|
|
|
New Member
Group: Forum Members
Last Login: 1/22/2012 3:32 PM
Posts: 6,
Visits: 0
|
|
I was browsing the web when Avira Antivirus detected a form of malware. I had the program delete the file, but it didn't solve the problem; after a few minutes, my programs started shutting down and most of the shortcuts on my desktop had disappeared. I ran Combofix, and then Avira & Malwarebytes in Safe Mode, and for two days that seemed to have taken care of the problem. This afternoon, Avira again detected multiple malware files, and now I can't even browse the web.
My logs are shown below. However, when I opened GMER, only the Services, Registry, Files (C , and ADS boxes could be toggled -- the other boxes were grayed out. (I was using the super administrator account in Windows Vista.)
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-22 13:19:08
Windows 6.0.6002 Service Pack 2
Running: q452r9ln.exe
---- Files - GMER 1.0.15 ----
File C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb 0 bytes
---- EOF - GMER 1.0.15 ----
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Administrator at 13:19:31 on 2012-01-22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3998.2756 [GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{1EB88636-30D3-41B1-A6EE-35D3C17F5BEC} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
mRun-x64: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-1-19 497496]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-7-10 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-7-10 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-4-20 365952]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-4-20 193840]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Norton Internet Security;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw3v64.sys --> C:\Windows\system32\DRIVERS\NETw3v64.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-7-7 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-01-22 20:47:56 -------- d-----w- C:\Users\Administrator\AppData\Local\temp
2012-01-22 20:42:28 -------- d-----w- C:\$RECYCLE.BIN
2012-01-22 20:30:59 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Avira
2012-01-22 20:29:00 -------- d-----w- C:\Users\Administrator\AppData\Roaming\IObit
2012-01-22 20:00:43 -------- d-----w- C:\ProgramData\UAB
2012-01-20 07:10:53 -------- d-----w- C:\Program Files (x86)\8499C
2012-01-19 14:18:49 23896 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2012-01-19 11:33:15 -------- d-----w- C:\ProgramData\IObit
2012-01-19 11:32:53 -------- d-----w- C:\Program Files (x86)\IObit
2012-01-19 11:31:47 -------- d-----w- C:\ProgramData\Malwarebytes
2012-01-19 11:31:46 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-01-19 11:31:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-19 11:17:37 -------- d-----w- C:\ProgramData\PC Drivers HeadQuarters
2012-01-19 11:16:48 -------- d-----w- C:\Program Files (x86)\PC Drivers HeadQuarters
2012-01-19 10:48:15 98816 ----a-w- C:\Windows\sed.exe
2012-01-19 10:48:15 518144 ----a-w- C:\Windows\SWREG.exe
2012-01-19 10:48:15 256000 ----a-w- C:\Windows\PEV.exe
2012-01-19 10:48:15 208896 ----a-w- C:\Windows\MBR.exe
2012-01-19 01:05:56 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AC86A5BF-6344-40C9-8884-E93353A43311}\mpengine.dll
2012-01-07 18:24:41 -------- d-----w- C:\Program Files\PeerBlock
.
==================== Find3M ====================
.
2011-11-29 03:40:18 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-25 16:25:32 451072 ----a-w- C:\Windows\System32\winsrv.dll
2011-11-23 13:57:38 2764800 ----a-w- C:\Windows\System32\win32k.sys
2011-11-18 20:55:05 1585152 ----a-w- C:\Windows\System32\ntdll.dll
2011-11-18 20:55:05 1167984 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-11-18 18:07:45 76800 ----a-w- C:\Windows\System32\packager.dll
2011-11-18 17:47:03 66560 ----a-w- C:\Windows\SysWow64\packager.dll
2011-11-08 14:58:31 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-08 14:42:19 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-25 16:13:33 1570816 ----a-w- C:\Windows\System32\quartz.dll
2011-10-25 16:13:31 352256 ----a-w- C:\Windows\System32\qdvd.dll
2011-10-25 16:09:37 85504 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-25 15:58:55 1314816 ----a-w- C:\Windows\SysWow64\quartz.dll
2011-10-25 15:58:54 497152 ----a-w- C:\Windows\SysWow64\qdvd.dll
.
============= FINISH: 13:19:51.32 ===============
The situation is really beyond me now, so your help would be greatly appreciated.
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,680,
Visits: 54,734
|
|
Welcome
If you still have Combofix installed,remove it by following the steps below.
Click on Start/All Programs/Accessories/Run,copy and paste ComboFix /uninstall into the 'Open:' space,then press OK [see image below]
This will uninstall Combofix.
Find and delete if still present:
C:\ComboFix.txt
C:\QOOBOX
C:\ComboFix
Now download ComboFix on a pc with internet access from Here or Here to your Desktop.
Then transfer Combofix.exe over to the infected pc via flash drive.
Then reboot the infected pc into Safe Mode,instructions in the link below:
Start your computer in safe mode:
http://goo.gl/MGLmI
* Now temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click Here to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
* Close any open browsers.
* WARNING: Combofix will disconnect your machine from the Internet as soon as it starts.
* Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
* If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
* Double click on ComboFix.exe & follow the prompts,if you're running Windows Vista\Windows 7 right click on ComboFix.exe and click on "Run as Administrator".
* When finished, it will produce a report for you.
* Please post the contents of "C:\Combo-Fix.txt" into your next reply.
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**
___________________________________________________________
|
|
|
|
|
New Member
Group: Forum Members
Last Login: 1/22/2012 3:32 PM
Posts: 6,
Visits: 0
|
|
Thanks for doing this, Richie!
I don't know if this is relevant, but while I was running ComboFix, a dialog box popped up saying that PEV.exe has stopped working. I didn't click on anything though and just let the program run until it finished.
ComboFix 12-01-23.02 - Administrator 01/22/2012 21:20:00.4.2 - x64 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3998.3470 [GMT -8:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-12-23 to 2012-01-23 )))))))))))))))))))))))))))))))
.
.
2012-01-23 05:26 . 2012-01-23 05:28 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-01-23 05:26 . 2012-01-23 05:26 -------- d-----w- c:\users\Iris\AppData\Local\temp
2012-01-23 05:26 . 2012-01-23 05:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 20:30 . 2012-01-22 20:30 -------- d-----w- c:\users\Administrator\AppData\Roaming\Avira
2012-01-22 20:29 . 2012-01-22 20:29 -------- d-----w- c:\users\Administrator\AppData\Roaming\IObit
2012-01-22 20:00 . 2012-01-22 20:00 -------- d-----w- c:\programdata\UAB
2012-01-22 20:00 . 2012-01-22 20:00 -------- d-----w- c:\users\Iris\AppData\Local\PC_Drivers_Headquarters
2012-01-20 07:10 . 2012-01-22 20:11 -------- d-----w- c:\program files (x86)\8499C
2012-01-20 07:10 . 2012-01-20 07:10 -------- d-----w- c:\users\Iris\AppData\Local\SanctionedMedia
2012-01-20 07:10 . 2012-01-20 07:18 -------- d-----w- c:\users\Iris\AppData\Roaming\F8484
2012-01-19 14:18 . 2011-12-31 01:02 23896 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-01-19 11:33 . 2012-01-19 11:33 -------- d-----w- c:\programdata\IObit
2012-01-19 11:33 . 2012-01-19 11:33 -------- d-----w- c:\users\Iris\AppData\Roaming\IObit
2012-01-19 11:32 . 2012-01-19 11:32 -------- d-----w- c:\program files (x86)\IObit
2012-01-19 11:31 . 2012-01-19 11:31 -------- d-----w- c:\users\Iris\AppData\Roaming\Malwarebytes
2012-01-19 11:31 . 2012-01-19 11:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-19 11:31 . 2012-01-19 11:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-19 11:31 . 2011-12-10 23:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-19 11:17 . 2012-01-19 11:17 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2012-01-19 11:16 . 2012-01-19 11:16 -------- d-----w- c:\program files (x86)\PC Drivers HeadQuarters
2012-01-19 02:37 . 2012-01-19 02:37 -------- d-----w- c:\users\Iris\AppData\Roaming\Avira
2012-01-19 01:05 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AC86A5BF-6344-40C9-8884-E93353A43311}\mpengine.dll
2012-01-07 18:24 . 2012-01-19 11:09 -------- d-----w- c:\program files\PeerBlock
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-29 03:40 . 2011-07-21 02:48 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-23 13:57 . 2011-12-17 01:38 2764800 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 14:58 . 2011-12-17 01:38 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-08 14:42 . 2011-12-17 01:38 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-04 01:53 . 2011-12-17 17:16 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-11-04 01:44 . 2011-12-17 17:16 1390080 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 01:44 . 2011-12-17 17:16 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 01:34 . 2011-12-17 17:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-03 22:47 . 2011-12-17 17:16 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-11-03 22:40 . 2011-12-17 17:16 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-11-03 22:39 . 2011-12-17 17:16 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2011-11-03 22:31 . 2011-12-17 17:17 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-10-25 16:09 . 2011-12-17 01:38 85504 ----a-w- c:\windows\system32\csrsrv.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QPService"="c:\program files (x86)\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-06 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-30 497496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2970084154-1175367005-1747777201-1000Core.job
- c:\users\Iris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-26 02:25]
.
2012-01-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2970084154-1175367005-1747777201-1000UA.job
- c:\users\Iris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-26 02:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1237288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 417304]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.254
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\sched.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
.
**************************************************************************
.
Completion time: 2012-01-22 21:33:46 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-23 05:33
.
Pre-Run: 68,115,709,952 bytes free
Post-Run: 63,809,601,536 bytes free
.
- - End Of File - - 5F1D495C11FC4A00C699720470988976
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,680,
Visits: 54,734
|
|
Click on Start/All Programs/Accessories/Run,copy and paste ComboFix /uninstall into the 'Open:' space,then press OK [see image below]
This will uninstall Combofix.
Find and delete if still present:
C:\ComboFix.txt
C:\QOOBOX
C:\ComboFix
Download TFC by OldTimer to your Desktop.
* Please double-click TFC.exe to run it,if you're running Windows Vista right click on TFC.exe and click on "Run as Administrator".
* It will close all programs when run, so make sure you have saved all your work before you begin.
* Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Let it run uninterrupted until it's finished.
* Once it's finished it should reboot your machine.If it doesn't,please manually restart the pc to ensure a complete cleanup.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
* Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
* If TDSSKiller does not run, try renaming it.
* To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
* Click the Start Scan button.
* Do not use the computer during the scan.
* If the scan completes with nothing found, click Close to exit.
* If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
* Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
* A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.)
* Copy and paste the contents of that file in your next reply.
Please click HERE to download Kaspersky Virus Removal Tool (click on the Download link for Version 11).
NOTE:- This is quite a large file, so please be patient.
* Double click on the file you just downloaded and let it install.
* It will install to your desktop (be patient; it may take a while).
* Accept the license agreement and click the "Start" button.
* Click on the Settings button 
* In Scan scope leave the pre-checked items as they are and also checkmark Computer
* In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of the preselected Prompt on detection
* Click on the Automatic Scan tab and then click on the Start scanning button.
* Before it is done it may prompt for action regardless of the setting so choose delete if prompted.
* When the scan is done NO log will be produced.
* Click on Report button  then on Automatic Scan report tab.
* Right click any where within the right hand pane, click Select All then right click again and click Copy.
* This will copy the items that it found to the clipboard, you can then open Notepad (go to start then run then type in Notepad) and choose Paste to paste the contents into Notepad.
* You can save this on the desktop.
* Post the contents of the document in your next reply.
Also let me know how your pc is running now please.
___________________________________________________________
|
|
|
|
|
New Member
Group: Forum Members
Last Login: 1/22/2012 3:32 PM
Posts: 6,
Visits: 0
|
|
Well, I'm able to browse the web again. The computer seems to be running fine now.
The Kaspersky Virus Removal Tool log is very, very long -- the text file is 76 MB. There was a detection; however, I didn't get to see the filename. I thought about winnowing out the "OK" files in the result, but the program just hung because of the length of the log. I had no choice but to zip the file and upload it to this file hosting site:
http://www.filedropper.com/kaspersky_3
20:45:24.0878 3644 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
20:45:25.0783 3644 ============================================================
20:45:25.0783 3644 Current date / time: 2012/01/23 20:45:25.0783
20:45:25.0783 3644 SystemInfo:
20:45:25.0783 3644
20:45:25.0783 3644 OS Version: 6.0.6002 ServicePack: 2.0
20:45:25.0783 3644 Product type: Workstation
20:45:25.0783 3644 ComputerName: IRIS-LAPTOP-2
20:45:25.0783 3644 UserName: Administrator
20:45:25.0783 3644 Windows directory: C:\Windows
20:45:25.0783 3644 System windows directory: C:\Windows
20:45:25.0783 3644 Running under WOW64
20:45:25.0783 3644 Processor architecture: Intel x64
20:45:25.0783 3644 Number of processors: 2
20:45:25.0783 3644 Page size: 0x1000
20:45:25.0783 3644 Boot type: Normal boot
20:45:25.0783 3644 ============================================================
20:45:28.0045 3644 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:45:28.0232 3644 Initialize success
20:45:40.0462 3736 ============================================================
20:45:40.0462 3736 Scan started
20:45:40.0462 3736 Mode: Manual;
20:45:40.0462 3736 ============================================================
20:45:41.0835 3736 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
20:45:41.0835 3736 ACPI - ok
20:45:41.0960 3736 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
20:45:41.0991 3736 adp94xx - ok
20:45:42.0194 3736 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
20:45:42.0209 3736 adpahci - ok
20:45:42.0443 3736 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
20:45:42.0490 3736 adpu160m - ok
20:45:42.0677 3736 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
20:45:42.0677 3736 adpu320 - ok
20:45:42.0943 3736 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
20:45:43.0192 3736 AFD - ok
20:45:43.0457 3736 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
20:45:43.0489 3736 agp440 - ok
20:45:43.0660 3736 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
20:45:43.0676 3736 aic78xx - ok
20:45:43.0754 3736 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
20:45:43.0754 3736 aliide - ok
20:45:43.0925 3736 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
20:45:43.0941 3736 amdide - ok
20:45:43.0988 3736 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
20:45:43.0988 3736 AmdK8 - ok
20:45:44.0050 3736 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
20:45:44.0113 3736 arc - ok
20:45:44.0253 3736 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
20:45:44.0269 3736 arcsas - ok
20:45:44.0440 3736 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
20:45:44.0440 3736 AsyncMac - ok
20:45:44.0518 3736 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
20:45:44.0518 3736 atapi - ok
20:45:44.0705 3736 athr (90524c76a8f32f656cf73af0509f693a) C:\Windows\system32\DRIVERS\athrx.sys
20:45:44.0721 3736 athr - ok
20:45:44.0877 3736 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
20:45:44.0893 3736 avgntflt - ok
20:45:44.0908 3736 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
20:45:44.0971 3736 avipbb - ok
20:45:45.0080 3736 Beep - ok
20:45:45.0158 3736 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
20:45:45.0173 3736 blbdrive - ok
20:45:45.0345 3736 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
20:45:45.0361 3736 bowser - ok
20:45:45.0407 3736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
20:45:45.0407 3736 BrFiltLo - ok
20:45:45.0532 3736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
20:45:45.0548 3736 BrFiltUp - ok
20:45:45.0579 3736 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
20:45:45.0626 3736 Brserid - ok
20:45:45.0860 3736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
20:45:45.0907 3736 BrSerWdm - ok
20:45:45.0938 3736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
20:45:45.0953 3736 BrUsbMdm - ok
20:45:46.0156 3736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
20:45:46.0172 3736 BrUsbSer - ok
20:45:46.0437 3736 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
20:45:46.0453 3736 BTHMODEM - ok
20:45:46.0468 3736 catchme - ok
20:45:46.0577 3736 CAXHWAZL (942bd3cb0933febd194b42d4e489c246) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
20:45:46.0655 3736 CAXHWAZL - ok
20:45:46.0811 3736 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
20:45:46.0827 3736 cdfs - ok
20:45:46.0874 3736 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
20:45:46.0874 3736 cdrom - ok
20:45:46.0905 3736 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
20:45:46.0905 3736 circlass - ok
20:45:47.0139 3736 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
20:45:47.0248 3736 CLFS - ok
20:45:47.0435 3736 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
20:45:47.0451 3736 CmBatt - ok
20:45:47.0482 3736 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
20:45:47.0482 3736 cmdide - ok
20:45:47.0576 3736 CnxtHdAudService (d760753a9b2489a317d722133ce67efc) C:\Windows\system32\drivers\CHDRT64.sys
20:45:47.0591 3736 CnxtHdAudService - ok
20:45:47.0950 3736 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
20:45:47.0950 3736 Compbatt - ok
20:45:48.0091 3736 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
20:45:48.0091 3736 crcdisk - ok
20:45:48.0262 3736 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
20:45:48.0262 3736 DfsC - ok
20:45:48.0340 3736 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
20:45:48.0340 3736 disk - ok
20:45:48.0668 3736 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
20:45:48.0699 3736 drmkaud - ok
20:45:48.0808 3736 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
20:45:48.0824 3736 DXGKrnl - ok
20:45:49.0011 3736 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
20:45:49.0183 3736 E1G60 - ok
20:45:49.0432 3736 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
20:45:49.0479 3736 Ecache - ok
20:45:49.0807 3736 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
20:45:49.0885 3736 elxstor - ok
20:45:50.0041 3736 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
20:45:50.0056 3736 ErrDev - ok
20:45:50.0134 3736 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
20:45:50.0150 3736 exfat - ok
20:45:50.0399 3736 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
20:45:50.0415 3736 fastfat - ok
20:45:50.0696 3736 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
20:45:50.0696 3736 fdc - ok
20:45:51.0070 3736 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
20:45:51.0070 3736 FileInfo - ok
20:45:51.0226 3736 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
20:45:51.0257 3736 Filetrace - ok
20:45:51.0351 3736 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:45:51.0351 3736 flpydisk - ok
20:45:51.0491 3736 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
20:45:51.0523 3736 FltMgr - ok
20:45:51.0585 3736 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
20:45:51.0601 3736 Fs_Rec - ok
20:45:51.0632 3736 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
20:45:51.0647 3736 gagp30kx - ok
20:45:51.0850 3736 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
20:45:51.0913 3736 HdAudAddService - ok
20:45:52.0069 3736 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:45:52.0084 3736 HDAudBus - ok
20:45:52.0349 3736 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
20:45:52.0365 3736 HidBth - ok
20:45:52.0521 3736 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
20:45:52.0537 3736 HidIr - ok
20:45:52.0568 3736 HidUsb (d02c82cb3a20f391c8aeff94e8e0baa1) C:\Windows\system32\DRIVERS\hidusb.sys
20:45:52.0583 3736 HidUsb - ok
20:45:52.0646 3736 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
20:45:52.0661 3736 HpCISSs - ok
20:45:52.0817 3736 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:45:52.0817 3736 HpqKbFiltr - ok
20:45:52.0958 3736 HSF_DPV (dda869537ae9ce501954cb7793134d96) C:\Windows\system32\DRIVERS\CAX_DPV.sys
20:45:52.0989 3736 HSF_DPV - ok
20:45:53.0239 3736 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
20:45:53.0301 3736 HTTP - ok
20:45:53.0566 3736 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
20:45:53.0613 3736 i2omp - ok
20:45:53.0800 3736 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
20:45:53.0863 3736 i8042prt - ok
20:45:53.0987 3736 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
20:45:54.0003 3736 iaStorV - ok
20:45:54.0705 3736 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:45:54.0955 3736 igfx - ok
20:45:55.0142 3736 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
20:45:55.0157 3736 iirsp - ok
20:45:55.0251 3736 IntcHdmiAddService (bd37227c07179b1040a8896b9c0c146b) C:\Windows\system32\drivers\IntcHdmi.sys
20:45:55.0282 3736 IntcHdmiAddService - ok
20:45:55.0423 3736 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
20:45:55.0485 3736 intelide - ok
20:45:55.0516 3736 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
20:45:55.0516 3736 intelppm - ok
20:45:55.0766 3736 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:45:55.0828 3736 IpFilterDriver - ok
20:45:55.0922 3736 IpInIp - ok
20:45:56.0015 3736 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
20:45:56.0031 3736 IPMIDRV - ok
20:45:56.0218 3736 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
20:45:56.0234 3736 IPNAT - ok
20:45:56.0296 3736 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
20:45:56.0327 3736 IRENUM - ok
20:45:56.0546 3736 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
20:45:56.0608 3736 isapnp - ok
20:45:56.0780 3736 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
20:45:56.0780 3736 iScsiPrt - ok
20:45:56.0842 3736 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
20:45:56.0873 3736 iteatapi - ok
20:45:57.0029 3736 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
20:45:57.0092 3736 iteraid - ok
20:45:57.0263 3736 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
20:45:57.0263 3736 kbdclass - ok
20:45:57.0295 3736 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:45:57.0310 3736 kbdhid - ok
20:45:57.0529 3736 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
20:45:57.0591 3736 KSecDD - ok
20:45:57.0809 3736 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
20:45:57.0825 3736 ksthunk - ok
20:45:58.0808 3736 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
20:45:58.0855 3736 lltdio - ok
20:45:59.0447 3736 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
20:45:59.0463 3736 LSI_FC - ok
20:45:59.0744 3736 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
20:45:59.0775 3736 LSI_SAS - ok
20:46:00.0118 3736 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
20:46:00.0149 3736 LSI_SCSI - ok
20:46:00.0352 3736 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
20:46:00.0415 3736 luafv - ok
20:46:00.0633 3736 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:46:00.0664 3736 mdmxsdk - ok
20:46:00.0727 3736 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
20:46:00.0742 3736 megasas - ok
20:46:01.0148 3736 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
20:46:01.0226 3736 MegaSR - ok
20:46:01.0475 3736 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
20:46:01.0475 3736 Modem - ok
20:46:01.0507 3736 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
20:46:01.0507 3736 monitor - ok
20:46:01.0709 3736 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
20:46:01.0725 3736 mouclass - ok
20:46:01.0741 3736 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
20:46:01.0741 3736 mouhid - ok
20:46:01.0772 3736 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
20:46:01.0772 3736 MountMgr - ok
20:46:01.0819 3736 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
20:46:01.0834 3736 mpio - ok
20:46:01.0850 3736 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
20:46:01.0865 3736 mpsdrv - ok
20:46:02.0240 3736 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
20:46:02.0255 3736 Mraid35x - ok
20:46:02.0599 3736 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
20:46:02.0599 3736 MRxDAV - ok
20:46:02.0833 3736 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:46:02.0879 3736 mrxsmb - ok
20:46:03.0129 3736 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:46:03.0160 3736 mrxsmb10 - ok
20:46:03.0332 3736 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:46:03.0332 3736 mrxsmb20 - ok
20:46:03.0379 3736 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
20:46:03.0394 3736 msahci - ok
20:46:03.0597 3736 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
20:46:03.0597 3736 msdsm - ok
20:46:03.0644 3736 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
20:46:03.0644 3736 Msfs - ok
20:46:03.0675 3736 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
20:46:03.0691 3736 msisadrv - ok
20:46:03.0815 3736 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
20:46:03.0956 3736 MSKSSRV - ok
20:46:04.0034 3736 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
20:46:04.0034 3736 MSPCLOCK - ok
20:46:04.0112 3736 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
20:46:04.0159 3736 MSPQM - ok
20:46:04.0205 3736 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
20:46:04.0221 3736 MsRPC - ok
20:46:04.0377 3736 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
20:46:04.0377 3736 mssmbios - ok
20:46:04.0517 3736 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
20:46:04.0517 3736 MSTEE - ok
20:46:04.0673 3736 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
20:46:04.0689 3736 Mup - ok
20:46:04.0767 3736 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
20:46:04.0798 3736 NativeWifiP - ok
20:46:04.0829 3736 NAVENG - ok
20:46:04.0829 3736 NAVEX15 - ok
20:46:05.0048 3736 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
20:46:05.0173 3736 NDIS - ok
20:46:05.0360 3736 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
20:46:05.0360 3736 NdisTapi - ok
20:46:05.0391 3736 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
20:46:05.0391 3736 Ndisuio - ok
20:46:05.0453 3736 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
20:46:05.0469 3736 NdisWan - ok
20:46:05.0687 3736 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
20:46:05.0703 3736 NDProxy - ok
20:46:05.0734 3736 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
20:46:05.0734 3736 NetBIOS - ok
20:46:05.0812 3736 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
20:46:05.0828 3736 netbt - ok
20:46:06.0405 3736 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
20:46:06.0670 3736 NETw3v64 - ok
20:46:06.0998 3736 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
20:46:07.0013 3736 nfrd960 - ok
20:46:07.0185 3736 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
20:46:07.0185 3736 Npfs - ok
20:46:07.0310 3736 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
20:46:07.0310 3736 nsiproxy - ok
20:46:07.0637 3736 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
20:46:07.0669 3736 Ntfs - ok
20:46:07.0871 3736 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
20:46:07.0887 3736 Null - ok
20:46:08.0121 3736 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
20:46:08.0121 3736 nvraid - ok
20:46:08.0277 3736 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
20:46:08.0293 3736 nvstor - ok
20:46:08.0339 3736 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
20:46:08.0386 3736 nv_agp - ok
20:46:08.0495 3736 NwlnkFlt - ok
20:46:08.0511 3736 NwlnkFwd - ok
20:46:08.0636 3736 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
20:46:08.0683 3736 ohci1394 - ok
20:46:08.0854 3736 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
20:46:08.0885 3736 Parport - ok
20:46:08.0963 3736 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
20:46:08.0995 3736 partmgr - ok
20:46:09.0151 3736 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
20:46:09.0166 3736 pci - ok
20:46:09.0260 3736 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
20:46:09.0291 3736 pciide - ok
20:46:09.0463 3736 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
20:46:09.0494 3736 pcmcia - ok
20:46:09.0587 3736 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
20:46:09.0665 3736 PEAUTH - ok
20:46:09.0853 3736 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
20:46:09.0931 3736 PptpMiniport - ok
20:46:10.0024 3736 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
20:46:10.0040 3736 Processor - ok
20:46:10.0211 3736 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
20:46:10.0227 3736 PSched - ok
20:46:10.0539 3736 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
20:46:10.0570 3736 ql2300 - ok
20:46:10.0835 3736 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
20:46:10.0851 3736 ql40xx - ok
20:46:10.0867 3736 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
20:46:10.0882 3736 QWAVEdrv - ok
20:46:11.0023 3736 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
20:46:11.0054 3736 RasAcd - ok
20:46:11.0288 3736 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:46:11.0303 3736 Rasl2tp - ok
20:46:11.0366 3736 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
20:46:11.0428 3736 RasPppoe - ok
20:46:11.0600 3736 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
20:46:11.0600 3736 RasSstp - ok
20:46:11.0912 3736 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
20:46:11.0927 3736 rdbss - ok
20:46:12.0130 3736 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:46:12.0146 3736 RDPCDD - ok
20:46:12.0271 3736 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
20:46:12.0286 3736 rdpdr - ok
20:46:12.0286 3736 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
20:46:12.0302 3736 RDPENCDD - ok
20:46:12.0349 3736 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
20:46:12.0364 3736 RDPWD - ok
20:46:12.0598 3736 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
20:46:12.0598 3736 rspndr - ok
20:46:12.0817 3736 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
20:46:12.0832 3736 RTL8169 - ok
20:46:13.0035 3736 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS
20:46:13.0051 3736 RTSTOR - ok
20:46:13.0097 3736 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
20:46:13.0113 3736 sbp2port - ok
20:46:13.0300 3736 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
20:46:13.0316 3736 sdbus - ok
20:46:13.0347 3736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:46:13.0363 3736 secdrv - ok
20:46:13.0394 3736 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
20:46:13.0409 3736 Serenum - ok
20:46:13.0581 3736 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
20:46:13.0706 3736 Serial - ok
20:46:13.0971 3736 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
20:46:13.0987 3736 sermouse - ok
20:46:14.0080 3736 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
20:46:14.0096 3736 sffdisk - ok
20:46:14.0267 3736 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
20:46:14.0267 3736 sffp_mmc - ok
20:46:14.0314 3736 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
20:46:14.0314 3736 sffp_sd - ok
20:46:14.0345 3736 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
20:46:14.0345 3736 sfloppy - ok
20:46:14.0595 3736 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
20:46:14.0611 3736 SiSRaid2 - ok
20:46:14.0673 3736 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
20:46:14.0735 3736 SiSRaid4 - ok
20:46:14.0907 3736 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
20:46:14.0907 3736 Smb - ok
20:46:15.0063 3736 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
20:46:15.0094 3736 spldr - ok
20:46:15.0203 3736 SRTSP - ok
20:46:15.0344 3736 SRTSPX - ok
20:46:15.0469 3736 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
20:46:15.0531 3736 srv - ok
20:46:15.0812 3736 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
20:46:15.0827 3736 srv2 - ok
20:46:16.0233 3736 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
20:46:16.0249 3736 srvnet - ok
20:46:16.0561 3736 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
20:46:16.0654 3736 swenum - ok
20:46:16.0779 3736 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
20:46:16.0795 3736 Symc8xx - ok
20:46:17.0075 3736 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
20:46:17.0091 3736 Sym_hi - ok
20:46:17.0309 3736 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
20:46:17.0325 3736 Sym_u3 - ok
20:46:17.0465 3736 SynTP (e33b57c4aa60288e9971277d88ce9b67) C:\Windows\system32\DRIVERS\SynTP.sys
20:46:17.0543 3736 SynTP - ok
20:46:17.0840 3736 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
20:46:17.0887 3736 Tcpip - ok
20:46:18.0105 3736 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
20:46:18.0121 3736 Tcpip6 - ok
20:46:18.0370 3736 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
20:46:18.0401 3736 tcpipreg - ok
20:46:18.0542 3736 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
20:46:18.0557 3736 TDPIPE - ok
20:46:18.0573 3736 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
20:46:18.0589 3736 TDTCP - ok
20:46:18.0667 3736 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
20:46:18.0682 3736 tdx - ok
20:46:18.0869 3736 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
20:46:18.0885 3736 TermDD - ok
20:46:19.0228 3736 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:46:19.0259 3736 tssecsrv - ok
20:46:19.0603 3736 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
20:46:19.0618 3736 tunmp - ok
20:46:20.0071 3736 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys
20:46:20.0086 3736 tunnel - ok
20:46:20.0305 3736 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
20:46:20.0429 3736 uagp35 - ok
20:46:20.0585 3736 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
20:46:20.0617 3736 udfs - ok
20:46:20.0773 3736 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
20:46:20.0788 3736 uliagpkx - ok
20:46:20.0897 3736 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
20:46:20.0929 3736 uliahci - ok
20:46:21.0022 3736 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
20:46:21.0053 3736 UlSata - ok
20:46:21.0209 3736 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
20:46:21.0225 3736 ulsata2 - ok
20:46:21.0381 3736 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
20:46:21.0397 3736 umbus - ok
20:46:21.0849 3736 usbccgp (66627c6008319def7909f21fb75a8991) C:\Windows\system32\DRIVERS\usbccgp.sys
20:46:21.0865 3736 usbccgp - ok
20:46:22.0177 3736 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
20:46:22.0208 3736 usbcir - ok
20:46:22.0395 3736 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
20:46:22.0411 3736 usbehci - ok
20:46:22.0457 3736 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
20:46:22.0504 3736 usbhub - ok
20:46:22.0691 3736 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
20:46:22.0691 3736 usbohci - ok
20:46:22.0738 3736 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
20:46:22.0754 3736 usbprint - ok
20:46:22.0816 3736 USBSTOR (586d9876a4945779c8eea926c0d16889) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:46:22.0847 3736 USBSTOR - ok
20:46:22.0972 3736 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
20:46:23.0050 3736 usbuhci - ok
20:46:23.0269 3736 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
20:46:23.0300 3736 vga - ok
20:46:23.0565 3736 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
20:46:23.0581 3736 VgaSave - ok
20:46:23.0737 3736 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
20:46:23.0752 3736 viaide - ok
20:46:23.0893 3736 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
20:46:23.0924 3736 volmgr - ok
20:46:24.0127 3736 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
20:46:24.0220 3736 volmgrx - ok
20:46:24.0548 3736 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
20:46:24.0610 3736 volsnap - ok
20:46:24.0953 3736 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
20:46:24.0953 3736 vsmraid - ok
20:46:25.0141 3736 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
20:46:25.0172 3736 WacomPen - ok
20:46:25.0234 3736 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
20:46:25.0265 3736 Wanarp - ok
20:46:25.0281 3736 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
20:46:25.0281 3736 Wanarpv6 - ok
20:46:25.0453 3736 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
20:46:25.0499 3736 Wd - ok
20:46:25.0718 3736 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
20:46:26.0513 3736 Wdf01000 - ok
20:46:26.0825 3736 winachsf (590812dd01a4fe83c6e92fdb701e59a6) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
20:46:26.0872 3736 winachsf - ok
20:46:27.0465 3736 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:46:27.0465 3736 WmiAcpi - ok
20:46:27.0886 3736 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
20:46:27.0933 3736 ws2ifsl - ok
20:46:28.0245 3736 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:46:28.0261 3736 WUDFRd - ok
20:46:28.0417 3736 XAudio (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys
20:46:28.0448 3736 XAudio - ok
20:46:28.0619 3736 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
20:46:28.0635 3736 yukonx64 - ok
20:46:28.0713 3736 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:46:29.0384 3736 \Device\Harddisk0\DR0 - ok
20:46:29.0399 3736 Boot (0x1200) (ffa11f93b7485033921a01b62e22eea0) \Device\Harddisk0\DR0\Partition0
20:46:29.0399 3736 \Device\Harddisk0\DR0\Partition0 - ok
20:46:29.0446 3736 Boot (0x1200) (5b22456497d7f16f9f9cb27fddad887b) \Device\Harddisk0\DR0\Partition1
20:46:29.0462 3736 \Device\Harddisk0\DR0\Partition1 - ok
20:46:29.0540 3736 Boot (0x1200) (1bc23624525bddade1e7c68e949017c1) \Device\Harddisk0\DR0\Partition2
20:46:29.0571 3736 \Device\Harddisk0\DR0\Partition2 - ok
20:46:29.0633 3736 Boot (0x1200) (53451d5fcfcfe9fd6fe2e61870332ce5) \Device\Harddisk0\DR0\Partition3
20:46:29.0633 3736 \Device\Harddisk0\DR0\Partition3 - ok
20:46:29.0633 3736 ============================================================
20:46:29.0633 3736 Scan finished
20:46:29.0633 3736 ============================================================
20:46:29.0649 3728 Detected object count: 0
20:46:29.0649 3728 Actual detected object count: 0
20:46:53.0782 3624 Deinitialize success
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,680,
Visits: 54,734
|
|
|
|
|
|
New Member
Group: Forum Members
Last Login: 1/22/2012 3:32 PM
Posts: 6,
Visits: 0
|
|
I may have spoken too soon. Would you know by any chance if Tweaks.com was down between 6:00 a.m to 9:00 a.m. GMT for the past two days? Two days ago when I was home around that time, I was able to start browsing again like I said, but I couldn't access Tweaks.com from either of my two home computers. So I pasted my log in a Gmail e-mail draft, went to work the next day, and posted my last response from my computer at the office. After I returned home, I tried going to Tweaks.com again but still couldn't.
I brought my uninfected home computer to work today, and I can access Tweaks.com just fine. I'm concerned that the virus tinkered with my network settings, and it's keeping me from viewing certain websites. So far, Tweaks is the only site that's giving me problems.
I'll run Security Check and post the log later when I get home.
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,680,
Visits: 54,734
|
|
I myself have had problems with this site just lately,anyway post the results of the Security Check scan when you're ready.
___________________________________________________________
|
|
|
|
|
New Member
Group: Forum Members
Last Login: 1/22/2012 3:32 PM
Posts: 6,
Visits: 0
|
|
Oh, good. It isn't just me then.
Results of screen317's Security Check version 0.99.30
Windows Vista x64 [color=red](UAC is disabled!)[/color]
[color=red]Out of date service pack!![/color]
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Avira AntiVir Personal - Free Antivirus
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 26
Java(TM) 6 Update 7
[color=red]Java version out of date![/color]
Adobe Reader 9 [color=red]Adobe Reader out of date![/color]
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````
|
|
|
|
|
Senior Forum Moderator
Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 35,680,
Visits: 54,734
|
|
Out of date service pack!!
You need to get the operating system up to date by installing all the latest important/high priority updates including any available service packs via Windows Update <-Important!!!
Out of date Adobe Reader installed!
Launch Adobe Reader,click on Help->Check for Updates...,to update to the latest version.
Out of date Java installed!
Your version of Sun Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Follow these steps to remove older version of Java components and update to the latest version:
Download the latest version of Java Runtime Environment [JRE].
Click the Download JRE button to the right.
Click to enable the box that says:
"Accept License Agreement",the page will then refresh.
Click on the link to download the Windows Offline installation and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
If running Win Vista/Win 7,go to Control Panel > Programs and Features.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove/Uninstall or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-7u2-windows-i586.exe to install the newest version.
If running Win Vista/Win 7,right click on jre-7u2-windows-i586.exe [jre-7u1-windows-x64.exe if running Vista/Win 7 64bit] and select Run as Administrator.
Download/unzip JavaRa 1.16 to your desktop.
Double click the JavaRa icon  ,press 'Remove Older Versions'.
Then click 'Additional Tasks',place a check in the box 'Remove Useless JRE Files',then click 'Go!',follow the prompts.
Exit JavaRa.
Once you've done the above,let me know how your pc is running.
___________________________________________________________
|
|
|
|
