Desktop shorts not working & computer slow

Forum Guidelines

Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

Posted Image

Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.

Posted Image

DO NOT RUN ComboFix unless requested to.

Posted Image

Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

Posted Image

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Posted Image

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

2 Pages
←
1
2

You cannot start a new topic
This topic is locked

Desktop shorts not working & computer slow Non-windows shortcuts not working & computer runs slow

#16 golf2beach

New Member

Group: Members
Posts: 13
Joined: 26-January 12

Posted 07 February 2012 - 11:24 PM

Hi Gringo -

Pasted below is the report after I ran the TDSSKILLER. It did not detect any infected or suspicious files. My laptop status is still the same, slow and non-windows (new and old)shortcuts not working.

golf2beach

22:17:41.0000 3140 TDSS rootkit removing tool 2.7.10.0 Feb 7 2012 15:14:46
22:17:42.0328 3140 ============================================================
22:17:42.0328 3140 Current date / time: 2012/02/07 22:17:42.0328
22:17:42.0328 3140 SystemInfo:
22:17:42.0328 3140
22:17:42.0328 3140 OS Version: 5.1.2600 ServicePack: 3.0
22:17:42.0328 3140 Product type: Workstation
22:17:42.0328 3140 ComputerName: LAPTOP
22:17:42.0328 3140 UserName: Rick
22:17:42.0328 3140 Windows directory: C:\WINDOWS
22:17:42.0328 3140 System windows directory: C:\WINDOWS
22:17:42.0328 3140 Processor architecture: Intel x86
22:17:42.0328 3140 Number of processors: 2
22:17:42.0328 3140 Page size: 0x1000
22:17:42.0328 3140 Boot type: Normal boot
22:17:42.0328 3140 ============================================================
22:17:45.0406 3140 Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 (73.13 Gb), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:17:45.0421 3140 \Device\Harddisk0\DR0:
22:17:45.0421 3140 MBR used
22:17:45.0421 3140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x6970062
22:17:45.0437 3140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x6987927, BlocksNum 0x205B801
22:17:45.0750 3140 Initialize success
22:17:45.0750 3140 ============================================================
22:18:18.0375 5592 ============================================================
22:18:18.0375 5592 Scan started
22:18:18.0375 5592 Mode: Manual;
22:18:18.0375 5592 ============================================================
22:18:18.0718 5592 a2acc (71574a98093d94bdbb3cb74e272d29a5) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
22:18:18.0750 5592 a2acc - ok
22:18:19.0390 5592 Abiosdsk - ok
22:18:19.0796 5592 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:18:19.0812 5592 abp480n5 - ok
22:18:20.0531 5592 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:18:20.0531 5592 ACPI - ok
22:18:21.0156 5592 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:18:21.0171 5592 ACPIEC - ok
22:18:21.0609 5592 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:18:21.0656 5592 adpu160m - ok
22:18:22.0343 5592 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:18:22.0421 5592 aec - ok
22:18:22.0921 5592 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:18:22.0984 5592 AegisP - ok
22:18:23.0625 5592 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:18:23.0703 5592 AFD - ok
22:18:24.0343 5592 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:18:24.0406 5592 agp440 - ok
22:18:24.0843 5592 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:18:24.0875 5592 agpCPQ - ok
22:18:25.0546 5592 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:18:25.0562 5592 Aha154x - ok
22:18:26.0218 5592 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:18:26.0250 5592 aic78u2 - ok
22:18:26.0656 5592 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:18:26.0687 5592 aic78xx - ok
22:18:27.0296 5592 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:18:27.0312 5592 AliIde - ok
22:18:27.0750 5592 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:18:27.0781 5592 alim1541 - ok
22:18:28.0453 5592 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:18:28.0484 5592 amdagp - ok
22:18:28.0859 5592 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:18:28.0875 5592 amsint - ok
22:18:29.0484 5592 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
22:18:29.0500 5592 APPDRV - ok
22:18:29.0968 5592 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:18:30.0062 5592 Arp1394 - ok
22:18:30.0593 5592 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:18:30.0625 5592 asc - ok
22:18:31.0531 5592 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:18:31.0546 5592 asc3350p - ok
22:18:31.0937 5592 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:18:31.0953 5592 asc3550 - ok
22:18:32.0562 5592 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
22:18:32.0562 5592 ASCTRM - ok
22:18:33.0015 5592 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:18:33.0062 5592 AsyncMac - ok
22:18:33.0687 5592 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:18:33.0687 5592 atapi - ok
22:18:34.0234 5592 Atdisk - ok
22:18:35.0812 5592 ati2mtag (2573c08729dd52b7b4f18df1592e0b37) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:18:36.0968 5592 ati2mtag - ok
22:18:37.0703 5592 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:18:37.0734 5592 Atmarpc - ok
22:18:38.0156 5592 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:18:38.0234 5592 audstub - ok
22:18:38.0875 5592 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:18:38.0875 5592 bcm4sbxp - ok
22:18:39.0468 5592 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:18:39.0484 5592 Beep - ok
22:18:39.0750 5592 catchme - ok
22:18:40.0218 5592 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:18:40.0234 5592 cbidf - ok
22:18:40.0671 5592 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:18:40.0671 5592 cbidf2k - ok
22:18:41.0140 5592 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:18:41.0140 5592 cd20xrnt - ok
22:18:41.0750 5592 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:18:41.0765 5592 Cdaudio - ok
22:18:42.0234 5592 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:18:42.0234 5592 Cdfs - ok
22:18:42.0843 5592 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:18:42.0875 5592 Cdrom - ok
22:18:43.0546 5592 cfwids (7fd604cd7a7a0ff8975af61bdf64c577) C:\WINDOWS\system32\drivers\cfwids.sys
22:18:43.0578 5592 cfwids - ok
22:18:43.0984 5592 Changer - ok
22:18:44.0609 5592 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:18:44.0609 5592 CmBatt - ok
22:18:45.0000 5592 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:18:45.0000 5592 CmdIde - ok
22:18:45.0625 5592 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:18:45.0625 5592 Compbatt - ok
22:18:46.0046 5592 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:18:46.0062 5592 Cpqarray - ok
22:18:46.0765 5592 CVirtA (5c706c06c1279952d2cc1a609ca948bf) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
22:18:46.0765 5592 CVirtA - ok
22:18:47.0453 5592 CVPNDRVA (5ba042bcab6246c6bba51606afd7b488) C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
22:18:47.0718 5592 CVPNDRVA - ok
22:18:48.0156 5592 cvspydr2 (c6644d1a70c050fdd7ecbe8c3ac05313) C:\WINDOWS\system32\DRIVERS\cvspydr2.sys
22:18:48.0171 5592 cvspydr2 - ok
22:18:48.0890 5592 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:18:49.0000 5592 dac2w2k - ok
22:18:49.0609 5592 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:18:49.0625 5592 dac960nt - ok
22:18:50.0046 5592 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:18:50.0046 5592 Disk - ok
22:18:51.0093 5592 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:18:51.0781 5592 dmboot - ok
22:18:52.0328 5592 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:18:52.0328 5592 dmio - ok
22:18:52.0921 5592 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:18:52.0937 5592 dmload - ok
22:18:53.0343 5592 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:18:53.0421 5592 DMusic - ok
22:18:54.0046 5592 DNE (2eddbb3ef1dd5a28cb07c149d36e7286) C:\WINDOWS\system32\DRIVERS\dne2000.sys
22:18:54.0109 5592 DNE - ok
22:18:54.0765 5592 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:18:54.0781 5592 dpti2o - ok
22:18:55.0203 5592 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:18:55.0203 5592 drmkaud - ok
22:18:55.0875 5592 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys
22:18:55.0875 5592 drvmcdb - ok
22:18:56.0265 5592 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys
22:18:56.0265 5592 drvnddm - ok
22:18:56.0734 5592 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
22:18:56.0828 5592 DSproct - ok
22:18:57.0703 5592 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:18:57.0765 5592 E100B - ok
22:18:58.0265 5592 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:18:58.0328 5592 Fastfat - ok
22:18:58.0984 5592 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:18:59.0000 5592 Fdc - ok
22:18:59.0687 5592 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:18:59.0718 5592 Fips - ok
22:19:00.0109 5592 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:19:00.0125 5592 Flpydisk - ok
22:19:00.0593 5592 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:19:00.0609 5592 FltMgr - ok
22:19:01.0000 5592 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:19:01.0000 5592 Fs_Rec - ok
22:19:01.0437 5592 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:19:01.0437 5592 Ftdisk - ok
22:19:01.0890 5592 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
22:19:01.0906 5592 GEARAspiWDM - ok
22:19:02.0375 5592 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:19:02.0390 5592 Gpc - ok
22:19:02.0796 5592 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys
22:19:02.0812 5592 grmnusb - ok
22:19:03.0312 5592 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:19:03.0390 5592 HDAudBus - ok
22:19:03.0812 5592 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:19:03.0812 5592 HidUsb - ok
22:19:04.0265 5592 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:19:04.0281 5592 hpn - ok
22:19:04.0781 5592 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:19:04.0812 5592 HPZid412 - ok
22:19:05.0218 5592 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:19:05.0234 5592 HPZipr12 - ok
22:19:05.0656 5592 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:19:05.0671 5592 HPZius12 - ok
22:19:06.0609 5592 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
22:19:07.0140 5592 HSF_DPV - ok
22:19:07.0656 5592 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
22:19:07.0765 5592 HSXHWAZL - ok
22:19:08.0328 5592 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:19:08.0484 5592 HTTP - ok
22:19:08.0875 5592 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:19:08.0890 5592 i2omgmt - ok
22:19:09.0359 5592 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:19:09.0375 5592 i2omp - ok
22:19:09.0906 5592 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:19:09.0953 5592 i8042prt - ok
22:19:10.0406 5592 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:19:10.0421 5592 Imapi - ok
22:19:10.0875 5592 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:19:10.0875 5592 ini910u - ok
22:19:11.0281 5592 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:19:11.0296 5592 IntelIde - ok
22:19:11.0703 5592 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:19:11.0718 5592 intelppm - ok
22:19:12.0171 5592 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:19:12.0187 5592 Ip6Fw - ok
22:19:12.0625 5592 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:19:12.0640 5592 IpFilterDriver - ok
22:19:13.0078 5592 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:19:13.0093 5592 IpInIp - ok
22:19:13.0578 5592 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:19:13.0656 5592 IpNat - ok
22:19:14.0093 5592 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:19:14.0125 5592 IPSec - ok
22:19:14.0546 5592 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:19:14.0546 5592 IRENUM - ok
22:19:15.0000 5592 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:19:15.0000 5592 isapnp - ok
22:19:15.0515 5592 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:19:15.0515 5592 Kbdclass - ok
22:19:16.0031 5592 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:19:16.0125 5592 kmixer - ok
22:19:16.0625 5592 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:19:16.0625 5592 KSecDD - ok
22:19:16.0687 5592 Lavasoft Kernexplorer - ok
22:19:17.0109 5592 Lbd - ok
22:19:17.0468 5592 lbrtfdc - ok
22:19:17.0906 5592 lknuhst (16aa31702b14f0176df86409cc133b64) C:\WINDOWS\system32\DRIVERS\lknuhst.sys
22:19:17.0906 5592 lknuhst - ok
22:19:18.0312 5592 LKNUHUB (9b1eee47969a977da0d26c98c93cbe0b) C:\WINDOWS\system32\DRIVERS\lknuhub.sys
22:19:18.0328 5592 LKNUHUB - ok
22:19:18.0703 5592 lmimirr - ok
22:19:19.0140 5592 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:19:19.0140 5592 mdmxsdk - ok
22:19:19.0609 5592 mfeapfk (113445fc6a858ef453cded5b0a0df665) C:\WINDOWS\system32\drivers\mfeapfk.sys
22:19:19.0609 5592 mfeapfk - ok
22:19:20.0093 5592 mfeavfk (dbf6e1b388d5c070d438c61adb990c30) C:\WINDOWS\system32\drivers\mfeavfk.sys
22:19:20.0171 5592 mfeavfk - ok
22:19:20.0625 5592 mfeavfk01 - ok
22:19:21.0046 5592 mfebopk (a528b15e330edb83ea649be318d841d5) C:\WINDOWS\system32\drivers\mfebopk.sys
22:19:21.0046 5592 mfebopk - ok
22:19:21.0609 5592 mfefirek (c7da1b8003c89acedaa13768f7a1c622) C:\WINDOWS\system32\drivers\mfefirek.sys
22:19:21.0781 5592 mfefirek - ok
22:19:22.0437 5592 mfehidk (5e9679bb2fc4fa38ec8ca906c47acd46) C:\WINDOWS\system32\drivers\mfehidk.sys
22:19:22.0437 5592 mfehidk - ok
22:19:23.0078 5592 mfendisk (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
22:19:23.0125 5592 mfendisk - ok
22:19:23.0187 5592 mfendiskmp (b1728195877b18ce63cf0cd00b2871eb) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
22:19:23.0187 5592 mfendiskmp - ok
22:19:23.0625 5592 mferkdet (ce1711f7c3f72f6762abd241dcfd5ee1) C:\WINDOWS\system32\drivers\mferkdet.sys
22:19:23.0671 5592 mferkdet - ok
22:19:24.0171 5592 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
22:19:24.0187 5592 mferkdk - ok
22:19:24.0625 5592 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
22:19:24.0656 5592 mfesmfk - ok
22:19:25.0109 5592 mfetdi2k (25e12c68b49a64ffc873603dfd578236) C:\WINDOWS\system32\drivers\mfetdi2k.sys
22:19:25.0156 5592 mfetdi2k - ok
22:19:25.0531 5592 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:19:25.0531 5592 mnmdd - ok
22:19:25.0968 5592 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:19:25.0984 5592 Modem - ok
22:19:26.0437 5592 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:19:26.0453 5592 Mouclass - ok
22:19:26.0906 5592 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:19:26.0921 5592 mouhid - ok
22:19:27.0406 5592 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:19:27.0406 5592 MountMgr - ok
22:19:27.0812 5592 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:19:27.0828 5592 mraid35x - ok
22:19:28.0328 5592 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:19:28.0328 5592 MRxDAV - ok
22:19:29.0046 5592 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:19:29.0281 5592 MRxSmb - ok
22:19:29.0718 5592 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:19:29.0718 5592 Msfs - ok
22:19:30.0125 5592 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:19:30.0140 5592 MSKSSRV - ok
22:19:30.0515 5592 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:19:30.0515 5592 MSPCLOCK - ok
22:19:30.0984 5592 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:19:31.0000 5592 MSPQM - ok
22:19:31.0375 5592 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:19:31.0390 5592 mssmbios - ok
22:19:31.0843 5592 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:19:31.0843 5592 Mup - ok
22:19:32.0359 5592 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:19:32.0359 5592 NDIS - ok
22:19:32.0781 5592 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:19:32.0781 5592 NdisTapi - ok
22:19:33.0234 5592 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:19:33.0250 5592 Ndisuio - ok
22:19:33.0671 5592 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:19:33.0718 5592 NdisWan - ok
22:19:34.0171 5592 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:19:34.0171 5592 NDProxy - ok
22:19:34.0625 5592 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:19:34.0625 5592 NetBIOS - ok
22:19:35.0218 5592 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:19:35.0328 5592 NetBT - ok
22:19:35.0796 5592 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:19:35.0796 5592 NIC1394 - ok
22:19:36.0171 5592 notecable - ok
22:19:36.0578 5592 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:19:36.0578 5592 Npfs - ok
22:19:37.0281 5592 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:19:37.0281 5592 Ntfs - ok
22:19:37.0750 5592 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:19:37.0750 5592 Null - ok
22:19:39.0187 5592 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:19:40.0328 5592 nv - ok
22:19:40.0796 5592 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:19:40.0796 5592 NwlnkFlt - ok
22:19:41.0203 5592 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:19:41.0234 5592 NwlnkFwd - ok
22:19:41.0671 5592 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:19:41.0671 5592 ohci1394 - ok
22:19:42.0093 5592 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
22:19:42.0109 5592 omci - ok
22:19:42.0609 5592 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:19:42.0640 5592 Parport - ok
22:19:43.0078 5592 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:19:43.0078 5592 PartMgr - ok
22:19:43.0468 5592 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:19:43.0484 5592 ParVdm - ok
22:19:43.0921 5592 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:19:43.0921 5592 PCI - ok
22:19:44.0296 5592 PCIDump - ok
22:19:44.0671 5592 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:19:44.0671 5592 PCIIde - ok
22:19:45.0140 5592 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:19:45.0203 5592 Pcmcia - ok
22:19:45.0562 5592 PDCOMP - ok
22:19:45.0921 5592 PDFRAME - ok
22:19:46.0296 5592 PDRELI - ok
22:19:46.0671 5592 PDRFRAME - ok
22:19:47.0078 5592 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:19:47.0093 5592 perc2 - ok
22:19:47.0515 5592 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:19:47.0515 5592 perc2hib - ok
22:19:48.0000 5592 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:19:48.0015 5592 PptpMiniport - ok
22:19:48.0437 5592 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:19:48.0484 5592 PSched - ok
22:19:48.0859 5592 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:19:48.0875 5592 Ptilink - ok
22:19:49.0296 5592 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:19:49.0296 5592 PxHelp20 - ok
22:19:49.0703 5592 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:19:49.0718 5592 ql1080 - ok
22:19:50.0171 5592 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:19:50.0187 5592 Ql10wnt - ok
22:19:50.0609 5592 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:19:50.0625 5592 ql12160 - ok
22:19:51.0062 5592 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:19:51.0078 5592 ql1240 - ok
22:19:51.0500 5592 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:19:51.0531 5592 ql1280 - ok
22:19:51.0921 5592 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:19:51.0921 5592 RasAcd - ok
22:19:52.0359 5592 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:19:52.0390 5592 Rasl2tp - ok
22:19:52.0843 5592 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:19:52.0859 5592 RasPppoe - ok
22:19:53.0250 5592 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:19:53.0265 5592 Raspti - ok
22:19:53.0734 5592 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:19:53.0734 5592 Rdbss - ok
22:19:54.0187 5592 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:19:54.0187 5592 RDPCDD - ok
22:19:54.0750 5592 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:19:54.0843 5592 rdpdr - ok
22:19:55.0359 5592 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:19:55.0359 5592 RDPWD - ok
22:19:55.0812 5592 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:19:55.0843 5592 redbook - ok
22:19:56.0312 5592 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:19:56.0328 5592 rimmptsk - ok
22:19:56.0765 5592 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
22:19:56.0796 5592 rimsptsk - ok
22:19:57.0359 5592 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
22:19:57.0531 5592 rismxdp - ok
22:19:58.0046 5592 s24trans (2c0e9e777ab1849b43494626c1f308b5) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:19:58.0046 5592 s24trans - ok
22:19:58.0546 5592 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:19:58.0593 5592 sdbus - ok
22:19:59.0109 5592 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:19:59.0125 5592 Secdrv - ok
22:19:59.0593 5592 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:19:59.0593 5592 serenum - ok
22:20:00.0046 5592 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:20:00.0078 5592 Serial - ok
22:20:00.0515 5592 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:20:00.0515 5592 sffdisk - ok
22:20:00.0890 5592 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:20:00.0906 5592 sffp_sd - ok
22:20:01.0343 5592 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:20:01.0359 5592 Sfloppy - ok
22:20:01.0718 5592 Simbad - ok
22:20:02.0140 5592 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:20:02.0156 5592 sisagp - ok
22:20:02.0578 5592 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:20:02.0593 5592 Sparrow - ok
22:20:03.0046 5592 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:20:03.0046 5592 splitter - ok
22:20:03.0531 5592 sp_rsdrv2 (ccd6e6c387e3efa3ba5fe0e7883821c1) C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
22:20:03.0609 5592 sp_rsdrv2 - ok
22:20:04.0093 5592 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:20:04.0093 5592 sr - ok
22:20:04.0703 5592 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:20:04.0890 5592 Srv - ok
22:20:05.0312 5592 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:20:05.0312 5592 sscdbhk5 - ok
22:20:05.0703 5592 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys
22:20:05.0703 5592 ssrtln - ok
22:20:06.0109 5592 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
22:20:06.0125 5592 StarOpen - ok
22:20:07.0218 5592 STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
22:20:07.0843 5592 STHDA - ok
22:20:08.0328 5592 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
22:20:08.0328 5592 StillCam - ok
22:20:08.0750 5592 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:20:08.0750 5592 swenum - ok
22:20:09.0203 5592 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:20:09.0234 5592 swmidi - ok
22:20:09.0640 5592 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:20:09.0656 5592 symc810 - ok
22:20:10.0125 5592 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:20:10.0140 5592 symc8xx - ok
22:20:10.0546 5592 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:20:10.0562 5592 sym_hi - ok
22:20:10.0968 5592 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:20:10.0984 5592 sym_u3 - ok
22:20:11.0515 5592 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:20:11.0640 5592 SynTP - ok
22:20:12.0187 5592 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:20:12.0234 5592 sysaudio - ok
22:20:12.0890 5592 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:20:13.0093 5592 Tcpip - ok
22:20:13.0531 5592 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:20:13.0546 5592 TDPIPE - ok
22:20:13.0937 5592 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:20:13.0953 5592 TDTCP - ok
22:20:14.0453 5592 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:20:14.0484 5592 TermDD - ok
22:20:14.0968 5592 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys
22:20:14.0984 5592 tfsnboio - ok
22:20:15.0375 5592 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys
22:20:15.0406 5592 tfsncofs - ok
22:20:15.0750 5592 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys
22:20:15.0750 5592 tfsndrct - ok
22:20:16.0093 5592 tfsndres (d8ddb3f2b1bef15cff6728d89c042c61) C:\WINDOWS\system32\dla\tfsndres.sys
22:20:16.0093 5592 tfsndres - ok
22:20:16.0500 5592 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys
22:20:16.0546 5592 tfsnifs - ok
22:20:16.0890 5592 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys
22:20:16.0937 5592 tfsnopio - ok
22:20:17.0281 5592 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys
22:20:17.0296 5592 tfsnpool - ok
22:20:17.0687 5592 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys
22:20:17.0750 5592 tfsnudf - ok
22:20:18.0234 5592 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys
22:20:18.0312 5592 tfsnudfa - ok
22:20:18.0734 5592 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:20:18.0734 5592 TosIde - ok
22:20:19.0218 5592 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:20:19.0250 5592 Udfs - ok
22:20:19.0687 5592 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:20:19.0703 5592 ultra - ok
22:20:20.0312 5592 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:20:20.0515 5592 Update - ok
22:20:20.0968 5592 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:20:21.0000 5592 USBAAPL - ok
22:20:21.0484 5592 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:20:21.0515 5592 usbccgp - ok
22:20:22.0062 5592 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:20:22.0078 5592 usbehci - ok
22:20:22.0500 5592 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:20:22.0531 5592 usbhub - ok
22:20:22.0921 5592 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:20:22.0937 5592 usbprint - ok
22:20:23.0437 5592 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:20:23.0453 5592 usbscan - ok
22:20:23.0890 5592 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:20:23.0906 5592 USBSTOR - ok
22:20:24.0312 5592 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:20:24.0328 5592 usbuhci - ok
22:20:24.0734 5592 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:20:24.0750 5592 VgaSave - ok
22:20:25.0187 5592 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:20:25.0203 5592 viaagp - ok
22:20:25.0640 5592 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:20:25.0640 5592 ViaIde - ok
22:20:26.0125 5592 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:20:26.0125 5592 VolSnap - ok
22:20:26.0656 5592 vsdatant (27b3dd12a19eec50220df15b64913dda) C:\WINDOWS\system32\vsdatant.sys
22:20:26.0906 5592 vsdatant - ok
22:20:28.0125 5592 w39n51 (95c7421f8bafc85ba09d33364058937d) C:\WINDOWS\system32\DRIVERS\w39n51.sys
22:20:28.0140 5592 w39n51 - ok
22:20:28.0625 5592 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:20:28.0656 5592 Wanarp - ok
22:20:29.0031 5592 wanatw - ok
22:20:29.0406 5592 WDICA - ok
22:20:29.0843 5592 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:20:29.0890 5592 wdmaud - ok
22:20:30.0687 5592 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
22:20:31.0046 5592 winachsf - ok
22:20:31.0531 5592 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:20:31.0531 5592 WS2IFSL - ok
22:20:31.0984 5592 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:20:32.0031 5592 WudfPf - ok
22:20:32.0078 5592 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
22:20:32.0125 5592 \Device\Harddisk0\DR0 - ok
22:20:32.0140 5592 Boot (0x1200) (ed164c3c88628cef97c89e7a146ef1fd) \Device\Harddisk0\DR0\Partition0
22:20:32.0140 5592 \Device\Harddisk0\DR0\Partition0 - ok
22:20:32.0171 5592 Boot (0x1200) (0a2b4b2efd8191420c2ab4992ca156e9) \Device\Harddisk0\DR0\Partition1
22:20:32.0171 5592 \Device\Harddisk0\DR0\Partition1 - ok
22:20:32.0171 5592 ============================================================
22:20:32.0171 5592 Scan finished
22:20:32.0171 5592 ============================================================
22:20:32.0187 2888 Detected object count: 0
22:20:32.0187 2888 Actual detected object count: 0

#17 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 08 February 2012 - 01:03 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.

Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo

I will be online from 5-31 to 6-4 in a very limited amount

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->

<-- Don't worry every little bit helps.

#18 golf2beach

New Member

Group: Members
Posts: 13
Joined: 26-January 12

Posted 09 February 2012 - 01:31 AM

Gringo -

Pasted below is my aswMBR log.

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-08 21:08:22
-----------------------------
21:08:22.421 OS Version: Windows 5.1.2600 Service Pack 3
21:08:22.421 Number of processors: 2 586 0xF06
21:08:22.421 ComputerName: LAPTOP UserName: Rick
21:08:25.234 Initialize success
21:12:41.125 AVAST engine defs: 12020801
21:12:48.812 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:12:48.812 Disk 0 Vendor: Hitachi_HTS721080G9SA00 MC4OC10H Size: 74881MB BusType: 3
21:12:48.906 Disk 0 MBR read successfully
21:12:48.906 Disk 0 MBR scan
21:12:49.312 Disk 0 unknown MBR code
21:12:49.375 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
21:12:49.453 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 53984 MB offset 96390
21:12:49.453 Disk 0 Partition - 00 0F Extended LBA 16567 MB offset 110655720
21:12:49.531 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 4275 MB offset 144585000
21:12:49.718 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 16567 MB offset 110655783
21:12:50.125 Disk 0 scanning sectors +153340425
21:12:50.656 Disk 0 scanning C:\WINDOWS\system32\drivers
21:13:48.187 Service scanning
21:13:55.062 Modules scanning
21:14:20.812 Disk 0 trace - called modules:
21:14:20.828 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
21:14:20.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5de5a8]
21:14:20.828 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a5a4940]
21:14:22.390 AVAST engine scan C:\WINDOWS
21:14:41.640 AVAST engine scan C:\WINDOWS\system32
21:26:39.062 AVAST engine scan C:\WINDOWS\system32\drivers
21:27:40.187 AVAST engine scan C:\Documents and Settings\Rick
21:40:14.421 AVAST engine scan C:\Documents and Settings\All Users
21:51:34.671 Scan finished successfully
21:55:18.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Rick\Desktop\MBR.dat"
21:55:18.890 The log file has been saved successfully to "C:\Documents and Settings\Rick\Desktop\aswMBR.txt"

#19 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 09 February 2012 - 08:27 AM

Re-Run aswMBR

Click Scan
On completion of the scan, click the FIXMBR button
There is a slight pause after clicking the 'Fix' button.
Wait for the tool to report 'Infection fixed successfully', now reboot the machine.
Rebooting the machine prematurely, before seeing this line will result in an incomplete fix.

Note:After the 'Infection fixed successfully' message appears, the machine may became unresponsive. You may have to do a hard boot of your machine. That may be a side effect from the fix. All will be well after the reboot.
Save the log as before and post in your next reply.

<-- Don't worry every little bit helps.

#20 golf2beach

New Member

Group: Members
Posts: 13
Joined: 26-January 12

Posted 10 February 2012 - 02:07 AM

Gringo -

Well, maybe some success. I ran the aswMBR again. After the scan ran I did the FIXMBR. I have pasted the log below. I rebooted my laptop and nothing appeared to have changed. The laptop still ran slow and the non-windows shortcuts still did not work.

Thinking back on what had been done to my laptop since this issue popped up I remember I upgraded Windows Internet Explorer from v6 to v8. Since I'm having issues with accessing the Internet I thought maybe they might be related. So I uninstalled v8 and went back to v6. I rebooted and even though my laptop still is very sluggish, the non-windows shortcuts are now working.

So although the shortcuts appear to be working, the laptop still is not performing as it did 30 to 60 days ago.

As always thanks for your persistence in working with me in resolving my issue.

Rick

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-08 21:08:22
-----------------------------
21:08:22.421 OS Version: Windows 5.1.2600 Service Pack 3
21:08:22.421 Number of processors: 2 586 0xF06
21:08:22.421 ComputerName: LAPTOP UserName: Rick
21:08:25.234 Initialize success
21:12:41.125 AVAST engine defs: 12020801
21:12:48.812 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:12:48.812 Disk 0 Vendor: Hitachi_HTS721080G9SA00 MC4OC10H Size: 74881MB BusType: 3
21:12:48.906 Disk 0 MBR read successfully
21:12:48.906 Disk 0 MBR scan
21:12:49.312 Disk 0 unknown MBR code
21:12:49.375 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
21:12:49.453 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 53984 MB offset 96390
21:12:49.453 Disk 0 Partition - 00 0F Extended LBA 16567 MB offset 110655720
21:12:49.531 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 4275 MB offset 144585000
21:12:49.718 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 16567 MB offset 110655783
21:12:50.125 Disk 0 scanning sectors +153340425
21:12:50.656 Disk 0 scanning C:\WINDOWS\system32\drivers
21:13:48.187 Service scanning
21:13:55.062 Modules scanning
21:14:20.812 Disk 0 trace - called modules:
21:14:20.828 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
21:14:20.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5de5a8]
21:14:20.828 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a5a4940]
21:14:22.390 AVAST engine scan C:\WINDOWS
21:14:41.640 AVAST engine scan C:\WINDOWS\system32
21:26:39.062 AVAST engine scan C:\WINDOWS\system32\drivers
21:27:40.187 AVAST engine scan C:\Documents and Settings\Rick
21:40:14.421 AVAST engine scan C:\Documents and Settings\All Users
21:51:34.671 Scan finished successfully
21:55:18.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Rick\Desktop\MBR.dat"
21:55:18.890 The log file has been saved successfully to "C:\Documents and Settings\Rick\Desktop\aswMBR.txt"

#21 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 10 February 2012 - 02:41 AM

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Adobe Reader 8.3.1
Java™ 6 Update 29
Viewpoint Media Player

Revo Uninstaller Free

Double click Revo Uninstaller to run it.
From the list of programs double click on The Program to remove
When prompted if you want to uninstall click Yes.
Be sure the Moderate option is selected then click Next.
The program will run, If prompted again click Yes
when the built-in uninstaller is finished click on Next.
Once the program has searched for leftovers click Next.
Check/tick the bolded items only on the list then click Delete
when prompted click on Yes and then on next.
put a check on any folders that are found and select delete
when prompted select yes then on next
Once done click Finish.

.

Update Adobe Reader

http://www.adobe.com/products/acrobat/readstep2.html

Adobe Reader

here

Note:

AskBar

Install Java:

Please go here to install Java

click on the Free Java Download Button
click on Agree and start Free download
click on Run
click on run again
click on install
when install is complete click on close

TFC(Temp File Cleaner):

Please download TFC to your desktop,
Save any unsaved work. TFC will close all open application windows.
Double-click TFC.exe to run the program.
If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.

: Malwarebytes' Anti-Malware :

Double-click mbam icon
go to the update tab at the top
click on check for updates
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidentally close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

Go Here to download HijackThis Installer
Save HijackThis Installer to your desktop.
Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed it will launch Hijackthis.
Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

In your next post I need the following

Log From MBAM
report from Hijackthis
let me know of any problems you may have had
How is the computer doing now?

Gringo

<-- Don't worry every little bit helps.

#22 golf2beach

New Member

Group: Members
Posts: 13
Joined: 26-January 12

Posted 11 February 2012 - 02:02 AM

Hi Gringo -

I performed all actions that you asked in your last post. I had no problems running any of the applications.

All of my desktop shortcuts are performing as i expect them to. My laptop still seems to be running slow at startup, but maybe that's due to it's age and its older operating system. None-the-less I have pasted logs for MBAM and Hijackthis below.

Thanks

golf2beach

=============================================================

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.11.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Rick :: LAPTOP [administrator]

2/11/2012 12:01:19 AM
mbam-log-2012-02-11 (00-01-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 200027
Time elapsed: 25 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

============================================================

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:33:16 AM, on 2/11/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\PROGRA~1\SPYWAR~3\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WizMouse\WizMouse.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\SpywareGuard\sgbhp.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6060927
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6060927
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110605220120.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WizMouse] "C:\Program Files\WizMouse\WizMouse.exe"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_5.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160707866953
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1325309206593
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5306/mcfscan.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=722
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - (no CLSID) - (no file)
O18 - Protocol: skype4com - (no CLSID) - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~3\sp_rsser.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 16732 bytes

#23 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 11 February 2012 - 02:19 AM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

Run HijackThis
Click on the Scan button
Put a check beside all of the items listed below (if present):
Close all open windows and browsers/email, etc...
Click on the "Fix Checked" button
When completed, close the application.

NOTE**You can research each of those lines >here< and see if you want to keep them or not
just copy the name between the brackets and paste into the search space
O4 - HKLM\..\Run: [IntelliPoint]

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
- Click Start
When asked, allow the ActiveX control to install
- Click Start
Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
Click on Advanced Settings, ensure the options
Click Scan
Wait for the scan to finish
Click on copy to clipboard or copy and paste the results here in this topic

Copy and paste that log as a reply to this topic

Gringo

<-- Don't worry every little bit helps.

#24 golf2beach

New Member

Group: Members
Posts: 13
Joined: 26-January 12

Posted 11 February 2012 - 10:44 PM

Hi Gringo -

I removed the unwanted start-up entries and ran the online Eset scanner. The Eset log is pasted below. My laptop is booting up faster after I removed the unwanted start-up entries and it appears to be functioning much better.

I await your next set of instructions.

golf2beach

============================================================

C:\Documents and Settings\Rick\My Documents\Downloaded Program Updates\spywaredetectorb.exe probably a variant of Win32/MaxPCsecure application
C:\Program Files\SELFHEAL\VPN-RA Combo 3.1\VPN-RA Combo 3.1.msi a variant of Win32/RemoteAdmin.RAdmin.NAD application

#25 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 12 February 2012 - 01:11 AM

Hello

There are some minor things in your online scan that should be removed.

delete files

Copy all text in the quote box (below)...to Notepad.

Quote
@echo off
del /f /s /q "C:\Documents and Settings\Rick\My Documents\Downloaded Program Updates\spywaredetectorb.exe"
del /f /s /q "C:\Program Files\SELFHEAL\VPN-RA Combo 3.1\VPN-RA Combo 3.1.msi"
del %0
Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
It should look like this: <--XP<--vista
Double click on delfile.bat to execute it.
A black CMD window will flash, then disappear...this is normal.
The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.

The rest of the Online scan is only reporting backups created during the course of this fix C:\Qoobox\Quarantine\, and/or items located in System Restore's cache C:\System Volume Information\, Whatever is in these folders can't harm you unless you choose to perform a manual restore. the following steps will remove these backups.

Very well done!! This is my general post for when your logs show no more signs of malware - Please let me know if you still are having problems with your computer and what these problems are.

The following procedure will implement some cleanup procedures. It will also reset your System Restore by flushing out previous restore points and create a new restore point. It will also remove all the backups our tools may have made.

Any programs and logs that are left over you can just be deleted from the desktop. TFC is a free temp file cleaner that is very easy to use, I would keep this and use before you do any scans or when you want to free up some space.

:DeFogger:

DeFogger

The application window will appear
Click the Re-enable button to re-enable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK

:Uninstall ComboFix:

turn off all active protection software
push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
please copy and past the following into the box ComboFix /Uninstall and click OK.
Note the space between the X and the /Uninstall, it needs to be there.

:remove tools:

Please download OTCleanIt and save it to desktop. This tool will remove all the tools we used to clean your pc.

Double-click OTCleanIt.exe.
Click the CleanUp! button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes, if not delete it by yourself.
If asked to restart the computer, please do so

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

:Make your Internet Explorer more secure:

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialise and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.

:Make Firefox more secure:

How to Secure Firefox

Make sure your applications have all of their updates

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector

:Turn On Automatic Updates:

Start

Run,

sysdm.cpl

ENTER

Automatic Updates

Automatic (recommended)

http://www.windowsupdate.com

:antispyware programs:

I would reccomend the download and installation of some or all of the following programs (all free), and the updating of them regularly:

WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
Spyware Blaster - By altering your registry, this program stops harmful sites from installing things like ActiveX Controls on your machines.
Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. We used this to help clean your computer and recomend keeping it and using often.

Here is some great reading about how to be safer online:

PC Safety and Security - What Do I Need?

Tech Support Forum

COMPUTER SECURITY - a short guide to staying safer online

Malware Removal

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For About Three Days, If Anything Comes Up - Just Come Back And Let Me Know, after that time you will have to send me a PM

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->

<-- Don't worry every little bit helps.

Gringo

<-- Don't worry every little bit helps.

#26 golf2beach

New Member

Group: Members
Posts: 13
Joined: 26-January 12

Posted 13 February 2012 - 12:30 AM

Gringo -

I have completed all the tasks from your last post. My laptop is running much better than it was when you first started helping me. It still seems to boot up slow, but maybe that's more of a XP OS issue. None-the-less I can live with it. Once it boots up everything appears to be working normally. i will work hard at keeping my laptop spyware, malware, virus free.

Thanks so much for your help.

golf2beach

This post has been edited by golf2beach: 13 February 2012 - 12:31 AM

#27 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 13 February 2012 - 12:45 AM

You are more than welcome and glad I was able to help

gringo

<-- Don't worry every little bit helps.

#28 gringo_pr

Bleepin Gringo

Group: Malware Response Team
Posts: 85,526
Joined: 03-July 08
Gender:Male
Location:Puerto rico

Posted 16 February 2012 - 09:30 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.