Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect slowness and svchost overload


  • Please log in to reply
7 replies to this topic

#1 djcoleman

djcoleman

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 09 March 2012 - 01:55 AM

I have been getting numerous redirects in google. I also have svchost.exe taking up all the resources and restarting after ending process. Computer runs very slow. I ran tdsskill and it has helped the svchost.exe problem. AVG constantly gives cookie tracking warnings. They constantly repopulate in the cookie folder. They are the same cookies with different names constantly regenerating. Ntsf dirty file messages appear on reboot. I have scanned with malwarebytes, avg and adaware. None of these solve the problem. I have to do tax reports through internet this weekend on this machine...

Dell running XP and I use firefox browser

Edited by djcoleman, 09 March 2012 - 02:05 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 09 March 2012 - 07:20 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Restart the PC

Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 09 March 2012 - 07:20 AM.


#3 djcoleman

djcoleman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 09 March 2012 - 11:01 PM

17:33:30.0875 3668 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
17:33:31.0187 3668 ============================================================
17:33:31.0187 3668 Current date / time: 2012/03/09 17:33:31.0187
17:33:31.0187 3668 SystemInfo:
17:33:31.0187 3668
17:33:31.0187 3668 OS Version: 5.1.2600 ServicePack: 3.0
17:33:31.0187 3668 Product type: Workstation
17:33:31.0187 3668 ComputerName: D7PLPP81
17:33:31.0187 3668 UserName: David
17:33:31.0187 3668 Windows directory: C:\WINDOWS
17:33:31.0187 3668 System windows directory: C:\WINDOWS
17:33:31.0187 3668 Processor architecture: Intel x86
17:33:31.0187 3668 Number of processors: 2
17:33:31.0187 3668 Page size: 0x1000
17:33:31.0187 3668 Boot type: Normal boot
17:33:31.0187 3668 ============================================================
17:33:31.0781 3668 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:33:31.0828 3668 \Device\Harddisk0\DR0:
17:33:31.0828 3668 MBR used
17:33:31.0828 3668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x1209CE16
17:33:31.0875 3668 Initialize success
17:33:31.0875 3668 ============================================================
17:33:33.0484 2776 ============================================================
17:33:33.0484 2776 Scan started
17:33:33.0484 2776 Mode: Manual;
17:33:33.0484 2776 ============================================================
17:33:47.0187 2776 6285 (34804da52276661c31422b5b98edbeb7) C:\WINDOWS\system32\DRIVERS\6285
17:33:47.0187 2776 6285 - ok
17:33:47.0234 2776 Abiosdsk - ok
17:33:47.0281 2776 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:33:47.0281 2776 abp480n5 - ok
17:33:47.0343 2776 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:33:47.0343 2776 ACPI - ok
17:33:47.0375 2776 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:33:47.0375 2776 ACPIEC - ok
17:33:47.0390 2776 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:33:47.0406 2776 adpu160m - ok
17:33:47.0437 2776 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:33:47.0437 2776 aec - ok
17:33:47.0484 2776 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:33:47.0500 2776 AFD - ok
17:33:47.0531 2776 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:33:47.0531 2776 agp440 - ok
17:33:47.0546 2776 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:33:47.0546 2776 agpCPQ - ok
17:33:47.0562 2776 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:33:47.0562 2776 Aha154x - ok
17:33:47.0578 2776 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:33:47.0578 2776 aic78u2 - ok
17:33:47.0593 2776 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:33:47.0593 2776 aic78xx - ok
17:33:47.0609 2776 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:33:47.0609 2776 AliIde - ok
17:33:47.0640 2776 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:33:47.0640 2776 alim1541 - ok
17:33:47.0671 2776 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:33:47.0671 2776 amdagp - ok
17:33:47.0718 2776 AmgHips (81ef334cda7a222ce88f41b7697b86f4) C:\WINDOWS\system32\Drivers\AmgHips.sys
17:33:47.0718 2776 AmgHips - ok
17:33:47.0734 2776 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:33:47.0734 2776 amsint - ok
17:33:47.0796 2776 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:33:47.0796 2776 Arp1394 - ok
17:33:47.0812 2776 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:33:47.0812 2776 asc - ok
17:33:47.0828 2776 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:33:47.0828 2776 asc3350p - ok
17:33:47.0843 2776 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:33:47.0843 2776 asc3550 - ok
17:33:47.0890 2776 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:33:47.0890 2776 AsyncMac - ok
17:33:47.0906 2776 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:33:47.0906 2776 atapi - ok
17:33:47.0921 2776 Atdisk - ok
17:33:48.0000 2776 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:33:48.0062 2776 ati2mtag - ok
17:33:48.0109 2776 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:33:48.0109 2776 Atmarpc - ok
17:33:48.0140 2776 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:33:48.0140 2776 audstub - ok
17:33:48.0187 2776 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
17:33:48.0203 2776 AVGIDSDriver - ok
17:33:48.0234 2776 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
17:33:48.0234 2776 AVGIDSEH - ok
17:33:48.0265 2776 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
17:33:48.0265 2776 AVGIDSFilter - ok
17:33:48.0312 2776 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
17:33:48.0312 2776 AVGIDSShim - ok
17:33:48.0359 2776 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:33:48.0375 2776 Avgldx86 - ok
17:33:48.0390 2776 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:33:48.0390 2776 Avgmfx86 - ok
17:33:48.0421 2776 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:33:48.0421 2776 Avgrkx86 - ok
17:33:48.0453 2776 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:33:48.0453 2776 Avgtdix - ok
17:33:48.0484 2776 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:33:48.0484 2776 Beep - ok
17:33:48.0515 2776 bvrp_pci - ok
17:33:48.0812 2776 catchme - ok
17:33:49.0203 2776 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:33:49.0203 2776 cbidf - ok
17:33:49.0218 2776 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:33:49.0218 2776 cbidf2k - ok
17:33:49.0265 2776 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:33:49.0265 2776 CCDECODE - ok
17:33:49.0312 2776 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:33:49.0312 2776 cd20xrnt - ok
17:33:49.0328 2776 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:33:49.0328 2776 Cdaudio - ok
17:33:49.0343 2776 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:33:49.0343 2776 Cdfs - ok
17:33:49.0375 2776 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:33:49.0375 2776 Cdrom - ok
17:33:49.0375 2776 Changer - ok
17:33:49.0406 2776 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:33:49.0406 2776 CmdIde - ok
17:33:49.0453 2776 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:33:49.0453 2776 Cpqarray - ok
17:33:49.0500 2776 ctac32k (1e41b8a10b9d78240c8bfacc269db155) C:\WINDOWS\system32\drivers\ctac32k.sys
17:33:49.0515 2776 ctac32k - ok
17:33:49.0593 2776 ctaud2k (9bf1aa0eac9c7d33ce4d8a152e151f60) C:\WINDOWS\system32\drivers\ctaud2k.sys
17:33:49.0593 2776 ctaud2k - ok
17:33:49.0640 2776 ctdvda2k (29f78d59b053cb8778f8426e4e24099c) C:\WINDOWS\system32\drivers\ctdvda2k.sys
17:33:49.0656 2776 ctdvda2k - ok
17:33:49.0687 2776 ctprxy2k (a6f4c70da545230d001915d8eb08d881) C:\WINDOWS\system32\drivers\ctprxy2k.sys
17:33:49.0687 2776 ctprxy2k - ok
17:33:49.0718 2776 ctsfm2k (b39e55c1c5e28e016ee3848f2e34c205) C:\WINDOWS\system32\drivers\ctsfm2k.sys
17:33:49.0718 2776 ctsfm2k - ok
17:33:49.0750 2776 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:33:49.0765 2776 dac2w2k - ok
17:33:49.0781 2776 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:33:49.0781 2776 dac960nt - ok
17:33:49.0812 2776 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:33:49.0812 2776 Disk - ok
17:33:49.0859 2776 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
17:33:49.0937 2776 dmboot - ok
17:33:49.0953 2776 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
17:33:49.0953 2776 dmio - ok
17:33:49.0984 2776 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:33:49.0984 2776 dmload - ok
17:33:50.0015 2776 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:33:50.0015 2776 DMusic - ok
17:33:50.0062 2776 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:33:50.0062 2776 dpti2o - ok
17:33:50.0093 2776 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:33:50.0093 2776 drmkaud - ok
17:33:50.0125 2776 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys
17:33:50.0125 2776 drvmcdb - ok
17:33:50.0140 2776 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys
17:33:50.0140 2776 drvnddm - ok
17:33:50.0234 2776 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
17:33:50.0234 2776 DSproct - ok
17:33:50.0281 2776 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
17:33:50.0281 2776 dsunidrv - ok
17:33:50.0328 2776 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:33:50.0328 2776 E100B - ok
17:33:50.0359 2776 e1express (0849eacdc01487573add86f5e470806c) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
17:33:50.0359 2776 e1express - ok
17:33:50.0421 2776 emupia (5d70013d7e6602ec0a482f2985558c2d) C:\WINDOWS\system32\drivers\emupia2k.sys
17:33:50.0421 2776 emupia - ok
17:33:50.0484 2776 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:33:50.0484 2776 Fastfat - ok
17:33:50.0515 2776 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:33:50.0515 2776 Fdc - ok
17:33:50.0546 2776 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
17:33:50.0546 2776 Fips - ok
17:33:50.0578 2776 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:33:50.0578 2776 Flpydisk - ok
17:33:50.0625 2776 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:33:50.0625 2776 FltMgr - ok
17:33:50.0640 2776 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:33:50.0640 2776 Fs_Rec - ok
17:33:50.0687 2776 FTDIBUS (782f67cfc6c362257916bbb50bc55de9) C:\WINDOWS\system32\drivers\ftdibus.sys
17:33:50.0687 2776 FTDIBUS - ok
17:33:50.0734 2776 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:33:50.0734 2776 Ftdisk - ok
17:33:50.0765 2776 FTSER2K (4a995111f44cd6f35775865903f4f41e) C:\WINDOWS\system32\drivers\ftser2k.sys
17:33:50.0765 2776 FTSER2K - ok
17:33:50.0812 2776 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:33:50.0812 2776 gameenum - ok
17:33:50.0828 2776 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:33:50.0828 2776 GEARAspiWDM - ok
17:33:50.0859 2776 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:33:50.0859 2776 Gpc - ok
17:33:50.0937 2776 ha10kx2k (7ec50a84b89dae3458cb0308739b80de) C:\WINDOWS\system32\drivers\ha10kx2k.sys
17:33:50.0984 2776 ha10kx2k - ok
17:33:51.0000 2776 hap16v2k (02a6bad64177c56d8b86b198b38db361) C:\WINDOWS\system32\drivers\hap16v2k.sys
17:33:51.0000 2776 hap16v2k - ok
17:33:51.0031 2776 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:33:51.0031 2776 HidUsb - ok
17:33:51.0078 2776 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:33:51.0078 2776 hpn - ok
17:33:51.0109 2776 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:33:51.0125 2776 HPZid412 - ok
17:33:51.0156 2776 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:33:51.0156 2776 HPZipr12 - ok
17:33:51.0187 2776 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:33:51.0187 2776 HPZius12 - ok
17:33:51.0234 2776 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:33:51.0234 2776 HTTP - ok
17:33:51.0281 2776 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:33:51.0281 2776 i2omgmt - ok
17:33:51.0312 2776 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:33:51.0312 2776 i2omp - ok
17:33:51.0343 2776 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:33:51.0343 2776 i8042prt - ok
17:33:51.0421 2776 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iastor.sys
17:33:51.0421 2776 iastor - ok
17:33:51.0453 2776 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:33:51.0453 2776 Imapi - ok
17:33:51.0484 2776 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:33:51.0484 2776 ini910u - ok
17:33:51.0500 2776 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:33:51.0500 2776 IntelIde - ok
17:33:51.0546 2776 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:33:51.0546 2776 intelppm - ok
17:33:51.0562 2776 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:33:51.0562 2776 Ip6Fw - ok
17:33:51.0671 2776 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:33:51.0671 2776 IpFilterDriver - ok
17:33:51.0703 2776 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:33:51.0703 2776 IpInIp - ok
17:33:51.0734 2776 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:33:51.0750 2776 IpNat - ok
17:33:51.0765 2776 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:33:51.0765 2776 IPSec - ok
17:33:51.0796 2776 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:33:51.0796 2776 IRENUM - ok
17:33:51.0828 2776 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:33:51.0828 2776 isapnp - ok
17:33:51.0875 2776 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sy@
17:33:51.0875 2776 Kbdclass - ok
17:33:51.0890 2776 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:33:51.0890 2776 kbdhid - ok
17:33:51.0906 2776 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:33:51.0921 2776 kmixer - ok
17:33:51.0953 2776 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:33:51.0953 2776 KSecDD - ok
17:33:52.0078 2776 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
17:33:52.0078 2776 Lavasoft Kernexplorer - ok
17:33:52.0109 2776 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
17:33:52.0109 2776 Lbd - ok
17:33:52.0125 2776 lbrtfdc - ok
17:33:52.0187 2776 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
17:33:52.0187 2776 mferkdk - ok
17:33:52.0234 2776 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
17:33:52.0234 2776 mfesmfk - ok
17:33:52.0265 2776 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
17:33:52.0265 2776 MHNDRV - ok
17:33:52.0296 2776 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:33:52.0296 2776 mnmdd - ok
17:33:52.0343 2776 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
17:33:52.0343 2776 Modem - ok
17:33:52.0375 2776 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:33:52.0375 2776 MODEMCSA - ok
17:33:52.0390 2776 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:33:52.0406 2776 Mouclass - ok
17:33:52.0453 2776 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:33:52.0453 2776 mouhid - ok
17:33:52.0468 2776 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:33:52.0468 2776 MountMgr - ok
17:33:52.0500 2776 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:33:52.0500 2776 mraid35x - ok
17:33:52.0531 2776 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:33:52.0546 2776 MRxDAV - ok
17:33:52.0546 2776 MRxSmb - ok
17:33:52.0562 2776 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:33:52.0578 2776 Msfs - ok
17:33:52.0609 2776 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:33:52.0609 2776 MSKSSRV - ok
17:33:52.0625 2776 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:33:52.0625 2776 MSPCLOCK - ok
17:33:52.0640 2776 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:33:52.0640 2776 MSPQM - ok
17:33:52.0671 2776 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:33:52.0671 2776 mssmbios - ok
17:33:52.0703 2776 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
17:33:52.0703 2776 MSTEE - ok
17:33:52.0750 2776 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:33:52.0750 2776 Mup - ok
17:33:52.0781 2776 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:33:52.0781 2776 NABTSFEC - ok
17:33:52.0796 2776 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:33:52.0812 2776 NDIS - ok
17:33:52.0843 2776 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:33:52.0843 2776 NdisIP - ok
17:33:52.0875 2776 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:33:52.0875 2776 NdisTapi - ok
17:33:52.0890 2776 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:33:52.0890 2776 Ndisuio - ok
17:33:52.0906 2776 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:33:52.0906 2776 NdisWan - ok
17:33:52.0968 2776 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:33:52.0968 2776 NDProxy - ok
17:33:52.0984 2776 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:33:52.0984 2776 NetBIOS - ok
17:33:53.0046 2776 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:33:53.0046 2776 NetBT - ok
17:33:53.0062 2776 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:33:53.0078 2776 NIC1394 - ok
17:33:53.0093 2776 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:33:53.0093 2776 Npfs - ok
17:33:53.0140 2776 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:33:53.0171 2776 Ntfs - ok
17:33:53.0187 2776 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:33:53.0187 2776 Null - ok
17:33:53.0281 2776 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:33:53.0359 2776 nv - ok
17:33:53.0390 2776 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:33:53.0390 2776 NwlnkFlt - ok
17:33:53.0406 2776 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:33:53.0406 2776 NwlnkFwd - ok
17:33:53.0453 2776 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:33:53.0453 2776 ohci1394 - ok
17:33:53.0484 2776 ossrv (c52548b920482db03af8b49babd9fc48) C:\WINDOWS\system32\drivers\ctoss2k.sys
17:33:53.0484 2776 ossrv - ok
17:33:53.0546 2776 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
17:33:53.0546 2776 Parport - ok
17:33:53.0562 2776 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:33:53.0562 2776 PartMgr - ok
17:33:53.0578 2776 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:33:53.0578 2776 ParVdm - ok
17:33:53.0593 2776 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
17:33:53.0593 2776 PCI - ok
17:33:53.0609 2776 PCIDump - ok
17:33:53.0656 2776 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:33:53.0656 2776 PCIIde - ok
17:33:53.0687 2776 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:33:53.0687 2776 Pcmcia - ok
17:33:53.0703 2776 PDCOMP - ok
17:33:53.0718 2776 PDFRAME - ok
17:33:53.0718 2776 PDRELI - ok
17:33:53.0734 2776 PDRFRAME - ok
17:33:53.0781 2776 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:33:53.0781 2776 perc2 - ok
17:33:53.0812 2776 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:33:53.0812 2776 perc2hib - ok
17:33:53.0859 2776 PfModNT (fefc8ebc170615068c3305dbee2667dd) C:\WINDOWS\system32\drivers\PfModNT.sys
17:33:53.0859 2776 PfModNT - ok
17:33:53.0921 2776 pnarp (36fcac4fa28b462ca867742dea59b0d0) C:\WINDOWS\system32\DRIVERS\pnarp.sys
17:33:53.0921 2776 pnarp - ok
17:33:53.0984 2776 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:33:53.0984 2776 PptpMiniport - ok
17:33:54.0000 2776 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:33:54.0000 2776 PSched - ok
17:33:54.0015 2776 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:33:54.0015 2776 Ptilink - ok
17:33:54.0031 2776 purendis (d8ac00388262b1a4878a7ee12f31d376) C:\WINDOWS\system32\DRIVERS\purendis.sys
17:33:54.0031 2776 purendis - ok
17:33:54.0078 2776 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:33:54.0078 2776 PxHelp20 - ok
17:33:54.0109 2776 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:33:54.0125 2776 ql1080 - ok
17:33:54.0140 2776 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:33:54.0140 2776 Ql10wnt - ok
17:33:54.0156 2776 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:33:54.0156 2776 ql12160 - ok
17:33:54.0187 2776 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:33:54.0187 2776 ql1240 - ok
17:33:54.0203 2776 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:33:54.0203 2776 ql1280 - ok
17:33:54.0234 2776 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:33:54.0234 2776 RasAcd - ok
17:33:54.0281 2776 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:33:54.0281 2776 Rasl2tp - ok
17:33:54.0296 2776 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:33:54.0296 2776 RasPppoe - ok
17:33:54.0312 2776 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:33:54.0312 2776 Raspti - ok
17:33:54.0343 2776 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:33:54.0343 2776 Rdbss - ok
17:33:54.0359 2776 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:33:54.0359 2776 RDPCDD - ok
17:33:54.0406 2776 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:33:54.0406 2776 rdpdr - ok
17:33:54.0437 2776 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:33:54.0437 2776 RDPWD - ok
17:33:54.0484 2776 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:33:54.0484 2776 redbook - ok
17:33:54.0515 2776 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
17:33:54.0515 2776 Revoflt - ok
17:33:54.0562 2776 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys
17:33:54.0562 2776 RimUsb - ok
17:33:54.0578 2776 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
17:33:54.0578 2776 RimVSerPort - ok
17:33:54.0609 2776 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:33:54.0609 2776 ROOTMODEM - ok
17:33:54.0671 2776 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:33:54.0671 2776 Secdrv - ok
17:33:54.0718 2776 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:33:54.0718 2776 serenum - ok
17:33:54.0750 2776 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
17:33:54.0750 2776 Serial - ok
17:33:54.0796 2776 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:33:54.0796 2776 Sfloppy - ok
17:33:54.0812 2776 Simbad - ok
17:33:54.0843 2776 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:33:54.0843 2776 sisagp - ok
17:33:54.0875 2776 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:33:54.0875 2776 SLIP - ok
17:33:54.0906 2776 sonyhcb (e78cd3bb53a208dfab8fc826384307e0) C:\WINDOWS\system32\DRIVERS\sonyhcb.sys
17:33:54.0921 2776 sonyhcb - ok
17:33:54.0953 2776 sonyhcs (610f515fcd95d37f3252e1c250ef8c61) C:\WINDOWS\system32\DRIVERS\sonyhcs.sys
17:33:54.0953 2776 sonyhcs - ok
17:33:55.0000 2776 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:33:55.0000 2776 Sparrow - ok
17:33:55.0031 2776 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:33:55.0031 2776 splitter - ok
17:33:55.0078 2776 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
17:33:55.0078 2776 sr - ok
17:33:55.0171 2776 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:33:55.0171 2776 Srv - ok
17:33:55.0218 2776 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys
17:33:55.0218 2776 sscdbhk5 - ok
17:33:55.0234 2776 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys
17:33:55.0234 2776 ssrtln - ok
17:33:55.0281 2776 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:33:55.0281 2776 streamip - ok
17:33:55.0312 2776 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:33:55.0312 2776 swenum - ok
17:33:55.0343 2776 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:33:55.0343 2776 swmidi - ok
17:33:55.0375 2776 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:33:55.0390 2776 symc810 - ok
17:33:55.0390 2776 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:33:55.0406 2776 symc8xx - ok
17:33:55.0421 2776 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:33:55.0421 2776 sym_hi - ok
17:33:55.0437 2776 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:33:55.0437 2776 sym_u3 - ok
17:33:55.0468 2776 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:33:55.0484 2776 sysaudio - ok
17:33:55.0546 2776 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:33:55.0546 2776 Tcpip - ok
17:33:55.0578 2776 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:33:55.0578 2776 TDPIPE - ok
17:33:55.0609 2776 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:33:55.0609 2776 TDTCP - ok
17:33:55.0640 2776 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:33:55.0640 2776 TermDD - ok
17:33:55.0703 2776 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys
17:33:55.0718 2776 tfsnboio - ok
17:33:55.0734 2776 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys
17:33:55.0734 2776 tfsncofs - ok
17:33:55.0750 2776 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys
17:33:55.0750 2776 tfsndrct - ok
17:33:55.0812 2776 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys
17:33:55.0812 2776 tfsndres - ok
17:33:55.0812 2776 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys
17:33:55.0828 2776 tfsnifs - ok
17:33:55.0843 2776 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys
17:33:55.0843 2776 tfsnopio - ok
17:33:55.0859 2776 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys
17:33:55.0859 2776 tfsnpool - ok
17:33:55.0890 2776 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys
17:33:55.0890 2776 tfsnudf - ok
17:33:55.0906 2776 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys
17:33:55.0906 2776 tfsnudfa - ok
17:33:55.0968 2776 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:33:55.0968 2776 TosIde - ok
17:33:56.0015 2776 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:33:56.0015 2776 Udfs - ok
17:33:56.0046 2776 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:33:56.0046 2776 ultra - ok
17:33:56.0093 2776 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:33:56.0109 2776 Update - ok
17:33:56.0156 2776 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:33:56.0156 2776 USBAAPL - ok
17:33:56.0203 2776 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
17:33:56.0203 2776 usbaudio - ok
17:33:56.0265 2776 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:33:56.0281 2776 usbccgp - ok
17:33:56.0328 2776 usbcm (a31c1f4b2448eeeff7c0d4e4d58bd9b3) C:\WINDOWS\system32\DRIVERS\usbcm.sys
17:33:56.0343 2776 usbcm - ok
17:33:56.0390 2776 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:33:56.0390 2776 usbehci - ok
17:33:56.0406 2776 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:33:56.0406 2776 usbhub - ok
17:33:56.0453 2776 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:33:56.0453 2776 usbprint - ok
17:33:56.0468 2776 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:33:56.0468 2776 usbscan - ok
17:33:56.0500 2776 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:33:56.0500 2776 USBSTOR - ok
17:33:56.0515 2776 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:33:56.0515 2776 usbuhci - ok
17:33:56.0562 2776 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:33:56.0578 2776 VgaSave - ok
17:33:56.0609 2776 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:33:56.0609 2776 viaagp - ok
17:33:56.0625 2776 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:33:56.0625 2776 ViaIde - ok
17:33:56.0656 2776 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
17:33:56.0656 2776 VolSnap - ok
17:33:56.0718 2776 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:33:56.0718 2776 Wanarp - ok
17:33:56.0734 2776 wanatw - ok
17:33:56.0750 2776 WDICA - ok
17:33:56.0781 2776 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:33:56.0796 2776 wdmaud - ok
17:33:56.0859 2776 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:33:56.0859 2776 WpdUsb - ok
17:33:56.0890 2776 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:33:56.0890 2776 WS2IFSL - ok
17:33:56.0921 2776 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:33:56.0921 2776 WSTCODEC - ok
17:33:56.0968 2776 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
17:33:56.0984 2776 \Device\Harddisk0\DR0 - ok
17:33:57.0015 2776 Boot (0x1200) (e0c60f0ab2f147942ee37d01586506cd) \Device\Harddisk0\DR0\Partition0
17:33:57.0015 2776 \Device\Harddisk0\DR0\Partition0 - ok
17:33:57.0015 2776 ============================================================
17:33:57.0015 2776 Scan finished
17:33:57.0015 2776 ============================================================
17:33:57.0031 0664 Detected object count: 0
17:33:57.0031 0664 Actual detected object count: 0


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-09 21:06:17
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST316002 rev.8.12
Running: ggsjgsnd.exe; Driver: C:\DOCUME~1\David\LOCALS~1\Temp\uxdyapob.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF76A287E]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB872CF3C]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF76A2BFE]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB872CFE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB872D080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB872D11C]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----


aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-09 21:19:59
-----------------------------
21:19:59.953 OS Version: Windows 5.1.2600 Service Pack 3
21:19:59.953 Number of processors: 2 586 0x404
21:19:59.953 ComputerName: D7PLPP81 UserName: David
21:20:01.000 Initialize success
21:20:12.593 AVAST engine defs: 12030900
21:20:42.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:20:42.656 Disk 0 Vendor: ST316002 8.12 Size: 152587MB BusType: 3
21:20:42.671 Disk 0 MBR read successfully
21:20:42.671 Disk 0 MBR scan
21:20:42.718 Disk 0 unknown MBR code
21:20:42.718 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
21:20:42.734 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147769 MB offset 112455
21:20:42.750 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 302760990
21:20:42.750 Disk 0 scanning sectors +312496380
21:20:42.812 Disk 0 scanning C:\WINDOWS\system32\drivers
21:20:56.375 Service scanning
21:21:16.328 Modules scanning
21:21:30.062 Disk 0 trace - called modules:
21:21:30.078
21:21:30.578 AVAST engine scan C:\WINDOWS
21:21:35.843 AVAST engine scan C:\WINDOWS\system32
21:25:14.765 AVAST engine scan C:\WINDOWS\system32\drivers
21:25:41.953 AVAST engine scan C:\Documents and Settings\David
21:44:12.390 AVAST engine scan C:\Documents and Settings\All Users
21:50:41.609 Scan finished successfully
21:51:09.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\David\Desktop\MBR.dat"
21:51:09.843 The log file has been saved successfully to "C:\Documents and Settings\David\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 11 March 2012 - 06:13 PM

Can you re run ASWMBR? also

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 djcoleman

djcoleman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 12 March 2012 - 07:17 PM

I am still getting a redirect about every third or fourth google search.

The slowness has improved and the renegade svchost.exe does not appear.

When ESET ran I did not see the list function. It did not find any errors. I ran it again and encountered a kernal error which forced a shutdown about 20 minutes into the scan. Below are the logs from MBAM and Mini Tool Box.


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.12

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
David :: D7PLPP81 [administrator]

3/11/2012 7:29:33 PM
mbam-log-2012-03-11 (19-29-33).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 411334
Time elapsed: 2 hour(s), 34 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version: 18-01-2012
Ran by David (administrator) on 12-03-2012 at 17:57:13
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/1000 PL Network Connection = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D7PLPP81

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : wi.rr.com



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : wi.rr.com

Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection

Physical Address. . . . . . . . . : 00-12-3F-78-64-64

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Monday, March 12, 2012 5:50:21 PM

Lease Expires . . . . . . . . . . : Tuesday, March 13, 2012 5:50:21 PM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.225.134, 74.125.225.135, 74.125.225.136, 74.125.225.137
74.125.225.142, 74.125.225.128, 74.125.225.129, 74.125.225.130, 74.125.225.131
74.125.225.132, 74.125.225.133



Pinging google.com [74.125.225.142] with 32 bytes of data:



Reply from 74.125.225.142: bytes=32 time=9ms TTL=52

Reply from 74.125.225.142: bytes=32 time=10ms TTL=52



Ping statistics for 74.125.225.142:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 9ms, Maximum = 10ms, Average = 9ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 209.191.122.70, 98.139.127.62, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=32ms TTL=49

Reply from 209.191.122.70: bytes=32 time=31ms TTL=49



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 31ms, Maximum = 32ms, Average = 31ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 12 3f 78 64 64 ...... Intel® PRO/1000 PL Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.100 192.168.1.100 20
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 20
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 20
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 20
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/12/2012 06:38:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17507672

Error: (03/12/2012 06:38:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17507672

Error: (03/12/2012 06:38:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2012 10:29:16 PM) (Source: JavaQuickStarterService) (User: )
Description: System exception 0xc0000006 at 0x7c92abcd

Error: (03/11/2012 07:41:39 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (03/11/2012 02:26:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1649531

Error: (03/11/2012 02:26:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1649531

Error: (03/11/2012 02:26:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2012 11:50:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 39325547

Error: (03/11/2012 11:50:04 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 39325547


System errors:
=============
Error: (03/12/2012 05:52:36 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1066

Error: (03/12/2012 05:52:36 PM) (Source: Service Control Manager) (User: )
Description: The Workstation service terminated with service-specific error 2250 (0x8CA).

Error: (03/12/2012 05:52:36 PM) (Source: Workstation) (User: )
Description: Could not load RDR device driver.

Error: (03/12/2012 05:52:36 PM) (Source: Workstation) (User: )
Description: Could not load MRxSmb device driver.

Error: (03/12/2012 05:51:09 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1066

Error: (03/12/2012 05:51:09 PM) (Source: Service Control Manager) (User: )
Description: The Workstation service terminated with service-specific error 2250 (0x8CA).

Error: (03/12/2012 05:51:08 PM) (Source: Workstation) (User: )
Description: Could not load RDR device driver.

Error: (03/12/2012 05:51:08 PM) (Source: Workstation) (User: )
Description: Could not load MRxSmb device driver.

Error: (03/12/2012 05:50:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1066

Error: (03/12/2012 05:50:28 PM) (Source: Service Control Manager) (User: )
Description: The Workstation service terminated with service-specific error 2250 (0x8CA).


Microsoft Office Sessions:
=========================
Error: (03/12/2012 06:38:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17507672

Error: (03/12/2012 06:38:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17507672

Error: (03/12/2012 06:38:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2012 10:29:16 PM) (Source: JavaQuickStarterService)(User: )
Description: System exception 0xc0000006 at 0x7c92abcd

Error: (03/11/2012 07:41:39 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (03/11/2012 02:26:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1649531

Error: (03/11/2012 02:26:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1649531

Error: (03/11/2012 02:26:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2012 11:50:04 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 39325547

Error: (03/11/2012 11:50:04 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 39325547


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.1)
360Amigo System Speedup PRO (Version: 1.2.1.7700)
7500_7600_7700_Help (Version: 1.00.0000)
Ad-Aware (Version: 9.5.0)
Ad-Aware (Version: 9.6.0)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.62)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player 11.5 (Version: 11.5)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0)
AIM 7
AOL Uninstaller (Choose which Products to Remove)
AOLIcon (Version: 1.00.0000)
APH placeholder
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ATI Control Panel (Version: 6.14.10.5160)
ATI Display Driver (Version: 8.162-050803a2-025672C-Dell)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
Banctec Service Agreement (Version: 1.11.0000)
BlackBerry Desktop Software 4.2.2 (Version: 4.2.2.14)
BlackBerry Device Software Updater (Version: 4.7.0.58)
Blasterball 2 (Version: 08/05/2005 01:15 PM)
Bonjour (Version: 3.0.0.10)
BPD_HPSU (Version: 1.00.0000)
BPD_Scan (Version: 2.00.0000)
BPDfax (Version: 70.0.184.000)
BPDSoftware (Version: 70.0.283.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
Business Contact Manager for Outlook 2003 (Version: 1.0.2002.1)
C4600 (Version: 130.0.425.000)
CCleaner (Version: 3.07)
Cisco Connect (Version: 1.3.11069.2)
Cisco Network Magic (Version: 5.5.09195.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Photo Album 6 (Version: 6.00)
Coupon Printer for Windows (Version: 2.0)
Coupon Printer for Windows (Version: 5.0.0.1)
Crash Analysis Tool (Version: 1.00.0001)
Creative MediaSource
CustomerResearchQFolder (Version: 1.00.0000)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Game Console
Dell Support Center (Version: 1.0.07192)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Content Portal (Version: 1.00.0000)
DocProc (Version: 7.0.0.0)
DocProcQFolder (Version: 1.00.0000)
ESET Online Scanner v3
ESPNMotion (Version: 2.1.6.0011)
eSupportQFolder (Version: 1.00.0000)
FTDI USB Serial Converter Drivers
Garmin City Navigator North America NT 2010.10 Update (Version: 13.0.0.0)
Garmin Communicator Plugin (Version: 2.6.4)
Garmin USB Drivers (Version: 1.0.0.0)
Get High Speed Internet! (Version: 1.00.0000)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.99)
GoToMeeting 4.1.0.366
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Officejet Pro All-In-One Series (Version: 1.0)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (Version: 13.0)
HP Photosmart Essential (Version: 1.9.1.3)
HP Print Projects 1.0 (Version: 1.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.001.004)
HPPhotoSmartExpress (Version: 70.0.170.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
iCopyBot for Windows 7.2.6 (Version: 7.2.6)
In Context Solutions 3D Virtual Store (Version: 1.1)
InstantShareDevicesMFC (Version: 70.0.170.000)
Intel Matrix Storage Manager
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections (Version: 9.30.0000)
Internet Explorer Default Page (Version: 1.00.03)
Invoke Solutions Participant 6.2.0.1452
iPod for Windows 2005-09-06 (Version: 3.8.0)
iPod for Windows 2006-06-28 (Version: 4.7.0)
IrfanView (remove only)
iTunes (Version: 10.5.3.3)
Jasc Paint Shop Photo Album (Version: 4.0.4)
Jasc Paint Shop Pro 8 Dell Edition (Version: 8.10.0000)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
L7600 (Version: 50.0.165.000)
Learn2 Player (Uninstall Only)
Macromedia Flash Player (Version: 7.0.19.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MarketResearch (Version: 130.0.374.000)
McAfee SiteAdvisor (Version: 3.4.195)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works 6-9 Converter (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.70.1104.04)
MixPad Audio Mixer
MobileMe Control Panel (Version: 3.1.5.0)
Modem Helper (Version: 2.40)
Move Media Player
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
MPM (Version: 1.00.0000)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MySurvey Messenger (Version: 2.0)
NetWaiting (Version: 2.5.12)
Network Magic (Version: 5.5.9195.0)
OCR Software by I.R.I.S 7.0 (Version: 7.0)
PanoStandAlone (Version: 70.0.170.000)
PhotoStage Slideshow Producer
PIXELA ImageMixer
PowerDVD 5.5
ProductContext (Version: 50.0.165.000)
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000)
Pure Networks Platform (Version: 11.2.09195.1)
QuickBooks Simple Start Edition (Version: )
QuickTime (Version: 7.70.80.34)
RealArcade
Revo Uninstaller Pro 2.5.7 (Version: 2.5.7)
Road Runner Toolbar (Version: 6.8.3.3)
Roxio Media Manager (Version: 9.1.072)
Safari (Version: 5.34.50.0)
Scan (Version: 13.0.0.0)
SeaMonkey (2.0.14) (Version: 2.0.14 (en-US))
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Sonic DLA (Version: 4.98)
Sonic Encoders (Version: 1.00)
Sonic Foundry ACID Pro 3.0 (Version: 3.0.189)
Sonic Foundry Sound Forge 5.0 (Version: 5.0.162)
Sonic MyDVD LE (Version: 6.1.1)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0.1)
Sonic Update Manager (Version: 3.0.0)
Sound Blaster Audigy 2 ZS
Status (Version: 130.0.373.000)
Toolbox (Version: 130.0.648.000)
Toolbox (Version: 70.0.170.000)
TrayApp (Version: 130.0.376.000)
TuneUp Companion 2.2.7 (Version: 2.2.7)
Ubee USB RNDIS and NDIS Driver (Version: 1.30.0.0)
Unload (Version: 7.0.0)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
VideoPad Video Editor
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
W Photo Studio (Version: 1.0.0.143)
WavePad Sound Editor
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 130.0.132.017)
WildTangent Web Driver
Windows Defender (Version: 1.1.1593.21)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (Version: 03/08/2007 2.2.1.0)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Format Runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip 14.5 (Version: 14.5.9095)
Yahoo! Install Manager
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 1022.09 MB
Available physical RAM: 451.47 MB
Total Pagefile: 2457.98 MB
Available Pagefile: 1939.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.54 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:144.31 GB) (Free:43.15 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator Ashley ASPNET
Cynthia David Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 12 March 2012 - 07:38 PM

Download

http://www.majorgeeks.com/GooredFix_d7057.html

Run it,GooredFix will check for infections, and then a log will appear.
Please attach the Goored.txt log to your next reply (it can be found on your desktop

Download

http://go.microsoft.com/?linkid=9668866

Run the fixit,restart the PC

If you still get redirects let me know

#7 djcoleman

djcoleman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:18 PM

Posted 12 March 2012 - 08:11 PM

I ran both. I still had a redirect to reply.com and to 63.209.69.107

Her is the Goored log:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:59 on 12/03/2012 (David)
Firefox version 10.0.2 (en-US)

========== GooredScan ==========

(none)

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [21:14 31/12/2011]

C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\1kctik05.default\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [05:21 06/05/2010]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [16:05 26/09/2010]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [19:46 02/11/2008]
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"="C:\Program Files\AVG\AVG2012\Firefox4\" [01:51 12/01/2012]

-=E.O.F=-

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:18 PM

Posted 15 March 2012 - 07:46 AM

We need to have a deeper look

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users