Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can only connect to the Web with Internet Explorer 64 bit. Cannot connect with Firefox or Internet Explorer


  • This topic is locked This topic is locked
7 replies to this topic

#1 alshaheen002

alshaheen002

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 25 February 2012 - 11:06 AM

Thanks for reading my post!

Using Windows Vista Home Premium Edition, Sevice Pack 2

For about three days now, I haven't been able to access the internet except through Internet Explore 64bit. When I try to connect with Firefox, whatever website I attempt to load comes up as "The connection was reset". When I try to connect with Internet Explore (32bit), I get the message: "Internet Explorer cannot display the webpage". Also uTorrent cannot connect. I tried logging onto Firefox and IE from other computers in my house and had no problem. I also tried my computer on a different network and had the same problems.

I first noticed the problem when I upgraded to the latest edition of uTorrent. I checked for any updates with Windows, ran scans using AVG and Spyware Doctor, uninstalled uTorrent, tried uninstalling and re-installing Firefox, ran Firefox in safe mode, turned off Windows Firewall, and disabled AVG. I haven't had any luck yet. Where should I go from here?

Thanks,
AL

Edited by hamluis, 25 February 2012 - 12:26 PM.
Moved from Vista to Am I Infected.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 26 February 2012 - 11:32 PM

Hello, lets look at a few logs as using uTorrent can bring in many things.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

>>>
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 alshaheen002

alshaheen002
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 27 February 2012 - 09:10 PM

Thanks, Boopme, I appreciate the help! I rebooted and checked Firefox, no luck yet.

Here are the results of the three scans:


MiniToolBox

MiniToolBox by Farbar Version: 18-01-2012
Ran by Albert (administrator) on 27-02-2012 at 14:02:48
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Albert-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mshome.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
Physical Address. . . . . . . . . : 00-25-56-40-69-1C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2dd4:8935:ca28:fc25%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, February 27, 2012 13:51:40
Lease Expires . . . . . . . . . . : Tuesday, February 28, 2012 13:51:40
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 268445014
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-CD-14-B2-00-23-8B-D3-6A-F5
DNS Servers . . . . . . . . . . . : fe80::2ce4:ca84:308f:49cd%11
192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
mshome.net

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ct.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-23-8B-D3-6A-F5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : isatap.{B371D844-BA53-42CE-ADB2-55A3DF7E6908}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c88:2597:3f57:fff7(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c88:2597:3f57:fff7%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.hsd1.ct.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: fe80::2ce4:ca84:308f:49cd

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging google.com [74.125.226.163] with 32 bytes of data:Reply from 74.125.226.163: bytes=32 time=311ms TTL=56Reply from 74.125.226.163: bytes=32 time=399ms TTL=56Ping statistics for 74.125.226.163: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 311ms, Maximum = 399ms, Average = 355msDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: fe80::2ce4:ca84:308f:49cd

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging yahoo.com [209.191.122.70] with 32 bytes of data:Reply from 209.191.122.70: bytes=32 time=60ms TTL=50Reply from 209.191.122.70: bytes=32 time=59ms TTL=50Ping statistics for 209.191.122.70: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 59ms, Maximum = 60ms, Average = 59msDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: fe80::2ce4:ca84:308f:49cd

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
11 ...00 25 56 40 69 1c ...... Broadcom 802.11b/g WLAN
10 ...00 23 8b d3 6a f5 ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
16 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
17 ...00 00 00 00 00 00 00 e0 isatap.{B371D844-BA53-42CE-ADB2-55A3DF7E6908}
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.hsd1.ct.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.8 281
192.168.0.8 255.255.255.255 On-link 192.168.0.8 281
192.168.0.255 255.255.255.255 On-link 192.168.0.8 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.8 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.8 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:1c88:2597:3f57:fff7/128
On-link
11 281 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::1c88:2597:3f57:fff7/128
On-link
11 281 fe80::2dd4:8935:ca28:fc25/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\EasyRedirect.dll [331776] (EasyTech)
Catalog9 02 C:\Windows\SysWOW64\EasyRedirect.dll [331776] (EasyTech)
Catalog9 03 C:\Windows\SysWOW64\EasyRedirect.dll [331776] (EasyTech)
Catalog9 04 C:\Windows\SysWOW64\EasyRedirect.dll [331776] (EasyTech)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\EasyRedirect.dll [331776] (EasyTech)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/27/2012 09:13:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2012 01:36:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2012 01:25:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2012 10:35:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2012 10:19:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2012 10:00:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2012 08:33:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/23/2012 05:23:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2012 04:41:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2012 00:18:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/27/2012 01:51:39 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.86 for the Network Card with network address 00255640691C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (02/27/2012 01:51:21 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (02/27/2012 09:14:40 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (02/27/2012 09:13:48 AM) (Source: DCOM) (User: LOCAL SERVICE)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (02/27/2012 09:13:38 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/26/2012 10:50:53 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.85 for the Network Card with network address 00255640691C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (02/26/2012 07:40:04 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.84 for the Network Card with network address 00255640691C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (02/26/2012 06:10:34 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.81 for the Network Card with network address 00255640691C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (02/25/2012 01:50:09 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.8 for the Network Card with network address 00255640691C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (02/25/2012 01:49:58 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman


Microsoft Office Sessions:
=========================
Error: (11/07/2011 11:06:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/04/2011 05:21:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/03/2011 04:55:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/03/2011 04:52:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/03/2011 04:36:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/03/2011 04:36:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/19/2011 11:37:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/14/2011 07:47:20 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/04/2011 06:09:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/13/2011 04:13:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.62)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Apple Mobile Device Support (Version: 3.4.1.2)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
Bing Maps 3D (Version: 4.0.903.16005)
Bonjour (Version: 2.0.5.0)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.30.20.0)
Canon MG5200 series MP Drivers
CCleaner (Version: 3.16)
DigitalPersona Personal 4.11 (Version: 4.11.3805)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Deskjet D4300 Printer Driver Software 10.0 Rel .3 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP MediaSmart SmartMenu (Version: 2.1.7)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 3.5)
HP Solution Center 10.0 (Version: 10.0)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.3.1.55)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
Shop for HP Supplies (Version: 10.0)
Sony Ericsson MD300 Wireless Modem (Version: 4.40.5.6)
Synaptics Pointing Device Driver (Version: 15.0.17.4)
Validity Sensors software (Version: 2.8.109)
WD SmartWare (Version: 1.4.1.1)
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (Version: 09/04/2008 2.6.0.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 3998.25 MB
Available physical RAM: 1746.89 MB
Total Pagefile: 8205.64 MB
Available Pagefile: 5540.76 MB
Total Virtual: 4095.88 MB
Available Virtual: 3992.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.51 GB) (Free:123.28 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.58 GB) (Free:1.99 GB) NTFS

========================= Users: ========================================

User accounts for \\ALBERT-PC

Administrator Albert Guest


**** End of log ****





TDSSKiller

14:30:58.0136 3564 TDSS rootkit removing tool 2.7.15.0 Feb 27 2012 12:59:02
14:30:58.0589 3564 ============================================================
14:30:58.0589 3564 Current date / time: 2012/02/27 14:30:58.0589
14:30:58.0589 3564 SystemInfo:
14:30:58.0589 3564
14:30:58.0589 3564 OS Version: 6.0.6002 ServicePack: 2.0
14:30:58.0589 3564 Product type: Workstation
14:30:58.0589 3564 ComputerName: ALBERT-PC
14:30:58.0589 3564 UserName: Albert
14:30:58.0589 3564 Windows directory: C:\Windows
14:30:58.0589 3564 System windows directory: C:\Windows
14:30:58.0589 3564 Running under WOW64
14:30:58.0589 3564 Processor architecture: Intel x64
14:30:58.0589 3564 Number of processors: 2
14:30:58.0589 3564 Page size: 0x1000
14:30:58.0589 3564 Boot type: Normal boot
14:30:58.0590 3564 ============================================================
14:31:00.0393 3564 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:31:00.0399 3564 \Device\Harddisk0\DR0:
14:31:00.0399 3564 MBR used
14:31:00.0399 3564 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23B05800
14:31:00.0399 3564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23B06000, BlocksNum 0x1927000
14:31:00.0464 3564 Initialize success
14:31:00.0464 3564 ============================================================
14:31:03.0597 6048 ============================================================
14:31:03.0598 6048 Scan started
14:31:03.0598 6048 Mode: Manual;
14:31:03.0598 6048 ============================================================
14:31:05.0581 6048 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
14:31:05.0583 6048 Accelerometer - ok
14:31:05.0683 6048 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
14:31:05.0689 6048 ACPI - ok
14:31:05.0813 6048 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
14:31:05.0823 6048 adp94xx - ok
14:31:05.0932 6048 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
14:31:05.0940 6048 adpahci - ok
14:31:06.0051 6048 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
14:31:06.0055 6048 adpu160m - ok
14:31:06.0166 6048 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
14:31:06.0171 6048 adpu320 - ok
14:31:06.0331 6048 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
14:31:06.0341 6048 AFD - ok
14:31:06.0471 6048 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
14:31:06.0474 6048 agp440 - ok
14:31:06.0580 6048 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
14:31:06.0584 6048 aic78xx - ok
14:31:06.0697 6048 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
14:31:06.0700 6048 aliide - ok
14:31:06.0719 6048 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
14:31:06.0723 6048 amdide - ok
14:31:06.0829 6048 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
14:31:06.0832 6048 AmdK8 - ok
14:31:06.0954 6048 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
14:31:06.0958 6048 arc - ok
14:31:07.0005 6048 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
14:31:07.0008 6048 arcsas - ok
14:31:07.0085 6048 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
14:31:07.0088 6048 AsyncMac - ok
14:31:07.0154 6048 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
14:31:07.0156 6048 atapi - ok
14:31:07.0286 6048 AVerBDA6x_x64 (f4924aa0451783a69b0cd10c43f6059b) C:\Windows\system32\DRIVERS\AVerBDA716x_x64.sys
14:31:07.0311 6048 AVerBDA6x_x64 - ok
14:31:07.0488 6048 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
14:31:07.0492 6048 AVGIDSDriver - ok
14:31:07.0627 6048 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
14:31:07.0629 6048 AVGIDSEH - ok
14:31:07.0784 6048 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
14:31:07.0786 6048 AVGIDSFilter - ok
14:31:07.0915 6048 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
14:31:07.0922 6048 Avgldx64 - ok
14:31:08.0078 6048 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
14:31:08.0081 6048 Avgmfx64 - ok
14:31:08.0151 6048 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
14:31:08.0171 6048 Avgrkx64 - ok
14:31:08.0330 6048 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
14:31:08.0338 6048 Avgtdia - ok
14:31:08.0479 6048 BCM43XX (eef98ddd0fc6a5da452eb8120d57ce44) C:\Windows\system32\DRIVERS\bcmwl664.sys
14:31:08.0524 6048 BCM43XX - ok
14:31:08.0647 6048 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
14:31:08.0650 6048 blbdrive - ok
14:31:08.0735 6048 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
14:31:08.0738 6048 bowser - ok
14:31:08.0838 6048 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
14:31:08.0841 6048 BrFiltLo - ok
14:31:08.0883 6048 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
14:31:08.0886 6048 BrFiltUp - ok
14:31:08.0998 6048 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
14:31:09.0002 6048 Brserid - ok
14:31:09.0104 6048 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
14:31:09.0108 6048 BrSerWdm - ok
14:31:09.0135 6048 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
14:31:09.0137 6048 BrUsbMdm - ok
14:31:09.0235 6048 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
14:31:09.0238 6048 BrUsbSer - ok
14:31:09.0294 6048 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
14:31:09.0297 6048 BTHMODEM - ok
14:31:09.0402 6048 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
14:31:09.0405 6048 cdfs - ok
14:31:09.0473 6048 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
14:31:09.0477 6048 cdrom - ok
14:31:09.0554 6048 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
14:31:09.0557 6048 circlass - ok
14:31:09.0647 6048 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
14:31:09.0655 6048 CLFS - ok
14:31:09.0790 6048 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
14:31:09.0792 6048 CmBatt - ok
14:31:09.0815 6048 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
14:31:09.0818 6048 cmdide - ok
14:31:09.0980 6048 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
14:31:09.0983 6048 Compbatt - ok
14:31:10.0073 6048 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
14:31:10.0076 6048 crcdisk - ok
14:31:10.0259 6048 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
14:31:10.0263 6048 DfsC - ok
14:31:10.0409 6048 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
14:31:10.0412 6048 disk - ok
14:31:10.0740 6048 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
14:31:10.0857 6048 Dot4 - ok
14:31:10.0933 6048 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:31:10.0936 6048 Dot4Print - ok
14:31:11.0046 6048 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
14:31:11.0050 6048 dot4usb - ok
14:31:11.0186 6048 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
14:31:11.0189 6048 drmkaud - ok
14:31:11.0350 6048 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
14:31:11.0365 6048 DXGKrnl - ok
14:31:11.0501 6048 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
14:31:11.0506 6048 E1G60 - ok
14:31:11.0643 6048 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
14:31:11.0647 6048 Ecache - ok
14:31:11.0777 6048 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
14:31:11.0785 6048 elxstor - ok
14:31:11.0922 6048 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys
14:31:11.0925 6048 enecir - ok
14:31:12.0008 6048 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
14:31:12.0012 6048 ErrDev - ok
14:31:12.0060 6048 ewusbnet - ok
14:31:12.0119 6048 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
14:31:12.0125 6048 exfat - ok
14:31:12.0233 6048 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
14:31:12.0239 6048 fastfat - ok
14:31:12.0383 6048 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
14:31:12.0386 6048 fdc - ok
14:31:12.0490 6048 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
14:31:12.0494 6048 FileInfo - ok
14:31:12.0515 6048 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
14:31:12.0518 6048 Filetrace - ok
14:31:12.0633 6048 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:31:12.0637 6048 flpydisk - ok
14:31:12.0764 6048 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
14:31:12.0770 6048 FltMgr - ok
14:31:12.0882 6048 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
14:31:12.0885 6048 Fs_Rec - ok
14:31:12.0907 6048 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
14:31:12.0911 6048 gagp30kx - ok
14:31:13.0066 6048 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:31:13.0069 6048 GEARAspiWDM - ok
14:31:13.0207 6048 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
14:31:13.0214 6048 HdAudAddService - ok
14:31:13.0305 6048 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:31:13.0321 6048 HDAudBus - ok
14:31:13.0405 6048 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
14:31:13.0408 6048 HidBth - ok
14:31:13.0457 6048 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
14:31:13.0460 6048 HidIr - ok
14:31:13.0549 6048 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
14:31:13.0552 6048 HidUsb - ok
14:31:13.0603 6048 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
14:31:13.0606 6048 HpCISSs - ok
14:31:13.0692 6048 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
14:31:13.0695 6048 hpdskflt - ok
14:31:13.0889 6048 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:31:13.0892 6048 HpqKbFiltr - ok
14:31:14.0030 6048 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
14:31:14.0041 6048 HTTP - ok
14:31:14.0137 6048 hwdatacard - ok
14:31:14.0153 6048 hwusbdev - ok
14:31:14.0245 6048 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
14:31:14.0248 6048 i2omp - ok
14:31:14.0358 6048 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
14:31:14.0362 6048 i8042prt - ok
14:31:14.0466 6048 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
14:31:14.0473 6048 iaStorV - ok
14:31:14.0811 6048 igfx (7b0a679638e9380c0d8d42c7d43f8169) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:31:15.0024 6048 igfx - ok
14:31:15.0135 6048 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
14:31:15.0138 6048 iirsp - ok
14:31:15.0284 6048 IntcHdmiAddService (be1cb000c655396c9def09aee3ea2d67) C:\Windows\system32\drivers\IntcHdmi.sys
14:31:15.0289 6048 IntcHdmiAddService - ok
14:31:15.0389 6048 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
14:31:15.0391 6048 intelide - ok
14:31:15.0505 6048 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
14:31:15.0508 6048 intelppm - ok
14:31:15.0636 6048 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:31:15.0639 6048 IpFilterDriver - ok
14:31:15.0749 6048 IpInIp - ok
14:31:15.0778 6048 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
14:31:15.0782 6048 IPMIDRV - ok
14:31:15.0886 6048 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
14:31:15.0891 6048 IPNAT - ok
14:31:16.0098 6048 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
14:31:16.0101 6048 IRENUM - ok
14:31:16.0185 6048 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
14:31:16.0187 6048 isapnp - ok
14:31:16.0242 6048 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
14:31:16.0247 6048 iScsiPrt - ok
14:31:16.0307 6048 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
14:31:16.0310 6048 iteatapi - ok
14:31:16.0420 6048 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
14:31:16.0423 6048 iteraid - ok
14:31:16.0538 6048 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
14:31:16.0541 6048 kbdclass - ok
14:31:16.0647 6048 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
14:31:16.0650 6048 kbdhid - ok
14:31:16.0813 6048 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
14:31:16.0823 6048 KSecDD - ok
14:31:16.0937 6048 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
14:31:16.0939 6048 ksthunk - ok
14:31:17.0080 6048 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
14:31:17.0083 6048 lltdio - ok
14:31:17.0230 6048 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
14:31:17.0234 6048 LSI_FC - ok
14:31:17.0321 6048 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
14:31:17.0325 6048 LSI_SAS - ok
14:31:17.0457 6048 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
14:31:17.0460 6048 LSI_SCSI - ok
14:31:17.0507 6048 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
14:31:17.0510 6048 luafv - ok
14:31:17.0589 6048 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
14:31:17.0591 6048 megasas - ok
14:31:17.0760 6048 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
14:31:17.0769 6048 MegaSR - ok
14:31:17.0893 6048 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
14:31:17.0896 6048 Modem - ok
14:31:17.0925 6048 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
14:31:17.0927 6048 monitor - ok
14:31:18.0025 6048 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
14:31:18.0028 6048 mouclass - ok
14:31:18.0135 6048 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
14:31:18.0138 6048 mouhid - ok
14:31:18.0183 6048 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
14:31:18.0186 6048 MountMgr - ok
14:31:18.0272 6048 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
14:31:18.0277 6048 mpio - ok
14:31:18.0319 6048 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
14:31:18.0322 6048 mpsdrv - ok
14:31:18.0425 6048 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
14:31:18.0428 6048 Mraid35x - ok
14:31:18.0517 6048 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
14:31:18.0521 6048 MRxDAV - ok
14:31:18.0670 6048 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:31:18.0674 6048 mrxsmb - ok
14:31:18.0790 6048 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:31:18.0795 6048 mrxsmb10 - ok
14:31:18.0940 6048 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:31:18.0943 6048 mrxsmb20 - ok
14:31:19.0044 6048 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
14:31:19.0046 6048 msahci - ok
14:31:19.0107 6048 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
14:31:19.0111 6048 msdsm - ok
14:31:19.0222 6048 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
14:31:19.0225 6048 Msfs - ok
14:31:19.0359 6048 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
14:31:19.0366 6048 msisadrv - ok
14:31:19.0493 6048 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
14:31:19.0496 6048 MSKSSRV - ok
14:31:19.0612 6048 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
14:31:19.0615 6048 MSPCLOCK - ok
14:31:19.0712 6048 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
14:31:19.0715 6048 MSPQM - ok
14:31:19.0775 6048 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
14:31:19.0781 6048 MsRPC - ok
14:31:19.0859 6048 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
14:31:19.0862 6048 mssmbios - ok
14:31:19.0998 6048 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
14:31:20.0001 6048 MSTEE - ok
14:31:20.0138 6048 msvad_simple (c83829c280f0207677b7aaa151ef9c4d) C:\Windows\system32\drivers\povrtdev.sys
14:31:20.0141 6048 msvad_simple - ok
14:31:20.0170 6048 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
14:31:20.0173 6048 Mup - ok
14:31:20.0279 6048 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
14:31:20.0284 6048 NativeWifiP - ok
14:31:20.0431 6048 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
14:31:20.0444 6048 NDIS - ok
14:31:20.0557 6048 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
14:31:20.0559 6048 NdisTapi - ok
14:31:20.0669 6048 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
14:31:20.0672 6048 Ndisuio - ok
14:31:20.0774 6048 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
14:31:20.0779 6048 NdisWan - ok
14:31:20.0894 6048 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
14:31:20.0897 6048 NDProxy - ok
14:31:21.0008 6048 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
14:31:21.0011 6048 NetBIOS - ok
14:31:21.0193 6048 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
14:31:21.0200 6048 netbt - ok
14:31:21.0480 6048 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
14:31:21.0569 6048 NETw3v64 - ok
14:31:21.0687 6048 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
14:31:21.0690 6048 nfrd960 - ok
14:31:21.0779 6048 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
14:31:21.0782 6048 Npfs - ok
14:31:21.0881 6048 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
14:31:21.0884 6048 nsiproxy - ok
14:31:22.0067 6048 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
14:31:22.0093 6048 Ntfs - ok
14:31:22.0191 6048 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
14:31:22.0193 6048 Null - ok
14:31:22.0331 6048 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
14:31:22.0335 6048 nvraid - ok
14:31:22.0431 6048 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
14:31:22.0434 6048 nvstor - ok
14:31:22.0589 6048 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
14:31:22.0593 6048 nv_agp - ok
14:31:22.0671 6048 NwlnkFlt - ok
14:31:22.0685 6048 NwlnkFwd - ok
14:31:22.0808 6048 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
14:31:22.0811 6048 ohci1394 - ok
14:31:22.0947 6048 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
14:31:22.0950 6048 Parport - ok
14:31:23.0057 6048 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
14:31:23.0060 6048 partmgr - ok
14:31:23.0182 6048 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
14:31:23.0187 6048 pci - ok
14:31:23.0281 6048 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
14:31:23.0284 6048 pciide - ok
14:31:23.0406 6048 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
14:31:23.0411 6048 pcmcia - ok
14:31:23.0522 6048 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
14:31:23.0527 6048 pcouffin - ok
14:31:23.0658 6048 PCTCore (aea68392399a11a8c4f9db0fa47dc0dd) C:\Windows\system32\drivers\PCTCore64.sys
14:31:23.0662 6048 PCTCore - ok
14:31:23.0766 6048 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
14:31:23.0778 6048 PEAUTH - ok
14:31:23.0918 6048 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
14:31:23.0922 6048 PptpMiniport - ok
14:31:24.0020 6048 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
14:31:24.0023 6048 Processor - ok
14:31:24.0153 6048 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
14:31:24.0156 6048 PSched - ok
14:31:24.0281 6048 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
14:31:24.0302 6048 ql2300 - ok
14:31:24.0394 6048 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
14:31:24.0398 6048 ql40xx - ok
14:31:24.0496 6048 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
14:31:24.0498 6048 QWAVEdrv - ok
14:31:24.0612 6048 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
14:31:24.0614 6048 RasAcd - ok
14:31:24.0721 6048 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:31:24.0725 6048 Rasl2tp - ok
14:31:24.0823 6048 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
14:31:24.0827 6048 RasPppoe - ok
14:31:24.0922 6048 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
14:31:24.0926 6048 RasSstp - ok
14:31:24.0972 6048 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
14:31:24.0978 6048 rdbss - ok
14:31:25.0069 6048 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:31:25.0072 6048 RDPCDD - ok
14:31:25.0186 6048 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
14:31:25.0194 6048 rdpdr - ok
14:31:25.0364 6048 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
14:31:25.0368 6048 RDPENCDD - ok
14:31:25.0488 6048 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
14:31:25.0494 6048 RDPWD - ok
14:31:25.0670 6048 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
14:31:25.0672 6048 rspndr - ok
14:31:25.0817 6048 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
14:31:25.0821 6048 RTL8169 - ok
14:31:25.0941 6048 RTSTOR (4ad8464fece8ebe276d4a7d75e418452) C:\Windows\system32\drivers\RTSTOR64.SYS
14:31:25.0944 6048 RTSTOR - ok
14:31:26.0062 6048 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
14:31:26.0064 6048 sbp2port - ok
14:31:26.0405 6048 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
14:31:26.0408 6048 sdbus - ok
14:31:26.0525 6048 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:31:26.0529 6048 secdrv - ok
14:31:26.0691 6048 sembbus (edcdf0910b235953bbf6f7bfe7f858f3) C:\Windows\system32\DRIVERS\sembbus.sys
14:31:26.0696 6048 sembbus - ok
14:31:26.0826 6048 sembcard (8508973e2522b16904bbdf6bef83af50) C:\Windows\system32\DRIVERS\sembcard.sys
14:31:26.0833 6048 sembcard - ok
14:31:27.0008 6048 sembmdfl2 (4f889937e15040f74bf2f55d19e11c94) C:\Windows\system32\DRIVERS\sembmdfl2.sys
14:31:27.0010 6048 sembmdfl2 - ok
14:31:27.0170 6048 sembmdm2 (45e6e224ddd333e214ed09a3e9e94474) C:\Windows\system32\DRIVERS\sembmdm2.sys
14:31:27.0178 6048 sembmdm2 - ok
14:31:27.0316 6048 sembmgmt (29660721b9629776bf11953b9029dfbd) C:\Windows\system32\DRIVERS\sembmgmt.sys
14:31:27.0328 6048 sembmgmt - ok
14:31:27.0560 6048 sembnd5 (05ce04b972c0c655cabb50ecd5b7a290) C:\Windows\system32\DRIVERS\sembnd5.sys
14:31:27.0563 6048 sembnd5 - ok
14:31:27.0852 6048 sembunic (2d4c13e1bb4c97e8a817882f5ce791ad) C:\Windows\system32\DRIVERS\sembunic.sys
14:31:27.0860 6048 sembunic - ok
14:31:28.0104 6048 sembwwan (cd19fc552bfe4e1334adbf55b55cc9be) C:\Windows\system32\DRIVERS\sembwwan.sys
14:31:28.0112 6048 sembwwan - ok
14:31:28.0388 6048 SEMCReserved (0ea27099c21fda6a5d688ebfe7c32174) C:\Windows\system32\DRIVERS\semcreserved64.sys
14:31:28.0391 6048 SEMCReserved - ok
14:31:28.0505 6048 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
14:31:28.0508 6048 Serenum - ok
14:31:28.0623 6048 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
14:31:28.0627 6048 Serial - ok
14:31:28.0730 6048 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
14:31:28.0733 6048 sermouse - ok
14:31:28.0859 6048 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
14:31:28.0862 6048 sffdisk - ok
14:31:28.0882 6048 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
14:31:28.0885 6048 sffp_mmc - ok
14:31:28.0984 6048 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
14:31:28.0987 6048 sffp_sd - ok
14:31:29.0083 6048 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
14:31:29.0086 6048 sfloppy - ok
14:31:29.0196 6048 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
14:31:29.0199 6048 SiSRaid2 - ok
14:31:29.0297 6048 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
14:31:29.0301 6048 SiSRaid4 - ok
14:31:29.0402 6048 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
14:31:29.0406 6048 Smb - ok
14:31:29.0551 6048 Sony_EricssonWWSC (389d9f4aaf5b3b5af5642059ac5b151f) C:\Windows\system32\DRIVERS\sesc64.sys
14:31:29.0555 6048 Sony_EricssonWWSC - ok
14:31:29.0660 6048 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
14:31:29.0662 6048 spldr - ok
14:31:29.0798 6048 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
14:31:29.0799 6048 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
14:31:29.0802 6048 sptd ( LockedFile.Multi.Generic ) - warning
14:31:29.0802 6048 sptd - detected LockedFile.Multi.Generic (1)
14:31:29.0964 6048 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
14:31:29.0972 6048 srv - ok
14:31:30.0154 6048 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
14:31:30.0159 6048 srv2 - ok
14:31:30.0300 6048 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
14:31:30.0304 6048 srvnet - ok
14:31:30.0517 6048 STHDA (0c7bda7e9a329a071c080eb5210fe019) C:\Windows\system32\DRIVERS\stwrt64.sys
14:31:30.0527 6048 STHDA - ok
14:31:30.0705 6048 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
14:31:30.0708 6048 swenum - ok
14:31:30.0798 6048 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
14:31:30.0802 6048 Symc8xx - ok
14:31:30.0919 6048 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
14:31:30.0922 6048 Sym_hi - ok
14:31:31.0012 6048 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
14:31:31.0015 6048 Sym_u3 - ok
14:31:31.0260 6048 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
14:31:31.0267 6048 SynTP - ok
14:31:31.0614 6048 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
14:31:31.0643 6048 Tcpip - ok
14:31:31.0904 6048 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
14:31:31.0921 6048 Tcpip6 - ok
14:31:32.0200 6048 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
14:31:32.0203 6048 tcpipreg - ok
14:31:32.0334 6048 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
14:31:32.0336 6048 TDPIPE - ok
14:31:32.0473 6048 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
14:31:32.0475 6048 TDTCP - ok
14:31:32.0617 6048 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
14:31:32.0621 6048 tdx - ok
14:31:32.0728 6048 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
14:31:32.0731 6048 TermDD - ok
14:31:32.0866 6048 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:31:32.0868 6048 tssecsrv - ok
14:31:32.0978 6048 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
14:31:32.0980 6048 TuneUpUtilitiesDrv - ok
14:31:33.0124 6048 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
14:31:33.0127 6048 tunmp - ok
14:31:33.0258 6048 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
14:31:33.0261 6048 tunnel - ok
14:31:33.0512 6048 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
14:31:33.0516 6048 uagp35 - ok
14:31:33.0706 6048 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
14:31:33.0713 6048 udfs - ok
14:31:33.0863 6048 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
14:31:33.0866 6048 uliagpkx - ok
14:31:34.0055 6048 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
14:31:34.0062 6048 uliahci - ok
14:31:34.0180 6048 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
14:31:34.0185 6048 UlSata - ok
14:31:34.0302 6048 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
14:31:34.0307 6048 ulsata2 - ok
14:31:34.0438 6048 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
14:31:34.0441 6048 umbus - ok
14:31:34.0567 6048 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:31:34.0571 6048 USBAAPL64 - ok
14:31:34.0748 6048 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
14:31:34.0752 6048 usbaudio - ok
14:31:34.0955 6048 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
14:31:34.0960 6048 usbccgp - ok
14:31:35.0064 6048 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
14:31:35.0068 6048 usbcir - ok
14:31:35.0185 6048 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
14:31:35.0189 6048 usbehci - ok
14:31:35.0323 6048 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
14:31:35.0330 6048 usbhub - ok
14:31:35.0499 6048 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
14:31:35.0502 6048 usbohci - ok
14:31:35.0602 6048 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
14:31:35.0605 6048 usbprint - ok
14:31:35.0828 6048 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
14:31:35.0831 6048 usbscan - ok
14:31:35.0969 6048 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:31:35.0973 6048 USBSTOR - ok
14:31:36.0130 6048 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
14:31:36.0134 6048 usbuhci - ok
14:31:36.0279 6048 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
14:31:36.0284 6048 usbvideo - ok
14:31:36.0469 6048 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
14:31:36.0492 6048 vga - ok
14:31:36.0704 6048 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
14:31:36.0706 6048 VgaSave - ok
14:31:36.0815 6048 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
14:31:36.0818 6048 viaide - ok
14:31:36.0940 6048 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
14:31:36.0943 6048 volmgr - ok
14:31:37.0052 6048 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
14:31:37.0062 6048 volmgrx - ok
14:31:37.0218 6048 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
14:31:37.0224 6048 volsnap - ok
14:31:37.0412 6048 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
14:31:37.0416 6048 vsmraid - ok
14:31:37.0625 6048 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
14:31:37.0628 6048 WacomPen - ok
14:31:37.0769 6048 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:31:37.0772 6048 Wanarp - ok
14:31:37.0779 6048 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:31:37.0781 6048 Wanarpv6 - ok
14:31:37.0947 6048 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
14:31:37.0949 6048 Wd - ok
14:31:38.0124 6048 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
14:31:38.0127 6048 WDC_SAM - ok
14:31:38.0328 6048 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:31:38.0341 6048 Wdf01000 - ok
14:31:38.0534 6048 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
14:31:38.0538 6048 WinUSB - ok
14:31:38.0665 6048 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:31:38.0667 6048 WmiAcpi - ok
14:31:38.0875 6048 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
14:31:38.0879 6048 WpdUsb - ok
14:31:39.0123 6048 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
14:31:39.0125 6048 ws2ifsl - ok
14:31:39.0303 6048 WSDPrintDevice (de5f5212ab34221dd1618b5fefe8db6c) C:\Windows\system32\DRIVERS\WSDPrint.sys
14:31:39.0306 6048 WSDPrintDevice - ok
14:31:39.0472 6048 WSDScan (c48e6ef92be6bfef9ee2430c42eaf2bd) C:\Windows\system32\DRIVERS\WSDScan.sys
14:31:39.0475 6048 WSDScan - ok
14:31:39.0670 6048 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:31:39.0675 6048 WUDFRd - ok
14:31:39.0869 6048 xnacc (da1c23f65ef1894ab5b6ff79d81f544a) C:\Windows\system32\DRIVERS\xnacc.sys
14:31:39.0886 6048 xnacc - ok
14:31:40.0015 6048 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
14:31:40.0022 6048 yukonx64 - ok
14:31:40.0118 6048 MBR (0x1B8) (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
14:31:40.0159 6048 \Device\Harddisk0\DR0 - ok
14:31:40.0189 6048 Boot (0x1200) (e68f655e11e37fbcf682881cca684263) \Device\Harddisk0\DR0\Partition0
14:31:40.0191 6048 \Device\Harddisk0\DR0\Partition0 - ok
14:31:40.0230 6048 Boot (0x1200) (45b5804da389b40f5639535d1a03eca0) \Device\Harddisk0\DR0\Partition1
14:31:40.0232 6048 \Device\Harddisk0\DR0\Partition1 - ok
14:31:40.0232 6048 ============================================================
14:31:40.0232 6048 Scan finished
14:31:40.0232 6048 ============================================================
14:31:40.0250 1520 Detected object count: 1
14:31:40.0250 1520 Actual detected object count: 1
14:36:01.0810 1520 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:36:01.0810 1520 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
14:37:31.0752 0324 Deinitialize success




[b]ESET Scan File[/b


C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 27 February 2012 - 11:59 PM

Have you tried Reinstalling Firefox?

OR
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 alshaheen002

alshaheen002
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 28 February 2012 - 01:31 PM

Yes, I tried reinstalling firefox, but it had no effect.


Here is the log from Farbar Service Scan:



Farbar Service Scanner Version: 22-02-2012
Ran by Albert (administrator) on 28-02-2012 at 13:29:02
Running from "C:\Users\Albert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1FFKE45"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll
[2008-01-20 21:49] - [2008-01-20 21:49] - 0024576 ____A (Microsoft Corporation) ACB62BAA1C319B17752553DF3026EEEB

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 21:09] - [2009-04-11 02:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-14 22:01] - [2012-01-03 09:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll
[2011-04-19 06:20] - [2011-03-02 11:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 21:10] - [2009-04-11 02:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 21:08] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2008-01-20 21:47] - [2008-01-20 21:47] - 0128000 ____A (Microsoft Corporation) 4FF71B076A7760FE75EA5AE2D0EE0018

C:\Windows\System32\vssvc.exe
[2009-12-03 21:10] - [2009-04-11 02:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 21:08] - [2009-04-11 02:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 21:09] - [2009-04-11 02:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll
[2009-10-20 04:38] - [2009-08-06 21:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll
[2009-12-03 21:10] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 21:10] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2009-12-03 21:09] - [2009-04-11 02:11] - 0166912 ____A (Microsoft Corporation) 18918613E63F387CDE4D95CA7D49DCF7

C:\Program Files\Windows Defender\MpSvc.dll
[2008-01-20 21:47] - [2008-01-20 21:47] - 0383544 ____A (Microsoft Corporation) 7D2A43E8FDF725A1133F6C6056A72CDC

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 21:10] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 28 February 2012 - 08:42 PM

Hello, I cannot see the issue here.


We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 alshaheen002

alshaheen002
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:54 AM

Posted 03 March 2012 - 05:51 PM

Okay, no problems with those steps. I skipped step eight though because I am running a 64bit OS. I posted a new topic where you told me to.

Thanks for all the help!!

AL

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 03 March 2012 - 09:31 PM

Thank You!!

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users