Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System check virus/Google re-direct


  • This topic is locked This topic is locked
14 replies to this topic

#1 nick10v

nick10v

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 19 February 2012 - 12:51 PM

Hey there,

Just read a similar post and looks like people are experiencing the same problem/virus.

Was on the internet last night browsing, all of a sudden fake alert windows appeared followed by a fake system check box - http://trojan-killer.net/wp-content/uploads/SystemCheck.jpg

After following the instructions I read on this site: http://www.myantispyware.com/2012/01/02/how-to-remove-system-check-virus/

I managed to install Malwarebytes and remove some infected files. I downloaded TDSSKiller but was unable to open it from my desktop, even though I changed the name.

Ran combofix but unsure is it suceeded.

Basically, the system check windows have all gone, but my internet is messed up with re-directs, spam pages, etc. Firefox also keeps closing and my OS: Windows Vista often crashes with a blue page and computer restart.

How do I fix this?

Thanks in advance.

BC AdBot (Login to Remove)

 


#2 nick10v

nick10v
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 19 February 2012 - 01:25 PM

Will post logs up in 10min

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 20 February 2012 - 01:05 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 nick10v

nick10v
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 23 February 2012 - 10:21 AM

Will post logs in 5minutes. Thanks

#5 nick10v

nick10v
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 23 February 2012 - 10:29 AM

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Nick at 15:18:29 on 2012-02-23
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.1977.821 [GMT 0:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerEvent.exe
C:\Users\Nick\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG9\avgcfgex.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=0709&m=e525
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=0709&m=e525
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=0709&m=e525
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [AdobeBridge]
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Media Finder] c:\program files\media finder\MF.exe /opentotray
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [Acer ePower Management] c:\program files\emachines\emachines power management\ePowerTray.exe
mRun: [WarReg_PopUp] c:\program files\emachines\wr_popup\WarReg_PopUp.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot
StartupFolder: c:\users\nick\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Media Finder - c:\program files\media finder\hook.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C3AC2C08-618A-4156-896E-6A99AF6A9586} : DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{FC3164EB-7DC9-4C7A-A6AD-6A7A7620A448} : DhcpNameServer = 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\nick\appdata\roaming\mozilla\firefox\profiles\sebn9b53.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.accept-encoding -
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-2-22 64512]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-2-16 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-2-16 29712]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-2-16 243152]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-18 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-18 308136]
R2 ePowerSvc;Acer ePower Service;c:\program files\emachines\emachines power management\ePowerSvc.exe [2009-7-12 723488]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2009-12-8 3616768]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C60x86.sys [2009-3-11 49664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-8 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-8-18 2151640]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-8 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-8-18 15232]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-12-5 86824]
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\drivers\gtkdrv.sys [2012-1-4 16128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-02-22 15:58:04 129536 ----a-w- c:\programdata\microsoft\windows\drm\68C1.tmp
2012-02-22 15:57:59 -------- d-----w- c:\users\nick\appdata\local\xenqpsqm
2012-02-22 01:33:26 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-02-22 01:33:12 -------- d-----w- c:\program files\Lavasoft
2012-02-21 15:24:17 128000 ----a-w- c:\programdata\microsoft\windows\drm\560C.tmp
2012-02-21 15:24:15 128000 ----a-w- c:\programdata\microsoft\windows\drm\4FC5.tmp
2012-02-21 15:24:13 128000 ----a-w- c:\programdata\microsoft\windows\drm\44BE.tmp
2012-02-19 20:00:07 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-02-19 20:00:07 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-02-19 19:38:15 -------- d-----w- c:\users\nick\appdata\roaming\Simply Super Software
2012-02-19 19:38:15 -------- d-----w- c:\programdata\Simply Super Software
2012-02-19 17:35:20 -------- dc----w- C:\079a61b04dda315617ebda4ae64b5a02
2012-02-18 21:56:11 98816 ----a-w- c:\windows\sed.exe
2012-02-18 21:56:11 518144 ----a-w- c:\windows\SWREG.exe
2012-02-18 21:56:11 256000 ----a-w- c:\windows\PEV.exe
2012-02-18 21:56:11 208896 ----a-w- c:\windows\MBR.exe
2012-02-18 21:54:28 -------- dcs---w- C:\ComboFix
2012-02-18 21:50:42 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-02-18 21:50:42 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-02-18 21:50:42 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-02-18 21:50:42 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-02-18 21:50:42 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2012-02-18 21:50:40 -------- d-----w- c:\program files\Trojan Remover
2012-02-18 20:21:22 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2012-02-18 19:48:42 -------- d-----w- c:\users\nick\appdata\roaming\Malwarebytes
2012-02-18 19:48:31 -------- d-----w- c:\programdata\Malwarebytes
2012-02-18 19:48:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-18 19:13:42 712976 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-02-17 03:01:09 -------- dc----w- C:\b92218e5462abac91756
2012-02-16 03:17:22 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 03:17:20 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 03:15:42 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-02-14 18:25:36 -------- d-----w- c:\program files\FLV to MP4 Converter
2012-02-12 23:22:30 -------- d-----w- c:\program files\PSPad editor
2012-02-10 20:03:47 -------- d-----w- c:\users\nick\appdata\roaming\Media Finder
2012-02-03 17:30:24 -------- d-----w- c:\users\nick\appdata\local\Microsoft Help
.
==================== Find3M ====================
.
2012-01-16 03:19:37 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-04 14:28:36 16128 ----a-w- c:\windows\system32\drivers\gtkdrv.sys
2011-11-25 15:59:48 376320 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 15:27:12.63 ===============

#6 nick10v

nick10v
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 23 February 2012 - 10:31 AM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 12/07/2009 01:47:02
System Uptime: 23/02/2012 15:13:32 (0 hours ago)
.
Motherboard: eMachines | | eMachines E525
Processor: Intel® Celeron® CPU 900 @ 2.20GHz | uPGA-478 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 15.336 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.3.3
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
AVG Free 9.0
Bonjour
Compatibility Pack for the 2007 Office system
Connect
Defraggler
DivX Setup
eMachines Power Management
eMachines Recovery Management
eMachines ScreenSaver
FileZilla Client 3.5.3
FLV to MP4 Converter 2009.2.20
Football Manager 2011
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java™ 6 Update 22
Java™ 6 Update 27
Junk Mail filter update
K-Lite Codec Pack 6.9.0 (Basic)
kuler
Launch Manager
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MKV Player 1.0
Mozilla Firefox 10.0.2 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Native Instruments Audio 2 DJ Driver
Native Instruments Audio 4 DJ Driver
Native Instruments Audio 8 DJ Driver
Native Instruments Controller Editor
Native Instruments Service Center
Native Instruments Traktor
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
OGA Notifier 2.0.0048.0
OpenOffice.org 3.3
PDF Settings CS4
Photoshop Camera Raw
PSPad editor
QuickTime
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 4.2
Speccy
Spotify
Spybot - Search & Destroy
Suite Shared Configuration CS4
Synaptics Pointing Device Driver
Trojan Killer
Trojan Remover 6.8.2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.18
VLC media player 1.0.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
23/02/2012 15:27:04, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
23/02/2012 15:15:14, Error: Microsoft-Windows-WMPNSS-Service [14344] - A new media server was not initialized because WMCreateDeviceRegistration() encountered error '0xc00d2767'. The Windows Media DRM components on your computer might be corrupted. Verify that protected files play correctly in Windows Media Player, and then restart the WMPNetworkSvc service.
23/02/2012 13:54:40, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
23/02/2012 13:54:12, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
23/02/2012 13:53:38, Error: disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
.
==== End Of File ===========================

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 23 February 2012 - 11:40 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 26 February 2012 - 12:54 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 nick10v

nick10v
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 26 February 2012 - 10:43 AM

Gringo, I followed your steps and ran combo fix. A black MS box openeing, called user scan or something and started declaring the stages. It took almost an hour to reach stage 45, but the computer just froze...I have just restarted.
At present, the only visible infection are internet, and more specifically google re-directs.

Nick

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 26 February 2012 - 12:14 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 29 February 2012 - 11:54 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 nick10v

nick10v
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 29 February 2012 - 06:14 PM

Hello there Gringo, sorry for the late reply. I found one virus with TDSS Killer, removed it but cannot remember the name. My computer restarted so here is the log I found in C:

22:39:05.0469 0780 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
22:39:05.0680 0780 ============================================================
22:39:05.0680 0780 Current date / time: 2012/02/29 22:39:05.0680
22:39:05.0680 0780 SystemInfo:
22:39:05.0680 0780
22:39:05.0680 0780 OS Version: 6.0.6002 ServicePack: 2.0
22:39:05.0680 0780 Product type: Workstation
22:39:05.0680 0780 ComputerName: NICK-PC
22:39:05.0680 0780 UserName: Nick
22:39:05.0681 0780 Windows directory: C:\Windows
22:39:05.0681 0780 System windows directory: C:\Windows
22:39:05.0681 0780 Processor architecture: Intel x86
22:39:05.0681 0780 Number of processors: 1
22:39:05.0681 0780 Page size: 0x1000
22:39:05.0681 0780 Boot type: Normal boot
22:39:05.0681 0780 ============================================================
22:39:08.0026 0780 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:39:08.0074 0780 \Device\Harddisk0\DR0:
22:39:08.0075 0780 MBR used
22:39:08.0075 0780 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1402800, BlocksNum 0x38F83000
22:39:08.0226 0780 Initialize success
22:39:08.0226 0780 ============================================================
22:39:16.0642 7976 ============================================================
22:39:16.0642 7976 Scan started
22:39:16.0642 7976 Mode: Manual;
22:39:16.0642 7976 ============================================================
22:39:19.0037 7976 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:39:19.0084 7976 ACPI - ok
22:39:19.0237 7976 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
22:39:19.0240 7976 adfs - ok
22:39:19.0392 7976 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:39:19.0415 7976 adp94xx - ok
22:39:19.0526 7976 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:39:19.0532 7976 adpahci - ok
22:39:19.0567 7976 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:39:19.0602 7976 adpu160m - ok
22:39:19.0622 7976 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:39:19.0626 7976 adpu320 - ok
22:39:19.0755 7976 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:39:19.0790 7976 AFD - ok
22:39:19.0919 7976 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:39:19.0922 7976 agp440 - ok
22:39:20.0007 7976 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:39:20.0061 7976 aic78xx - ok
22:39:20.0110 7976 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:39:20.0113 7976 aliide - ok
22:39:20.0194 7976 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:39:20.0197 7976 amdagp - ok
22:39:20.0234 7976 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:39:20.0236 7976 amdide - ok
22:39:20.0295 7976 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:39:20.0298 7976 AmdK7 - ok
22:39:20.0320 7976 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:39:20.0323 7976 AmdK8 - ok
22:39:20.0389 7976 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:39:20.0392 7976 arc - ok
22:39:20.0455 7976 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:39:20.0458 7976 arcsas - ok
22:39:20.0504 7976 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:39:20.0506 7976 AsyncMac - ok
22:39:20.0560 7976 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:39:20.0560 7976 atapi - ok
22:39:20.0699 7976 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
22:39:20.0707 7976 AvgLdx86 - ok
22:39:20.0749 7976 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\Windows\System32\Drivers\avgmfx86.sys
22:39:20.0753 7976 AvgMfx86 - ok
22:39:21.0041 7976 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\Windows\System32\Drivers\avgtdix.sys
22:39:21.0072 7976 AvgTdiX - ok
22:39:21.0316 7976 BCM43XX (e22abcaa7b6ff580feb0d49545dc4263) C:\Windows\system32\DRIVERS\bcmwl6.sys
22:39:21.0349 7976 BCM43XX - ok
22:39:21.0545 7976 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:39:21.0547 7976 Beep - ok
22:39:21.0732 7976 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:39:21.0734 7976 blbdrive - ok
22:39:21.0825 7976 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:39:21.0829 7976 bowser - ok
22:39:21.0917 7976 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:39:21.0923 7976 BrFiltLo - ok
22:39:21.0976 7976 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:39:22.0072 7976 BrFiltUp - ok
22:39:22.0140 7976 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:39:22.0144 7976 Brserid - ok
22:39:22.0164 7976 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:39:22.0167 7976 BrSerWdm - ok
22:39:22.0223 7976 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:39:22.0226 7976 BrUsbMdm - ok
22:39:22.0273 7976 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:39:22.0276 7976 BrUsbSer - ok
22:39:22.0296 7976 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:39:22.0299 7976 BTHMODEM - ok
22:39:22.0404 7976 catchme - ok
22:39:22.0568 7976 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:39:22.0571 7976 cdfs - ok
22:39:22.0666 7976 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:39:22.0670 7976 cdrom - ok
22:39:22.0760 7976 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:39:22.0763 7976 circlass - ok
22:39:22.0808 7976 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:39:22.0814 7976 CLFS - ok
22:39:22.0939 7976 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
22:39:22.0942 7976 CmBatt - ok
22:39:22.0977 7976 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:39:22.0980 7976 cmdide - ok
22:39:23.0011 7976 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
22:39:23.0014 7976 Compbatt - ok
22:39:23.0067 7976 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:39:23.0070 7976 crcdisk - ok
22:39:23.0119 7976 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:39:23.0123 7976 Crusoe - ok
22:39:23.0262 7976 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:39:23.0268 7976 DfsC - ok
22:39:23.0371 7976 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:39:23.0374 7976 disk - ok
22:39:23.0442 7976 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
22:39:23.0468 7976 DKbFltr - ok
22:39:23.0668 7976 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
22:39:23.0670 7976 DritekPortIO - ok
22:39:23.0757 7976 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:39:23.0760 7976 drmkaud - ok
22:39:23.0859 7976 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:39:23.0926 7976 DXGKrnl - ok
22:39:23.0957 7976 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:39:23.0962 7976 E1G60 - ok
22:39:24.0017 7976 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:39:24.0021 7976 Ecache - ok
22:39:24.0106 7976 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:39:24.0114 7976 elxstor - ok
22:39:24.0167 7976 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:39:24.0170 7976 ErrDev - ok
22:39:24.0228 7976 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:39:24.0232 7976 exfat - ok
22:39:24.0280 7976 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:39:24.0285 7976 fastfat - ok
22:39:24.0377 7976 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:39:24.0380 7976 fdc - ok
22:39:24.0476 7976 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:39:24.0479 7976 FileInfo - ok
22:39:24.0497 7976 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:39:24.0500 7976 Filetrace - ok
22:39:24.0569 7976 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:39:24.0572 7976 flpydisk - ok
22:39:24.0620 7976 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:39:24.0625 7976 FltMgr - ok
22:39:24.0733 7976 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:39:24.0735 7976 Fs_Rec - ok
22:39:24.0769 7976 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:39:24.0772 7976 gagp30kx - ok
22:39:25.0054 7976 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:39:25.0056 7976 GEARAspiWDM - ok
22:39:25.0244 7976 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
22:39:25.0250 7976 HdAudAddService - ok
22:39:25.0310 7976 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:39:25.0334 7976 HDAudBus - ok
22:39:25.0371 7976 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:39:25.0373 7976 HidBth - ok
22:39:25.0430 7976 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:39:25.0433 7976 HidIr - ok
22:39:25.0489 7976 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:39:25.0492 7976 HidUsb - ok
22:39:25.0555 7976 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:39:25.0558 7976 HpCISSs - ok
22:39:25.0614 7976 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
22:39:25.0623 7976 HTTP - ok
22:39:25.0700 7976 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:39:25.0703 7976 i2omp - ok
22:39:25.0752 7976 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:39:25.0756 7976 i8042prt - ok
22:39:25.0847 7976 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:39:25.0852 7976 iaStorV - ok
22:39:26.0157 7976 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:39:26.0682 7976 igfx - ok
22:39:27.0462 7976 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:39:27.0466 7976 iirsp - ok
22:39:27.0689 7976 IntcAzAudAddService (84ed2154239f9d013bbd3220755ada8b) C:\Windows\system32\drivers\RTKVHDA.sys
22:39:28.0043 7976 IntcAzAudAddService - ok
22:39:28.0164 7976 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:39:28.0166 7976 intelide - ok
22:39:28.0223 7976 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:39:28.0226 7976 intelppm - ok
22:39:28.0275 7976 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:39:28.0278 7976 IpFilterDriver - ok
22:39:28.0297 7976 IpInIp - ok
22:39:28.0331 7976 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:39:28.0334 7976 IPMIDRV - ok
22:39:28.0352 7976 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:39:28.0356 7976 IPNAT - ok
22:39:28.0403 7976 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:39:28.0405 7976 IRENUM - ok
22:39:28.0431 7976 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:39:28.0434 7976 isapnp - ok
22:39:28.0481 7976 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:39:28.0486 7976 iScsiPrt - ok
22:39:28.0547 7976 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:39:28.0550 7976 iteatapi - ok
22:39:28.0588 7976 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:39:28.0590 7976 iteraid - ok
22:39:28.0627 7976 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:39:28.0630 7976 kbdclass - ok
22:39:28.0710 7976 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:39:28.0713 7976 kbdhid - ok
22:39:28.0776 7976 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:39:28.0798 7976 KSecDD - ok
22:39:28.0845 7976 L1C (e7ec4dc9192166e7adb76c9fe3f10709) C:\Windows\system32\DRIVERS\L1C60x86.sys
22:39:28.0868 7976 L1C - ok
22:39:29.0011 7976 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
22:39:29.0034 7976 Lavasoft Kernexplorer - ok
22:39:29.0764 7976 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
22:39:29.0767 7976 Lbd - ok
22:39:29.0872 7976 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:39:29.0876 7976 lltdio - ok
22:39:29.0969 7976 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:39:29.0977 7976 LSI_FC - ok
22:39:30.0043 7976 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:39:30.0048 7976 LSI_SAS - ok
22:39:30.0109 7976 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:39:30.0113 7976 LSI_SCSI - ok
22:39:30.0147 7976 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:39:30.0152 7976 luafv - ok
22:39:30.0360 7976 LVUVC (37e57c48af530df01cdd4e8a2ad77b51) C:\Windows\system32\DRIVERS\lvuvc.sys
22:39:30.0443 7976 LVUVC - ok
22:39:30.0489 7976 mcdbus - ok
22:39:30.0558 7976 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:39:30.0560 7976 megasas - ok
22:39:30.0629 7976 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:39:30.0637 7976 MegaSR - ok
22:39:30.0704 7976 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:39:30.0706 7976 Modem - ok
22:39:30.0749 7976 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:39:30.0752 7976 monitor - ok
22:39:30.0779 7976 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:39:30.0781 7976 mouclass - ok
22:39:30.0837 7976 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:39:30.0839 7976 mouhid - ok
22:39:30.0878 7976 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:39:30.0880 7976 MountMgr - ok
22:39:30.0904 7976 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:39:30.0908 7976 mpio - ok
22:39:30.0939 7976 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:39:30.0942 7976 mpsdrv - ok
22:39:30.0971 7976 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:39:30.0974 7976 Mraid35x - ok
22:39:31.0025 7976 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:39:31.0032 7976 MRxDAV - ok
22:39:31.0086 7976 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:39:31.0090 7976 mrxsmb - ok
22:39:31.0138 7976 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:39:31.0144 7976 mrxsmb10 - ok
22:39:31.0171 7976 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:39:31.0175 7976 mrxsmb20 - ok
22:39:31.0230 7976 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
22:39:31.0233 7976 msahci - ok
22:39:31.0286 7976 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:39:31.0289 7976 msdsm - ok
22:39:31.0339 7976 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:39:31.0342 7976 Msfs - ok
22:39:31.0371 7976 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:39:31.0373 7976 msisadrv - ok
22:39:31.0459 7976 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:39:31.0463 7976 MSKSSRV - ok
22:39:31.0502 7976 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:39:31.0505 7976 MSPCLOCK - ok
22:39:31.0540 7976 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:39:31.0544 7976 MSPQM - ok
22:39:31.0598 7976 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:39:31.0605 7976 MsRPC - ok
22:39:31.0640 7976 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:39:31.0644 7976 mssmbios - ok
22:39:31.0694 7976 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:39:31.0698 7976 MSTEE - ok
22:39:31.0744 7976 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:39:31.0747 7976 Mup - ok
22:39:31.0853 7976 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:39:31.0859 7976 NativeWifiP - ok
22:39:31.0906 7976 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:39:31.0933 7976 NDIS - ok
22:39:31.0977 7976 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:39:31.0982 7976 NdisTapi - ok
22:39:32.0020 7976 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:39:32.0024 7976 Ndisuio - ok
22:39:32.0076 7976 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:39:32.0085 7976 NdisWan - ok
22:39:32.0163 7976 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:39:32.0167 7976 NDProxy - ok
22:39:32.0213 7976 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:39:32.0217 7976 NetBIOS - ok
22:39:32.0267 7976 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:39:32.0274 7976 netbt - ok
22:39:32.0386 7976 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:39:32.0390 7976 nfrd960 - ok
22:39:32.0546 7976 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:39:32.0589 7976 Npfs - ok
22:39:32.0725 7976 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:39:32.0728 7976 nsiproxy - ok
22:39:32.0826 7976 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:39:32.0867 7976 Ntfs - ok
22:39:32.0950 7976 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
22:39:32.0977 7976 NTIDrvr - ok
22:39:33.0060 7976 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:39:33.0064 7976 ntrigdigi - ok
22:39:33.0122 7976 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:39:33.0125 7976 Null - ok
22:39:33.0173 7976 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:39:33.0178 7976 nvraid - ok
22:39:33.0205 7976 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:39:33.0209 7976 nvstor - ok
22:39:33.0271 7976 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:39:33.0276 7976 nv_agp - ok
22:39:33.0298 7976 NwlnkFlt - ok
22:39:33.0322 7976 NwlnkFwd - ok
22:39:33.0372 7976 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
22:39:33.0377 7976 ohci1394 - ok
22:39:33.0499 7976 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:39:33.0505 7976 Parport - ok
22:39:33.0550 7976 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:39:33.0553 7976 partmgr - ok
22:39:33.0583 7976 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:39:33.0587 7976 Parvdm - ok
22:39:33.0660 7976 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:39:33.0666 7976 pci - ok
22:39:33.0708 7976 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
22:39:33.0712 7976 pciide - ok
22:39:33.0768 7976 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:39:33.0775 7976 pcmcia - ok
22:39:33.0893 7976 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:39:33.0921 7976 PEAUTH - ok
22:39:34.0024 7976 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:39:34.0029 7976 PptpMiniport - ok
22:39:34.0110 7976 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:39:34.0114 7976 Processor - ok
22:39:34.0175 7976 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:39:34.0180 7976 PSched - ok
22:39:34.0290 7976 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:39:34.0333 7976 ql2300 - ok
22:39:34.0409 7976 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:39:34.0415 7976 ql40xx - ok
22:39:34.0454 7976 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:39:34.0463 7976 QWAVEdrv - ok
22:39:34.0531 7976 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:39:34.0534 7976 RasAcd - ok
22:39:34.0569 7976 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:39:34.0575 7976 Rasl2tp - ok
22:39:34.0653 7976 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:39:34.0656 7976 RasPppoe - ok
22:39:34.0722 7976 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:39:34.0727 7976 RasSstp - ok
22:39:34.0786 7976 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:39:34.0795 7976 rdbss - ok
22:39:34.0826 7976 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:39:34.0830 7976 RDPCDD - ok
22:39:34.0877 7976 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:39:34.0889 7976 rdpdr - ok
22:39:34.0915 7976 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:39:34.0918 7976 RDPENCDD - ok
22:39:34.0980 7976 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
22:39:34.0986 7976 RDPWD - ok
22:39:35.0112 7976 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:39:35.0116 7976 rspndr - ok
22:39:35.0175 7976 RTSTOR (d97d8259293b7a82cb891f37f997df3f) C:\Windows\system32\drivers\RTSTOR.SYS
22:39:35.0216 7976 RTSTOR - ok
22:39:35.0281 7976 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys
22:39:35.0286 7976 s1018bus - ok
22:39:35.0340 7976 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:39:35.0346 7976 sbp2port - ok
22:39:35.0418 7976 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:39:35.0421 7976 secdrv - ok
22:39:35.0456 7976 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:39:35.0460 7976 Serenum - ok
22:39:35.0503 7976 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:39:35.0509 7976 Serial - ok
22:39:35.0556 7976 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:39:35.0560 7976 sermouse - ok
22:39:35.0621 7976 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:39:35.0626 7976 sffdisk - ok
22:39:35.0652 7976 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:39:35.0656 7976 sffp_mmc - ok
22:39:35.0682 7976 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:39:35.0686 7976 sffp_sd - ok
22:39:35.0724 7976 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:39:35.0727 7976 sfloppy - ok
22:39:35.0762 7976 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:39:35.0767 7976 sisagp - ok
22:39:35.0810 7976 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:39:35.0814 7976 SiSRaid2 - ok
22:39:35.0841 7976 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:39:35.0845 7976 SiSRaid4 - ok
22:39:35.0926 7976 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:39:35.0931 7976 Smb - ok
22:39:35.0984 7976 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:39:35.0988 7976 spldr - ok
22:39:36.0134 7976 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\System32\Drivers\sptd.sys
22:39:36.0205 7976 sptd - ok
22:39:36.0257 7976 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:39:36.0281 7976 srv - ok
22:39:36.0331 7976 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:39:36.0338 7976 srv2 - ok
22:39:36.0386 7976 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:39:36.0391 7976 srvnet - ok
22:39:36.0520 7976 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:39:36.0522 7976 swenum - ok
22:39:36.0591 7976 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:39:36.0594 7976 Symc8xx - ok
22:39:36.0622 7976 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:39:36.0625 7976 Sym_hi - ok
22:39:36.0642 7976 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:39:36.0645 7976 Sym_u3 - ok
22:39:36.0681 7976 SynTP (32c0296ae115906679d94957f501e8db) C:\Windows\system32\DRIVERS\SynTP.sys
22:39:36.0687 7976 SynTP - ok
22:39:36.0795 7976 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
22:39:36.0818 7976 Tcpip - ok
22:39:36.0856 7976 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
22:39:36.0863 7976 Tcpip6 - ok
22:39:36.0922 7976 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
22:39:36.0925 7976 tcpipreg - ok
22:39:36.0967 7976 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:39:36.0970 7976 TDPIPE - ok
22:39:36.0987 7976 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:39:36.0993 7976 TDTCP - ok
22:39:37.0064 7976 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:39:37.0067 7976 tdx - ok
22:39:37.0177 7976 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:39:37.0180 7976 TermDD - ok
22:39:37.0286 7976 TrojanKillerDriver (113384367c3999e084fe156b18c7625e) C:\Windows\system32\DRIVERS\gtkdrv.sys
22:39:37.0288 7976 TrojanKillerDriver - ok
22:39:37.0339 7976 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:39:37.0342 7976 tssecsrv - ok
22:39:37.0383 7976 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:39:37.0386 7976 tunmp - ok
22:39:37.0429 7976 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:39:37.0439 7976 tunnel - ok
22:39:37.0456 7976 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:39:37.0459 7976 uagp35 - ok
22:39:37.0497 7976 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
22:39:37.0500 7976 UBHelper - ok
22:39:37.0562 7976 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:39:37.0570 7976 udfs - ok
22:39:37.0627 7976 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:39:37.0631 7976 uliagpkx - ok
22:39:37.0671 7976 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:39:37.0679 7976 uliahci - ok
22:39:37.0761 7976 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:39:37.0798 7976 UlSata - ok
22:39:37.0894 7976 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:39:37.0900 7976 ulsata2 - ok
22:39:37.0934 7976 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:39:37.0938 7976 umbus - ok
22:39:38.0102 7976 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
22:39:38.0141 7976 USBAAPL - ok
22:39:38.0223 7976 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
22:39:38.0227 7976 usbaudio - ok
22:39:38.0317 7976 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:39:38.0322 7976 usbccgp - ok
22:39:38.0373 7976 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:39:38.0380 7976 usbcir - ok
22:39:38.0458 7976 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:39:38.0463 7976 usbehci - ok
22:39:38.0515 7976 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:39:38.0522 7976 usbhub - ok
22:39:38.0556 7976 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:39:38.0560 7976 usbohci - ok
22:39:38.0611 7976 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:39:38.0614 7976 usbprint - ok
22:39:38.0747 7976 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:39:38.0751 7976 usbscan - ok
22:39:38.0848 7976 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:39:38.0851 7976 USBSTOR - ok
22:39:38.0930 7976 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:39:38.0933 7976 usbuhci - ok
22:39:39.0036 7976 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:39:39.0042 7976 usbvideo - ok
22:39:39.0143 7976 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:39:39.0148 7976 vga - ok
22:39:39.0196 7976 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:39:39.0200 7976 VgaSave - ok
22:39:39.0227 7976 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:39:39.0232 7976 viaagp - ok
22:39:39.0281 7976 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:39:39.0292 7976 ViaC7 - ok
22:39:39.0325 7976 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:39:39.0328 7976 viaide - ok
22:39:39.0359 7976 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:39:39.0363 7976 volmgr - ok
22:39:39.0417 7976 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:39:39.0437 7976 volmgrx - ok
22:39:39.0487 7976 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:39:39.0496 7976 volsnap - ok
22:39:39.0541 7976 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:39:39.0546 7976 vsmraid - ok
22:39:39.0589 7976 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:39:39.0592 7976 WacomPen - ok
22:39:39.0642 7976 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:39:39.0646 7976 Wanarp - ok
22:39:39.0656 7976 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:39:39.0657 7976 Wanarpv6 - ok
22:39:39.0696 7976 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:39:39.0699 7976 Wd - ok
22:39:39.0743 7976 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:39:39.0769 7976 Wdf01000 - ok
22:39:39.0904 7976 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:39:39.0907 7976 WmiAcpi - ok
22:39:40.0031 7976 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:39:40.0034 7976 WpdUsb - ok
22:39:40.0115 7976 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:39:40.0118 7976 ws2ifsl - ok
22:39:40.0205 7976 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:39:40.0210 7976 WUDFRd - ok
22:39:40.0336 7976 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:39:40.0373 7976 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
22:39:40.0373 7976 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
22:39:40.0413 7976 Boot (0x1200) (6616bf2a02bba7e09feb64f7cdab7b6b) \Device\Harddisk0\DR0\Partition0
22:39:40.0417 7976 \Device\Harddisk0\DR0\Partition0 - ok
22:39:40.0421 7976 ============================================================
22:39:40.0421 7976 Scan finished
22:39:40.0421 7976 ============================================================
22:39:40.0437 5896 Detected object count: 1
22:39:40.0437 5896 Actual detected object count: 1
22:40:04.0174 5896 \Device\Harddisk0\DR0\# - copied to quarantine
22:40:04.0175 5896 \Device\Harddisk0\DR0 - copied to quarantine
22:40:04.0391 5896 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
22:40:04.0393 5896 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
22:40:04.0396 5896 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
22:40:04.0398 5896 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
22:40:04.0400 5896 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
22:40:04.0402 5896 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
22:40:04.0405 5896 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
22:40:04.0407 5896 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
22:40:04.0409 5896 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
22:40:04.0450 5896 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:40:04.0460 5896 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:40:04.0462 5896 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:40:04.0465 5896 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:40:04.0466 5896 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
22:40:04.0468 5896 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
22:40:04.0471 5896 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
22:40:04.0494 5896 \Device\Harddisk0\DR0\TDLFS\com32 - copied to quarantine
22:40:04.0499 5896 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
22:40:04.0503 5896 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
22:40:04.0505 5896 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
22:40:04.0517 5896 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
22:40:04.0556 5896 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
22:40:04.0570 5896 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
22:40:04.0573 5896 \Device\Harddisk0\DR0 - ok
22:40:06.0111 5896 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
22:41:10.0225 6716 Deinitialize success

Here is the aswMBR log, it found one infection called: C:\Users\Nick\AppData\Local\Babylon\Setup\BabylonTBUpdater.dll **INFECTED** Win32:Ramnit-AC [Drp]

LOG:

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-29 22:57:50
-----------------------------
22:57:50.251 OS Version: Windows 6.0.6002 Service Pack 2
22:57:50.251 Number of processors: 1 586 0x170A
22:57:50.252 ComputerName: NICK-PC UserName: Nick
22:58:16.256 Initialize success
23:02:11.309 AVAST engine defs: 12022901
23:04:18.763 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:04:18.765 Disk 0 Vendor: WDC_WD5000BEVT-22ZAT0 01.01A01 Size: 476940MB BusType: 3
23:04:18.791 Disk 0 MBR read successfully
23:04:18.794 Disk 0 MBR scan
23:04:18.848 Disk 0 Windows VISTA default MBR code
23:04:18.851 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10244 MB offset 63
23:04:18.901 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 466694 MB offset 20981760
23:04:18.911 Disk 0 scanning sectors +976771072
23:04:18.994 Disk 0 scanning C:\Windows\system32\drivers
23:04:35.105 Service scanning
23:04:59.314 Modules scanning
23:05:05.791 Disk 0 trace - called modules:
23:05:05.821 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
23:05:05.829 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x855af2f0]
23:05:05.835 3 CLASSPNP.SYS[87fab8b3] -> nt!IofCallDriver -> [0x84400c28]
23:05:05.840 5 acpi.sys[806956bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x843d78a0]
23:05:09.299 AVAST engine scan C:\Windows
23:05:17.155 AVAST engine scan C:\Windows\system32
23:09:40.195 AVAST engine scan C:\Windows\system32\drivers
23:09:57.194 AVAST engine scan C:\Users\Nick
23:09:59.536 File: C:\Users\Nick\AppData\Local\Babylon\Setup\BabylonTBUpdater.dll **INFECTED** Win32:Ramnit-AC [Drp]
23:12:35.447 Disk 0 MBR has been saved successfully to "C:\Users\Nick\Desktop\MBR.dat"
23:12:35.456 The log file has been saved successfully to "C:\Users\Nick\Desktop\aswMBR.txt"

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 01 March 2012 - 12:10 PM

Hello


Now I would like you to try Combofix again


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 03 March 2012 - 11:36 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:39 PM

Posted 07 March 2012 - 11:34 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users