Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Google Redirect Virus issue


  • Please log in to reply
14 replies to this topic

#1 WheelsCT

WheelsCT

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 11 March 2012 - 01:31 PM

Hi and thanks in advance for reading this.

I'm having issues with what seems to be the Google search redirect malware. I do a Google search and some of the search results are getting redirected to ad pages or places like Hoppoli.com. I'm running Windows 7 on a desktop computer. My Norton didn't pick up anything nor did the Malwarebyte programs that are both running. Any advice would be greatly appreciated.

Since there seem to be some common diagnostics for this problem, I'll go ahead and run them and post for convenience.

Thanks again,
Scott

Edited by WheelsCT, 11 March 2012 - 02:16 PM.


BC AdBot (Login to Remove)

 


#2 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 11 March 2012 - 02:01 PM

Security Check Logs

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Norton Internet Security
McAfee Security Scan Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

McAfee SiteAdvisor
Java™ 6 Update 21
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
``````````End of Log````````````




Farbar Log

Farbar Service Scanner Version: 01-03-2012
Ran by Scott (administrator) on 11-03-2012 at 14:52:30
Running from "C:\Users\Scott\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-14 18:36] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 20:36] - [2009-07-13 21:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#3 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 11 March 2012 - 02:02 PM

Mini Tool Box log

MiniToolBox by Farbar Version: 18-01-2012
Ran by Scott (administrator) on 11-03-2012 at 14:56:00
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Scott-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-AC-6F-A0-01-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9135:caaf:9d13:401b%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, March 11, 2012 1:56:09 PM
Lease Expires . . . . . . . . . . : Monday, March 12, 2012 1:56:08 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 246983791
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-25-C5-72-B8-AC-6F-A0-01-99
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14e7:1604:52c4:f85e(Preferred)
Link-local IPv6 Address . . . . . : fe80::14e7:1604:52c4:f85e%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 72.14.204.138
72.14.204.113
72.14.204.102
72.14.204.101
72.14.204.100


Pinging google.com [72.14.204.138] with 32 bytes of data:
Reply from 72.14.204.138: bytes=32 time=16ms TTL=252
Request timed out.

Ping statistics for 72.14.204.138:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 16ms, Average = 16ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.127.62
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=237ms TTL=49
Reply from 98.139.183.24: bytes=32 time=384ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 237ms, Maximum = 384ms, Average = 310ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...b8 ac 6f a0 01 99 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:14e7:1604:52c4:f85e/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::14e7:1604:52c4:f85e/128
On-link
11 276 fe80::9135:caaf:9d13:401b/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/11/2012 02:46:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/11/2012 02:46:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/11/2012 02:01:35 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/11/2012 02:01:35 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/11/2012 02:01:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/11/2012 02:01:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/11/2012 02:01:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (03/11/2012 00:48:21 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/11/2012 00:48:21 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/11/2012 00:24:28 PM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.


System errors:
=============
Error: (03/01/2012 05:07:04 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.5.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (02/24/2012 04:40:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (02/04/2012 04:47:36 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1

Error: (01/14/2012 08:44:44 AM) (Source: DCOM) (User: )
Description: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error: (12/04/2011 09:31:50 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JESSICA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DF513F8-7A92-4E7F-BF65-59D2034A8EB0}.
The master browser is stopping or an election is being forced.

Error: (11/26/2011 10:51:22 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JESSICA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DF513F8-7A92-4E7F-BF65-59D2034A8EB0}.
The master browser is stopping or an election is being forced.

Error: (11/23/2011 02:50:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (11/05/2011 08:45:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (10/18/2011 05:57:22 PM) (Source: DCOM) (User: )
Description: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error: (10/01/2011 09:43:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.


Microsoft Office Sessions:
=========================
Error: (03/11/2012 02:46:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (03/11/2012 02:46:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (03/11/2012 02:01:35 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/11/2012 02:01:35 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/11/2012 02:01:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (03/11/2012 02:01:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (03/11/2012 02:01:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (03/11/2012 00:48:21 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/11/2012 00:48:21 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/11/2012 00:24:28 PM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Reader 9.4.1 (Version: 9.4.1)
Bing Bar (Version: 7.0.850.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Support Software) (Version: 2.5.09100)
DraftDominator Version 12.0f
EPSON Scan
GoToAssist 8.0.0.514
HL-2270DW (Version: 1.0.4.0)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 21 (Version: 6.0.210)
Junk Mail filter update (Version: 14.0.8089.726)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SiteAdvisor (Version: 3.4.195)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
MSVCRT (Version: 14.0.1468.721)
Multimedia Card Reader (Version: 1.6.915.87)
Norton Internet Security (Version: 18.7.0.13)
NVIDIA Drivers (Version: 1.10.56.34)
PowerDVD DX (Version: 8.3.6029)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Remote Control USB Driver (Version: 2.3.2.317)
Roxio Burn (Version: 1.01)
Squeezebox Server 7.5.4 (Version: 7.5.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 6007.12 MB
Available physical RAM: 3573.75 MB
Total Pagefile: 12012.38 MB
Available Pagefile: 9631.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.9 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:922.82 GB) (Free:867.4 GB) NTFS

========================= Users: ========================================

User accounts for \\SCOTT-PC

Administrator Guest Jessica
Katie Scott


**** End of log ****

#4 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 11 March 2012 - 02:07 PM

MBAM log

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.07

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Scott :: SCOTT-PC [administrator]

3/11/2012 2:59:38 PM
mbam-log-2012-03-11 (14-59-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240653
Time elapsed: 3 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 11 March 2012 - 02:22 PM

Last log

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 15:11:06
-----------------------------
15:11:06.762 OS Version: Windows x64 6.1.7600
15:11:06.762 Number of processors: 4 586 0x2502
15:11:06.763 ComputerName: SCOTT-PC UserName: Scott
15:11:08.485 Initialize success
15:11:34.091 AVAST engine defs: 12031101
15:11:44.788 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:11:44.792 Disk 0 Vendor: WDC_WD1001FAES-75W7A0 05.01D05 Size: 953869MB BusType: 3
15:11:44.804 Disk 0 MBR read successfully
15:11:44.808 Disk 0 MBR scan
15:11:44.813 Disk 0 Windows 7 default MBR code
15:11:44.817 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 78 MB offset 63
15:11:44.832 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8818 MB offset 161792
15:11:44.859 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 944971 MB offset 18221056
15:11:44.896 Disk 0 scanning C:\Windows\system32\drivers
15:11:52.331 Service scanning
15:12:08.215 Modules scanning
15:12:08.229 Disk 0 trace - called modules:
15:12:08.252 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:12:08.261 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006308410]
15:12:08.268 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa80061fbe40]
15:12:08.275 5 ACPI.sys[fffff88000f4e781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80061f8060]
15:12:09.899 AVAST engine scan C:\Windows
15:12:12.527 AVAST engine scan C:\Windows\system32
15:14:51.768 AVAST engine scan C:\Windows\system32\drivers
15:15:03.480 AVAST engine scan C:\Users\Scott
15:18:31.838 File: C:\Users\Scott\AppData\Local\Temp\nsxB1FB.tmp\btphzfbs.dll **INFECTED** Win32:Malware-gen
15:18:47.161 File: C:\Users\Scott\AppData\Roaming\CyberLink\CyberLink\btphzfbs.dll **INFECTED** Win32:Malware-gen
15:19:16.107 AVAST engine scan C:\ProgramData
15:20:50.570 Scan finished successfully
15:21:46.931 Disk 0 MBR has been saved successfully to "C:\Program Files (x86)\Mozilla Firefox\MBR.dat"
15:21:46.935 The log file has been saved successfully to "C:\Program Files (x86)\Mozilla Firefox\aswMBR.txt"
15:21:57.678 Disk 0 MBR has been saved successfully to "C:\Users\Scott\Desktop\MBR.dat"
15:21:57.684 The log file has been saved successfully to "C:\Users\Scott\Desktop\aswMBR.txt"

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:17 PM

Posted 14 March 2012 - 06:23 PM

Hello,Sorry for the delay ,but all the posts to yourself made it appear you have been helped.

>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 16 March 2012 - 06:50 AM

Sorry for the confusion....here is the TDSS killer log

07:46:42.0199 3760 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
07:46:42.0851 3760 ============================================================
07:46:42.0852 3760 Current date / time: 2012/03/16 07:46:42.0851
07:46:42.0852 3760 SystemInfo:
07:46:42.0852 3760
07:46:42.0852 3760 OS Version: 6.1.7601 ServicePack: 1.0
07:46:42.0852 3760 Product type: Workstation
07:46:42.0852 3760 ComputerName: SCOTT-PC
07:46:42.0852 3760 UserName: Scott
07:46:42.0852 3760 Windows directory: C:\Windows
07:46:42.0852 3760 System windows directory: C:\Windows
07:46:42.0852 3760 Running under WOW64
07:46:42.0852 3760 Processor architecture: Intel x64
07:46:42.0852 3760 Number of processors: 4
07:46:42.0852 3760 Page size: 0x1000
07:46:42.0852 3760 Boot type: Normal boot
07:46:42.0852 3760 ============================================================
07:46:43.0867 3760 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:46:43.0885 3760 \Device\Harddisk0\DR0:
07:46:43.0885 3760 MBR used
07:46:43.0885 3760 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x1139000
07:46:43.0885 3760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1160800, BlocksNum 0x735A5800
07:46:43.0912 3760 Initialize success
07:46:43.0912 3760 ============================================================
07:46:55.0330 4540 ============================================================
07:46:55.0330 4540 Scan started
07:46:55.0330 4540 Mode: Manual; TDLFS;
07:46:55.0330 4540 ============================================================
07:46:56.0131 4540 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:46:56.0142 4540 1394ohci - ok
07:46:56.0167 4540 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:46:56.0170 4540 ACPI - ok
07:46:56.0192 4540 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:46:56.0195 4540 AcpiPmi - ok
07:46:56.0235 4540 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:46:56.0242 4540 adp94xx - ok
07:46:56.0263 4540 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:46:56.0268 4540 adpahci - ok
07:46:56.0281 4540 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:46:56.0285 4540 adpu320 - ok
07:46:56.0337 4540 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:46:56.0345 4540 AFD - ok
07:46:56.0366 4540 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:46:56.0369 4540 agp440 - ok
07:46:56.0382 4540 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:46:56.0383 4540 aliide - ok
07:46:56.0391 4540 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:46:56.0393 4540 amdide - ok
07:46:56.0414 4540 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:46:56.0416 4540 AmdK8 - ok
07:46:56.0434 4540 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:46:56.0452 4540 AmdPPM - ok
07:46:56.0471 4540 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:46:56.0484 4540 amdsata - ok
07:46:56.0514 4540 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:46:56.0517 4540 amdsbs - ok
07:46:56.0525 4540 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:46:56.0532 4540 amdxata - ok
07:46:56.0565 4540 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:46:56.0567 4540 AppID - ok
07:46:56.0588 4540 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:46:56.0591 4540 arc - ok
07:46:56.0601 4540 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:46:56.0603 4540 arcsas - ok
07:46:56.0627 4540 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:46:56.0629 4540 AsyncMac - ok
07:46:56.0638 4540 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:46:56.0639 4540 atapi - ok
07:46:56.0668 4540 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:46:56.0685 4540 b06bdrv - ok
07:46:56.0721 4540 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:46:56.0726 4540 b57nd60a - ok
07:46:56.0764 4540 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:46:56.0765 4540 Beep - ok
07:46:56.0929 4540 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
07:46:56.0941 4540 BHDrvx64 - ok
07:46:56.0965 4540 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:46:56.0967 4540 blbdrive - ok
07:46:57.0003 4540 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:46:57.0006 4540 bowser - ok
07:46:57.0015 4540 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:46:57.0017 4540 BrFiltLo - ok
07:46:57.0030 4540 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:46:57.0032 4540 BrFiltUp - ok
07:46:57.0057 4540 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:46:57.0061 4540 Brserid - ok
07:46:57.0079 4540 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:46:57.0081 4540 BrSerWdm - ok
07:46:57.0099 4540 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:46:57.0101 4540 BrUsbMdm - ok
07:46:57.0118 4540 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:46:57.0120 4540 BrUsbSer - ok
07:46:57.0146 4540 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:46:57.0149 4540 BTHMODEM - ok
07:46:57.0173 4540 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:46:57.0175 4540 cdfs - ok
07:46:57.0199 4540 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
07:46:57.0201 4540 cdrom - ok
07:46:57.0228 4540 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:46:57.0231 4540 circlass - ok
07:46:57.0265 4540 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:46:57.0272 4540 CLFS - ok
07:46:57.0301 4540 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:46:57.0303 4540 CmBatt - ok
07:46:57.0323 4540 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:46:57.0326 4540 cmdide - ok
07:46:57.0365 4540 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
07:46:57.0379 4540 CNG - ok
07:46:57.0400 4540 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:46:57.0402 4540 Compbatt - ok
07:46:57.0434 4540 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:46:57.0436 4540 CompositeBus - ok
07:46:57.0456 4540 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:46:57.0458 4540 crcdisk - ok
07:46:57.0511 4540 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:46:57.0514 4540 DfsC - ok
07:46:57.0537 4540 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:46:57.0539 4540 discache - ok
07:46:57.0554 4540 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:46:57.0556 4540 Disk - ok
07:46:57.0587 4540 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:46:57.0589 4540 drmkaud - ok
07:46:57.0639 4540 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:46:57.0650 4540 DXGKrnl - ok
07:46:57.0724 4540 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:46:57.0773 4540 ebdrv - ok
07:46:57.0821 4540 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
07:46:57.0841 4540 eeCtrl - ok
07:46:57.0872 4540 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:46:57.0879 4540 elxstor - ok
07:46:57.0919 4540 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
07:46:57.0922 4540 EraserUtilRebootDrv - ok
07:46:57.0940 4540 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:46:57.0942 4540 ErrDev - ok
07:46:57.0973 4540 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:46:57.0977 4540 exfat - ok
07:46:58.0001 4540 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:46:58.0006 4540 fastfat - ok
07:46:58.0018 4540 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:46:58.0020 4540 fdc - ok
07:46:58.0038 4540 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:46:58.0050 4540 FileInfo - ok
07:46:58.0067 4540 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:46:58.0069 4540 Filetrace - ok
07:46:58.0084 4540 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:46:58.0085 4540 flpydisk - ok
07:46:58.0123 4540 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:46:58.0129 4540 FltMgr - ok
07:46:58.0156 4540 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:46:58.0159 4540 FsDepends - ok
07:46:58.0175 4540 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
07:46:58.0177 4540 Fs_Rec - ok
07:46:58.0210 4540 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:46:58.0214 4540 fvevol - ok
07:46:58.0228 4540 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:46:58.0230 4540 gagp30kx - ok
07:46:58.0263 4540 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:46:58.0265 4540 hcw85cir - ok
07:46:58.0294 4540 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
07:46:58.0295 4540 HDAudBus - ok
07:46:58.0321 4540 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
07:46:58.0323 4540 HECIx64 - ok
07:46:58.0333 4540 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:46:58.0345 4540 HidBatt - ok
07:46:58.0354 4540 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:46:58.0357 4540 HidBth - ok
07:46:58.0366 4540 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:46:58.0368 4540 HidIr - ok
07:46:58.0394 4540 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
07:46:58.0396 4540 HidUsb - ok
07:46:58.0411 4540 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:46:58.0414 4540 HpSAMD - ok
07:46:58.0448 4540 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:46:58.0457 4540 HTTP - ok
07:46:58.0492 4540 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:46:58.0493 4540 hwpolicy - ok
07:46:58.0512 4540 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:46:58.0518 4540 i8042prt - ok
07:46:58.0547 4540 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:46:58.0575 4540 iaStorV - ok
07:46:58.0744 4540 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120315.002\IDSvia64.sys
07:46:58.0750 4540 IDSVia64 - ok
07:46:58.0775 4540 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:46:58.0777 4540 iirsp - ok
07:46:58.0800 4540 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
07:46:58.0804 4540 Impcd - ok
07:46:58.0881 4540 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
07:46:58.0892 4540 IntcAzAudAddService - ok
07:46:58.0914 4540 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
07:46:58.0918 4540 IntcDAud - ok
07:46:58.0940 4540 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:46:58.0943 4540 intelide - ok
07:46:58.0971 4540 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:46:58.0972 4540 intelppm - ok
07:46:59.0008 4540 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:46:59.0011 4540 IpFilterDriver - ok
07:46:59.0036 4540 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:46:59.0040 4540 IPMIDRV - ok
07:46:59.0083 4540 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:46:59.0086 4540 IPNAT - ok
07:46:59.0108 4540 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:46:59.0110 4540 IRENUM - ok
07:46:59.0149 4540 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:46:59.0172 4540 isapnp - ok
07:46:59.0233 4540 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:46:59.0245 4540 iScsiPrt - ok
07:46:59.0272 4540 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
07:46:59.0276 4540 k57nd60a - ok
07:46:59.0286 4540 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:46:59.0288 4540 kbdclass - ok
07:46:59.0308 4540 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:46:59.0309 4540 kbdhid - ok
07:46:59.0339 4540 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
07:46:59.0352 4540 KSecDD - ok
07:46:59.0376 4540 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
07:46:59.0390 4540 KSecPkg - ok
07:46:59.0413 4540 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:46:59.0426 4540 ksthunk - ok
07:46:59.0467 4540 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:46:59.0469 4540 lltdio - ok
07:46:59.0498 4540 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:46:59.0501 4540 LSI_FC - ok
07:46:59.0518 4540 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:46:59.0521 4540 LSI_SAS - ok
07:46:59.0535 4540 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:46:59.0537 4540 LSI_SAS2 - ok
07:46:59.0550 4540 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:46:59.0553 4540 LSI_SCSI - ok
07:46:59.0573 4540 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:46:59.0576 4540 luafv - ok
07:46:59.0630 4540 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:46:59.0632 4540 megasas - ok
07:46:59.0668 4540 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:46:59.0674 4540 MegaSR - ok
07:46:59.0694 4540 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:46:59.0696 4540 Modem - ok
07:46:59.0714 4540 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:46:59.0715 4540 monitor - ok
07:46:59.0736 4540 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:46:59.0738 4540 mouclass - ok
07:46:59.0769 4540 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:46:59.0771 4540 mouhid - ok
07:46:59.0803 4540 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:46:59.0806 4540 mountmgr - ok
07:46:59.0835 4540 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:46:59.0843 4540 mpio - ok
07:46:59.0864 4540 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:46:59.0867 4540 mpsdrv - ok
07:46:59.0902 4540 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:46:59.0905 4540 MRxDAV - ok
07:46:59.0945 4540 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:46:59.0948 4540 mrxsmb - ok
07:46:59.0987 4540 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:47:00.0007 4540 mrxsmb10 - ok
07:47:00.0018 4540 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:47:00.0021 4540 mrxsmb20 - ok
07:47:00.0041 4540 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:47:00.0044 4540 msahci - ok
07:47:00.0058 4540 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:47:00.0065 4540 msdsm - ok
07:47:00.0089 4540 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:47:00.0100 4540 Msfs - ok
07:47:00.0121 4540 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:47:00.0123 4540 mshidkmdf - ok
07:47:00.0140 4540 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:47:00.0142 4540 msisadrv - ok
07:47:00.0180 4540 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:47:00.0181 4540 MSKSSRV - ok
07:47:00.0191 4540 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:47:00.0192 4540 MSPCLOCK - ok
07:47:00.0212 4540 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:47:00.0213 4540 MSPQM - ok
07:47:00.0252 4540 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:47:00.0259 4540 MsRPC - ok
07:47:00.0281 4540 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:47:00.0282 4540 mssmbios - ok
07:47:00.0291 4540 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:47:00.0305 4540 MSTEE - ok
07:47:00.0327 4540 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:47:00.0330 4540 MTConfig - ok
07:47:00.0349 4540 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:47:00.0351 4540 Mup - ok
07:47:00.0375 4540 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:47:00.0380 4540 NativeWifiP - ok
07:47:00.0540 4540 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120315.034\ENG64.SYS
07:47:00.0542 4540 NAVENG - ok
07:47:00.0586 4540 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120315.034\EX64.SYS
07:47:00.0603 4540 NAVEX15 - ok
07:47:00.0670 4540 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:47:00.0683 4540 NDIS - ok
07:47:00.0701 4540 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:47:00.0703 4540 NdisCap - ok
07:47:00.0733 4540 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:47:00.0735 4540 NdisTapi - ok
07:47:00.0776 4540 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:47:00.0778 4540 Ndisuio - ok
07:47:00.0813 4540 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:47:00.0816 4540 NdisWan - ok
07:47:00.0847 4540 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:47:00.0861 4540 NDProxy - ok
07:47:00.0887 4540 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:47:00.0889 4540 NetBIOS - ok
07:47:00.0925 4540 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:47:00.0930 4540 NetBT - ok
07:47:00.0979 4540 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:47:00.0981 4540 nfrd960 - ok
07:47:01.0018 4540 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:47:01.0020 4540 Npfs - ok
07:47:01.0037 4540 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:47:01.0038 4540 nsiproxy - ok
07:47:01.0101 4540 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:47:01.0163 4540 Ntfs - ok
07:47:01.0183 4540 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:47:01.0184 4540 Null - ok
07:47:01.0210 4540 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
07:47:01.0211 4540 NVHDA - ok
07:47:01.0392 4540 nvlddmkm (a5d0603cae6c334b1386204d94393c04) C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:47:01.0441 4540 nvlddmkm - ok
07:47:01.0476 4540 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:47:01.0486 4540 nvraid - ok
07:47:01.0500 4540 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:47:01.0513 4540 nvstor - ok
07:47:01.0551 4540 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:47:01.0558 4540 nv_agp - ok
07:47:01.0581 4540 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:47:01.0586 4540 ohci1394 - ok
07:47:01.0612 4540 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:47:01.0615 4540 Parport - ok
07:47:01.0635 4540 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
07:47:01.0637 4540 partmgr - ok
07:47:01.0651 4540 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:47:01.0660 4540 pci - ok
07:47:01.0670 4540 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:47:01.0671 4540 pciide - ok
07:47:01.0690 4540 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:47:01.0704 4540 pcmcia - ok
07:47:01.0726 4540 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:47:01.0727 4540 pcw - ok
07:47:01.0754 4540 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:47:01.0761 4540 PEAUTH - ok
07:47:01.0832 4540 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:47:01.0834 4540 PptpMiniport - ok
07:47:01.0850 4540 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:47:01.0852 4540 Processor - ok
07:47:01.0893 4540 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:47:01.0895 4540 Psched - ok
07:47:01.0931 4540 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
07:47:01.0933 4540 PxHlpa64 - ok
07:47:01.0973 4540 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:47:01.0995 4540 ql2300 - ok
07:47:02.0013 4540 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:47:02.0015 4540 ql40xx - ok
07:47:02.0035 4540 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:47:02.0037 4540 QWAVEdrv - ok
07:47:02.0047 4540 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:47:02.0049 4540 RasAcd - ok
07:47:02.0079 4540 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:47:02.0081 4540 RasAgileVpn - ok
07:47:02.0115 4540 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:47:02.0118 4540 Rasl2tp - ok
07:47:02.0151 4540 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:47:02.0154 4540 RasPppoe - ok
07:47:02.0175 4540 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:47:02.0178 4540 RasSstp - ok
07:47:02.0210 4540 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:47:02.0216 4540 rdbss - ok
07:47:02.0234 4540 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:47:02.0236 4540 rdpbus - ok
07:47:02.0259 4540 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:47:02.0260 4540 RDPCDD - ok
07:47:02.0275 4540 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:47:02.0276 4540 RDPENCDD - ok
07:47:02.0291 4540 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:47:02.0292 4540 RDPREFMP - ok
07:47:02.0325 4540 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
07:47:02.0337 4540 RDPWD - ok
07:47:02.0370 4540 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:47:02.0374 4540 rdyboost - ok
07:47:02.0408 4540 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:47:02.0411 4540 rspndr - ok
07:47:02.0448 4540 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:47:02.0454 4540 sbp2port - ok
07:47:02.0487 4540 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:47:02.0489 4540 scfilter - ok
07:47:02.0511 4540 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:47:02.0524 4540 secdrv - ok
07:47:02.0546 4540 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:47:02.0547 4540 Serenum - ok
07:47:02.0562 4540 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:47:02.0564 4540 Serial - ok
07:47:02.0601 4540 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:47:02.0604 4540 sermouse - ok
07:47:02.0636 4540 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:47:02.0638 4540 sffdisk - ok
07:47:02.0646 4540 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:47:02.0647 4540 sffp_mmc - ok
07:47:02.0655 4540 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:47:02.0656 4540 sffp_sd - ok
07:47:02.0676 4540 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:47:02.0678 4540 sfloppy - ok
07:47:02.0699 4540 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:47:02.0701 4540 SiSRaid2 - ok
07:47:02.0710 4540 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:47:02.0712 4540 SiSRaid4 - ok
07:47:02.0730 4540 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:47:02.0733 4540 Smb - ok
07:47:02.0769 4540 SMR200 (fba539fb7b2291b173b2669df66fdf04) C:\Windows\system32\drivers\SMR200.SYS
07:47:02.0785 4540 SMR200 - ok
07:47:02.0816 4540 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:47:02.0817 4540 spldr - ok
07:47:02.0929 4540 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207000.00D\SRTSP64.SYS
07:47:02.0936 4540 SRTSP - ok
07:47:02.0969 4540 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207000.00D\SRTSPX64.SYS
07:47:02.0971 4540 SRTSPX - ok
07:47:03.0016 4540 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:47:03.0024 4540 srv - ok
07:47:03.0038 4540 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:47:03.0046 4540 srv2 - ok
07:47:03.0056 4540 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:47:03.0059 4540 srvnet - ok
07:47:03.0076 4540 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:47:03.0078 4540 stexstor - ok
07:47:03.0106 4540 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:47:03.0107 4540 swenum - ok
07:47:03.0135 4540 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS
07:47:03.0141 4540 SymDS - ok
07:47:03.0184 4540 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS
07:47:03.0198 4540 SymEFA - ok
07:47:03.0222 4540 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
07:47:03.0225 4540 SymEvent - ok
07:47:03.0260 4540 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS
07:47:03.0264 4540 SymIRON - ok
07:47:03.0301 4540 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS
07:47:03.0306 4540 SymNetS - ok
07:47:03.0381 4540 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
07:47:03.0396 4540 Tcpip - ok
07:47:03.0431 4540 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
07:47:03.0440 4540 TCPIP6 - ok
07:47:03.0470 4540 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:47:03.0472 4540 tcpipreg - ok
07:47:03.0496 4540 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:47:03.0507 4540 TDPIPE - ok
07:47:03.0536 4540 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:47:03.0547 4540 TDTCP - ok
07:47:03.0584 4540 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:47:03.0586 4540 tdx - ok
07:47:03.0597 4540 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:47:03.0601 4540 TermDD - ok
07:47:03.0651 4540 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:47:03.0653 4540 tssecsrv - ok
07:47:03.0688 4540 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:47:03.0691 4540 TsUsbFlt - ok
07:47:03.0748 4540 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:47:03.0751 4540 tunnel - ok
07:47:03.0775 4540 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:47:03.0778 4540 uagp35 - ok
07:47:03.0814 4540 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:47:03.0820 4540 udfs - ok
07:47:03.0868 4540 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:47:03.0872 4540 uliagpkx - ok
07:47:03.0913 4540 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
07:47:03.0917 4540 umbus - ok
07:47:03.0938 4540 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:47:03.0940 4540 UmPass - ok
07:47:03.0968 4540 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
07:47:03.0980 4540 usbccgp - ok
07:47:04.0011 4540 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:47:04.0018 4540 usbcir - ok
07:47:04.0032 4540 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
07:47:04.0043 4540 usbehci - ok
07:47:04.0055 4540 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:47:04.0064 4540 usbhub - ok
07:47:04.0081 4540 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:47:04.0088 4540 usbohci - ok
07:47:04.0111 4540 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:47:04.0122 4540 usbprint - ok
07:47:04.0176 4540 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:47:04.0179 4540 usbscan - ok
07:47:04.0189 4540 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
07:47:04.0201 4540 USBSTOR - ok
07:47:04.0210 4540 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
07:47:04.0221 4540 usbuhci - ok
07:47:04.0314 4540 USB_RNDIS (d0fe8cb5f84303e73ff0754437fad3d1) C:\Windows\system32\DRIVERS\usb8023.sys
07:47:04.0342 4540 USB_RNDIS - ok
07:47:04.0393 4540 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:47:04.0396 4540 vdrvroot - ok
07:47:04.0419 4540 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:47:04.0420 4540 vga - ok
07:47:04.0438 4540 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:47:04.0440 4540 VgaSave - ok
07:47:04.0463 4540 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:47:04.0476 4540 vhdmp - ok
07:47:04.0499 4540 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:47:04.0501 4540 viaide - ok
07:47:04.0510 4540 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:47:04.0512 4540 volmgr - ok
07:47:04.0553 4540 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:47:04.0559 4540 volmgrx - ok
07:47:04.0573 4540 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:47:04.0584 4540 volsnap - ok
07:47:04.0605 4540 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:47:04.0619 4540 vsmraid - ok
07:47:04.0641 4540 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
07:47:04.0644 4540 vwifibus - ok
07:47:04.0667 4540 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:47:04.0669 4540 WacomPen - ok
07:47:04.0695 4540 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:47:04.0697 4540 WANARP - ok
07:47:04.0700 4540 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:47:04.0700 4540 Wanarpv6 - ok
07:47:04.0734 4540 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:47:04.0735 4540 Wd - ok
07:47:04.0760 4540 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:47:04.0767 4540 Wdf01000 - ok
07:47:04.0805 4540 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:47:04.0807 4540 WfpLwf - ok
07:47:04.0818 4540 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:47:04.0819 4540 WIMMount - ok
07:47:04.0841 4540 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:47:04.0843 4540 WmiAcpi - ok
07:47:04.0863 4540 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:47:04.0865 4540 ws2ifsl - ok
07:47:04.0902 4540 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:47:04.0904 4540 WudfPf - ok
07:47:04.0937 4540 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:47:04.0941 4540 WUDFRd - ok
07:47:04.0966 4540 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:47:05.0114 4540 \Device\Harddisk0\DR0 - ok
07:47:05.0118 4540 Boot (0x1200) (f9d6e1266d187b2000641b3233dc362d) \Device\Harddisk0\DR0\Partition0
07:47:05.0120 4540 \Device\Harddisk0\DR0\Partition0 - ok
07:47:05.0155 4540 Boot (0x1200) (68eb01619dc380a30003242dc8bf234a) \Device\Harddisk0\DR0\Partition1
07:47:05.0156 4540 \Device\Harddisk0\DR0\Partition1 - ok
07:47:05.0157 4540 ============================================================
07:47:05.0157 4540 Scan finished
07:47:05.0157 4540 ============================================================
07:47:05.0171 4752 Detected object count: 0
07:47:05.0171 4752 Actual detected object count: 0

I'll run the next ones and post shortly.

#8 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 16 March 2012 - 07:30 AM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.16.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Scott :: SCOTT-PC [administrator]

3/16/2012 7:51:47 AM
mbam-log-2012-03-16 (07-51-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234918
Time elapsed: 2 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 16 March 2012 - 07:34 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Scott (administrator) on 16-03-2012 at 08:32:04
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Scott-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-AC-6F-A0-01-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9135:caaf:9d13:401b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, March 16, 2012 8:17:45 AM
Lease Expires . . . . . . . . . . : Saturday, March 17, 2012 8:17:45 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 246983791
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-25-C5-72-B8-AC-6F-A0-01-99
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c3c:2437:52c4:f85e(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c3c:2437:52c4:f85e%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 72.14.204.101
72.14.204.102
72.14.204.138
72.14.204.113
72.14.204.100


Pinging google.com [72.14.204.113] with 32 bytes of data:
Reply from 72.14.204.113: bytes=32 time=16ms TTL=252
Reply from 72.14.204.113: bytes=32 time=19ms TTL=252

Ping statistics for 72.14.204.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 19ms, Average = 17ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=305ms TTL=50
Reply from 98.139.183.24: bytes=32 time=251ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 251ms, Maximum = 305ms, Average = 278ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...b8 ac 6f a0 01 99 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:3c3c:2437:52c4:f85e/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::3c3c:2437:52c4:f85e/128
On-link
10 276 fe80::9135:caaf:9d13:401b/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/16/2012 08:27:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/16/2012 08:23:22 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/16/2012 08:23:22 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/16/2012 07:26:13 AM) (Source: ESENT) (User: )
Description: WinMail (2112) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (03/16/2012 07:26:07 AM) (Source: ESENT) (User: )
Description: WinMail (2288) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (03/16/2012 07:17:52 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/16/2012 07:17:52 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/16/2012 06:55:37 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8,0xc0000000,0x00000003,...).


Operation:
Processing PostFinalCommitSnapshots

Context:
Execution Context: System Provider

Error: (03/16/2012 06:54:07 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.

Error: (03/16/2012 06:54:07 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.


System errors:
=============
Error: (03/01/2012 05:07:04 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.5.
The computer with the IP address 192.168.1.10 did not allow the name to be claimed by
this computer.

Error: (02/24/2012 04:40:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (02/04/2012 04:47:36 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80004004-1

Error: (01/14/2012 08:44:44 AM) (Source: DCOM) (User: )
Description: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error: (12/04/2011 09:31:50 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JESSICA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DF513F8-7A92-4E7F-BF65-59D2034A8EB0}.
The master browser is stopping or an election is being forced.

Error: (11/26/2011 10:51:22 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JESSICA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1DF513F8-7A92-4E7F-BF65-59D2034A8EB0}.
The master browser is stopping or an election is being forced.

Error: (11/23/2011 02:50:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (11/05/2011 08:45:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (10/18/2011 05:57:22 PM) (Source: DCOM) (User: )
Description: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error: (10/01/2011 09:43:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.


Microsoft Office Sessions:
=========================
Error: (03/16/2012 08:27:43 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Scott\Downloads\esetsmartinstaller_enu.exe

Error: (03/16/2012 08:23:22 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/16/2012 08:23:22 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/16/2012 07:26:13 AM) (Source: ESENT)(User: )
Description: WinMail2112WindowsMail0:

Error: (03/16/2012 07:26:07 AM) (Source: ESENT)(User: )
Description: WinMail2288WindowsMail0:

Error: (03/16/2012 07:17:52 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/16/2012 07:17:52 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/16/2012 06:55:37 AM) (Source: VSS)(User: )
Description: CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8,0xc0000000,0x00000003,...)

Operation:
Processing PostFinalCommitSnapshots

Context:
Execution Context: System Provider

Error: (03/16/2012 06:54:07 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/16/2012 06:54:07 AM) (Source: MsiInstaller)(User: SYSTEM)SYSTEM
Description: Product: Windows Live Toolbar -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Reader 9.4.1 (Version: 9.4.1)
Bing Bar (Version: 7.0.850.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Support Software) (Version: 2.5.09100)
DraftDominator Version 12.0f
EPSON Scan
GoToAssist 8.0.0.514
HL-2270DW (Version: 1.0.4.0)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 21 (Version: 6.0.210)
Junk Mail filter update (Version: 14.0.8089.726)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SiteAdvisor (Version: 3.4.195)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
MSVCRT (Version: 14.0.1468.721)
Multimedia Card Reader (Version: 1.6.915.87)
Norton Internet Security (Version: 18.7.0.13)
NVIDIA Drivers (Version: 1.10.56.34)
PowerDVD DX (Version: 8.3.6029)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
Remote Control USB Driver (Version: 2.3.2.317)
Roxio Burn (Version: 1.01)
Squeezebox Server 7.5.4 (Version: 7.5.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 6007.12 MB
Available physical RAM: 4618.94 MB
Total Pagefile: 12012.43 MB
Available Pagefile: 10560.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.15 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:922.82 GB) (Free:875.32 GB) NTFS

========================= Users: ========================================

User accounts for \\SCOTT-PC

Administrator Guest Jessica
Katie Scott


**** End of log ****

#10 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 16 March 2012 - 07:46 AM

Thanks for your help. Unfortunately the problem seems to be persisting. I still get redirected from Google.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:17 PM

Posted 16 March 2012 - 07:57 PM

If still redirecting>>>
Change your DNS Servers:
  • Go to Posted Image > Run... and in the open box, type: cmd
  • Press OK or Hit Enter.
  • At the command prompt, type or copy/paste: ipconfig /flushdns
  • Hit Enter.
  • You will get a confirmation that the flush was successful.
  • Close the command box.


If still redirecting>>>
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?



Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 17 March 2012 - 10:23 AM

I flushed the DNS and it continued to appear. I am using Firefox 10.0.2 and Windows 7.

Here is the log that you requested:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 11:21 on 17/03/2012 (Scott)
Firefox version 10.0.2 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [19:34 25/03/2011]

C:\Users\Scott\Application Data\Mozilla\Firefox\Profiles\gbsp3kgj.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [23:33 25/08/2011]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [23:27 26/01/2012]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\" [23:37 16/05/2011]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_6_3" [13:24 17/03/2012]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [17:31 16/09/2011]

---------- Old Logs ----------
GooredFix[15.20.56_17-03-2012].txt

-=E.O.F=-

Thanks again for all your help here. I greatly appreciate it.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:17 PM

Posted 17 March 2012 - 07:36 PM

You're welcome... In FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 WheelsCT

WheelsCT
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:17 PM

Posted 18 March 2012 - 12:44 PM

Boopme-

I think you nailed it. It appears to be a plug-in called Performance Cache 1.0 that snuck onto my computer (not sure how as I didn't download it). I disabled it and things seem to have gone away (knock on wood). Thank you so much for your help. I really appreciate it.

Thanks,
Scott

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:17 PM

Posted 18 March 2012 - 01:42 PM

Excellent,it may have been a part of something else.

There are other things to clean out. You have Toolbars that can go.

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users