FrodoFraggins
-
Posts
4 -
Joined
-
Last visited
-
Yet another Google/Bing redirect problem
FrodoFraggins replied to FrodoFraggins's topic in Resolved Malware Removal Logs
I noticed many people were told to run the ESET scanner and so I downloaded and ran it. It found several problems. I'll see what happens after a reboot. =========================================================== ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255) # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial= # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-08-05 04:38:26 # local_time=2011-08-05 12:38:26 (-0500, Eastern Daylight Time) # country="United States" # lang=9 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1280 16777215 100 0 35731424 35731424 0 0 # compatibility_mode=5893 16776573 100 94 0 64084778 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=299461 # found=9 # cleaned=9 # scan_time=20979 C:\Users\Jon\AppData\Local\Google\Chrome\User Data\Default\Default\kdkncjcpidbofmenapbcldodbdcoccmn\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Jon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\42d6ad16-45b5d13f Java/TrojanDownloader.OpenStream.NCA trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Jon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\35d60d30-62694c02 Java/TrojanDownloader.OpenStream.NCA trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\3td10pv5.default\extensions\{3ca6f453-e739-479a-bfb4-14e47eddee94}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\3td10pv5.default\extensions\{3ca6f453-e739-479a-bfb4-14e47eddee94}\chrome\xulcache.jar JS/Agent.NDJ trojan (deleted (after the next restart) - quarantined) 00000000000000000000000000000000 C E:\My Files(Babylon5)\desktop\links\FreeMp3WmaOggConverter.exe Win32/Adware.OneStep application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C E:\BABYLON6\Backup Set 2011-07-26 235954\Backup Files 2011-07-26 235954\Backup files 3.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C E:\BABYLON6\Backup Set 2011-07-26 235954\Backup Files 2011-07-26 235954\Backup files 6.zip Win32/TrojanDownloader.Tracur.F trojan (deleted - quarantined) 00000000000000000000000000000000 C E:\BABYLON6\Backup Set 2011-07-26 235954\Backup Files 2011-07-26 235954\Backup files 7.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C -
Yet another Google/Bing redirect problem
FrodoFraggins replied to FrodoFraggins's topic in Resolved Malware Removal Logs
I've run TDSSKiller and it didn't find anything ========================================== 2011/08/05 06:20:35.0830 6880 TDSS rootkit removing tool 2.5.13.0 Jul 29 2011 17:24:11 2011/08/05 06:20:36.0151 6880 ================================================================================ 2011/08/05 06:20:36.0151 6880 SystemInfo: 2011/08/05 06:20:36.0151 6880 2011/08/05 06:20:36.0151 6880 OS Version: 6.1.7601 ServicePack: 1.0 2011/08/05 06:20:36.0151 6880 Product type: Workstation 2011/08/05 06:20:36.0151 6880 ComputerName: BABYLON6 2011/08/05 06:20:36.0151 6880 UserName: Jon 2011/08/05 06:20:36.0152 6880 Windows directory: C:\Windows 2011/08/05 06:20:36.0152 6880 System windows directory: C:\Windows 2011/08/05 06:20:36.0152 6880 Running under WOW64 2011/08/05 06:20:36.0152 6880 Processor architecture: Intel x64 2011/08/05 06:20:36.0152 6880 Number of processors: 2 2011/08/05 06:20:36.0152 6880 Page size: 0x1000 2011/08/05 06:20:36.0152 6880 Boot type: Normal boot 2011/08/05 06:20:36.0152 6880 ================================================================================ 2011/08/05 06:20:40.0733 6880 Initialize success 2011/08/05 06:20:43.0904 7048 ================================================================================ 2011/08/05 06:20:43.0904 7048 Scan started 2011/08/05 06:20:43.0904 7048 Mode: Manual; 2011/08/05 06:20:43.0904 7048 ================================================================================ 2011/08/05 06:20:46.0633 7048 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 2011/08/05 06:20:46.0689 7048 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 2011/08/05 06:20:46.0735 7048 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 2011/08/05 06:20:46.0823 7048 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/08/05 06:20:46.0857 7048 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/08/05 06:20:46.0886 7048 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/08/05 06:20:46.0967 7048 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 2011/08/05 06:20:47.0029 7048 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 2011/08/05 06:20:47.0062 7048 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 2011/08/05 06:20:47.0108 7048 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 2011/08/05 06:20:47.0140 7048 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/08/05 06:20:47.0316 7048 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/05 06:20:47.0524 7048 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys 2011/08/05 06:20:47.0574 7048 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/08/05 06:20:47.0622 7048 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys 2011/08/05 06:20:47.0646 7048 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/08/05 06:20:47.0668 7048 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys 2011/08/05 06:20:47.0717 7048 AODDriver2 (70a0ec81a6135df75b757954c3f6e4d5) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys 2011/08/05 06:20:47.0819 7048 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 2011/08/05 06:20:47.0849 7048 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/08/05 06:20:47.0876 7048 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/08/05 06:20:47.0950 7048 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/05 06:20:48.0012 7048 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 2011/08/05 06:20:48.0124 7048 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys 2011/08/05 06:20:48.0183 7048 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/08/05 06:20:48.0216 7048 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/08/05 06:20:48.0260 7048 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/08/05 06:20:48.0315 7048 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/08/05 06:20:48.0383 7048 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/05 06:20:48.0442 7048 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/08/05 06:20:48.0462 7048 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/08/05 06:20:48.0515 7048 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/08/05 06:20:48.0542 7048 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/08/05 06:20:48.0575 7048 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/08/05 06:20:48.0592 7048 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/08/05 06:20:48.0611 7048 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/08/05 06:20:48.0639 7048 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/05 06:20:48.0692 7048 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 2011/08/05 06:20:48.0708 7048 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/08/05 06:20:48.0775 7048 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/08/05 06:20:48.0881 7048 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/08/05 06:20:48.0956 7048 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 2011/08/05 06:20:49.0020 7048 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 2011/08/05 06:20:49.0051 7048 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/08/05 06:20:49.0103 7048 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 2011/08/05 06:20:49.0156 7048 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/08/05 06:20:49.0228 7048 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 2011/08/05 06:20:49.0250 7048 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/08/05 06:20:49.0271 7048 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/08/05 06:20:49.0330 7048 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/08/05 06:20:49.0431 7048 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/05 06:20:49.0501 7048 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/08/05 06:20:49.0618 7048 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/08/05 06:20:49.0645 7048 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 2011/08/05 06:20:49.0682 7048 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys 2011/08/05 06:20:49.0713 7048 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/08/05 06:20:49.0747 7048 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/08/05 06:20:49.0768 7048 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/05 06:20:49.0810 7048 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/08/05 06:20:49.0843 7048 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/08/05 06:20:49.0867 7048 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/05 06:20:49.0911 7048 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 2011/08/05 06:20:49.0949 7048 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/08/05 06:20:50.0051 7048 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/05 06:20:50.0127 7048 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/08/05 06:20:50.0168 7048 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/08/05 06:20:50.0216 7048 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys 2011/08/05 06:20:50.0267 7048 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys 2011/08/05 06:20:50.0288 7048 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/08/05 06:20:50.0348 7048 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 2011/08/05 06:20:50.0406 7048 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 2011/08/05 06:20:50.0452 7048 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/08/05 06:20:50.0470 7048 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/08/05 06:20:50.0509 7048 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/08/05 06:20:50.0569 7048 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/05 06:20:50.0656 7048 hitmanpro35 (63c0be20a6db9824951e5c2d4116503c) C:\Windows\system32\drivers\hitmanpro35.sys 2011/08/05 06:20:50.0743 7048 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 2011/08/05 06:20:50.0795 7048 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 2011/08/05 06:20:50.0843 7048 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 2011/08/05 06:20:50.0883 7048 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 2011/08/05 06:20:50.0930 7048 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys 2011/08/05 06:20:50.0959 7048 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/08/05 06:20:51.0019 7048 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 2011/08/05 06:20:51.0053 7048 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/05 06:20:51.0106 7048 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/05 06:20:51.0139 7048 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 2011/08/05 06:20:51.0153 7048 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/08/05 06:20:51.0171 7048 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/08/05 06:20:51.0198 7048 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 2011/08/05 06:20:51.0253 7048 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 2011/08/05 06:20:51.0296 7048 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 2011/08/05 06:20:51.0339 7048 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 2011/08/05 06:20:51.0407 7048 kl1 (db449f50e5141458eb58e64ffac4863f) C:\Windows\system32\DRIVERS\kl1.sys 2011/08/05 06:20:51.0472 7048 KLBG (87200a8afe40532baa4d2b24a7ba0eea) C:\Windows\system32\DRIVERS\klbg.sys 2011/08/05 06:20:51.0527 7048 KLIF (09bad645d3843669c281431c7df2db2e) C:\Windows\system32\DRIVERS\klif.sys 2011/08/05 06:20:51.0569 7048 KLIM6 (630f22545379437737cf4172f09fe449) C:\Windows\system32\DRIVERS\klim6.sys 2011/08/05 06:20:51.0629 7048 klmouflt (786791291939abb11f6d0f040da23912) C:\Windows\system32\DRIVERS\klmouflt.sys 2011/08/05 06:20:51.0688 7048 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/05 06:20:51.0753 7048 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 2011/08/05 06:20:51.0795 7048 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/08/05 06:20:51.0909 7048 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys 2011/08/05 06:20:51.0986 7048 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys 2011/08/05 06:20:52.0066 7048 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/05 06:20:52.0114 7048 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/08/05 06:20:52.0173 7048 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/08/05 06:20:52.0231 7048 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/08/05 06:20:52.0286 7048 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/08/05 06:20:52.0350 7048 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/08/05 06:20:52.0400 7048 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys 2011/08/05 06:20:52.0484 7048 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/08/05 06:20:52.0523 7048 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/08/05 06:20:52.0578 7048 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/08/05 06:20:52.0630 7048 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/05 06:20:52.0722 7048 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 2011/08/05 06:20:52.0756 7048 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/05 06:20:52.0807 7048 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 2011/08/05 06:20:52.0849 7048 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 2011/08/05 06:20:52.0903 7048 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/05 06:20:52.0965 7048 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 2011/08/05 06:20:53.0016 7048 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/05 06:20:53.0062 7048 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/05 06:20:53.0101 7048 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/05 06:20:53.0145 7048 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 2011/08/05 06:20:53.0167 7048 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 2011/08/05 06:20:53.0236 7048 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/08/05 06:20:53.0271 7048 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/08/05 06:20:53.0322 7048 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 2011/08/05 06:20:53.0354 7048 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/05 06:20:53.0392 7048 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/05 06:20:53.0411 7048 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/08/05 06:20:53.0458 7048 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 2011/08/05 06:20:53.0503 7048 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 2011/08/05 06:20:53.0531 7048 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/08/05 06:20:53.0558 7048 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/08/05 06:20:53.0594 7048 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/08/05 06:20:53.0633 7048 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/05 06:20:53.0705 7048 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 2011/08/05 06:20:53.0741 7048 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/08/05 06:20:53.0774 7048 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/05 06:20:53.0815 7048 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/05 06:20:53.0873 7048 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/05 06:20:53.0903 7048 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 2011/08/05 06:20:53.0965 7048 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/05 06:20:54.0073 7048 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/05 06:20:54.0167 7048 netr28ux (26672f93749ac9fd28da1b0f94efa78d) C:\Windows\system32\DRIVERS\netr28ux.sys 2011/08/05 06:20:54.0259 7048 networx (3a02e2cf4cc836abe474b5bd63719772) C:\Windows\system32\drivers\networx.sys 2011/08/05 06:20:54.0331 7048 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/08/05 06:20:54.0365 7048 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/08/05 06:20:54.0393 7048 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/05 06:20:54.0464 7048 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys 2011/08/05 06:20:54.0508 7048 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/08/05 06:20:54.0612 7048 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys 2011/08/05 06:20:54.0646 7048 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys 2011/08/05 06:20:54.0688 7048 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 2011/08/05 06:20:54.0723 7048 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 2011/08/05 06:20:54.0757 7048 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/08/05 06:20:54.0828 7048 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 2011/08/05 06:20:54.0909 7048 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 2011/08/05 06:20:54.0954 7048 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/08/05 06:20:55.0032 7048 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/08/05 06:20:55.0101 7048 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/08/05 06:20:55.0137 7048 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/08/05 06:20:55.0203 7048 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/05 06:20:55.0218 7048 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/08/05 06:20:55.0276 7048 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/05 06:20:55.0319 7048 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/08/05 06:20:55.0371 7048 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/08/05 06:20:55.0408 7048 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/05 06:20:55.0431 7048 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/05 06:20:55.0469 7048 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/08/05 06:20:55.0519 7048 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/05 06:20:55.0541 7048 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/05 06:20:55.0571 7048 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/05 06:20:55.0622 7048 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/05 06:20:55.0666 7048 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/08/05 06:20:55.0715 7048 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/05 06:20:55.0740 7048 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/05 06:20:55.0770 7048 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/08/05 06:20:55.0845 7048 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 2011/08/05 06:20:55.0883 7048 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 2011/08/05 06:20:55.0972 7048 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys 2011/08/05 06:20:56.0024 7048 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/05 06:20:56.0075 7048 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/08/05 06:20:56.0160 7048 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 2011/08/05 06:20:56.0204 7048 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 2011/08/05 06:20:56.0233 7048 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/08/05 06:20:56.0271 7048 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/08/05 06:20:56.0312 7048 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/08/05 06:20:56.0376 7048 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/08/05 06:20:56.0456 7048 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/08/05 06:20:56.0534 7048 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/05 06:20:56.0710 7048 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/05 06:20:56.0872 7048 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/08/05 06:20:56.0954 7048 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/08/05 06:20:56.0996 7048 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/08/05 06:20:57.0034 7048 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/08/05 06:20:57.0128 7048 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/08/05 06:20:57.0242 7048 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys 2011/08/05 06:20:57.0328 7048 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 2011/08/05 06:20:57.0376 7048 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/05 06:20:57.0404 7048 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/05 06:20:57.0465 7048 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/08/05 06:20:57.0528 7048 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 2011/08/05 06:20:57.0605 7048 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys 2011/08/05 06:20:57.0672 7048 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/05 06:20:57.0725 7048 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/05 06:20:57.0758 7048 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/08/05 06:20:57.0787 7048 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/08/05 06:20:57.0852 7048 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/05 06:20:57.0904 7048 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 2011/08/05 06:20:57.0963 7048 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/05 06:20:58.0050 7048 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 2011/08/05 06:20:58.0102 7048 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/05 06:20:58.0132 7048 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/08/05 06:20:58.0193 7048 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/05 06:20:58.0236 7048 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/05 06:20:58.0257 7048 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 2011/08/05 06:20:58.0280 7048 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/08/05 06:20:58.0344 7048 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 2011/08/05 06:20:58.0394 7048 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys 2011/08/05 06:20:58.0449 7048 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 2011/08/05 06:20:58.0500 7048 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 2011/08/05 06:20:58.0526 7048 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 2011/08/05 06:20:58.0550 7048 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 2011/08/05 06:20:58.0588 7048 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/05 06:20:58.0649 7048 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS 2011/08/05 06:20:58.0676 7048 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 2011/08/05 06:20:58.0709 7048 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 2011/08/05 06:20:58.0737 7048 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/05 06:20:58.0781 7048 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/08/05 06:20:58.0914 7048 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 2011/08/05 06:20:58.0975 7048 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 2011/08/05 06:20:59.0038 7048 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 2011/08/05 06:20:59.0094 7048 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 2011/08/05 06:20:59.0151 7048 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 2011/08/05 06:20:59.0185 7048 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/08/05 06:20:59.0232 7048 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2011/08/05 06:20:59.0289 7048 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/08/05 06:20:59.0335 7048 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/08/05 06:20:59.0403 7048 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/05 06:20:59.0421 7048 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/05 06:20:59.0469 7048 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/08/05 06:20:59.0521 7048 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/05 06:20:59.0605 7048 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/08/05 06:20:59.0643 7048 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/08/05 06:20:59.0727 7048 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/05 06:20:59.0772 7048 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/05 06:20:59.0868 7048 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 2011/08/05 06:20:59.0964 7048 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/08/05 06:20:59.0975 7048 MBR (0x1B8) (08b26729634452d0c2889c002b1bb97c) \Device\Harddisk1\DR1 2011/08/05 06:21:00.0587 7048 Boot (0x1200) (16416200ad92e69f703b91876108c6d0) \Device\Harddisk0\DR0\Partition0 2011/08/05 06:21:00.0613 7048 Boot (0x1200) (d344e1cd6f120c9eff6e447618130f5f) \Device\Harddisk0\DR0\Partition1 2011/08/05 06:21:00.0622 7048 Boot (0x1200) (9f646c5e23595e830a08f6c64c36d032) \Device\Harddisk1\DR1\Partition0 2011/08/05 06:21:00.0626 7048 ================================================================================ 2011/08/05 06:21:00.0626 7048 Scan finished 2011/08/05 06:21:00.0626 7048 ================================================================================ 2011/08/05 06:21:00.0634 7036 Detected object count: 0 2011/08/05 06:21:00.0634 7036 Actual detected object count: 0 -
Yet another Google/Bing redirect problem
FrodoFraggins replied to FrodoFraggins's topic in Resolved Malware Removal Logs
I'm not sure if bumping is allowed but my post is on its way to the third page and I'm not sure if threads there even get seen. Thanks to anyone offering help. -
The only hint of a problem I can find is if uTorrent is open MWB has to block incoming and outgoing communications. I've run full MWB and Kaspersky scans to no avail. This is my first time posting here, but hopefully I'm following the process as defined in the "I'm infected - What do I do now" thread. ================================================== Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7364 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 8/4/2011 8:54:51 AM mbam-log-2011-08-04 (08-54-51).txt Scan type: Quick scan Objects scanned: 185350 Time elapsed: 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ================================================================================= . DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_20 Run by Jon at 9:26:59 on 2011-08-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2456 [GMT -4:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} AV: Kaspersky Internet Security *Disabled/Updated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE} SP: Kaspersky Internet Security *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Disabled/Outdated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Kaspersky Internet Security *Disabled* {9626F52E-C560-D06F-0A42-2E08BA60B3D5} FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe C:\Windows\system32\svchost.exe -k apphost c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtblfs.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678 uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe BHO: {0000b013-ff29-47e9-a253-88944e569987} - C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-032.dll BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll TB: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [<NO NAME>] mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204 IE: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{6DD9BA09-FFB6-4E71-9A4B-4D87F706E4BC} : DhcpNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{6DD9BA09-FFB6-4E71-9A4B-4D87F706E4BC}\C696E6B6379737 : DhcpNameServer = 68.87.71.230 68.87.73.246 TCP: Interfaces\{9819AA63-441A-4270-8B98-8BEE735D5CC6} : DhcpNameServer = 68.87.71.230 68.87.73.246 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-032.dll BHO-X64: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll BHO-X64: btorbit.com - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll BHO-X64: Winamp Toolbar Loader - No File BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO-X64: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO-X64: Ask Toolbar BHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll TB-X64: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [(Default)] mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\3td10pv5.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Conduit Engine Customized Web Search FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query= FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll FF - plugin: C:\Users\Jon\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} FF - Ext: XUL Cache: {3ca6f453-e739-479a-bfb4-14e47eddee94} - %profile%\extensions\{3ca6f453-e739-479a-bfb4-14e47eddee94} . ============= SERVICES / DRIVERS =============== . R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?] R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R1 networx;networx;C:\Windows\system32\drivers\networx.sys --> C:\Windows\system32\drivers\networx.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-4-23 136616] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-7-23 366640] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AODDriver2;AODDriver2;C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-4-23 52352] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 AVP;Kaspersky Internet Security;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340520] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-3-9 2151640] S2 RpcEptMapper32;RPC Endpoint Mapper ;C:\Windows\system32\whealogr32.exe --> C:\Windows\system32\whealogr32.exe [?] S3 etdrv;etdrv;C:\Windows\etdrv.sys [2010-6-17 25640] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-6-16 30528] S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro35.sys --> C:\Windows\system32\drivers\hitmanpro35.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-3-9 17152] S3 netr28ux;Belkin USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] . =============== Created Last 30 ================ . 2011-08-03 20:21:43 23112 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys 2011-08-03 20:21:40 -------- d-----w- C:\Program Files\Hitman Pro 3.5 2011-08-03 20:20:23 -------- d-----w- C:\ProgramData\Hitman Pro 2011-08-02 12:58:36 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EEE66BC2-5EDE-402A-A92E-7CF3EF53F2E5}\mpengine.dll 2011-07-21 02:23:39 -------- d-----w- C:\Windows\SysWow64\Updates 2011-07-21 02:23:35 -------- d-----w- C:\Windows\SysWow64\Data 2011-07-18 17:57:12 -------- d-----w- C:\Users\Jon\AppData\Local\Microsoft Games 2011-07-16 01:39:27 217088 ----a-w- C:\Windows\SysWow64\libmySQL.dll 2011-07-16 01:39:27 102400 ----a-w- C:\Windows\SysWow64\TrackerNET.dll 2011-07-16 01:38:16 -------- d-----w- C:\Windows\solcache 2011-07-16 01:37:02 231936 ----a-w- C:\Windows\SysWow64\SNWValid.dll 2011-07-16 01:37:02 1022976 ----a-w- C:\Windows\SysWow64\SierraNW.dll 2011-07-16 01:37:02 -------- d-----w- C:\Program Files (x86)\Sierra On-Line 2011-07-16 01:36:37 306688 ----a-w- C:\Windows\IsUninst.exe 2011-07-13 11:23:57 3137536 ----a-w- C:\Windows\System32\win32k.sys 2011-07-11 11:26:18 -------- d-----w- C:\Program Files\gs 2011-07-08 20:28:26 -------- d-----w- C:\Program Files (x86)\AMD APP 2011-07-08 20:28:24 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2011-07-08 20:27:28 -------- d-----w- C:\Program Files\ATI 2011-07-08 20:20:38 -------- d-----w- C:\Program Files\CCleaner 2011-07-08 19:55:55 -------- d-----w- C:\ATI 2011-07-08 09:28:23 -------- d-----w- C:\Users\Jon\AppData\Local\Funcom 2011-07-08 09:28:05 -------- d-----w- C:\ProgramData\media center programs 2011-07-06 10:44:48 -------- d-----w- C:\Download 2011-07-06 10:44:11 -------- d-----w- C:\ProgramData\xOcean 2011-07-06 10:44:04 -------- d-----w- C:\Program Files (x86)\BlastShark . ==================== Find3M ==================== . 2011-07-06 23:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 23:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-07-01 21:34:16 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2011-06-20 01:40:36 175616 ----a-w- C:\Windows\System32\msclmd.dll 2011-06-20 01:40:36 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2011-06-19 00:15:07 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll 2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-06-02 17:53:02 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll 2011-05-28 03:30:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-05-28 02:53:58 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-05-25 04:26:56 9359872 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2011-05-25 03:53:28 23336960 ----a-w- C:\Windows\System32\atio6axx.dll 2011-05-25 03:44:30 61952 ----a-w- C:\Windows\System32\OVDecode64.dll 2011-05-25 03:44:26 59904 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2011-05-25 03:44:14 53760 ----a-w- C:\Windows\System32\OpenCL.dll 2011-05-25 03:44:10 51712 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2011-05-25 03:44:04 16672768 ----a-w- C:\Windows\System32\amdocl64.dll 2011-05-25 03:43:50 12798976 ----a-w- C:\Windows\SysWow64\amdocl.dll 2011-05-25 03:31:38 17940992 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2011-05-25 03:07:58 151552 ----a-w- C:\Windows\System32\atiapfxx.exe 2011-05-25 03:07:48 688128 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2011-05-25 03:06:38 811008 ----a-w- C:\Windows\System32\aticfx64.dll 2011-05-25 03:04:16 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2011-05-25 03:04:10 485376 ----a-w- C:\Windows\System32\atieclxx.exe 2011-05-25 03:03:38 204288 ----a-w- C:\Windows\System32\atiesrxx.exe 2011-05-25 03:02:30 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2011-05-25 03:02:16 423424 ----a-w- C:\Windows\System32\atipdl64.dll 2011-05-25 03:02:10 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll 2011-05-25 03:02:00 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll 2011-05-25 03:01:54 16384 ----a-w- C:\Windows\System32\atimuixx.dll 2011-05-25 03:01:50 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2011-05-25 03:01:46 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2011-05-25 03:00:00 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll 2011-05-25 02:59:38 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll 2011-05-25 02:59:26 3810816 ----a-w- C:\Windows\System32\atiumd6a.dll 2011-05-25 02:58:52 4219904 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2011-05-25 02:50:38 4017152 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2011-05-25 02:49:44 5008384 ----a-w- C:\Windows\System32\atidxx64.dll 2011-05-25 02:47:40 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2011-05-25 02:47:38 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2011-05-25 02:47:30 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2011-05-25 02:47:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2011-05-25 02:47:18 8489472 ----a-w- C:\Windows\System32\aticaldd64.dll 2011-05-25 02:43:52 6847488 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2011-05-25 02:39:16 4330496 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2011-05-25 02:38:18 53760 ----a-w- C:\Windows\System32\atimpc64.dll 2011-05-25 02:38:18 53760 ----a-w- C:\Windows\System32\amdpcom64.dll 2011-05-25 02:38:14 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2011-05-25 02:38:14 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2011-05-25 02:33:04 5486592 ----a-w- C:\Windows\System32\atiumd64.dll 2011-05-25 02:26:18 366592 ----a-w- C:\Windows\System32\atiadlxx.dll 2011-05-25 02:26:12 262144 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2011-05-25 02:26:04 14848 ----a-w- C:\Windows\System32\atig6pxx.dll 2011-05-25 02:26:00 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2011-05-25 02:26:00 12800 ----a-w- C:\Windows\System32\atiglpxx.dll 2011-05-25 02:25:58 39936 ----a-w- C:\Windows\System32\atig6txx.dll 2011-05-25 02:25:48 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2011-05-25 02:25:42 309760 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2011-05-25 02:24:58 40960 ----a-w- C:\Windows\System32\atiuxp64.dll 2011-05-25 02:24:50 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2011-05-25 02:24:44 38912 ----a-w- C:\Windows\System32\atiu9p64.dll 2011-05-25 02:24:36 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2011-05-25 02:24:08 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2011-05-25 02:19:00 58880 ----a-w- C:\Windows\System32\coinst.dll 2011-05-24 23:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-05-14 07:25:06 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-05-14 07:25:06 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-05-14 07:25:06 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-05-14 07:24:33 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-05-14 07:22:25 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-05-14 07:16:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2011-05-14 06:28:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-05-14 06:24:36 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-05-14 06:24:08 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-05-14 06:22:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-05-14 04:20:05 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-05-14 04:20:03 2048 ----a-w- C:\Windows\SysWow64\user.exe . ============= FINISH: 9:27:22.38 =============== The attachment didn't seem to work so here are the other logs: ================================================================================== GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-08-04 09:25:51 Windows 6.1.7601 Service Pack 1 Running: 2xnlrem8.exe ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x93 0xA4 0xF2 0x28 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8C 0xB8 0xC5 0x11 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6D 0x97 0x4A 0x88 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x93 0xA4 0xF2 0x28 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8C 0xB8 0xC5 0x11 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x6D 0x97 0x4A 0x88 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{38565A5D-1698-6228-00BF-13D402E258E2} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{38565A5D-1698-6228-00BF-13D402E258E2}@hadidenianadgnnk 0x6A 0x61 0x69 0x65 ... ---- EOF - GMER 1.0.15 ---- . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-06-23.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/16/2010 3:53:12 AM System Uptime: 8/4/2011 8:44:54 AM (1 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | GA-890GPA-UD3H Processor: AMD Phenom II X4 965 Processor | Socket M2 | 782/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 931 GiB total, 375.217 GiB free. D: is CDROM (CDFS) E: is FIXED (FAT32) - 596 GiB total, 257.563 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP236: 7/22/2011 9:55:24 AM - Windows Update RP237: 7/24/2011 7:00:11 PM - Windows Backup RP238: 7/26/2011 2:30:03 PM - Windows Update RP239: 7/26/2011 11:59:56 PM - Windows Backup RP240: 7/29/2011 7:46:00 PM - Windows Update RP241: 8/2/2011 8:57:19 AM - Windows Update RP242: 8/3/2011 5:00:24 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent ABC Amber EPS Converter AC3File 0.7b AC3Filter 1.63b Ad-Aware Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.5 Age of Conan - Hyborian Adventures Alganon AMD OverDrive Amnesia - The Dark Descent Apple Application Support Apple Software Update Ask Toolbar AudioConverter Studio 6.0 Baldur's Gate II - Shadows of Amn Baseball Mogul 2011 Baseball Mogul 2012 Belkin F5D8053 N Wireless USB Adapter Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center HydraVision Full Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Conduit Engine Diablo II DivX Setup EPS Viewer Football Mogul 2011 DEMO Google Chrome GPL MPEG-1/2 DirectShow Decoder Filter Half-Life Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2455033) HydraVision Inkscape 0.47 IZArc 4.1.2 Java Auto Updater Java 6 Update 20 Kaspersky Internet Security 2010 Last.fm 1.5.4.27091 Malwarebytes' Anti-Malware version 1.51.1.1800 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2008 Browser Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 Express - ENU MiKTeX 2.8 mIRC Mozilla Firefox (3.6.18) Mp3tag v2.46a MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Ultra Edition Nero BurnLite 10 Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Update Notepad++ Orbit Downloader Pando Media Booster ParaView-3.8.0 a cross-platform, open-source visualization system PuTTY development snapshot 2010-06-19:r8967 Quake Shareware 1.06 (installer v0.99a) QuickTime Rampant Logic Postscript Viewer 1.1 Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft Office 2007 System (KB2541012) Security Update for Microsoft Office Excel 2007 (KB2541007) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489) Sierra Utilities Skype Toolbars Skype™ 5.5 SopCast 3.2.9 The Lord of the Rings Online™: Siege of Mirkwood™ v03.01.00.802 Time Adjuster STANDARD 3.1 Unreal Gold Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office OneNote 2007 (KB980729) uTorrentBar Toolbar VC80CRTRedist - 8.0.50727.4053 Veetle TV 0.9.17 Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 1.1.0 Winamp Winamp Detector Plug-in Winamp Remote Winamp Toolbar WinSCP 4.3.2 WinZip 14.5 World of Warcraft Xiph.Org Open Codecs 0.84.17338 . ==== Event Viewer Messages From Past Week ======== . 8/3/2011 4:56:26 PM, Error: Service Control Manager [7024] - The Hitman Pro 3.5 Crusader (Boot) service terminated with service-specific error The operation completed successfully.. 8/2/2011 6:18:40 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 7/28/2011 10:31:44 PM, Error: Service Control Manager [7034] - The RPC Endpoint Mapper service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File =========================== ===================================================================================================