Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Comcast says I have a "bot"


  • This topic is locked This topic is locked
11 replies to this topic

#1 myopiactic

myopiactic

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 08 October 2011 - 11:56 AM

Microsoft Security Essentials, SUPERAntiSpyware Free Edition, and Malwarebytes do not find an infection on my computer, and my computer seems to be acting normally, but I get a call from Comcast/Xfinity every few days saying that my computer may be infected with a bot. It may be another computer, but the other computers are acting normally & have not had any strange popups.

The first time I got a call from Comcast, I accidentally clicked an ad on Facebook, and later that day while I was on a website, a popup ad by Facebinks advertising a free iPad appeared, and I had to CTRL-ALT-DELETE it away. The website was one I frequently visit and don't have any problems with; many people seem to have problems with "Facebinks" while on different websites. I have not received any other pop up ads.

I didn't have any problems with running GMER, except at one point there was a blue screen (I couldn't read it, the text was jumbled up and crammed together), but this may be because my computer's standby settings kept trying to turn off my computer while the program was running.

I'm hopeful there's no infection on my computer, but I've had viruses before that weren't acknowledged by the software I was running, so I want to be sure my computer is "clean."

Thanks!


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
Run by Naomi at 20:02:06 on 2011-10-07
Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1013.202 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Acer\Registration\GREGsvc.exe
C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\EgisTec IPS\PmmUpdate.exe
C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Users\Naomi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\mspaint.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\Naomi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Users\Naomi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "c:\users\naomi\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [SuiteTray] "c:\program files\egistec mywinlockersuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "c:\program files\egistec ips\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "c:\program files\egistec ips\PmmUpdate.exe"
mRun: [mwlDaemon] c:\program files\egistec mywinlocker\x86\mwlDaemon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{001A4E7F-C5ED-4F8F-A6C9-98FFBE6F66B4} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{001A4E7F-C5ED-4F8F-A6C9-98FFBE6F66B4}\74456796379647F627 : DhcpNameServer = 8.8.8.8 4.2.2.2 8.8.8.4
TCP: Interfaces\{001A4E7F-C5ED-4F8F-A6C9-98FFBE6F66B4}\744577962756C6563737 : DhcpNameServer = 128.61.244.254 130.207.244.244 130.207.244.251
TCP: Interfaces\{001A4E7F-C5ED-4F8F-A6C9-98FFBE6F66B4}\E434D2348656D6C41626 : DhcpNameServer = 10.40.224.20 10.30.224.20 10.20.224.20
TCP: Interfaces\{A81087B2-589B-456F-8D51-F5A5BADAE6F1} : DhcpNameServer = 192.168.1.254
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\naomi\appdata\roaming\mozilla\firefox\profiles\fnvmub4v.default\
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\naomi\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]
R1 MpKsl91b54372;MpKsl91b54372;c:\programdata\microsoft\microsoft antimalware\definition updates\{44f310ad-9ad5-4060-a825-d6a86d489c87}\MpKsl91b54372.sys [2011-10-7 28752]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2009-6-2 18992]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2009-6-2 16432]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2009-6-2 60976]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-10-20 821664]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2010-11-26 321104]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2010-12-16 735776]
R2 GREGService;GREGService;c:\program files\acer\registration\GREGsvc.exe [2010-1-8 23584]
R2 MWLService;MyWinLocker Service;c:\program files\egistec mywinlocker\x86\MWLService.exe [2010-5-26 305520]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2010-11-26 260640]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2010-9-14 508264]
R2 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2010-11-26 243232]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-11-26 68208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 43392]
R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-11-26 6766080]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2010-9-14 577384]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2010-9-14 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2010-9-14 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2010-9-14 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2010-9-14 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2010-11-26 82768]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528]
.
=============== Created Last 30 ================
.
2011-10-07 16:44:00 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{44f310ad-9ad5-4060-a825-d6a86d489c87}\MpKsl91b54372.sys
2011-10-07 16:43:15 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{44f310ad-9ad5-4060-a825-d6a86d489c87}\offreg.dll
2011-10-07 16:43:10 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{44f310ad-9ad5-4060-a825-d6a86d489c87}\mpengine.dll
2011-10-05 02:44:10 -------- d-----w- c:\users\naomi\appdata\roaming\SUPERAntiSpyware.com
2011-10-05 02:31:50 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-10-05 02:31:50 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-04 20:57:33 -------- d-----w- c:\users\naomi\appdata\roaming\Malwarebytes
2011-10-04 20:57:16 -------- d-----w- c:\programdata\Malwarebytes
2011-10-04 20:57:08 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-04 20:57:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-04 06:05:17 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-10-04 06:04:37 -------- d-----w- c:\program files\MSXML 4.0
2011-10-03 20:11:19 -------- d-----w- c:\programdata\CambridgeSoft
2011-10-03 20:03:25 -------- d-----w- c:\program files\CambridgeSoft
2011-10-03 19:58:05 -------- d-----w- C:\CSTEMP
2011-09-08 00:13:56 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a121b2ee-4c1e-4f74-8db8-d88e689e4428}\gapaengine.dll
.
==================== Find3M ====================
.
2011-07-22 04:56:17 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 20:11:46.57 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:49 AM

Posted 13 October 2011 - 07:54 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Before suggesting any remedial tool I need more information.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my review.

#3 myopiactic

myopiactic
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 13 October 2011 - 09:39 AM

I ran this one in "quick scan" (default setting).


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-13 10:13:25
-----------------------------
10:13:25.652 OS Version: Windows 6.1.7600
10:13:25.652 Number of processors: 2 586 0x1C0A
10:13:25.662 ComputerName: NAOMI-PC UserName: Naomi
10:13:35.982 Initialize success
10:16:06.149 AVAST engine defs: 11101301
10:17:38.735 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
10:17:38.745 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
10:17:38.777 Disk 0 MBR read successfully
10:17:38.787 Disk 0 MBR scan
10:17:38.890 Disk 0 Windows 7 default MBR code
10:17:38.907 Disk 0 scanning sectors +488394752
10:17:39.071 Disk 0 scanning C:\Windows\system32\drivers
10:18:16.283 Service scanning
10:18:17.593 Service MpKsl0ee86e2a c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7782EF30-9EAD-40C4-8057-D989EE3D9A38}\MpKsl0ee86e2a.sys **LOCKED** 32
10:18:17.796 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
10:18:19.106 Modules scanning
10:18:36.196 Disk 0 trace - called modules:
10:18:36.212 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
10:18:36.227 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85b1e030]
10:18:36.227 3 CLASSPNP.SYS[8698359e] -> nt!IofCallDriver -> [0x840b4868]
10:18:36.227 5 ACPI.sys[862493b2] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x83372028]
10:18:38.047 AVAST engine scan C:\Windows
10:18:47.597 AVAST engine scan C:\Windows\system32
10:26:19.461 AVAST engine scan C:\Windows\system32\drivers
10:27:04.636 AVAST engine scan C:\Users\Naomi
10:31:02.126 Disk 0 MBR has been saved successfully to "C:\Users\Naomi\Desktop\MBR.dat"
10:31:02.703 The log file has been saved successfully to "C:\Users\Naomi\Desktop\aswMBR.txt"




10:34:25.0473 2456 TDSS rootkit removing tool 2.6.8.0 Oct 12 2011 07:30:54
10:34:25.0785 2456 ============================================================
10:34:25.0785 2456 Current date / time: 2011/10/13 10:34:25.0785
10:34:25.0785 2456 SystemInfo:
10:34:25.0801 2456
10:34:25.0801 2456 OS Version: 6.1.7600 ServicePack: 0.0
10:34:25.0801 2456 Product type: Workstation
10:34:25.0801 2456 ComputerName: NAOMI-PC
10:34:25.0801 2456 UserName: Naomi
10:34:25.0801 2456 Windows directory: C:\Windows
10:34:25.0801 2456 System windows directory: C:\Windows
10:34:25.0801 2456 Processor architecture: Intel x86
10:34:25.0801 2456 Number of processors: 2
10:34:25.0801 2456 Page size: 0x1000
10:34:25.0801 2456 Boot type: Normal boot
10:34:25.0801 2456 ============================================================
10:34:27.0751 2456 Initialize success
10:34:40.0543 3972 ============================================================
10:34:40.0543 3972 Scan started
10:34:40.0543 3972 Mode: Manual;
10:34:40.0544 3972 ============================================================
10:34:40.0889 3972 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
10:34:40.0896 3972 1394ohci - ok
10:34:40.0951 3972 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
10:34:40.0961 3972 ACPI - ok
10:34:41.0086 3972 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
10:34:41.0091 3972 AcpiPmi - ok
10:34:41.0236 3972 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
10:34:41.0267 3972 adp94xx - ok
10:34:41.0392 3972 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
10:34:41.0423 3972 adpahci - ok
10:34:41.0470 3972 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
10:34:41.0486 3972 adpu320 - ok
10:34:41.0642 3972 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
10:34:41.0642 3972 AFD - ok
10:34:41.0688 3972 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
10:34:41.0704 3972 agp440 - ok
10:34:41.0813 3972 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
10:34:41.0813 3972 aic78xx - ok
10:34:41.0969 3972 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
10:34:41.0969 3972 aliide - ok
10:34:42.0000 3972 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
10:34:42.0016 3972 amdagp - ok
10:34:42.0110 3972 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
10:34:42.0141 3972 amdide - ok
10:34:42.0188 3972 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
10:34:42.0188 3972 AmdK8 - ok
10:34:42.0281 3972 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
10:34:42.0281 3972 AmdPPM - ok
10:34:42.0344 3972 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
10:34:42.0344 3972 amdsata - ok
10:34:42.0468 3972 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
10:34:42.0468 3972 amdsbs - ok
10:34:42.0515 3972 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
10:34:42.0515 3972 amdxata - ok
10:34:42.0624 3972 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
10:34:42.0624 3972 AppID - ok
10:34:43.0046 3972 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
10:34:43.0061 3972 arc - ok
10:34:43.0436 3972 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
10:34:43.0436 3972 arcsas - ok
10:34:43.0654 3972 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
10:34:43.0670 3972 AsyncMac - ok
10:34:44.0762 3972 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
10:34:44.0824 3972 atapi - ok
10:34:45.0698 3972 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
10:34:45.0713 3972 b06bdrv - ok
10:34:45.0916 3972 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
10:34:45.0932 3972 b57nd60x - ok
10:34:46.0088 3972 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
10:34:46.0103 3972 Beep - ok
10:34:46.0166 3972 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
10:34:46.0166 3972 blbdrive - ok
10:34:46.0275 3972 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
10:34:46.0275 3972 bowser - ok
10:34:46.0322 3972 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:34:46.0322 3972 BrFiltLo - ok
10:34:46.0353 3972 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:34:46.0353 3972 BrFiltUp - ok
10:34:46.0493 3972 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
10:34:46.0493 3972 Brserid - ok
10:34:46.0524 3972 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
10:34:46.0524 3972 BrSerWdm - ok
10:34:46.0556 3972 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:34:46.0556 3972 BrUsbMdm - ok
10:34:46.0587 3972 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
10:34:46.0587 3972 BrUsbSer - ok
10:34:46.0618 3972 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
10:34:46.0618 3972 BTHMODEM - ok
10:34:46.0696 3972 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
10:34:46.0696 3972 cdfs - ok
10:34:46.0821 3972 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
10:34:46.0821 3972 cdrom - ok
10:34:46.0883 3972 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
10:34:46.0883 3972 circlass - ok
10:34:46.0992 3972 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
10:34:47.0008 3972 CLFS - ok
10:34:47.0164 3972 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
10:34:47.0180 3972 CmBatt - ok
10:34:47.0211 3972 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
10:34:47.0211 3972 cmdide - ok
10:34:47.0258 3972 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
10:34:47.0273 3972 CNG - ok
10:34:47.0382 3972 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
10:34:47.0398 3972 Compbatt - ok
10:34:47.0445 3972 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:34:47.0460 3972 CompositeBus - ok
10:34:47.0570 3972 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
10:34:47.0570 3972 crcdisk - ok
10:34:47.0772 3972 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
10:34:47.0804 3972 DfsC - ok
10:34:47.0866 3972 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
10:34:47.0866 3972 discache - ok
10:34:47.0991 3972 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
10:34:47.0991 3972 Disk - ok
10:34:48.0069 3972 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
10:34:48.0069 3972 drmkaud - ok
10:34:48.0240 3972 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
10:34:48.0256 3972 DXGKrnl - ok
10:34:48.0615 3972 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
10:34:48.0708 3972 ebdrv - ok
10:34:48.0864 3972 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
10:34:48.0880 3972 elxstor - ok
10:34:49.0005 3972 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
10:34:49.0005 3972 ErrDev - ok
10:34:49.0114 3972 EUCR (4fab8dfaf156e048ad514eabd268ab3a) C:\Windows\system32\DRIVERS\EUCR6SK.SYS
10:34:49.0114 3972 EUCR - ok
10:34:49.0223 3972 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
10:34:49.0239 3972 exfat - ok
10:34:49.0286 3972 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
10:34:49.0301 3972 fastfat - ok
10:34:49.0348 3972 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
10:34:49.0348 3972 fdc - ok
10:34:49.0426 3972 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
10:34:49.0426 3972 FileInfo - ok
10:34:49.0504 3972 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
10:34:49.0504 3972 Filetrace - ok
10:34:49.0566 3972 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
10:34:49.0566 3972 flpydisk - ok
10:34:49.0613 3972 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
10:34:49.0613 3972 FltMgr - ok
10:34:49.0722 3972 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
10:34:49.0722 3972 FsDepends - ok
10:34:49.0785 3972 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
10:34:49.0785 3972 Fs_Rec - ok
10:34:49.0847 3972 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
10:34:49.0863 3972 fvevol - ok
10:34:49.0941 3972 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:34:49.0941 3972 gagp30kx - ok
10:34:50.0034 3972 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
10:34:50.0034 3972 hcw85cir - ok
10:34:50.0144 3972 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
10:34:50.0159 3972 HdAudAddService - ok
10:34:50.0237 3972 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:34:50.0237 3972 HDAudBus - ok
10:34:50.0315 3972 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
10:34:50.0315 3972 HidBatt - ok
10:34:50.0346 3972 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
10:34:50.0346 3972 HidBth - ok
10:34:50.0378 3972 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
10:34:50.0378 3972 HidIr - ok
10:34:50.0534 3972 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
10:34:50.0534 3972 HidUsb - ok
10:34:50.0612 3972 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:34:50.0612 3972 HpSAMD - ok
10:34:50.0736 3972 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
10:34:50.0752 3972 HTTP - ok
10:34:50.0861 3972 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
10:34:50.0861 3972 hwpolicy - ok
10:34:50.0939 3972 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
10:34:50.0939 3972 i8042prt - ok
10:34:51.0064 3972 iaStor (d80aa0907748d7cc8efab3773f32629b) C:\Windows\system32\DRIVERS\iaStor.sys
10:34:51.0080 3972 iaStor - ok
10:34:51.0204 3972 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
10:34:51.0220 3972 iaStorV - ok
10:34:51.0501 3972 igfx (d0074897c6bc132f3980ea4654bf7fb9) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:34:51.0657 3972 igfx - ok
10:34:51.0766 3972 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
10:34:51.0782 3972 iirsp - ok
10:34:52.0016 3972 IntcAzAudAddService (cfa2d161b146425a3356da92ae59a6f6) C:\Windows\system32\drivers\RTKVHDA.sys
10:34:52.0125 3972 IntcAzAudAddService - ok
10:34:52.0234 3972 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
10:34:52.0250 3972 intelide - ok
10:34:52.0281 3972 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
10:34:52.0296 3972 intelppm - ok
10:34:52.0406 3972 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:34:52.0406 3972 IpFilterDriver - ok
10:34:52.0452 3972 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:34:52.0452 3972 IPMIDRV - ok
10:34:52.0484 3972 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
10:34:52.0499 3972 IPNAT - ok
10:34:52.0530 3972 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
10:34:52.0562 3972 IRENUM - ok
10:34:52.0671 3972 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
10:34:52.0686 3972 isapnp - ok
10:34:52.0718 3972 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
10:34:52.0749 3972 iScsiPrt - ok
10:34:52.0858 3972 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:34:52.0874 3972 kbdclass - ok
10:34:52.0920 3972 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
10:34:52.0920 3972 kbdhid - ok
10:34:53.0045 3972 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
10:34:53.0045 3972 KSecDD - ok
10:34:53.0076 3972 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
10:34:53.0092 3972 KSecPkg - ok
10:34:53.0154 3972 L1C (1a91eaad2d73758140b3b7b6ad736573) C:\Windows\system32\DRIVERS\L1C62x86.sys
10:34:53.0154 3972 L1C - ok
10:34:53.0342 3972 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
10:34:53.0357 3972 lltdio - ok
10:34:53.0435 3972 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:34:53.0451 3972 LSI_FC - ok
10:34:53.0466 3972 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:34:53.0482 3972 LSI_SAS - ok
10:34:53.0513 3972 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:34:53.0513 3972 LSI_SAS2 - ok
10:34:53.0622 3972 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:34:53.0622 3972 LSI_SCSI - ok
10:34:53.0669 3972 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
10:34:53.0669 3972 luafv - ok
10:34:53.0716 3972 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
10:34:53.0716 3972 megasas - ok
10:34:53.0763 3972 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
10:34:53.0778 3972 MegaSR - ok
10:34:53.0888 3972 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
10:34:53.0903 3972 Modem - ok
10:34:53.0950 3972 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
10:34:53.0950 3972 monitor - ok
10:34:53.0981 3972 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
10:34:53.0997 3972 mouclass - ok
10:34:54.0122 3972 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
10:34:54.0122 3972 mouhid - ok
10:34:54.0168 3972 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
10:34:54.0168 3972 mountmgr - ok
10:34:54.0324 3972 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
10:34:54.0324 3972 MpFilter - ok
10:34:54.0387 3972 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
10:34:54.0402 3972 mpio - ok
10:34:54.0527 3972 MpKsl0189d57e - ok
10:34:54.0574 3972 MpKsl02efebe0 - ok
10:34:54.0699 3972 MpKsl03034284 - ok
10:34:54.0761 3972 MpKsl06e100e6 - ok
10:34:54.0855 3972 MpKsl0d555529 - ok
10:34:54.0995 3972 MpKsl117eafa0 - ok
10:34:55.0058 3972 MpKsl158a73ab (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{20B863F9-3D43-44B2-BE55-98C977F3E334}\MpKsl158a73ab.sys
10:34:55.0058 3972 MpKsl158a73ab - ok
10:34:55.0198 3972 MpKsl15b82fe4 - ok
10:34:55.0276 3972 MpKsl1ef3245c - ok
10:34:55.0385 3972 MpKsl21ac0289 - ok
10:34:55.0463 3972 MpKsl2c9ee2fa - ok
10:34:55.0557 3972 MpKsl3045dd95 - ok
10:34:55.0588 3972 MpKsl384be5f2 - ok
10:34:55.0635 3972 MpKsl39a5f625 - ok
10:34:55.0744 3972 MpKsl3ab60e95 - ok
10:34:55.0775 3972 MpKsl3d6f0251 - ok
10:34:55.0900 3972 MpKsl409f290c - ok
10:34:55.0962 3972 MpKsl4d0bb175 - ok
10:34:55.0994 3972 MpKsl4f56287f - ok
10:34:56.0103 3972 MpKsl4fbbb244 - ok
10:34:56.0134 3972 MpKsl51b934ea - ok
10:34:56.0181 3972 MpKsl58a5a05b - ok
10:34:56.0290 3972 MpKsl58bf67f0 - ok
10:34:56.0337 3972 MpKsl5c17cf3f - ok
10:34:56.0446 3972 MpKsl6347b152 - ok
10:34:56.0493 3972 MpKsl639f328e - ok
10:34:56.0508 3972 MpKsl6a823156 - ok
10:34:56.0540 3972 MpKsl71337ebc - ok
10:34:56.0586 3972 MpKsl729ba926 - ok
10:34:56.0680 3972 MpKsl75f474ed - ok
10:34:56.0742 3972 MpKsl7a9a5ab1 - ok
10:34:56.0836 3972 MpKsl7c826f97 - ok
10:34:56.0867 3972 MpKsl7d321ea1 - ok
10:34:56.0898 3972 MpKsl87f94d85 - ok
10:34:56.0930 3972 MpKsl888adab9 - ok
10:34:57.0054 3972 MpKsl8eb76ca1 - ok
10:34:57.0086 3972 MpKsla41a3a92 - ok
10:34:57.0117 3972 MpKsla4ae85fd - ok
10:34:57.0226 3972 MpKsla8c60c30 - ok
10:34:57.0288 3972 MpKslada2de7b - ok
10:34:57.0304 3972 MpKslb24d1089 - ok
10:34:57.0335 3972 MpKslb3779ac2 - ok
10:34:57.0444 3972 MpKslbb9db07f - ok
10:34:57.0491 3972 MpKslbc09be12 - ok
10:34:57.0538 3972 MpKslbcdb6f3a - ok
10:34:57.0554 3972 MpKslbe412dce - ok
10:34:57.0585 3972 MpKslbfb6542a - ok
10:34:57.0663 3972 MpKslc65f1dc3 - ok
10:34:57.0694 3972 MpKslce282642 - ok
10:34:57.0741 3972 MpKslcff93ec0 - ok
10:34:57.0788 3972 MpKsld2f82da6 - ok
10:34:57.0803 3972 MpKsld756fde5 - ok
10:34:57.0834 3972 MpKsld909ab01 - ok
10:34:57.0928 3972 MpKslddfb3356 - ok
10:34:57.0959 3972 MpKsle3cc636c - ok
10:34:57.0975 3972 MpKsle4d35c07 - ok
10:34:58.0022 3972 MpKsle9d4a1ff - ok
10:34:58.0053 3972 MpKsle9e9ca9a - ok
10:34:58.0084 3972 MpKslec690315 - ok
10:34:58.0178 3972 MpKsledace256 - ok
10:34:58.0209 3972 MpKslf0f23557 - ok
10:34:58.0256 3972 MpKslf1c6f69b - ok
10:34:58.0302 3972 MpKslf2c22f24 - ok
10:34:58.0396 3972 MpKslf4e132ea - ok
10:34:58.0458 3972 MpKslf59253ed - ok
10:34:58.0599 3972 MpKslfba39ce1 - ok
10:34:58.0739 3972 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:34:58.0739 3972 MpNWMon - ok
10:34:58.0786 3972 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
10:34:58.0786 3972 mpsdrv - ok
10:34:58.0911 3972 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
10:34:58.0926 3972 MRxDAV - ok
10:34:58.0989 3972 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:34:58.0989 3972 mrxsmb - ok
10:34:59.0114 3972 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:34:59.0114 3972 mrxsmb10 - ok
10:34:59.0160 3972 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:34:59.0176 3972 mrxsmb20 - ok
10:34:59.0223 3972 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
10:34:59.0223 3972 msahci - ok
10:34:59.0316 3972 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
10:34:59.0332 3972 msdsm - ok
10:34:59.0410 3972 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
10:34:59.0410 3972 Msfs - ok
10:34:59.0441 3972 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
10:34:59.0441 3972 mshidkmdf - ok
10:34:59.0472 3972 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
10:34:59.0488 3972 msisadrv - ok
10:34:59.0628 3972 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
10:34:59.0628 3972 MSKSSRV - ok
10:34:59.0769 3972 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
10:34:59.0784 3972 MSPCLOCK - ok
10:34:59.0800 3972 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
10:34:59.0800 3972 MSPQM - ok
10:34:59.0847 3972 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
10:34:59.0862 3972 MsRPC - ok
10:34:59.0909 3972 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
10:34:59.0909 3972 mssmbios - ok
10:35:00.0018 3972 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
10:35:00.0018 3972 MSTEE - ok
10:35:00.0065 3972 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
10:35:00.0065 3972 MTConfig - ok
10:35:00.0096 3972 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
10:35:00.0096 3972 Mup - ok
10:35:00.0143 3972 mwlPSDFilter (cb47c414e083ca6e50e634b148f28f64) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
10:35:00.0143 3972 mwlPSDFilter - ok
10:35:00.0268 3972 mwlPSDNServ (647b953019559bff07536f5c6121f333) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
10:35:00.0268 3972 mwlPSDNServ - ok
10:35:00.0299 3972 mwlPSDVDisk (5a236a36db8687d1e64dc81c03eaabe1) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
10:35:00.0299 3972 mwlPSDVDisk - ok
10:35:00.0580 3972 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
10:35:00.0580 3972 NativeWifiP - ok
10:35:00.0674 3972 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
10:35:00.0705 3972 NDIS - ok
10:35:00.0861 3972 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
10:35:00.0876 3972 NdisCap - ok
10:35:00.0939 3972 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
10:35:00.0954 3972 NdisTapi - ok
10:35:01.0079 3972 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
10:35:01.0079 3972 Ndisuio - ok
10:35:01.0110 3972 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
10:35:01.0126 3972 NdisWan - ok
10:35:01.0157 3972 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
10:35:01.0157 3972 NDProxy - ok
10:35:01.0329 3972 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
10:35:01.0329 3972 NetBIOS - ok
10:35:01.0407 3972 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
10:35:01.0438 3972 NetBT - ok
10:35:01.0859 3972 NETw5s32 (a520aed8926ad6185031b9b18f55397e) C:\Windows\system32\DRIVERS\NETw5s32.sys
10:35:02.0062 3972 NETw5s32 - ok
10:35:02.0280 3972 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
10:35:02.0280 3972 nfrd960 - ok
10:35:02.0390 3972 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:35:02.0390 3972 NisDrv - ok
10:35:02.0514 3972 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
10:35:02.0546 3972 Npfs - ok
10:35:02.0624 3972 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
10:35:02.0639 3972 nsiproxy - ok
10:35:02.0733 3972 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
10:35:02.0748 3972 Ntfs - ok
10:35:02.0858 3972 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
10:35:02.0858 3972 Null - ok
10:35:02.0936 3972 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
10:35:02.0936 3972 nvraid - ok
10:35:03.0045 3972 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
10:35:03.0060 3972 nvstor - ok
10:35:03.0123 3972 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
10:35:03.0138 3972 nv_agp - ok
10:35:03.0232 3972 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
10:35:03.0232 3972 ohci1394 - ok
10:35:03.0357 3972 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
10:35:03.0357 3972 Parport - ok
10:35:03.0482 3972 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
10:35:03.0482 3972 partmgr - ok
10:35:03.0528 3972 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
10:35:03.0528 3972 Parvdm - ok
10:35:03.0591 3972 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
10:35:03.0606 3972 pci - ok
10:35:03.0716 3972 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
10:35:03.0716 3972 pciide - ok
10:35:03.0747 3972 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
10:35:03.0762 3972 pcmcia - ok
10:35:03.0809 3972 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
10:35:03.0809 3972 pcw - ok
10:35:03.0856 3972 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
10:35:03.0887 3972 PEAUTH - ok
10:35:04.0168 3972 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
10:35:04.0184 3972 PptpMiniport - ok
10:35:04.0215 3972 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
10:35:04.0215 3972 Processor - ok
10:35:04.0293 3972 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
10:35:04.0308 3972 Psched - ok
10:35:04.0449 3972 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
10:35:04.0480 3972 ql2300 - ok
10:35:04.0605 3972 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
10:35:04.0620 3972 ql40xx - ok
10:35:04.0683 3972 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
10:35:04.0683 3972 QWAVEdrv - ok
10:35:04.0714 3972 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
10:35:04.0714 3972 RasAcd - ok
10:35:04.0823 3972 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:35:04.0823 3972 RasAgileVpn - ok
10:35:04.0886 3972 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:35:04.0886 3972 Rasl2tp - ok
10:35:05.0026 3972 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
10:35:05.0026 3972 RasPppoe - ok
10:35:05.0073 3972 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
10:35:05.0073 3972 RasSstp - ok
10:35:05.0120 3972 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
10:35:05.0135 3972 rdbss - ok
10:35:05.0291 3972 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
10:35:05.0291 3972 rdpbus - ok
10:35:05.0354 3972 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:35:05.0354 3972 RDPCDD - ok
10:35:05.0525 3972 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
10:35:05.0525 3972 RDPENCDD - ok
10:35:05.0572 3972 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
10:35:05.0588 3972 RDPREFMP - ok
10:35:05.0634 3972 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
10:35:05.0634 3972 RDPWD - ok
10:35:05.0775 3972 rdyboost (65db288f7372b1f632891fc32bf908b7) C:\Windows\system32\drivers\rdyboost.sys
10:35:05.0775 3972 rdyboost - ok
10:35:05.0900 3972 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
10:35:05.0915 3972 rspndr - ok
10:35:06.0040 3972 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:35:06.0040 3972 SASDIFSV - ok
10:35:06.0071 3972 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:35:06.0087 3972 SASKUTIL - ok
10:35:06.0196 3972 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
10:35:06.0212 3972 sbp2port - ok
10:35:06.0274 3972 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
10:35:06.0274 3972 scfilter - ok
10:35:06.0446 3972 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:35:06.0461 3972 secdrv - ok
10:35:06.0524 3972 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
10:35:06.0539 3972 Serenum - ok
10:35:06.0648 3972 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
10:35:06.0680 3972 Serial - ok
10:35:06.0726 3972 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
10:35:06.0726 3972 sermouse - ok
10:35:06.0820 3972 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
10:35:06.0820 3972 sffdisk - ok
10:35:06.0851 3972 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:35:06.0867 3972 sffp_mmc - ok
10:35:06.0898 3972 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:35:06.0898 3972 sffp_sd - ok
10:35:06.0929 3972 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
10:35:06.0929 3972 sfloppy - ok
10:35:07.0070 3972 Sftfs (8f00cc8cacf83dce5b35079f615b0f12) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:35:07.0085 3972 Sftfs - ok
10:35:07.0226 3972 Sftplay (afdb934586c4c8b2be39ae7eea6f52be) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:35:07.0241 3972 Sftplay - ok
10:35:07.0257 3972 Sftredir (6b1865d82e0290729ed7496c24275592) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:35:07.0272 3972 Sftredir - ok
10:35:07.0319 3972 Sftvol (621eccb1265a01ce2bdf6f2c5e727e2b) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:35:07.0335 3972 Sftvol - ok
10:35:07.0538 3972 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
10:35:07.0538 3972 sisagp - ok
10:35:07.0584 3972 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:35:07.0600 3972 SiSRaid2 - ok
10:35:07.0631 3972 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
10:35:07.0631 3972 SiSRaid4 - ok
10:35:07.0756 3972 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
10:35:07.0756 3972 Smb - ok
10:35:07.0912 3972 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
10:35:07.0928 3972 spldr - ok
10:35:08.0037 3972 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
10:35:08.0052 3972 srv - ok
10:35:08.0162 3972 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
10:35:08.0177 3972 srv2 - ok
10:35:08.0208 3972 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
10:35:08.0224 3972 srvnet - ok
10:35:08.0380 3972 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
10:35:08.0380 3972 stexstor - ok
10:35:08.0442 3972 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
10:35:08.0442 3972 swenum - ok
10:35:08.0583 3972 SynTP (5cdd124913e91c7f79b4d5cae1c7c4de) C:\Windows\system32\DRIVERS\SynTP.sys
10:35:08.0598 3972 SynTP - ok
10:35:08.0770 3972 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\drivers\tcpip.sys
10:35:08.0786 3972 Tcpip - ok
10:35:08.0957 3972 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\Windows\system32\DRIVERS\tcpip.sys
10:35:08.0973 3972 TCPIP6 - ok
10:35:09.0113 3972 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
10:35:09.0113 3972 tcpipreg - ok
10:35:09.0176 3972 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
10:35:09.0176 3972 TDPIPE - ok
10:35:09.0207 3972 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
10:35:09.0222 3972 TDTCP - ok
10:35:09.0269 3972 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
10:35:09.0269 3972 tdx - ok
10:35:09.0378 3972 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
10:35:09.0394 3972 TermDD - ok
10:35:09.0534 3972 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:35:09.0534 3972 tssecsrv - ok
10:35:09.0659 3972 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
10:35:09.0659 3972 tunnel - ok
10:35:09.0706 3972 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
10:35:09.0706 3972 uagp35 - ok
10:35:09.0753 3972 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
10:35:09.0768 3972 udfs - ok
10:35:09.0924 3972 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:35:09.0924 3972 uliagpkx - ok
10:35:09.0987 3972 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
10:35:10.0002 3972 umbus - ok
10:35:10.0127 3972 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
10:35:10.0127 3972 UmPass - ok
10:35:10.0221 3972 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\Windows\system32\DRIVERS\usbccgp.sys
10:35:10.0221 3972 usbccgp - ok
10:35:10.0268 3972 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
10:35:10.0268 3972 usbcir - ok
10:35:10.0377 3972 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\Windows\system32\drivers\usbehci.sys
10:35:10.0392 3972 usbehci - ok
10:35:10.0439 3972 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\Windows\system32\DRIVERS\usbhub.sys
10:35:10.0455 3972 usbhub - ok
10:35:10.0502 3972 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\Windows\system32\drivers\usbohci.sys
10:35:10.0502 3972 usbohci - ok
10:35:10.0642 3972 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
10:35:10.0642 3972 usbprint - ok
10:35:10.0704 3972 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
10:35:10.0704 3972 USBSTOR - ok
10:35:10.0767 3972 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\Windows\system32\drivers\usbuhci.sys
10:35:10.0767 3972 usbuhci - ok
10:35:10.0892 3972 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\system32\Drivers\usbvideo.sys
10:35:10.0892 3972 usbvideo - ok
10:35:11.0016 3972 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:35:11.0032 3972 vdrvroot - ok
10:35:11.0141 3972 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
10:35:11.0141 3972 vga - ok
10:35:11.0188 3972 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
10:35:11.0188 3972 VgaSave - ok
10:35:11.0250 3972 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
10:35:11.0266 3972 vhdmp - ok
10:35:11.0360 3972 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
10:35:11.0375 3972 viaagp - ok
10:35:11.0422 3972 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
10:35:11.0438 3972 ViaC7 - ok
10:35:11.0469 3972 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
10:35:11.0469 3972 viaide - ok
10:35:11.0516 3972 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
10:35:11.0516 3972 volmgr - ok
10:35:11.0562 3972 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
10:35:11.0578 3972 volmgrx - ok
10:35:11.0672 3972 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
10:35:11.0672 3972 volsnap - ok
10:35:11.0750 3972 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
10:35:11.0750 3972 vsmraid - ok
10:35:11.0859 3972 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
10:35:11.0874 3972 vwifibus - ok
10:35:11.0906 3972 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
10:35:11.0921 3972 vwififlt - ok
10:35:11.0968 3972 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
10:35:11.0984 3972 WacomPen - ok
10:35:12.0062 3972 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
10:35:12.0062 3972 WANARP - ok
10:35:12.0077 3972 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
10:35:12.0093 3972 Wanarpv6 - ok
10:35:12.0249 3972 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
10:35:12.0249 3972 Wd - ok
10:35:12.0296 3972 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
10:35:12.0311 3972 Wdf01000 - ok
10:35:12.0545 3972 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
10:35:12.0545 3972 WfpLwf - ok
10:35:12.0592 3972 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
10:35:12.0592 3972 WIMMount - ok
10:35:12.0857 3972 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUSB.sys
10:35:12.0857 3972 WinUSB - ok
10:35:12.0951 3972 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:35:12.0951 3972 WmiAcpi - ok
10:35:13.0169 3972 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
10:35:13.0169 3972 ws2ifsl - ok
10:35:13.0294 3972 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
10:35:13.0294 3972 WudfPf - ok
10:35:13.0434 3972 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:35:13.0450 3972 WUDFRd - ok
10:35:13.0622 3972 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:35:13.0653 3972 \Device\Harddisk0\DR0 - ok
10:35:13.0653 3972 Boot (0x1200) (8c151f4a1b4222a01c51f76afcbb34fd) \Device\Harddisk0\DR0\Partition0
10:35:13.0668 3972 \Device\Harddisk0\DR0\Partition0 - ok
10:35:13.0684 3972 Boot (0x1200) (bb4bfb35c98d640d37130795a29b37e9) \Device\Harddisk0\DR0\Partition1
10:35:13.0684 3972 \Device\Harddisk0\DR0\Partition1 - ok
10:35:13.0684 3972 ============================================================
10:35:13.0684 3972 Scan finished
10:35:13.0700 3972 ============================================================
10:35:13.0746 4052 Detected object count: 0
10:35:13.0746 4052 Actual detected object count: 0

Attached Files

  • Attached File  MBR.zip   564bytes   0 downloads


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:49 AM

Posted 13 October 2011 - 01:29 PM

You can now run this tool.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

#5 myopiactic

myopiactic
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 14 October 2011 - 12:11 AM

This was referred to as "log"... It didn't take very long and didn't ask to restart my computer. Does it seem like there isn't an infection on my computer? Also, while it was running, I received a notice that PEV stopped working... I'm not sure what this is.


ComboFix 11-10-13.05 - Naomi 10/14/2011 0:35.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1013.343 [GMT -4:00]
Running from: c:\users\Naomi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-09-14 to 2011-10-14 )))))))))))))))))))))))))))))))
.
.
2011-10-14 04:51 . 2011-10-14 04:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-14 04:27 . 2011-10-14 04:27 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4682867-627B-469F-82E0-ACD10219A3FA}\MpKslae59999b.sys
2011-10-14 04:27 . 2011-10-14 04:27 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4682867-627B-469F-82E0-ACD10219A3FA}\offreg.dll
2011-10-14 04:27 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4682867-627B-469F-82E0-ACD10219A3FA}\mpengine.dll
2011-10-12 00:57 . 2011-08-17 04:26 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 00:57 . 2011-08-17 04:22 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 00:57 . 2011-08-17 04:22 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 00:57 . 2011-08-17 04:22 204288 ----a-w- c:\windows\system32\MSNP.ax
2011-10-12 00:57 . 2011-08-17 04:22 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 00:57 . 2011-08-27 04:43 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 00:57 . 2011-08-27 04:43 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 00:57 . 2011-09-06 02:38 2332672 ----a-w- c:\windows\system32\win32k.sys
2011-10-10 22:34 . 2011-10-10 22:33 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F817235D-686F-4BBB-BFF9-78A4BA6EB237}\gapaengine.dll
2011-10-05 02:44 . 2011-10-05 02:44 -------- d-----w- c:\users\Naomi\AppData\Roaming\SUPERAntiSpyware.com
2011-10-05 02:31 . 2011-10-05 02:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-05 02:31 . 2011-10-05 02:31 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-10-04 20:57 . 2011-10-04 20:57 -------- d-----w- c:\users\Naomi\AppData\Roaming\Malwarebytes
2011-10-04 20:57 . 2011-10-04 20:57 -------- d-----w- c:\programdata\Malwarebytes
2011-10-04 20:57 . 2011-10-04 20:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-04 20:57 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-04 06:05 . 2011-10-04 06:05 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-10-04 06:04 . 2011-10-04 06:04 -------- d-----w- c:\program files\MSXML 4.0
2011-10-03 20:11 . 2011-10-03 20:11 -------- d-----w- c:\programdata\CambridgeSoft
2011-10-03 20:03 . 2011-10-03 20:03 -------- d-----w- c:\program files\CambridgeSoft
2011-10-03 19:58 . 2011-10-03 20:09 -------- d-----w- C:\CSTEMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-12 23:14 . 2011-07-26 19:56 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:40 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"mwlDaemon"="c:\program files\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-19 9874024]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-16 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-16 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-16 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2010-08-10 975952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-05 1692968]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 715296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-11-11 159472]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2010-11-26 704032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl0189d57e;MpKsl0189d57e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FC65E61E-5896-4CC7-95B1-878B51C40975}\MpKsl0189d57e.sys [x]
R1 MpKsl02efebe0;MpKsl02efebe0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{04F5EBF8-E12D-443A-BF7E-7C550D6AEFC7}\MpKsl02efebe0.sys [x]
R1 MpKsl03034284;MpKsl03034284;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D8C7E5F2-6C91-44BC-A608-17CF3930E6D0}\MpKsl03034284.sys [x]
R1 MpKsl06e100e6;MpKsl06e100e6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{330AC0D5-2EB9-4A97-B246-EAD706933AFC}\MpKsl06e100e6.sys [x]
R1 MpKsl0d555529;MpKsl0d555529;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5DD6CDF1-136F-4D93-9376-83A4B6092A5B}\MpKsl0d555529.sys [x]
R1 MpKsl117eafa0;MpKsl117eafa0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{810D2E71-285E-409D-9B7B-E1AD42E37DD0}\MpKsl117eafa0.sys [x]
R1 MpKsl158a73ab;MpKsl158a73ab;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{20B863F9-3D43-44B2-BE55-98C977F3E334}\MpKsl158a73ab.sys [x]
R1 MpKsl15b82fe4;MpKsl15b82fe4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71CB3347-7126-4ECC-A05E-4088B0D41EB7}\MpKsl15b82fe4.sys [x]
R1 MpKsl1ef3245c;MpKsl1ef3245c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E96545D-1D95-47CB-8C8E-1F51B24BB758}\MpKsl1ef3245c.sys [x]
R1 MpKsl21ac0289;MpKsl21ac0289;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97B067C7-CF3F-48F5-920B-80FC20906530}\MpKsl21ac0289.sys [x]
R1 MpKsl2c9ee2fa;MpKsl2c9ee2fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6052FBA1-8A6D-458C-856B-E9E23410E856}\MpKsl2c9ee2fa.sys [x]
R1 MpKsl3045dd95;MpKsl3045dd95;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E8E3A006-AE63-4021-8F39-DD55E1A6E5BB}\MpKsl3045dd95.sys [x]
R1 MpKsl384be5f2;MpKsl384be5f2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CF846D9-00F7-412F-9F1F-F47638CA5375}\MpKsl384be5f2.sys [x]
R1 MpKsl39a5f625;MpKsl39a5f625;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F040A57D-537D-480D-B2F3-7BA786B34254}\MpKsl39a5f625.sys [x]
R1 MpKsl3ab60e95;MpKsl3ab60e95;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9A0EC2BC-EAA9-4FA9-8C54-D575489D0264}\MpKsl3ab60e95.sys [x]
R1 MpKsl3d6f0251;MpKsl3d6f0251;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FE5B2BC-97AD-4A7D-9C19-B467E633D872}\MpKsl3d6f0251.sys [x]
R1 MpKsl409f290c;MpKsl409f290c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26393DC0-34C9-4634-95F3-5EB7FA5198FE}\MpKsl409f290c.sys [x]
R1 MpKsl4d0bb175;MpKsl4d0bb175;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4546811D-DC62-4AE7-B76E-7E38EAB567AE}\MpKsl4d0bb175.sys [x]
R1 MpKsl4f56287f;MpKsl4f56287f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C4330DD0-1BD4-493D-8886-5890E396AB60}\MpKsl4f56287f.sys [x]
R1 MpKsl4fbbb244;MpKsl4fbbb244;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6771679E-64E3-4BF0-B5C9-9CBF1499A5BA}\MpKsl4fbbb244.sys [x]
R1 MpKsl51b934ea;MpKsl51b934ea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B1E8963-59B5-4327-9755-F4BA4AB4B228}\MpKsl51b934ea.sys [x]
R1 MpKsl58a5a05b;MpKsl58a5a05b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{244C6D82-660C-4CC8-BE05-B156A779BC61}\MpKsl58a5a05b.sys [x]
R1 MpKsl58bf67f0;MpKsl58bf67f0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87DA1A67-47D8-44B7-AD8C-136EE078F83A}\MpKsl58bf67f0.sys [x]
R1 MpKsl5c17cf3f;MpKsl5c17cf3f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86BACF22-1CFA-4C68-AC2C-791151B0F4F0}\MpKsl5c17cf3f.sys [x]
R1 MpKsl6347b152;MpKsl6347b152;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C960A82C-BD06-411D-A83E-E6F8558E5196}\MpKsl6347b152.sys [x]
R1 MpKsl639f328e;MpKsl639f328e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B3B3CFD-BB13-4BE3-9BAC-2650C41DE590}\MpKsl639f328e.sys [x]
R1 MpKsl6a823156;MpKsl6a823156;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8352E8D-6D47-422B-B5BD-D2B974CFA6B3}\MpKsl6a823156.sys [x]
R1 MpKsl71337ebc;MpKsl71337ebc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{982A99E9-5277-4C6A-9E79-87FB9AE89BBB}\MpKsl71337ebc.sys [x]
R1 MpKsl729ba926;MpKsl729ba926;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{629D570F-C1B2-4178-B28D-6EB25A648A5A}\MpKsl729ba926.sys [x]
R1 MpKsl75f474ed;MpKsl75f474ed;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C4330DD0-1BD4-493D-8886-5890E396AB60}\MpKsl75f474ed.sys [x]
R1 MpKsl7a9a5ab1;MpKsl7a9a5ab1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B68C685-3401-42FE-88A0-5DE06D245C56}\MpKsl7a9a5ab1.sys [x]
R1 MpKsl7c826f97;MpKsl7c826f97;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CF846D9-00F7-412F-9F1F-F47638CA5375}\MpKsl7c826f97.sys [x]
R1 MpKsl7d321ea1;MpKsl7d321ea1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CF846D9-00F7-412F-9F1F-F47638CA5375}\MpKsl7d321ea1.sys [x]
R1 MpKsl87f94d85;MpKsl87f94d85;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC878AC4-E0D7-4439-9D30-E85A497045D5}\MpKsl87f94d85.sys [x]
R1 MpKsl888adab9;MpKsl888adab9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61551A7A-5F19-46E9-8F8D-39E82949B954}\MpKsl888adab9.sys [x]
R1 MpKsl8eb76ca1;MpKsl8eb76ca1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6535529-FC11-494D-8371-7D790F37DE17}\MpKsl8eb76ca1.sys [x]
R1 MpKsla41a3a92;MpKsla41a3a92;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9A0EC2BC-EAA9-4FA9-8C54-D575489D0264}\MpKsla41a3a92.sys [x]
R1 MpKsla4ae85fd;MpKsla4ae85fd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{80274F2A-FE66-4B12-82CB-AFE8DA92A19F}\MpKsla4ae85fd.sys [x]
R1 MpKsla8c60c30;MpKsla8c60c30;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A41F80E8-3360-4877-9029-7BD6909EBBD4}\MpKsla8c60c30.sys [x]
R1 MpKslada2de7b;MpKslada2de7b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4CF846D9-00F7-412F-9F1F-F47638CA5375}\MpKslada2de7b.sys [x]
R1 MpKslb24d1089;MpKslb24d1089;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E6E4DFCD-5809-4FD5-A2A5-BED8BFB91A14}\MpKslb24d1089.sys [x]
R1 MpKslb3779ac2;MpKslb3779ac2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{474A6E54-0DF7-48C7-9B99-9CFBCA8A203F}\MpKslb3779ac2.sys [x]
R1 MpKslbb9db07f;MpKslbb9db07f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C9C8E034-2F8B-4811-ADBA-6B28BD7244E6}\MpKslbb9db07f.sys [x]
R1 MpKslbc09be12;MpKslbc09be12;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8944B634-D765-425E-92C9-1D6651361D53}\MpKslbc09be12.sys [x]
R1 MpKslbcdb6f3a;MpKslbcdb6f3a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A83C34BB-3339-4E80-ABEE-EAF447E6D2FC}\MpKslbcdb6f3a.sys [x]
R1 MpKslbe412dce;MpKslbe412dce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EEDA7152-4196-452D-85FD-F2A298EBB8AF}\MpKslbe412dce.sys [x]
R1 MpKslbfb6542a;MpKslbfb6542a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6191F7D6-EE87-432A-B4F2-2964813F30E1}\MpKslbfb6542a.sys [x]
R1 MpKslc65f1dc3;MpKslc65f1dc3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A9FAF8AD-AEF5-453C-AB58-D3A1089C843E}\MpKslc65f1dc3.sys [x]
R1 MpKslce282642;MpKslce282642;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EE48046-383E-4C54-98D9-2DF1F6435B35}\MpKslce282642.sys [x]
R1 MpKslcff93ec0;MpKslcff93ec0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{74EC92B0-1C9A-464E-83DC-7E287158CCB8}\MpKslcff93ec0.sys [x]
R1 MpKsld2f82da6;MpKsld2f82da6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8D674D3C-BA81-4B48-BF97-13DC3A4AF162}\MpKsld2f82da6.sys [x]
R1 MpKsld756fde5;MpKsld756fde5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{71CB3347-7126-4ECC-A05E-4088B0D41EB7}\MpKsld756fde5.sys [x]
R1 MpKsld909ab01;MpKsld909ab01;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C688B3D-C329-478B-AF99-A81A62DF7F62}\MpKsld909ab01.sys [x]
R1 MpKslddfb3356;MpKslddfb3356;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B32C2D6-0BE5-4EA5-B8A5-C8BB59924E7C}\MpKslddfb3356.sys [x]
R1 MpKsle3cc636c;MpKsle3cc636c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3EEAA76-139B-4A57-B0DC-832D19FBC928}\MpKsle3cc636c.sys [x]
R1 MpKsle4d35c07;MpKsle4d35c07;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9CD57CAE-0A22-4082-9473-2B35E24BBAEF}\MpKsle4d35c07.sys [x]
R1 MpKsle9d4a1ff;MpKsle9d4a1ff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{74EC92B0-1C9A-464E-83DC-7E287158CCB8}\MpKsle9d4a1ff.sys [x]
R1 MpKsle9e9ca9a;MpKsle9e9ca9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B68C685-3401-42FE-88A0-5DE06D245C56}\MpKsle9e9ca9a.sys [x]
R1 MpKslec690315;MpKslec690315;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EB1982C3-5B8B-441D-A06B-84B1F02B633B}\MpKslec690315.sys [x]
R1 MpKsledace256;MpKsledace256;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87A54E93-18FC-4F88-A477-617678651E78}\MpKsledace256.sys [x]
R1 MpKslf0f23557;MpKslf0f23557;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4D9A844F-3518-4653-8673-450E77A6070B}\MpKslf0f23557.sys [x]
R1 MpKslf1c6f69b;MpKslf1c6f69b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5C2B1139-9E7B-4026-8429-80E107BA6A15}\MpKslf1c6f69b.sys [x]
R1 MpKslf2c22f24;MpKslf2c22f24;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A48D2610-B747-403A-80BF-C1867F1AADD3}\MpKslf2c22f24.sys [x]
R1 MpKslf4e132ea;MpKslf4e132ea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97B067C7-CF3F-48F5-920B-80FC20906530}\MpKslf4e132ea.sys [x]
R1 MpKslf59253ed;MpKslf59253ed;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C5AD9384-F460-4E96-A31B-678B475B9DF4}\MpKslf59253ed.sys [x]
R1 MpKslfba39ce1;MpKslfba39ce1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{94772DCA-89D6-4A2E-BD0D-6C0DC6047B27}\MpKslfba39ce1.sys [x]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [2010-06-17 82768]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-11-11 268528]
S1 MpKslae59999b;MpKslae59999b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4682867-627B-469F-82E0-ACD10219A3FA}\MpKslae59999b.sys [2011-10-14 28752]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 18992]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60976]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 735776]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-05-31 6766080]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 577384]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL3E04F252
*NewlyCreated* - MPKSLAE59999B
*Deregistered* - MpKsl3e04f252
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-409634499-2984794655-3361225873-1000Core.job
- c:\users\Naomi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-20 05:07]
.
2011-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-409634499-2984794655-3361225873-1000UA.job
- c:\users\Naomi\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-20 05:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Naomi\AppData\Roaming\Mozilla\Firefox\Profiles\fnvmub4v.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-WildTangentGDF-acer-clubpenguin - c:\program files\Acer Games\Web Link - Club Penguin\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(844)
c:\program files\EgisTec MyWinLocker\x86\psdprotect.dll
c:\program files\EgisTec MyWinLocker\x86\sysenv.dll
c:\program files\Acer\Acer ePower Management\SysHook.dll
.
Completion time: 2011-10-14 00:58:08
ComboFix-quarantined-files.txt 2011-10-14 04:58
.
Pre-Run: 181,883,535,360 bytes free
Post-Run: 181,841,338,368 bytes free
.
- - End Of File - - D382EEF85A106E0B325898F6A77AFD81

Edited by myopiactic, 14 October 2011 - 12:13 AM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:49 AM

Posted 14 October 2011 - 08:47 AM

Nothing malicious was found.

This will clean the orphan registry items.

Open notepad and copy/paste the text in the quote box below into it:

Driver::
MpKsl0189d57e
MpKsl02efebe0
MpKsl03034284
MpKsl06e100e6
MpKsl0d555529
MpKsl117eafa0
MpKsl158a73ab
MpKsl15b82fe4
MpKsl1ef3245c
MpKsl21ac0289
MpKsl2c9ee2fa
MpKsl3045dd95
MpKsl384be5f2
MpKsl39a5f625
MpKsl3ab60e95
MpKsl3d6f0251
MpKsl409f290c
MpKsl4d0bb175
MpKsl4f56287f
MpKsl4fbbb244
MpKsl51b934ea
MpKsl58a5a05b
MpKsl58bf67f0
MpKsl5c17cf3f
MpKsl6347b152
MpKsl639f328e
MpKsl6a823156
MpKsl71337ebc
MpKsl729ba926
MpKsl75f474ed
MpKsl7a9a5ab1
MpKsl7c826f97
MpKsl7d321ea1
MpKsl87f94d85
MpKsl888adab9
MpKsl8eb76ca1
MpKsla41a3a92
MpKsla4ae85fd
MpKsla8c60c30
MpKslada2de7b
MpKslb24d1089
MpKslb3779ac2
MpKslbb9db07f
MpKslbc09be12
MpKslbcdb6f3a
MpKslbe412dce
MpKslbfb6542a
MpKslc65f1dc3
MpKslce282642
MpKslcff93ec0
MpKsld2f82da6
MpKsld756fde5
MpKsld909ab01
MpKslddfb3356
MpKsle3cc636c
MpKsle4d35c07
MpKsle9d4a1ff
MpKsle9e9ca9a
MpKslec690315
MpKsledace256
MpKslf0f23557
MpKslf1c6f69b
MpKslf2c22f24
MpKslf4e132ea
MpKslf59253ed
MpKslfba39ce1


Save this as CFScript on your desktop.

Posted Image

Referring to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Just to check further.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

Please post the logs.

#7 myopiactic

myopiactic
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 14 October 2011 - 10:34 AM

After I dropped the text file onto ComboFix, ComboFix restarted my computer ("This process tried to write to a nonexistant pipe.
) & posted another log text file. However, now whenever I try to open any file/program, I get "(program). Illegal operation attempted on a registry key that has been marked for deletion." When I hit "ok" (this is the only option), I get another prompt that says "The item you selected is unavailable, renamed, or removed. Do you want to remove it from the list?" The options are yes & no. I hit no because I do not know what list this refers to. Since I couldn't open a web-browser, I saved the log file to the desktop & closed it (I decided to just close my netbook/put it to sleep)... but now I can't open it. I can try putting it onto a flash drive later.

Why is nothing working anymore?... This is worse than what was happening before.

Edited by myopiactic, 14 October 2011 - 11:22 AM.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:49 AM

Posted 15 October 2011 - 07:42 AM

I really do not know what could have went wrong.

Try to restore your system using this page.

http://windows.microsoft.com/en-IN/windows7/What-are-the-system-recovery-options-in-Windows-7

Click on this link. Follow the directives.
To open the System Recovery Options menu on your computer

Keep me posted.

#9 myopiactic

myopiactic
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 18 October 2011 - 07:16 PM

I did a system restore to Thursday and it is working normally now. I will do the other scans tomorrow afternoon.

#10 myopiactic

myopiactic
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 19 October 2011 - 01:33 PM

Results of screen317's Security Check version 0.99.24
Windows 7 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 26
Out of date Java installed!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:49 AM

Posted 19 October 2011 - 05:21 PM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:
  • Download the latest version of Java SE Runtime Environment 6 Update 27.
  • In the box labeled "Java Platform, Standard Edition", click the "Download JRE" button to the right.
  • In the Window that opens, select Windows (or Windows x64), and check the "agree" box and click "Continue".
  • Click on the link to download Windows Offline Installation and save to your Desktop.
  • Then from your Desktop double-click on jre-6u27-windows-i586.exe that you have downloaded to install the newest version.

    For the x64 bit version download this on jre-6u27-windows-x64.exe). Make sure you download the corrent version.

    - Note: If you are running Vista or Windows 7, you may need to right-click on the installation file and select Run as Administrator.

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java™ 6 Update 26

===

If all is well:

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.

Surf Safely, and Think Prevention!
===

#12 myopiactic

myopiactic
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:49 AM

Posted 19 October 2011 - 06:07 PM

I'm still attempting to run ESET Online Scanner, but it's taking abnormally long (about 4 and a half hours), and it's only halfway done. I think it got stuck somehow, but my computer isn't frozen. I'll give it a little while longer, but I suppose it seems my computer is clean.

Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users