Redirect Virus

T

thompson13

New member
Local time
3:12 PM
Messages
15
I didnt know where else to post this, can anyone help me out with a redirect virus I just got, ever since ive been getting bsods that are more or less consistent with how heavy im using firefox, could it be making my system unstable, any help would be appreciated thanks!
 

My Computer

OS
Windows 7 Professional 32 bit
when you say redirect virus,,, and firefox,, have you tried IE?

You may have to download an Antivirus app on a different PC move it using USB to that PC and install it.

If you can get Malwarebytes then start with that.

Then if you can get out to Eset On-Line Scanner
Run that
 

My Computer

Computer Manufacturer/Model Number
Self Built
OS
Win 7 Ultimate 32bit
CPU
C2D E6600 2.4Ghz
Motherboard
Intel D965WH
Memory
4G Kingston KHX5400D2
Graphics Card(s)
EVGA GTX 570 HD SC (012-P3-1573-KR)
Sound Card
On-Board
Monitor(s) Displays
Samsung 226BW
Screen Resolution
1680 x 1050
Hard Drives
2 x 250 Seagate Barracuda
2 x 500 Seagate Barracuda (Raid1)
PSU
Corsair TX750W
Case
In-Win C589
Cooling
Stock Intel Cooling
Welcome to SF! thompson13

There are some specific stand alone removal tools intended for the Google as well as Yahoo Redirect virus. One article posted last september has a list of several options including ESET and Malwarebytes referred to by Tepid you can look over at How to Remove the Google Redirect Virus

Another one however mentions that the free version of Malwarebytes fails to remove the root cause by not actually identiying the virus file itself. Google Redirect Virus Removal Tool - Is There One?
 

My Computers

System One System Two

  • Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    Custom builds = 2
    OS
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
    CPU
    AMD Phenom II X4 975 Deneb 3.6ghz - 965 2nd remote pc
    Motherboard
    Gigabyte GA-790XTA-UD4-Gigabyte GA-880GM-D2H remote pc
    Memory
    Kingston Hyper X DDR3 1600 1.5v 16gb - Hyper X Fury 8gb 2nd
    Graphics Card(s)
    MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
    Sound Card
    Creative Labs X-Fi Xtreme Audio P - Realtek onooard 2nd case
    Monitor(s) Displays
    ASUS VW199T-P 19" HP 2082a Main-HP 2082a 20" remote pc
    Screen Resolution
    Asus 1440x900 - HP 1600x900
    Hard Drives
    WD Black 1TB HD per OS W7, W10, and pending W11 presently on 500gb OS Drive - Pending Triple 1TB HDs for Spanned Storage/backup volume
    Single 2TB external USB enclosure, single 1TB System 7 Host/Boot drive, Pending 8TB external HD for system image b
    PSU
    Corsair 750TX - primary / Corsair CX600 - second
    Case
    Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
    Cooling
    Zalman CNPS9900A
    Keyboard
    AZIO L70 Backlit Letters Gaming - ONN Cordless/USB
    Mouse
    MSI DS200 Programmable, Logitech Cordless
    Internet Speed
    30mbps upgrade - primary hard wired - mini tower usb WiFi
    Antivirus
    GFI VIPRE Internet Security 2014 on W7 2016 beta on W10,
    Browser
    Cyberfox, WaterFox 64bit FF variants, FireFox x64, Pale Moon
    Other Info
    Accomdata fan cooled usb 2.0 PIDE/Sata II, III external enclosure.
    Sambient usb/eSata PATA/Sata II, III external enclosure.
  • Computer type
    PC/Desktop
    System Manufacturer/Model Number
    CUSTOM ASSEMBLY
    OS
    W7 Pro x64/W11 Pro
    CPU
    AMD Deneb 3.6ghz - 965
    Motherboard
    Gigabyte GA-880GM-D2H remote pc
    Memory
    Kingston Hyper X Fury 8gb
    Graphics Card(s)
    MSI HD Radeon 6450 DVI Output
    Sound Card
    Realtek onooard Creative or Other separate PENDING
    Monitor(s) Displays
    VIZIO 32" LCD TV Separate LCD Pending
    Screen Resolution
    1600x1080
    Hard Drives
    WD 500GB OS Host/Boot WD Green 1TB Storage/Backup
    PSU
    Corsair 600W - THERMALTAKE 600W spare case
    Case
    NZXT Vulcan mini tower
    Cooling
    Twin 120mm Top Fans - 240mm Side Cover
    Keyboard
    ONN Cordless/USB Logitech Cordless
    Mouse
    ONN USB/Cordless - Logitech Cordless
    Internet Speed
    DSL 5G
    Browser
    MS Edge, FireFox, WaterFox x64, FireFox Nightly
    Other Info
    OS Testing-Remote Access to Main TeamViewer
I ran the Eset online scanner, that found no threats and the malwarebytes said it found a "roottoolkit"? still having redirect problems.
 

My Computer

OS
Windows 7 Professional 32 bit
Let's flush a bad DNS cache and restore MS's Hosts file.
Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click to run as Administrator. Your computer will reboot itself.

Next, download GooredFix from one of the locations below and save it to your Desktop

http://jpshortstuff.247fixes.com/GooredFix.exe
http://downloads.securitycadets.com/GooredFix.exe
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista and Windows7).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. **Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Rootkits are no fun! Once you have the system cleaned up you may want to upgrade your av and malware protections since whatever you have on now allowed this to come through.

In the meantime follow Jacee's advice there since the GooredFix was also another removal tool to be considered.
 

My Computers

System One System Two

  • Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    Custom builds = 2
    OS
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
    CPU
    AMD Phenom II X4 975 Deneb 3.6ghz - 965 2nd remote pc
    Motherboard
    Gigabyte GA-790XTA-UD4-Gigabyte GA-880GM-D2H remote pc
    Memory
    Kingston Hyper X DDR3 1600 1.5v 16gb - Hyper X Fury 8gb 2nd
    Graphics Card(s)
    MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
    Sound Card
    Creative Labs X-Fi Xtreme Audio P - Realtek onooard 2nd case
    Monitor(s) Displays
    ASUS VW199T-P 19" HP 2082a Main-HP 2082a 20" remote pc
    Screen Resolution
    Asus 1440x900 - HP 1600x900
    Hard Drives
    WD Black 1TB HD per OS W7, W10, and pending W11 presently on 500gb OS Drive - Pending Triple 1TB HDs for Spanned Storage/backup volume
    Single 2TB external USB enclosure, single 1TB System 7 Host/Boot drive, Pending 8TB external HD for system image b
    PSU
    Corsair 750TX - primary / Corsair CX600 - second
    Case
    Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
    Cooling
    Zalman CNPS9900A
    Keyboard
    AZIO L70 Backlit Letters Gaming - ONN Cordless/USB
    Mouse
    MSI DS200 Programmable, Logitech Cordless
    Internet Speed
    30mbps upgrade - primary hard wired - mini tower usb WiFi
    Antivirus
    GFI VIPRE Internet Security 2014 on W7 2016 beta on W10,
    Browser
    Cyberfox, WaterFox 64bit FF variants, FireFox x64, Pale Moon
    Other Info
    Accomdata fan cooled usb 2.0 PIDE/Sata II, III external enclosure.
    Sambient usb/eSata PATA/Sata II, III external enclosure.
  • Computer type
    PC/Desktop
    System Manufacturer/Model Number
    CUSTOM ASSEMBLY
    OS
    W7 Pro x64/W11 Pro
    CPU
    AMD Deneb 3.6ghz - 965
    Motherboard
    Gigabyte GA-880GM-D2H remote pc
    Memory
    Kingston Hyper X Fury 8gb
    Graphics Card(s)
    MSI HD Radeon 6450 DVI Output
    Sound Card
    Realtek onooard Creative or Other separate PENDING
    Monitor(s) Displays
    VIZIO 32" LCD TV Separate LCD Pending
    Screen Resolution
    1600x1080
    Hard Drives
    WD 500GB OS Host/Boot WD Green 1TB Storage/Backup
    PSU
    Corsair 600W - THERMALTAKE 600W spare case
    Case
    NZXT Vulcan mini tower
    Cooling
    Twin 120mm Top Fans - 240mm Side Cover
    Keyboard
    ONN Cordless/USB Logitech Cordless
    Mouse
    ONN USB/Cordless - Logitech Cordless
    Internet Speed
    DSL 5G
    Browser
    MS Edge, FireFox, WaterFox x64, FireFox Nightly
    Other Info
    OS Testing-Remote Access to Main TeamViewer
ok so I did the flush, and ran gooredfix, the files attached. I have tried IE but the redirecting seems to be worse using IE, I find it weird that it only redirects sometimes without any real pattern.
 

Attachments

My Computer

OS
Windows 7 Professional 32 bit
Uninstall Firefox, from Programs and Features.

Now download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work.
TFC will close ALL open programs including your browser!

Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.


Update Java!!
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u24 allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u24-windows-i586-p.exe to install the newest version.
Next, download DDS from one of these links:

Mirror 1 Mirror 2 Mirror 3
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your new topic.
The scan will instruct you to post Attach.txt as an attachment.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Ok so it found a rootkit except so did malwarebytes is there anyway another keeps getting created? Here's the log file:


Code: 
2011/03/01 12:37:32.0608 0536 TDSS rootkit removing tool 2.4.19.0 Feb 28 2011 17:08:37
2011/03/01 12:37:32.0717 0536 ================================================================================
2011/03/01 12:37:32.0717 0536 SystemInfo:
2011/03/01 12:37:32.0717 0536 
2011/03/01 12:37:32.0717 0536 OS Version: 6.1.7600 ServicePack: 0.0
2011/03/01 12:37:32.0717 0536 Product type: Workstation
2011/03/01 12:37:32.0717 0536 ComputerName: JOSH-PC
2011/03/01 12:37:32.0717 0536 UserName: Josh
2011/03/01 12:37:32.0717 0536 Windows directory: C:\Windows
2011/03/01 12:37:32.0717 0536 System windows directory: C:\Windows
2011/03/01 12:37:32.0717 0536 Processor architecture: Intel x86
2011/03/01 12:37:32.0717 0536 Number of processors: 2
2011/03/01 12:37:32.0717 0536 Page size: 0x1000
2011/03/01 12:37:32.0717 0536 Boot type: Normal boot
2011/03/01 12:37:32.0717 0536 ================================================================================
2011/03/01 12:37:33.0185 0536 Initialize success
2011/03/01 12:37:42.0670 4692 ================================================================================
2011/03/01 12:37:42.0670 4692 Scan started
2011/03/01 12:37:42.0670 4692 Mode: Manual; 
2011/03/01 12:37:42.0670 4692 ================================================================================
2011/03/01 12:37:44.0604 4692 1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/03/01 12:37:44.0667 4692 ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/03/01 12:37:44.0713 4692 AcpiPmi         (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/03/01 12:37:44.0838 4692 adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/01 12:37:44.0901 4692 adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/01 12:37:44.0932 4692 adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/01 12:37:45.0010 4692 AFD             (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/03/01 12:37:45.0072 4692 agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/03/01 12:37:45.0213 4692 aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/03/01 12:37:45.0291 4692 aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/03/01 12:37:45.0353 4692 amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/03/01 12:37:45.0384 4692 amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/03/01 12:37:45.0431 4692 AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/01 12:37:45.0462 4692 AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/01 12:37:45.0525 4692 amdsata         (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/03/01 12:37:45.0603 4692 amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/01 12:37:45.0634 4692 amdxata         (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/03/01 12:37:45.0681 4692 ApfiltrService  (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/03/01 12:37:45.0727 4692 AppID           (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/03/01 12:37:45.0774 4692 arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/03/01 12:37:45.0790 4692 arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/01 12:37:45.0837 4692 AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/01 12:37:45.0961 4692 atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/03/01 12:37:46.0086 4692 b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/03/01 12:37:46.0133 4692 b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/03/01 12:37:46.0180 4692 BCM42RLY        (27c74525afbc2c44c9b0e5b86968891b) C:\Windows\system32\drivers\BCM42RLY.sys
2011/03/01 12:37:46.0289 4692 BCM43XX         (3da0ca1a7497b3ab3acbb94632c996e8) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/03/01 12:37:46.0429 4692 Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/03/01 12:37:46.0492 4692 blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/01 12:37:46.0554 4692 bowser          (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/01 12:37:46.0617 4692 BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/01 12:37:46.0663 4692 BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/01 12:37:46.0695 4692 Bridge          (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
2011/03/01 12:37:46.0710 4692 BridgeMP        (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
2011/03/01 12:37:46.0757 4692 Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/03/01 12:37:46.0835 4692 BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/01 12:37:46.0851 4692 BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/01 12:37:46.0882 4692 BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/01 12:37:46.0897 4692 BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/01 12:37:46.0975 4692 cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/01 12:37:47.0022 4692 cdrom           (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/01 12:37:47.0085 4692 circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/01 12:37:47.0131 4692 CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/03/01 12:37:47.0163 4692 CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/01 12:37:47.0209 4692 cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/03/01 12:37:47.0287 4692 CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/03/01 12:37:47.0350 4692 Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/01 12:37:47.0381 4692 CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/03/01 12:37:47.0443 4692 crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/01 12:37:47.0537 4692 CSC             (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/03/01 12:37:47.0631 4692 cvusbdrv        (d1697063e2cdb6575aa46d668ffee825) C:\Windows\system32\Drivers\cvusbdrv.sys
2011/03/01 12:37:47.0693 4692 DfsC            (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/03/01 12:37:47.0740 4692 discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/03/01 12:37:47.0787 4692 Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/03/01 12:37:47.0833 4692 drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/03/01 12:37:47.0880 4692 DXGKrnl         (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/01 12:37:47.0943 4692 e1yexpress      (44a91d98d6719b49bcd649a863225b5c) C:\Windows\system32\DRIVERS\e1y6232.sys
2011/03/01 12:37:48.0379 4692 ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/03/01 12:37:48.0535 4692 elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/01 12:37:48.0551 4692 ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/03/01 12:37:48.0598 4692 exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/03/01 12:37:48.0629 4692 fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/03/01 12:37:48.0676 4692 fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/01 12:37:48.0707 4692 FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/03/01 12:37:48.0723 4692 Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/03/01 12:37:48.0738 4692 flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/01 12:37:48.0754 4692 FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/03/01 12:37:48.0801 4692 FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/03/01 12:37:48.0832 4692 Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/01 12:37:48.0941 4692 fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/01 12:37:49.0003 4692 gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/01 12:37:49.0050 4692 GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/01 12:37:49.0097 4692 hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/01 12:37:49.0113 4692 HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/01 12:37:49.0144 4692 HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/01 12:37:49.0144 4692 HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/01 12:37:49.0191 4692 HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/01 12:37:49.0315 4692 HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/01 12:37:49.0378 4692 HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/03/01 12:37:49.0425 4692 HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/03/01 12:37:49.0440 4692 hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/01 12:37:49.0471 4692 i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/01 12:37:49.0503 4692 iaStor          (f4037a3fedb92dd97c95f320766ea5c9) C:\Windows\system32\DRIVERS\iaStor.sys
2011/03/01 12:37:49.0549 4692 iaStorV         (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/03/01 12:37:49.0674 4692 iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/01 12:37:49.0752 4692 intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/03/01 12:37:49.0815 4692 intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/01 12:37:49.0861 4692 IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/01 12:37:49.0893 4692 IPMIDRV         (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/03/01 12:37:49.0908 4692 IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/03/01 12:37:49.0955 4692 IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/03/01 12:37:49.0971 4692 isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/03/01 12:37:50.0002 4692 iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/01 12:37:50.0111 4692 kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/01 12:37:50.0142 4692 kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/01 12:37:50.0173 4692 KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/01 12:37:50.0205 4692 KSecPkg         (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/01 12:37:50.0267 4692 lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/01 12:37:50.0314 4692 LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/01 12:37:50.0345 4692 LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/01 12:37:50.0361 4692 LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/01 12:37:50.0392 4692 LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/01 12:37:50.0485 4692 luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/03/01 12:37:50.0517 4692 megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/01 12:37:50.0548 4692 MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/01 12:37:50.0595 4692 Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/03/01 12:37:50.0626 4692 monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/01 12:37:50.0673 4692 mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/01 12:37:50.0704 4692 mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/01 12:37:50.0891 4692 mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/03/01 12:37:50.0953 4692 MpFilter        (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/03/01 12:37:50.0985 4692 mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/03/01 12:37:51.0156 4692 MpKsl988cf9b7   (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4832F45A-BFEF-4254-9780-F54FFBF93108}\MpKsl988cf9b7.sys
2011/03/01 12:37:51.0297 4692 MpNWMon         (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/03/01 12:37:51.0359 4692 mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/01 12:37:51.0390 4692 MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/03/01 12:37:51.0421 4692 mrxsmb          (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/01 12:37:51.0453 4692 mrxsmb10        (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/01 12:37:51.0468 4692 mrxsmb20        (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/01 12:37:51.0499 4692 msahci          (cb5d37e91135b0f15cee64d1f1ba5de5) C:\Windows\system32\drivers\msahci.sys
2011/03/01 12:37:51.0531 4692 msdsm           (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/03/01 12:37:51.0655 4692 Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/03/01 12:37:51.0687 4692 mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/01 12:37:51.0702 4692 msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/03/01 12:37:51.0765 4692 MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/01 12:37:51.0796 4692 MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/01 12:37:51.0827 4692 MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/03/01 12:37:51.0843 4692 MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/03/01 12:37:51.0874 4692 mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/01 12:37:51.0889 4692 MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/03/01 12:37:51.0905 4692 MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/01 12:37:51.0936 4692 Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/03/01 12:37:52.0030 4692 NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/01 12:37:52.0092 4692 NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/03/01 12:37:52.0139 4692 NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/01 12:37:52.0170 4692 NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/01 12:37:52.0217 4692 Ndisuio         (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/01 12:37:52.0248 4692 NdisWan         (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/01 12:37:52.0279 4692 NDProxy         (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/03/01 12:37:52.0295 4692 NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/01 12:37:52.0389 4692 NetBT           (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/01 12:37:52.0482 4692 nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/01 12:37:52.0529 4692 NisDrv          (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/03/01 12:37:52.0576 4692 Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/03/01 12:37:52.0607 4692 nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/01 12:37:52.0654 4692 Ntfs            (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/03/01 12:37:52.0685 4692 Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/03/01 12:37:52.0966 4692 nvlddmkm        (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/03/01 12:37:53.0122 4692 nvraid          (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/03/01 12:37:53.0153 4692 nvstor          (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/03/01 12:37:53.0200 4692 nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/03/01 12:37:53.0247 4692 ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/01 12:37:53.0293 4692 Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/03/01 12:37:53.0309 4692 partmgr         (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/03/01 12:37:53.0325 4692 Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/03/01 12:37:53.0371 4692 PBADRV          (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
2011/03/01 12:37:53.0543 4692 pci             (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/03/01 12:37:53.0590 4692 pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/03/01 12:37:53.0637 4692 pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/01 12:37:53.0652 4692 pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/03/01 12:37:53.0683 4692 PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/03/01 12:37:53.0855 4692 PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/01 12:37:53.0917 4692 Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/03/01 12:37:53.0964 4692 Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/01 12:37:54.0027 4692 ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/01 12:37:54.0042 4692 ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/01 12:37:54.0073 4692 QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/01 12:37:54.0089 4692 RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/01 12:37:54.0167 4692 RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/01 12:37:54.0245 4692 Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/01 12:37:54.0276 4692 RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/01 12:37:54.0307 4692 RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/01 12:37:54.0339 4692 rdbss           (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/01 12:37:54.0370 4692 rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/01 12:37:54.0401 4692 RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/01 12:37:54.0432 4692 RDPDR           (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/03/01 12:37:54.0479 4692 RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/01 12:37:54.0541 4692 RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/01 12:37:54.0573 4692 RDPWD           (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/03/01 12:37:54.0651 4692 rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/03/01 12:37:54.0713 4692 rimmptsk        (ea885e7a56f1be1f14c372337c42fe48) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/03/01 12:37:54.0760 4692 RimUsb          (92d33f76769a028ddc54a863eb7de4a2) C:\Windows\system32\Drivers\RimUsb.sys
2011/03/01 12:37:54.0775 4692 RimVSerPort     (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/03/01 12:37:54.0822 4692 ROOTMODEM       (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
2011/03/01 12:37:54.0900 4692 rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/01 12:37:54.0947 4692 s3cap           (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/03/01 12:37:55.0041 4692 sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/03/01 12:37:55.0087 4692 scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/01 12:37:55.0134 4692 sdbus           (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
2011/03/01 12:37:55.0165 4692 secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/01 12:37:55.0197 4692 Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/01 12:37:55.0212 4692 Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/03/01 12:37:55.0306 4692 sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/01 12:37:55.0368 4692 sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/03/01 12:37:55.0384 4692 sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/03/01 12:37:55.0399 4692 sffp_sd         (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/03/01 12:37:55.0415 4692 sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/01 12:37:55.0446 4692 sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/03/01 12:37:55.0477 4692 SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/01 12:37:55.0524 4692 SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/01 12:37:55.0555 4692 Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/03/01 12:37:55.0618 4692 spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/03/01 12:37:55.0711 4692 sptd            (c4bb8a12843d9cbb65f5ff617f389bbd) C:\Windows\system32\Drivers\sptd.sys
2011/03/01 12:37:55.0743 4692 srv             (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/03/01 12:37:55.0805 4692 srv2            (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/01 12:37:55.0867 4692 srvnet          (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/01 12:37:55.0977 4692 stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/01 12:37:56.0039 4692 STHDA           (674be634b14a6c773d2f4f46b7a1628b) C:\Windows\system32\DRIVERS\stwrt.sys
2011/03/01 12:37:56.0070 4692 storflt         (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/03/01 12:37:56.0164 4692 storvsc         (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2011/03/01 12:37:56.0195 4692 swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/01 12:37:56.0304 4692 Tcpip           (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/03/01 12:37:56.0398 4692 TCPIP6          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/01 12:37:56.0460 4692 tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/01 12:37:56.0491 4692 TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/03/01 12:37:56.0507 4692 TDTCP           (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/03/01 12:37:56.0538 4692 tdx             (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/01 12:37:56.0601 4692 TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/01 12:37:56.0679 4692 tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/01 12:37:56.0710 4692 tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/01 12:37:56.0757 4692 uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/01 12:37:56.0850 4692 udfs            (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/01 12:37:56.0928 4692 uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/03/01 12:37:57.0006 4692 umbus           (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/01 12:37:57.0037 4692 UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/01 12:37:57.0100 4692 USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/03/01 12:37:57.0162 4692 usbaudio        (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/03/01 12:37:57.0240 4692 usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\drivers\usbccgp.sys
2011/03/01 12:37:57.0303 4692 usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/03/01 12:37:57.0365 4692 usbehci         (0eeedd78c2bedac75e8ed1ba8d77878b) C:\Windows\system32\drivers\usbehci.sys
2011/03/01 12:37:57.0505 4692 usbhub          (ba50148445e5b2b3abdba208fc9b6fb5) C:\Windows\system32\drivers\usbhub.sys
2011/03/01 12:37:57.0583 4692 usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
2011/03/01 12:37:57.0615 4692 usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/01 12:37:57.0646 4692 USBSTOR         (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/01 12:37:57.0677 4692 usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
2011/03/01 12:37:57.0755 4692 vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/03/01 12:37:57.0802 4692 vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/01 12:37:57.0833 4692 VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/03/01 12:37:57.0849 4692 vhdmp           (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/03/01 12:37:57.0927 4692 viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/03/01 12:37:57.0942 4692 ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/03/01 12:37:58.0005 4692 viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/03/01 12:37:58.0067 4692 vmbus           (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2011/03/01 12:37:58.0083 4692 VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/03/01 12:37:58.0114 4692 volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/03/01 12:37:58.0145 4692 volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/03/01 12:37:58.0207 4692 volsnap         (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/03/01 12:37:58.0301 4692 vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/01 12:37:58.0410 4692 vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/03/01 12:37:58.0473 4692 WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/01 12:37:58.0519 4692 WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/01 12:37:58.0519 4692 Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/01 12:37:58.0551 4692 Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/03/01 12:37:58.0597 4692 Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/01 12:37:58.0675 4692 WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/01 12:37:58.0707 4692 WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/03/01 12:37:58.0816 4692 WinUsb          (b5ba3cc19d00f2eba92f1cfbebb5d650) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/03/01 12:37:58.0941 4692 WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/01 12:37:59.0003 4692 ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/01 12:37:59.0050 4692 WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/03/01 12:37:59.0112 4692 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/03/01 12:37:59.0112 4692 ================================================================================
2011/03/01 12:37:59.0112 4692 Scan finished
2011/03/01 12:37:59.0112 4692 ================================================================================
2011/03/01 12:37:59.0112 5444 Detected object count: 1
2011/03/01 12:38:13.0573 5444 \HardDisk0 - will be cured after reboot
2011/03/01 12:38:13.0573 5444 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure 
2011/03/01 12:38:17.0926 4320 Deinitialize success
 
Last edited by a moderator:

My Computer

OS
Windows 7 Professional 32 bit
Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt
***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Code: 
ComboFix 11-02-28.07 - Josh 01/03/2011  13:40:22.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.2.1033.18.2036.1279 [GMT -5:00]
Running from: c:\users\Josh\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Install.exe
.
(((((((((((((((((((((((((   Files Created from 2011-02-01 to 2011-03-01  )))))))))))))))))))))))))))))))
.
2011-03-01 18:45 . 2011-03-01 18:45 -------- d-----w- c:\users\Josh\AppData\Local\temp
2011-03-01 18:45 . 2011-03-01 18:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-01 17:39 . 2011-03-01 17:39 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4832F45A-BFEF-4254-9780-F54FFBF93108}\MpKsl6de67b55.sys
2011-03-01 16:43 . 2011-03-01 16:43 -------- d-----w- c:\users\Josh\AppData\Local\{5D43246E-9CDC-425F-9DF1-29D80E1D7683}
2011-03-01 05:26 . 2009-12-04 06:51 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-01 05:26 . 2009-12-04 06:51 41984 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-01 05:25 . 2009-11-14 07:11 27736 ----a-w- c:\windows\system32\drivers\msahci.sys
2011-03-01 05:25 . 2009-11-12 19:42 86528 ----a-w- c:\windows\system32\isoburn.exe
2011-03-01 05:24 . 2009-10-07 02:30 246784 ----a-w- c:\windows\system32\drivers\udfs.sys
2011-03-01 05:24 . 2009-09-11 03:00 35840 ----a-w- c:\windows\system32\drivers\winusb.sys
2011-03-01 05:13 . 2011-02-23 14:35 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4832F45A-BFEF-4254-9780-F54FFBF93108}\mpengine.dll
2011-03-01 04:38 . 2011-03-01 04:39 -------- d-----w- c:\users\Josh\AppData\Local\{DBCBB8DF-B67E-4C56-9E09-7C73AF1DBF4D}
2011-03-01 04:36 . 2011-03-01 04:36 -------- d-----w- c:\users\Josh\AppData\Local\{6899910E-239D-458F-9900-0AE575E7D0E7}
2011-03-01 04:29 . 2011-03-01 04:29 -------- d-----w- c:\users\Josh\AppData\Local\{C5AE69C5-EA75-4E12-B620-870B1E2BFBC0}
2011-03-01 04:23 . 2011-03-01 04:23 -------- d-----w- c:\users\Josh\AppData\Roaming\RegistryKeys
2011-02-28 21:08 . 2011-02-28 21:08 -------- d-----w- c:\program files\Feedback Tool
2011-02-28 19:51 . 2011-02-28 19:51 -------- d-----w- c:\windows\Sun
2011-02-28 15:43 . 2011-02-28 15:43 -------- d-----w- c:\users\Josh\AppData\Local\{1CD382EA-7C70-4539-9DBD-F81BF6BDCE3C}
2011-02-28 08:17 . 2011-02-28 08:17 -------- d-----w- c:\users\Josh\AppData\Roaming\Intel Corporation
2011-02-28 05:55 . 2010-11-30 15:43 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{437009F1-B0D3-47FF-BC2E-CEEE0289627E}\gapaengine.dll
2011-02-28 05:43 . 2011-02-28 05:43 -------- d-----w- c:\program files\Microsoft Security Client
2011-02-28 05:42 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-28 05:41 . 2011-02-28 05:41 -------- d-----w- c:\program files\ESET
2011-02-28 05:38 . 2010-11-06 04:39 354840 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-02-28 05:38 . 2011-02-28 05:38 -------- d-----w- c:\users\Josh\AppData\Roaming\InstallShield
2011-02-28 03:43 . 2011-02-28 03:43 -------- d-----w- c:\users\Josh\AppData\Local\{04FEDA6A-49B5-43A8-AC79-E0383BE301EA}
2011-02-28 03:36 . 2011-02-28 03:36 -------- d--h--w- c:\windows\system32\WLANProfiles
2011-02-28 03:35 . 2011-02-28 06:05 -------- d-----w- c:\users\Josh\AppData\Roaming\Intel
2011-02-28 03:34 . 2011-02-28 06:05 -------- d-----w- c:\programdata\Intel
2011-02-28 03:30 . 2011-02-28 03:30 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-28 03:30 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-28 03:30 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-28 03:30 . 2011-01-08 03:27 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-28 03:30 . 2011-01-08 03:27 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-02-28 03:30 . 2011-01-08 03:27 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-28 03:30 . 2011-01-08 03:27 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-28 03:30 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-28 03:30 . 2011-01-08 03:27 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-02-28 03:30 . 2011-01-08 03:27 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-02-28 03:30 . 2011-01-08 03:27 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-28 03:27 . 2011-02-28 03:27 -------- d-----w- c:\users\Josh\AppData\Local\{9ACEF8CE-39C7-43B8-9972-2B2D4870610E}
2011-02-28 03:24 . 2011-01-08 03:27 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-28 03:23 . 2011-02-28 03:32 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-28 03:23 . 2011-02-28 03:23 -------- d-----w- C:\NVIDIA
2011-02-28 01:54 . 2011-02-28 01:54 -------- d-----w- c:\users\Josh\AppData\Local\{0378BDCD-3D51-4BD1-B532-6852A07F637A}
2011-02-26 17:00 . 2011-02-26 17:00 -------- d-----w- c:\users\Josh\AppData\Local\{23D56190-4E24-4FF4-9393-8B538C969F72}
2011-02-26 07:03 . 2011-02-26 07:03 -------- d-----w- c:\users\Josh\AppData\Local\{78EC3A9A-A405-448E-BF56-D26B92C93BF8}
2011-02-26 00:58 . 2011-02-26 19:58 -------- d-----w- c:\program files\Microsoft Office Communicator
2011-02-26 00:36 . 2011-02-26 00:36 -------- d-----w- c:\users\Josh\AppData\Local\Apps
2011-02-26 00:36 . 2011-03-01 05:04 -------- d-----w- c:\users\Josh\AppData\Local\Deployment
2011-02-26 00:21 . 2011-02-26 00:21 -------- d-----w- c:\program files\SystemRequirementsLab
2011-02-26 00:20 . 2011-02-26 00:20 -------- d-----w- c:\users\Josh\AppData\Roaming\SystemRequirementsLab
2011-02-25 23:28 . 2011-02-25 23:28 -------- d-----r- C:\MSOCache
2011-02-25 19:02 . 2011-02-25 19:03 -------- d-----w- c:\users\Josh\AppData\Local\{4A101EFF-D47B-4337-86E2-962FE0FE8E2F}
2011-02-24 22:07 . 2011-02-24 22:07 -------- d-----w- c:\users\Josh\AppData\Local\{9347E397-EDF8-4558-8FDA-E6911DF804B5}
2011-02-24 21:33 . 2011-02-24 21:33 -------- d-----w- c:\users\Josh\AppData\Local\{63C17E77-7649-4E4F-A6C7-0686D54DCCC9}
2011-02-24 07:31 . 2011-02-24 07:31 -------- d-----w- c:\users\Josh\AppData\Local\{21168C4C-E856-421C-9D5B-1813D2FE7491}
2011-02-23 21:55 . 2011-02-23 21:55 -------- d-----w- c:\users\Josh\AppData\Local\ElevatedDiagnostics
2011-02-23 18:47 . 2011-02-23 18:47 -------- d-----w- c:\users\Josh\AppData\Roaming\Malwarebytes
2011-02-23 18:47 . 2011-02-23 18:47 -------- d-----w- c:\programdata\Malwarebytes
2011-02-23 18:47 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-23 18:47 . 2011-02-23 18:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-23 18:47 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-23 18:25 . 2011-02-23 18:26 -------- d-----w- c:\users\Josh\AppData\Local\{EDC89F5E-B87C-4CEA-A197-54A87CFA292D}
2011-02-23 05:59 . 2011-02-23 05:59 -------- d-----w- c:\users\Josh\AppData\Local\{ECF4905E-F63C-4360-B2A4-753F4634F067}
2011-02-22 17:58 . 2011-02-22 17:59 -------- d-----w- c:\users\Josh\AppData\Local\{1D60EE89-F623-4C8F-BAF7-4E189DF99E8C}
2011-02-21 19:57 . 2011-02-21 19:57 -------- d-----w- c:\users\Josh\AppData\Local\{C047F7F7-59AC-40B9-ACE1-488263B89964}
2011-02-20 22:08 . 2011-02-20 22:08 -------- d-----w- c:\users\Josh\AppData\Local\{A1160CD2-E60B-4B36-B2EB-41D4A7C07C9B}
2011-02-20 18:52 . 2011-02-20 18:52 -------- d-----w- c:\users\Josh\AppData\Local\{78CAD3BA-404B-41C7-8D9A-C0D9750151AF}
2011-02-20 06:52 . 2011-02-20 06:52 -------- d-----w- c:\users\Josh\AppData\Local\{936C8E36-E48B-4BEC-9F4D-3AD55E7DE0C6}
2011-02-19 18:49 . 2011-02-19 18:52 -------- d-----w- c:\users\Josh\AppData\Local\{9BF0085D-B2F2-49E0-A4A7-5FF1D9216F78}
2011-02-19 15:34 . 2011-02-19 15:34 -------- d-----w- c:\users\Josh\AppData\Local\{4E113944-CC83-4D45-9558-450F6820CB07}
2011-02-18 15:54 . 2011-02-18 15:54 -------- d-----w- c:\users\Josh\AppData\Local\{BC70CEB9-2E0A-47CC-965D-F422DDF5728D}
2011-02-18 01:20 . 2010-11-02 04:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-02-18 01:20 . 2010-11-02 04:35 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-18 01:20 . 2010-11-02 04:35 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-02-18 01:20 . 2010-11-02 04:36 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-02-18 01:20 . 2010-11-02 04:41 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-18 01:20 . 2010-11-02 04:41 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-18 01:20 . 2010-11-02 04:35 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-02-18 01:20 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-02-18 01:19 . 2010-11-02 04:41 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-02-18 01:19 . 2010-11-02 04:35 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-02-18 01:17 . 2010-10-27 04:40 1289536 ----a-w- c:\windows\system32\ntdll.dll
2011-02-18 01:17 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-18 01:17 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-18 01:17 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-02-18 01:17 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-18 01:17 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll
2011-02-17 22:30 . 2011-02-17 22:30 -------- d-----w- c:\users\Josh\AppData\Local\{8E79EC23-6380-4268-BCB1-E1CC4B110F37}
2011-02-17 20:06 . 2011-02-17 20:06 -------- d-----w- c:\users\Josh\AppData\Local\{FF7BF02A-F485-408B-9501-17663F5AFA50}
2011-02-17 07:54 . 2011-02-17 07:55 -------- d-----w- c:\users\Josh\AppData\Local\{C1E3ECC6-4820-4EF1-BA02-77FADF379A1C}
2011-02-16 19:54 . 2011-02-16 19:54 -------- d-----w- c:\users\Josh\AppData\Local\{51787B91-92DF-46F7-A0E2-EB2E5F679F32}
2011-02-15 16:33 . 2011-02-15 16:33 -------- d-----w- c:\users\Josh\AppData\Local\{7E291459-8DA3-4B29-9A85-56FA2CDE57EC}
2011-02-15 04:23 . 2011-02-15 04:23 -------- d-----w- c:\users\Josh\AppData\Local\{0DB76792-7B2F-473E-8A6A-D07B33DC2506}
2011-02-14 16:22 . 2011-02-14 16:23 -------- d-----w- c:\users\Josh\AppData\Local\{9B8E6EEE-BB22-4A4D-B324-C15A3252D22D}
2011-02-13 16:57 . 2011-02-13 16:57 -------- d-----w- c:\users\Josh\AppData\Local\{E4A7613D-026D-4088-B8EB-D4DBF5C3DAF3}
2011-02-12 20:20 . 2011-02-12 20:20 -------- d-----w- c:\users\Josh\AppData\Local\{A0B01840-94F5-4E6E-986E-0F0DA5C8B6C7}
2011-02-12 07:19 . 2011-02-12 07:20 -------- d-----w- c:\users\Josh\AppData\Local\{0F060004-2D8D-4302-8C3B-947D17D8BBE9}
2011-02-11 19:19 . 2011-02-11 19:19 -------- d-----w- c:\users\Josh\AppData\Local\{226D063F-0321-4A14-8150-0FFB9590BE79}
2011-02-11 17:41 . 2011-02-11 17:41 -------- d-----w- c:\users\Josh\AppData\Local\{C4D6E8EA-81F9-4FF5-87A2-33ADB9EDDBB3}
2011-02-11 04:29 . 2011-02-11 04:29 -------- d-----w- c:\users\Josh\AppData\Local\{1BFCF343-2668-411A-B485-4E0F5E04D90A}
2011-02-10 16:28 . 2011-02-10 16:28 -------- d-----w- c:\users\Josh\AppData\Local\{B094CF6E-23E8-430D-B10F-EF3DBFE93459}
2011-02-10 04:28 . 2011-02-10 04:28 -------- d-----w- c:\users\Josh\AppData\Local\{AAC92AFF-544F-4DE0-B17C-DC3F2469273E}
2011-02-09 16:28 . 2011-02-09 16:28 -------- d-----w- c:\users\Josh\AppData\Local\{7486C2A9-1139-4362-A7E1-DA78E9B23F43}
2011-02-08 15:09 . 2011-02-08 15:09 -------- d-----w- c:\users\Josh\AppData\Local\{7E9ADE80-4A35-44CD-B22A-A8809DE53841}
2011-02-08 03:08 . 2011-02-08 03:09 -------- d-----w- c:\users\Josh\AppData\Local\{2F6197FC-D18A-49CC-9C01-72C9A4953CEB}
2011-02-07 15:08 . 2011-02-07 15:08 -------- d-----w- c:\users\Josh\AppData\Local\{131505F0-872A-4F9C-A67B-2699FB1F87EA}
2011-02-06 22:34 . 2011-02-06 22:34 -------- d-----w- c:\users\Josh\AppData\Local\{0A848BB3-48DB-4C58-BE9D-D8F395F04515}
2011-02-06 18:52 . 2011-02-06 18:52 -------- d-----w- c:\users\Josh\AppData\Local\{7FEB8CF1-CCB0-41E6-8346-AD8EE941E681}
2011-02-05 16:51 . 2011-02-05 16:51 -------- d-----w- c:\programdata\Hewlett-Packard
2011-02-05 16:51 . 2009-07-14 01:15 280064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzppw71.dll
2011-02-03 16:05 . 2011-02-03 16:05 -------- d-----w- c:\users\Josh\AppData\Local\{7932F47D-AF69-428D-AE28-18C6BA707192}
2011-02-03 02:05 . 2011-02-03 02:05 -------- d-----w- c:\users\Josh\AppData\Local\{F246F09D-61BE-4A27-8D2F-2A2A1B0862AB}
2011-02-02 14:17 . 2011-02-02 14:17 -------- d-----w- c:\users\Josh\AppData\Local\{55B7FFDA-FF8B-4458-9BDF-776AAB355897}
2011-02-01 18:38 . 2011-02-01 18:38 -------- d-----w- c:\users\Josh\AppData\Local\{085A2C04-E7F2-47EC-B655-F4B3DF4F2A3A}
2011-02-01 04:53 . 2011-02-01 04:53 -------- d-----w- c:\users\Josh\AppData\Local\{C1AE37F4-6D46-4C80-B49F-C8B5660A0C8C}
2011-01-31 16:52 . 2011-01-31 16:53 -------- d-----w- c:\users\Josh\AppData\Local\{72836812-9D1C-4E9A-A55C-5F2BC94393F9}
2011-01-30 19:33 . 2011-01-30 19:33 -------- d-----w- c:\users\Josh\AppData\Local\Research In Motion
2011-01-30 19:32 . 2011-01-30 19:33 -------- d-----w- c:\users\Josh\AppData\Roaming\Research In Motion
2011-01-30 19:31 . 2009-01-09 21:18 27136 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2011-01-30 19:30 . 2011-01-30 19:30 -------- d-----w- c:\programdata\Research In Motion
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-01 05:07 . 2011-01-26 02:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-26 15:38 . 2011-01-26 15:38 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-20 15:39 . 2011-01-25 22:35 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE71F9FA-7716-4D97-BD7B-0565C097B78D}\mpengine.dll
2011-01-08 03:27 . 2011-02-28 03:24 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-08 03:27 . 2011-01-14 16:17 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-08 02:06 . 2011-01-08 02:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-08 02:06 . 2011-01-08 02:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-08 02:06 . 2011-01-08 02:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-08 02:06 . 2011-01-08 02:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-08 02:06 . 2011-01-08 02:06 288872 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-08 02:06 . 2011-01-08 02:06 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-08 02:06 . 2011-01-08 02:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2010-12-23 16:09 . 2011-01-14 17:17 53248 ----a-w- c:\windows\system32\CSVer.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-12-21 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-31 458844]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-04-30 3888640]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-01-08 288872]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ    kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ida]
2010-09-01 13:09 27352 ----a-w- c:\program files\Ida\IdaLaunch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxMenuMgr]
2009-05-01 19:35 185640 ----a-w- c:\program files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-10 07:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-25 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-25 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2011-01-26 697328]
S1 MpKsl6de67b55;MpKsl6de67b55;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4832F45A-BFEF-4254-9780-F54FFBF93108}\MpKsl6de67b55.sys [2011-03-01 28752]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\aestsrv.exe [2009-03-02 81920]
S2 alssvc;Ambient Light Sensor;c:\program files\Dell\Ambient Light Sensor\AlsSvc.exe [2008-06-03 382232]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 812448]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 27040]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-05-01 181544]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-08 378984]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-11-03 33832]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6232.sys [2009-06-13 221912]

--- Other Services/Drivers In Memory ---
*NewlyCreated* - MPKSL6DE67B55
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ    SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-OfficeSyncProcess - c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
MSConfigStartUp-BCSSync - c:\program files\Microsoft Office\Office14\BCSSync.exe

.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2909803291-1122864382-4214253459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
[HKEY_USERS\S-1-5-21-2909803291-1122864382-4214253459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*0*4*ݹT3\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
[HKEY_USERS\S-1-5-21-2909803291-1122864382-4214253459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*0*4*wÌ$1\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
[HKEY_USERS\S-1-5-21-2909803291-1122864382-4214253459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-01  13:46:42
ComboFix-quarantined-files.txt  2011-03-01 18:46
Pre-Run: 70,753,914,880 bytes free
Post-Run: 70,424,174,592 bytes free
- - End Of File - - 6FCBBA04C1022AD19BEE53D00EDE7D70
 
Last edited by a moderator:

My Computer

OS
Windows 7 Professional 32 bit
i skimmed through the thread and didint notice anyone tell you to check your proxy settings.

If you are being redirected this could be because of a proxy was setup my malware/virus.


In IE (and basically the same in Firefox) go to Tools > Options > Connections > LAN Settings > Uncheck Use Proxy Server
 

My Computer

Computer Manufacturer/Model Number
Custom
OS
Windows 8 Professional
CPU
AMD Phenom II X6
Motherboard
ASUS
Memory
8 GB
Graphics Card(s)
XFX ATI Radeon 4890
Monitor(s) Displays
Dual 22" LCD
Screen Resolution
1680x1050
Hard Drives
PC Drives

HD0 = Crucial SSD 128gb Sata III
HD1 = 300gb (Seagate Barracuda)

NAS

HD0 = 1.5TB (Maxtor) Raid1
HD1 = 1.5TB (Maxtor) Raid1
HD2 = 1TB (Segate) Raid5
HD3 = 1TB (Segate) Raid5
HD4 = 1TB (Segate) Raid5
HD5 = 1TB (Segate) Raid5
PSU
750 watt
Mouse
Razr Mamba
Internet Speed
50 down 35 up FIOS
Do you recognize these file extensions? Something you use VLC for?

[HKEY_USERS\S-1-5-21-2909803291-1122864382-4214253459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*0*4*ݹT3\
[HKEY_USERS\S-1-5-21-2909803291-1122864382-4214253459-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*0*4*wÌ$1\

I'd like you to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    esetOnline.png
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      esetSmartInstall.png
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      esetSmartInstallDesktopIcon.png
      icon on your desktop.
  4. Check
    esetAcceptTerms.png
  5. Click the
    esetStart.png
    button.
  6. Accept any security warnings from your browser.
  7. Check
    esetScanArchives.png
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
    esetListThreats.png
  11. Push
    esetExport.png
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the
    esetBack.png
    button.
  13. Push
    esetFinish.png
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Are you still with me thompson13?
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
@ Lunarpancake, please see my post #5 above.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
yeah sorry i was busy there for a bit, i ran the scan and it didnt give me an option for the log file i searched my computer for one but i couldnt find it, it didnt find any threats, also those files for VLC i've never seen before
 

My Computer

OS
Windows 7 Professional 32 bit
Are you still getting redirected? How is your computer running?
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
so far the redirects are gone, but its a bit hard to tell because it was only ever 30 or 40% of the time that it happend. Computer seems good theres a few weird registry issues ie. when i right click on anything in windows explorer I get VpShellRes.dll error
 

My Computer

OS
Windows 7 Professional 32 bit
You must log in or register to reply here.
Back
Top