ok
11:46:46.0603 1644 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:46:46.0650 1644 crcdisk - ok
11:46:46.0681 1644 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:46:46.0697 1644 Crusoe - ok
11:46:46.0946 1644 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:46:46.0977 1644 DfsC - ok
11:46:47.0211 1644 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:46:47.0211 1644 disk - ok
11:46:47.0321 1644 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:46:47.0321 1644 drmkaud - ok
11:46:47.0492 1644 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:46:47.0508 1644 DXGKrnl - ok
11:46:47.0773 1644 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
11:46:47.0804 1644 E100B - ok
11:46:48.0054 1644 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:46:48.0054 1644 E1G60 - ok
11:46:48.0366 1644 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:46:48.0381 1644 Ecache - ok
11:46:48.0709 1644 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:46:48.0756 1644 elxstor - ok
11:46:49.0177 1644 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:46:49.0208 1644 exfat - ok
11:46:49.0551 1644 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:46:49.0567 1644 fastfat - ok
11:46:49.0676 1644 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:46:49.0676 1644 fdc - ok
11:46:49.0910 1644 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:46:49.0910 1644 FileInfo - ok
11:46:50.0019 1644 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:46:50.0066 1644 Filetrace - ok
11:46:50.0207 1644 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:46:50.0222 1644 flpydisk - ok
11:46:50.0316 1644 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:46:50.0347 1644 FltMgr - ok
11:46:51.0033 1644 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:46:51.0065 1644 Fs_Rec - ok
11:46:51.0111 1644 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:46:51.0127 1644 gagp30kx - ok
11:46:51.0314 1644 HBtnKey (93aee3434935fc2f805fefd8dc5ed1b4) C:\Windows\system32\DRIVERS\cpqbttn.sys
11:46:51.0330 1644 HBtnKey - ok
11:46:51.0408 1644 HdAudAddService (07eee11d6e2b78122e17db3878b4c687) C:\Windows\system32\drivers\CHDART.sys
11:46:51.0455 1644 HdAudAddService - ok
11:46:51.0689 1644 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:46:51.0704 1644 HDAudBus - ok
11:46:51.0876 1644 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:46:51.0907 1644 HidBth - ok
11:46:52.0001 1644 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:46:52.0001 1644 HidIr - ok
11:46:52.0469 1644 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:46:52.0500 1644 HidUsb - ok
11:46:52.0952 1644 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:46:52.0952 1644 HpCISSs - ok
11:46:53.0093 1644 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:46:53.0139 1644 HpqKbFiltr - ok
11:46:53.0358 1644 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:46:53.0358 1644 HSFHWAZL - ok
11:46:53.0701 1644 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
11:46:53.0732 1644 HSF_DPV - ok
11:46:54.0231 1644 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
11:46:54.0231 1644 HSXHWAZL - ok
11:46:54.0559 1644 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:46:54.0575 1644 HTTP - ok
11:46:54.0777 1644 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:46:54.0840 1644 i2omp - ok
11:46:55.0308 1644 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:46:55.0355 1644 i8042prt - ok
11:46:55.0573 1644 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:46:55.0651 1644 ialm - ok
11:46:56.0025 1644 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:46:56.0057 1644 iaStorV - ok
11:46:56.0244 1644 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:46:56.0291 1644 iirsp - ok
11:46:56.0369 1644 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
11:46:56.0384 1644 intelide - ok
11:46:56.0540 1644 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
11:46:56.0587 1644 intelppm - ok
11:46:56.0774 1644 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:46:56.0805 1644 IpFilterDriver - ok
11:46:57.0008 1644 IpInIp - ok
11:46:57.0133 1644 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:46:57.0180 1644 IPMIDRV - ok
11:46:57.0320 1644 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:46:57.0367 1644 IPNAT - ok
11:46:57.0445 1644 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:46:57.0476 1644 IRENUM - ok
11:46:57.0585 1644 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:46:57.0632 1644 isapnp - ok
11:46:57.0757 1644 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:46:57.0757 1644 iScsiPrt - ok
11:46:57.0929 1644 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:46:57.0960 1644 iteatapi - ok
11:46:58.0053 1644 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:46:58.0085 1644 iteraid - ok
11:46:58.0225 1644 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:46:58.0272 1644 kbdclass - ok
11:46:58.0334 1644 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:46:58.0334 1644 kbdhid - ok
11:46:58.0428 1644 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:46:58.0443 1644 KSecDD - ok
11:46:58.0584 1644 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
11:46:58.0599 1644 Lavasoft Kernexplorer - ok
11:46:58.0802 1644 Leapfrog-USBLAN (5cffda921fe0c9e9ebde3150d3c81594) C:\Windows\system32\DRIVERS\btblan.sys
11:46:58.0818 1644 Leapfrog-USBLAN - ok
11:46:59.0067 1644 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:46:59.0099 1644 lltdio - ok
11:46:59.0223 1644 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:46:59.0255 1644 LSI_FC - ok
11:46:59.0395 1644 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:46:59.0426 1644 LSI_SAS - ok
11:46:59.0457 1644 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:46:59.0473 1644 LSI_SCSI - ok
11:46:59.0535 1644 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:46:59.0582 1644 luafv - ok
11:46:59.0754 1644 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
11:46:59.0769 1644 LVPr2Mon - ok
11:46:59.0863 1644 LVRS (87ecce893d8aec5a9337b917742d339c) C:\Windows\system32\DRIVERS\lvrs.sys
11:46:59.0863 1644 LVRS - ok
11:47:00.0035 1644 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\Windows\system32\drivers\LVUSBSta.sys
11:47:00.0035 1644 LVUSBSta - ok
11:47:00.0456 1644 LVUVC (291f69b3dda0f033d2490c5ba5179f7c) C:\Windows\system32\DRIVERS\lvuvc.sys
11:47:01.0080 1644 LVUVC - ok
11:47:01.0267 1644 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:47:01.0267 1644 mdmxsdk - ok
11:47:01.0392 1644 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:47:01.0439 1644 megasas - ok
11:47:01.0517 1644 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:47:01.0548 1644 Modem - ok
11:47:01.0704 1644 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:47:01.0704 1644 monitor - ok
11:47:01.0766 1644 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:47:01.0813 1644 mouclass - ok
11:47:01.0844 1644 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:47:01.0875 1644 mouhid - ok
11:47:02.0016 1644 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:47:02.0016 1644 MountMgr - ok
11:47:02.0109 1644 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:47:02.0156 1644 mpio - ok
11:47:02.0219 1644 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:47:02.0250 1644 mpsdrv - ok
11:47:02.0375 1644 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:47:02.0421 1644 Mraid35x - ok
11:47:02.0484 1644 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:47:02.0531 1644 MRxDAV - ok
11:47:02.0577 1644 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:47:02.0624 1644 mrxsmb - ok
11:47:02.0780 1644 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:47:02.0827 1644 mrxsmb10 - ok
11:47:02.0889 1644 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:47:02.0921 1644 mrxsmb20 - ok
11:47:03.0061 1644 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
11:47:03.0092 1644 msahci - ok
11:47:03.0139 1644 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:47:03.0170 1644 msdsm - ok
11:47:03.0264 1644 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:47:03.0295 1644 Msfs - ok
11:47:03.0467 1644 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:47:03.0498 1644 msisadrv - ok
11:47:03.0607 1644 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:47:03.0607 1644 MSKSSRV - ok
11:47:03.0669 1644 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:47:03.0685 1644 MSPCLOCK - ok
11:47:03.0779 1644 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:47:03.0794 1644 MSPQM - ok
11:47:03.0872 1644 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:47:03.0919 1644 MsRPC - ok
11:47:03.0997 1644 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:47:03.0997 1644 mssmbios - ok
11:47:04.0137 1644 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:47:04.0137 1644 MSTEE - ok
11:47:04.0200 1644 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:47:04.0247 1644 Mup - ok
11:47:04.0418 1644 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:47:04.0449 1644 NativeWifiP - ok
11:47:04.0559 1644 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:47:04.0574 1644 NDIS - ok
11:47:04.0715 1644 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:47:04.0746 1644 NdisTapi - ok
11:47:04.0902 1644 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:47:04.0902 1644 Ndisuio - ok
11:47:05.0105 1644 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:47:05.0151 1644 NdisWan - ok
11:47:05.0198 1644 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:47:05.0245 1644 NDProxy - ok
11:47:05.0432 1644 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:47:05.0463 1644 NetBIOS - ok
11:47:05.0541 1644 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:47:05.0588 1644 netbt - ok
11:47:05.0885 1644 NetworkX (eae09b506c9233581f2ac58b62148100) C:\Windows\system32\ckldrv.sys
11:47:05.0931 1644 NetworkX - ok
11:47:06.0072 1644 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:47:06.0103 1644 nfrd960 - ok
11:47:06.0275 1644 Nmea (b0d5188e282dc4edae7020f333427bc8) C:\Windows\system32\DRIVERS\pctnullport.sys
11:47:06.0275 1644 Nmea - ok
11:47:06.0368 1644 nmwcd (65ac8baa2f916ee9203ee48d7fcee605) C:\Windows\system32\drivers\ccdcmb.sys
11:47:06.0368 1644 nmwcd - ok
11:47:06.0462 1644 nmwcdnsu (be7fd9ca07e7d39f77c78ba5756930d9) C:\Windows\system32\drivers\nmwcdnsu.sys
11:47:06.0462 1644 nmwcdnsu - ok
11:47:06.0618 1644 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:47:06.0665 1644 Npfs - ok
11:47:06.0805 1644 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:47:06.0852 1644 nsiproxy - ok
11:47:07.0117 1644 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:47:07.0211 1644 Ntfs - ok
11:47:07.0335 1644 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:47:07.0382 1644 ntrigdigi - ok
11:47:07.0445 1644 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:47:07.0476 1644 Null - ok
11:47:07.0679 1644 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
11:47:07.0710 1644 NVENETFD - ok
11:47:08.0287 1644 nvlddmkm (d65bc32c1795191b7f2b028351ab4fe2) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:47:08.0552 1644 nvlddmkm - ok
11:47:08.0677 1644 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:47:08.0724 1644 nvraid - ok
11:47:08.0849 1644 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
11:47:08.0849 1644 nvsmu - ok
11:47:09.0036 1644 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:47:09.0067 1644 nvstor - ok
11:47:09.0145 1644 nvstor32 (4c93d50bca15b3bfcab07306b258b248) C:\Windows\system32\DRIVERS\nvstor32.sys
11:47:09.0145 1644 nvstor32 - ok
11:47:09.0301 1644 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:47:09.0348 1644 nv_agp - ok
11:47:09.0441 1644 NWADI (0973c0c696780161f4526586d5eac422) C:\Windows\system32\DRIVERS\NWADIenum.sys
11:47:09.0441 1644 NWADI - ok
11:47:09.0566 1644 NwlnkFlt - ok
11:47:09.0597 1644 NwlnkFwd - ok
11:47:09.0691 1644 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
11:47:09.0707 1644 ohci1394 - ok
11:47:09.0785 1644 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:47:09.0831 1644 Parport - ok
11:47:10.0003 1644 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:47:10.0019 1644 partmgr - ok
11:47:10.0081 1644 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:47:10.0081 1644 Parvdm - ok
11:47:10.0175 1644 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
11:47:10.0175 1644 PCASp50 - ok
11:47:10.0362 1644 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
11:47:10.0409 1644 pccsmcfd - ok
11:47:10.0487 1644 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:47:10.0533 1644 pci - ok
11:47:10.0705 1644 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
11:47:10.0721 1644 pciide - ok
11:47:10.0799 1644 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:47:10.0845 1644 pcmcia - ok
11:47:10.0986 1644 PCTINDIS5 - ok
11:47:11.0111 1644 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:47:11.0220 1644 PEAUTH - ok
11:47:11.0376 1644 pepifilter (0896002d1efcd08859a41c9db34ad84c) C:\Windows\system32\DRIVERS\lv302af.sys
11:47:11.0407 1644 pepifilter - ok
11:47:11.0563 1644 PID_PEPI (a7598e897da639e255ad4188fa398478) C:\Windows\system32\DRIVERS\LV302V32.SYS
11:47:11.0641 1644 PID_PEPI - ok
11:47:12.0000 1644 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:47:12.0047 1644 PptpMiniport - ok
11:47:12.0125 1644 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:47:12.0140 1644 Processor - ok
11:47:12.0327 1644 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:47:12.0327 1644 PSched - ok
11:47:12.0390 1644 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
11:47:12.0405 1644 PxHelp20 - ok
11:47:12.0499 1644 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:47:12.0577 1644 ql2300 - ok
11:47:12.0686 1644 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:47:12.0717 1644 ql40xx - ok
11:47:12.0827 1644 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:47:12.0842 1644 QWAVEdrv - ok
11:47:12.0967 1644 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:47:12.0983 1644 RasAcd - ok
11:47:13.0061 1644 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:47:13.0107 1644 Rasl2tp - ok
11:47:13.0170 1644 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:47:13.0185 1644 RasPppoe - ok
11:47:13.0326 1644 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:47:13.0357 1644 RasSstp - ok
11:47:13.0419 1644 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:47:13.0482 1644 rdbss - ok
11:47:13.0607 1644 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:47:13.0607 1644 RDPCDD - ok
11:47:13.0685 1644 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:47:13.0716 1644 rdpdr - ok
11:47:13.0856 1644 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:47:13.0856 1644 RDPENCDD - ok
11:47:13.0981 1644 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:47:13.0997 1644 RDPWD - ok
11:47:14.0137 1644 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
11:47:14.0168 1644 RimVSerPort - ok
11:47:14.0277 1644 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
11:47:14.0277 1644 ROOTMODEM - ok
11:47:14.0371 1644 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:47:14.0402 1644 rspndr - ok
11:47:14.0527 1644 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:47:14.0574 1644 sbp2port - ok
11:47:14.0652 1644 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:47:14.0683 1644 secdrv - ok
11:47:14.0855 1644 Sentinel (95a26d5d8ceda33377af627dafc2796f) C:\Windows\System32\Drivers\SENTINEL.SYS
11:47:14.0901 1644 Sentinel - ok
11:47:15.0011 1644 ser2plms (227df2e68510d25462ee80136722374e) C:\Windows\system32\DRIVERS\ser2plms.sys
11:47:15.0011 1644 ser2plms - ok
11:47:15.0120 1644 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:47:15.0135 1644 Serenum - ok
11:47:15.0198 1644 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:47:15.0245 1644 Serial - ok
11:47:15.0401 1644 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:47:15.0401 1644 sermouse - ok
11:47:15.0510 1644 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
11:47:15.0541 1644 sffdisk - ok
11:47:15.0572 1644 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:47:15.0603 1644 sffp_mmc - ok
11:47:15.0728 1644 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
11:47:15.0759 1644 sffp_sd - ok
11:47:15.0822 1644 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:47:15.0837 1644 sfloppy - ok
11:47:16.0025 1644 silabenm (3ead8e1668ce42a0afe41d56e7157bcf) C:\Windows\system32\DRIVERS\silabenm.sys
11:47:16.0056 1644 silabenm - ok
11:47:16.0118 1644 silabser (5ec84546635d8f6e306f9c80fe09433d) C:\Windows\system32\DRIVERS\silabser.sys
11:47:16.0134 1644 silabser - ok
11:47:16.0181 1644 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:47:16.0181 1644 sisagp - ok
11:47:16.0290 1644 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:47:16.0321 1644 SiSRaid2 - ok
11:47:16.0399 1644 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:47:16.0430 1644 SiSRaid4 - ok
11:47:16.0586 1644 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:47:16.0617 1644 Smb - ok
11:47:16.0727 1644 SNTNLUSB (8d4a96868ae13c3cf8425b383b59d802) C:\Windows\system32\DRIVERS\SNTNLUSB.SYS
11:47:16.0727 1644 SNTNLUSB - ok
11:47:16.0805 1644 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:47:16.0836 1644 spldr - ok
11:47:17.0007 1644 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:47:17.0070 1644 srv - ok
11:47:17.0210 1644 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:47:17.0257 1644 srv2 - ok
11:47:17.0335 1644 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:47:17.0366 1644 srvnet - ok
11:47:17.0522 1644 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
11:47:17.0553 1644 ssmdrv - ok
11:47:17.0647 1644 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:47:17.0663 1644 swenum - ok
11:47:17.0834 1644 swmsflt (e6c797b33a454840245c0c96e7f08b0a) C:\Windows\System32\drivers\swmsflt.sys
11:47:17.0834 1644 swmsflt - ok
11:47:17.0881 1644 swmx00 (5d3c9f767eaded3e14fa4ce6cf9f7725) C:\Windows\system32\DRIVERS\swmx00.sys
11:47:17.0897 1644 swmx00 - ok
11:47:18.0006 1644 SWNC5E00 (e0919389fb29ed5c03b0b664236abe50) C:\Windows\system32\DRIVERS\SWNC5E00.sys
11:47:18.0006 1644 SWNC5E00 - ok
11:47:18.0146 1644 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:47:18.0177 1644 Symc8xx - ok
11:47:18.0224 1644 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:47:18.0240 1644 Sym_hi - ok
11:47:18.0318 1644 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:47:18.0349 1644 Sym_u3 - ok
11:47:18.0521 1644 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
11:47:18.0536 1644 SynTP - ok
11:47:18.0677 1644 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
11:47:18.0708 1644 Tcpip - ok
11:47:18.0879 1644 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
11:47:18.0895 1644 Tcpip6 - ok
11:47:19.0051 1644 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:47:19.0082 1644 tcpipreg - ok
11:47:19.0160 1644 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:47:19.0160 1644 TDPIPE - ok
11:47:19.0191 1644 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:47:19.0207 1644 TDTCP - ok
11:47:19.0363 1644 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:47:19.0379 1644 tdx - ok
11:47:19.0441 1644 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:47:19.0441 1644 TermDD - ok
11:47:19.0581 1644 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:19.0613 1644 tssecsrv - ok
11:47:19.0769 1644 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:47:19.0800 1644 tunmp - ok
11:47:19.0847 1644 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:47:19.0893 1644 tunnel - ok
11:47:19.0940 1644 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:47:19.0971 1644 uagp35 - ok
11:47:20.0112 1644 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:47:20.0159 1644 udfs - ok
11:47:20.0252 1644 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:47:20.0252 1644 uliagpkx - ok
11:47:20.0361 1644 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:47:20.0408 1644 uliahci - ok
11:47:20.0455 1644 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:47:20.0502 1644 UlSata - ok
11:47:20.0611 1644 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:47:20.0642 1644 ulsata2 - ok
11:47:20.0736 1644 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:47:20.0751 1644 umbus - ok
11:47:20.0876 1644 upperdev (2522747ba661514e3770e508cce45b64) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
11:47:20.0876 1644 upperdev - ok
11:47:21.0001 1644 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
11:47:21.0032 1644 usbaudio - ok
11:47:21.0173 1644 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:21.0188 1644 usbccgp - ok
11:47:21.0251 1644 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:47:21.0297 1644 usbcir - ok
11:47:21.0438 1644 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:47:21.0438 1644 usbehci - ok
11:47:21.0516 1644 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:47:21.0547 1644 usbhub - ok
11:47:21.0578 1644 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
11:47:21.0609 1644 usbohci - ok
11:47:21.0734 1644 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:47:21.0750 1644 usbprint - ok
11:47:21.0812 1644 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:47:21.0828 1644 usbscan - ok
11:47:21.0890 1644 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
11:47:21.0921 1644 usbser - ok
11:47:22.0077 1644 UsbserFilt (8aa5f86a6c3b3234beed9556d145bfac) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
11:47:22.0093 1644 UsbserFilt - ok
11:47:22.0171 1644 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:22.0218 1644 USBSTOR - ok
11:47:22.0327 1644 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
11:47:22.0358 1644 usbuhci - ok
11:47:22.0452 1644 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
11:47:22.0499 1644 usbvideo - ok
11:47:22.0623 1644 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:22.0655 1644 vga - ok
11:47:22.0717 1644 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:47:22.0717 1644 VgaSave - ok
11:47:22.0779 1644 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:47:22.0811 1644 viaagp - ok
11:47:22.0920 1644 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:47:22.0951 1644 ViaC7 - ok
11:47:23.0029 1644 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
11:47:23.0045 1644 viaide - ok
11:47:23.0091 1644 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:47:23.0091 1644 volmgr - ok
11:47:23.0263 1644 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:47:23.0310 1644 volmgrx - ok
11:47:23.0481 1644 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:47:23.0513 1644 volsnap - ok
11:47:23.0575 1644 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:47:23.0606 1644 vsmraid - ok
11:47:23.0762 1644 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:47:23.0793 1644 WacomPen - ok
11:47:23.0856 1644 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:23.0903 1644 Wanarp - ok
11:47:23.0934 1644 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:23.0934 1644 Wanarpv6 - ok
11:47:24.0074 1644 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:47:24.0105 1644 Wd - ok
11:47:24.0199 1644 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
11:47:24.0261 1644 Wdf01000 - ok
11:47:24.0511 1644 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:47:24.0527 1644 winachsf - ok
11:47:24.0776 1644 WinUsb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
11:47:24.0807 1644 WinUsb - ok
11:47:24.0885 1644 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:47:24.0885 1644 WmiAcpi - ok
11:47:25.0104 1644 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:47:25.0104 1644 WpdUsb - ok
11:47:25.0182 1644 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:47:25.0213 1644 ws2ifsl - ok
11:47:25.0431 1644 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:25.0463 1644 WUDFRd - ok
11:47:25.0556 1644 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys
11:47:25.0556 1644 XAudio - ok
11:47:25.0681 1644 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
11:47:25.0728 1644 \Device\Harddisk0\DR0 - ok
11:47:25.0743 1644 Boot (0x1200) (529eae334a09d37238bc1bfa84a2350b) \Device\Harddisk0\DR0\Partition0
11:47:25.0743 1644 \Device\Harddisk0\DR0\Partition0 - ok
11:47:25.0759 1644 Boot (0x1200) (f0c0a59c1461b7ec149fb50a9404c44e) \Device\Harddisk0\DR0\Partition1
11:47:25.0759 1644 \Device\Harddisk0\DR0\Partition1 - ok
11:47:25.0759 1644 ============================================================
11:47:25.0759 1644 Scan finished
11:47:25.0759 1644 ============================================================
11:47:25.0821 1332 Detected object count: 0
11:47:25.0821 1332 Actual detected object count: 0

#5 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 02:54 PM

This is what the minitoolbox report had to say:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Nonie (administrator) on 23-01-2012 at 11:51:02
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



94.63.240.166 www.bing.com


========================= IP Configuration: ================================

Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection 5" address=169.254.121.1
add address name="Local Area Connection 4" address=169.254.41.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : McDonald
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-1A-73-80-80-E6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::986a:1982:dcb0:ddee%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, January 23, 2012 10:58:40 AM
Lease Expires . . . . . . . . . . : Monday, January 30, 2012 10:58:40 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 184556147
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-21-6B-13-00-1B-24-78-05-56
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-1B-24-78-05-56
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D79F6F39-2A60-4D6C-8CE3-2C1A91BEA4EF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D79F6F39-2A60-4D6C-8CE3-2C1A91BEA4EF}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1c4c:1dee:3f57:fd98(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c4c:1dee:3f57:fd98%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{33E3719A-76B1-48B1-9F31-BD3CBF2DBDDA}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: SMCWBR14S-N4.ralinktech.com
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.224.147
74.125.224.145
74.125.224.144
74.125.224.148
74.125.224.146



Pinging google.com [74.125.224.146] with 32 bytes of data:

Reply from 74.125.224.146: bytes=32 time=21ms TTL=55

Reply from 74.125.224.146: bytes=32 time=20ms TTL=55



Ping statistics for 74.125.224.146:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 20ms, Maximum = 21ms, Average = 20ms

Server: SMCWBR14S-N4.ralinktech.com
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
72.30.2.43
98.137.149.56



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=57ms TTL=50

Reply from 209.191.122.70: bytes=32 time=59ms TTL=50



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 57ms, Maximum = 59ms, Average = 58ms

Server: SMCWBR14S-N4.ralinktech.com
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 1a 73 80 80 e6 ...... Broadcom 802.11b/g WLAN
8 ...00 1b 24 78 05 56 ...... NVIDIA nForce 10/100 Mbps Ethernet
1 ........................... Software Loopback Interface 1
11 ...00 00 00 00 00 00 00 e0 isatap.{D79F6F39-2A60-4D6C-8CE3-2C1A91BEA4EF}
20 ...00 00 00 00 00 00 00 e0 isatap.{D79F6F39-2A60-4D6C-8CE3-2C1A91BEA4EF}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
19 ...00 00 00 00 00 00 00 e0 isatap.{33E3719A-76B1-48B1-9F31-BD3CBF2DBDDA}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.103 281
192.168.2.103 255.255.255.255 On-link 192.168.2.103 281
192.168.2.255 255.255.255.255 On-link 192.168.2.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:5ef5:79fb:1c4c:1dee:3f57:fd98/128
On-link
9 281 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::1c4c:1dee:3f57:fd98/128
On-link
9 281 fe80::986a:1982:dcb0:ddee/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
9 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/23/2012 11:03:43 AM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005

Error: (01/23/2012 10:53:05 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bc4a3c08-ae13-4ce2-8e9b-21fcb8cbef4c}

Error: (01/23/2012 10:17:28 AM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005

Error: (01/23/2012 10:09:27 AM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005

Error: (01/23/2012 09:53:51 AM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005

Error: (01/23/2012 09:47:09 AM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Users\Nonie\Downloads\HitmanPro35.exe ; Descripton = ?????; Hr = 0x80070057).

Error: (01/23/2012 09:37:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/23/2012 09:37:32 AM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005

Error: (01/23/2012 09:18:56 AM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005

Error: (01/22/2012 10:42:02 PM) (Source: Automatic LiveUpdate Scheduler) (User: SYSTEM)SYSTEM
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x80004005


System errors:
=============
Error: (01/22/2012 00:57:00 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.33 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/22/2012 08:20:33 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.103 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/21/2012 02:09:35 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.21.66.228 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/21/2012 00:59:26 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 10.252.4.76 on the Network Card with network address 001A738080E6.

Error: (01/21/2012 09:04:15 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.103 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 10.0.6.2 (The DHCP Server sent a DHCPNACK message).

Error: (01/19/2012 03:29:12 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:55:28 PM on 1/19/2012 was unexpected.

Error: (01/18/2012 08:00:21 PM) (Source: Dhcp) (User: )
Description: The IP address lease 10.0.0.33 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/18/2012 06:21:41 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.103 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/18/2012 06:21:29 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:50:45 PM on 1/18/2012 was unexpected.

Error: (01/14/2012 10:07:18 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.103 for the Network Card with network address 001A738080E6 has been denied by the DHCP server 10.0.6.2 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

3DVIA player 5.0 (Version: 5.0.0.12)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Ad-Aware (Version: 9.5.0)
Adobe Acrobat 6.0 Standard (Version: 006.000.000)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 10 Plugin (Version: 10.3.181.26)
Adobe Illustrator 10.0.3 (Version: 10.0.3)
Adobe Photoshop 7.0.1 (Version: 7.0.1)
Adobe Reader 8.3.0 (Version: 8.3.0)
Adobe SVG Viewer 3.0 (Version: 3.0)
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
Avira Free Antivirus (Version: 12.0.0.872)
Big Fish Games: Game Manager (Version: 1.5.1.0)
Bullzip PDF Printer 7.1.0.1218 (Version: 7.1.0.1218)
Canon iP2600 series
CCleaner (Version: 3.10)
Chuzzle Deluxe (Version: 1.0.1.0)
Conexant HD Audio
Core FTP LE 2.1
ESU for Microsoft Vista (Version: 2.0.2.1)
Geomate.Jr Software Kit (Version: 1.0.10)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.79)
HDAUDIO Soft Data Fax Modem with SmartCP
Hitman Pro 3.5 (Version: 3.5.9.131)
Hoyle Puzzle Games 2007 (Version: 1.0.0.0)
HP Active Support Library (Version: 3.1.9.1)
HP Active Support Library 32 bit components (Version: 1.0.9)
HP Customer Experience Enhancements (Version: 5.1.0.2278)
HP DVD Play 3.6
HP Easy Setup - Frontend (Version: 5.1.0.2279)
HP Help and Support (Version: 1.1.0)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Quick Launch Buttons (Version: 6.50.14.1)
HP Total Care Advisor (Version: 1.1.19)
HP Update (Version: 5.003.001.001)
HP User Guides 0041 (Version: 1.03.0002)
HP Wireless Assistant (Version: 3.00 H3)
HPAsset component for HP Active Support Library (Version: 3.0.0.6)
HPNetworkAssistant (Version: 1.1.70)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
LeapFrog Connect (Version: 2.9.1.11093)
LightScribe 1.4.136.1 (Version: 1.4.136.1)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Webcam Software (Version: 12.00.1280)
Logitech Webcam Software Driver Package (Version: 12.0.1278)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft AutoRoute 2007 (Version: 14.0.09.1100)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Streets & Trips 2007 with GPS Locator (Version: 14.0.09.1100)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSCU for Microsoft Vista (Version: 1.0.1.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My HP Games (Version: HPLAP0503)
Nokia Connectivity Cable Driver (Version: 6.86.11.0)
Nokia Flashing Cable Driver (Version: 8.6.0.2)
Nokia Map Loader (Version: 1.3.0)
Nokia NSeries Application Installer (Version: 6.84.2112)
Nokia NSeries Application Installer 6.84.2112
Nokia NSeries Content Copier (Version: 6.84.2112)
Nokia NSeries Content Copier 6.84.2112
Nokia Photos (Version: 1.1.106)
NVIDIA Drivers (Version: 1.4)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OverDrive Media Console (Version: 3.2.5)
PC Connectivity Solution (Version: 7.37.25.0)
Peggle Deluxe
Peggle Nights
PSSWCORE (Version: 2.00.5000)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.66.71.0)
QuickTime 3.0
Reader Rabbit Kindergarten
RealSpeak Solo for UK English Emily (Version: 4.00.0000)
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Sentinel Protection Installer 7.4.0 (Version: 7.4.0)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Snood 4
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 11.0.7.0)
Ultra Defragmenter (Version: 4.4.0)
Unity Web Player (Version: 2.6.1f3_31223)
Vongo (Version: 1.51.1)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 1981.87 MB
Available physical RAM: 1126.2 MB
Total Pagefile: 4207.03 MB
Available Pagefile: 3206.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.87 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:66.42 GB) (Free:12.94 GB) NTFS
2 Drive d: (PRESARIO_RP) (Fixed) (Total:8.11 GB) (Free:1.75 GB) NTFS

========================= Users: ========================================

User accounts for \\MCDONALD

Administrator Duncan Guest
Mark Nonie Sayer

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#6 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 02:58 PM

BTW, the redirect happens in both Google and Bing. When I try yahoo I get an error page telling me that there is a 999 problem and advising that I run a search for spy or malware. I'm about to check things out in IE as well.

#7 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 03:09 PM

Same results in IE for those three search engines.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:28 PM

Posted 23 January 2012 - 04:39 PM

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).




Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 23 January 2012 - 06:19 PM

Your HOSTS file may be infected.
Reset the HOSTS file


Did this.

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


GooredFix by jpshortstuff (03.07.10.1)
Log created at 13:53 on 23/01/2012 (Nonie)
Firefox version 9.0.1 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [15:10 12/01/2012]
{AB2CE124-6272-4b12-94A9-7303C7397BD1} [04:18 20/02/2010]

C:\Users\Nonie\Application Data\Mozilla\Firefox\Profiles\xiu03mlm.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b} [04:13 12/05/2010]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [01:39 16/08/2009]
"navitfound@apisphere.com"="C:\Program Files\Apisphere\Geomate.Jr Software Kit\XPCOM\NavitFound\" [20:29 10/03/2011]
"navitloader@apisphere.com"="C:\Program Files\Apisphere\Geomate.Jr Software Kit\XPCOM\NavitLoader\" [20:30 10/03/2011]

-=E.O.F=-

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:

On completion of the scan click "Save log", save it to your desktop and post in your next reply:

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-23 14:39:57
-----------------------------
14:39:57.984 OS Version: Windows 6.0.6002 Service Pack 2
14:39:57.984 Number of processors: 2 586 0x6801
14:39:57.984 ComputerName: MCDONALD UserName: Nonie
14:40:04.848 Initialize success
14:40:35.892 AVAST engine defs: 12012301
14:41:02.194 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
14:41:02.194 Disk 0 Vendor: Hitachi_ SB2O Size: 76319MB BusType: 6
14:41:02.209 Disk 0 MBR read successfully
14:41:02.225 Disk 0 MBR scan
14:41:02.318 Disk 0 unknown MBR code
14:41:02.318 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 68009 MB offset 63
14:41:02.474 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8307 MB offset 139283550
14:41:02.537 Disk 0 scanning sectors +156296385
14:41:02.630 Disk 0 scanning C:\Windows\system32\drivers
14:41:41.459 Service scanning
14:41:44.048 Modules scanning
14:41:56.856 Disk 0 trace - called modules:
14:41:56.887 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys dxgkrnl.sys nvlddmkm.sys
14:41:57.418 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85637918]
14:41:57.433 3 CLASSPNP.SYS[87da78b3] -> nt!IofCallDriver -> [0x84fed020]
14:41:57.449 5 acpi.sys[8060c6bc] -> nt!IofCallDriver -> \Device\00000066[0x84b92468]
14:41:58.556 AVAST engine scan C:\Windows
14:42:04.188 AVAST engine scan C:\Windows\system32
14:49:13.890 File: C:\Windows\system32\dplaysvr.exe **HIDDEN**
14:49:14.124 File: C:\Windows\system32\dplayx.dll **HIDDEN**
14:49:16.792 AVAST engine scan C:\Windows\system32\drivers
14:49:48.272 AVAST engine scan C:\Users\Nonie
14:56:57.319 File: C:\Users\Nonie\AppData\Local\dplaysvr.exe **INFECTED** Win32:Downloader-MLR [Trj]
14:56:57.335 File: C:\Users\Nonie\AppData\Local\dplaysvr.exe **HIDDEN**
14:56:57.522 File: C:\Users\Nonie\AppData\Local\dplayx.dll **INFECTED** Win32:Downloader-MLR [Trj]
14:56:57.553 File: C:\Users\Nonie\AppData\Local\dplayx.dll **HIDDEN**
14:57:00.065 AVAST engine scan C:\ProgramData
15:01:19.493 Scan finished successfully
15:01:30.444 Disk 0 MBR has been saved successfully to "C:\Users\Nonie\Desktop\MBR.dat"
15:01:30.460 The log file has been saved successfully to "C:\Users\Nonie\Desktop\aswMBR.txt"

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:28 PM

Posted 23 January 2012 - 06:45 PM

OK, you have a few rootkits and need to have then removed.
Please go here....
Preparation Guide .

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Skip the GMER step,post the aswNBR you posted earlier.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 aineoin

aineoin
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 24 January 2012 - 01:10 AM

I'm working my way through the preparation guide and am currently ready to run the DDS program. The guide has been extremely clear about how to do each of the steps involved, except when it says to disable any script-blocking programs. I don't know how to do this, and the guide gives no instructions. Are there any instructions anywhere so that I can insure that running the DDS program does what it's supposed to and encounters no interference from script-blocking programs?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:28 PM

Posted 24 January 2012 - 08:04 PM

Basically ,tirn off your Antivirus while you run DDS and Gmer.. Then put it back on.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users