Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP freezing


  • Please log in to reply
9 replies to this topic

#1 Tommy gun

Tommy gun

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 05 December 2011 - 02:34 PM

Hi guys

Within the last 4 or 5 days my PC has started freezing. It can freeze anywhere up to 30 seconds, then it will unfreeze itself and run very smoothly for a while until the next freeze.
I have ran kaspersky anti-virus; Malwarebytes anti-malware; and super antispyware.
The only program to find something was Super antispyware and that was: Trojan.Agent/Gen-FraudPacked.
It was quarantined by the program but my PC is still freezing.

Whether it is relevant to this problem i have also noticed a couple of other things too....System restore was empty and does not automatically create restore points anymore and certain icons have changed on windows and other programs and i can't change them back.
Both these problems are not major but as they appeared the same time as the PC freezing i thought there might be a link.

Can anyone help?

Thanks in advance.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:07 AM

Posted 08 December 2011 - 04:25 PM

Hello and welcome. Please run these 2 and we will see how it is.
First some system info...

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please post the logs for my revie



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Tommy gun

Tommy gun
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 08 December 2011 - 05:25 PM

When i run TDSS it runs via Kaspersky....Is this correct or do i need to do something else?
Kaspersky did not offer the chance to save a log.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:07 AM

Posted 08 December 2011 - 08:39 PM

It is a Kaspersky tool yes.
It should have done it automatically.
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).

Look for something like this TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt on your C drive.

Edited by boopme, 08 December 2011 - 08:40 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Tommy gun

Tommy gun
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 09 December 2011 - 11:46 AM

MiniToolBox by Farbar
Ran by user (administrator) on 08-12-2011 at 21:34:03
Microsoft Windows XP Home Edition Service Pack 3 (X86)

***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8169/8110 Family Gigabit Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : user-3a71525746

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : home



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC

Physical Address. . . . . . . . . : 00-15-58-4B-14-DF

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : 08 December 2011 20:43:05

Lease Expires . . . . . . . . . . : 09 December 2011 20:43:05

Server: api.home
Address: 192.168.1.254

Name: google.com
Addresses: 209.85.147.106, 209.85.147.147, 209.85.147.99, 209.85.147.104
209.85.147.103, 209.85.147.105



Pinging google.com [209.85.147.105] with 32 bytes of data:



Reply from 209.85.147.105: bytes=32 time=49ms TTL=49

Reply from 209.85.147.105: bytes=32 time=49ms TTL=49



Ping statistics for 209.85.147.105:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 49ms, Maximum = 49ms, Average = 49ms

Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.137.149.56, 98.139.180.149, 209.191.122.70, 72.30.2.43



Pinging yahoo.com [98.139.180.149] with 32 bytes of data:



Reply from 98.139.180.149: bytes=32 time=195ms TTL=44

Reply from 98.139.180.149: bytes=32 time=146ms TTL=44



Ping statistics for 98.139.180.149:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 146ms, Maximum = 195ms, Average = 170ms

Server: api.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 58 4b 14 df ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/08/2011 09:02:49 PM) (Source: MsiInstaller) (User: user)user
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error: (12/08/2011 09:02:07 PM) (Source: MsiInstaller) (User: user)user
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error: (12/08/2011 03:08:21 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/08/2011 02:07:30 PM) (Source: MsiInstaller) (User: user)user
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

Error: (12/07/2011 10:17:40 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (12/07/2011 10:17:40 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (12/07/2011 10:56:06 AM) (Source: Application Hang) (User: )
Description: Hanging application CKScanner.exe, version 1.6.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/02/2011 08:44:16 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2014, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/02/2011 08:44:03 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2014, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/02/2011 08:44:03 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2014, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (12/08/2011 08:45:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (12/08/2011 08:45:27 PM) (Source: Service Control Manager) (User: )
Description: The Kaspersky Anti-Virus Service service hung on starting.

Error: (12/08/2011 08:43:57 PM) (Source: Service Control Manager) (User: )
Description: The PfModNT service failed to start due to the following error:
%%2

Error: (12/08/2011 02:38:24 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (12/08/2011 02:38:24 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (12/08/2011 02:37:03 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (12/08/2011 02:36:10 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (12/08/2011 02:35:20 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (12/08/2011 02:20:25 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (12/08/2011 02:00:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================
Error: (12/08/2011 09:02:49 PM) (Source: MsiInstaller)(User: user)user
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.(NULL)(NULL)(NULL)

Error: (12/08/2011 09:02:07 PM) (Source: MsiInstaller)(User: user)user
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.(NULL)(NULL)(NULL)

Error: (12/08/2011 03:08:21 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (12/08/2011 02:07:30 PM) (Source: MsiInstaller)(User: user)user
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.(NULL)(NULL)(NULL)

Error: (12/07/2011 10:17:40 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (12/07/2011 10:17:40 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (12/07/2011 10:56:06 AM) (Source: Application Hang)(User: )
Description: CKScanner.exe1.6.1.0hungapp0.0.0.000000000

Error: (12/02/2011 08:44:16 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2014hungapp0.0.0.000000000

Error: (12/02/2011 08:44:03 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2014hungapp0.0.0.000000000

Error: (12/02/2011 08:44:03 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2014hungapp0.0.0.000000000


=========================== Installed Programs ============================

(Version: 6.7.0)
3-IN-A-BED Version 5.2
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Ad-Aware Email Scanner for Outlook (Version: 1.0.0)
Adobe AIR (Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Ahead Nero Burning ROM
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 2000
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
Audacity 1.3.13 (Unicode)
BBC iPlayer Desktop (Version: 3.2.6)
BeebEm V4.11
Brian Lara International Cricket 2005 (Version: 1.00.0000)
BT Home Hub
BT Wireless Connection Manager
BT Yahoo! Applications
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon CanoScan Toolbox 4.1
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.5.0.3)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.1.6)
Canon iP4300 User Registration
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Setup Utility 2.3
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
Canon Utilities EOS Utility (Version: 1.1.0.8)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
CCleaner (remove only)
CD-LabelPrint
CorelDRAW 10
CorelDRAW 10 (Version: 10)
Creative Jukebox Driver
Creative MediaSource (Version: 2.00)
Easy-WebPrint
EPSON Printer Software
EZdrummer (Version: 1.1.1)
EZXCocktail (Version: 1.2)
EZXJazz (Version: 1.0.0)
EZXNashville (Version: 1.1.2)
EZXPercussion (Version: 1.1.3)
Football Manager 2006 (Version: 6.0.0)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.79)
HiJackThis (Version: 1.0.0)
Internet Explorer (Enable DEP)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (Version: 6.0.220)
Kaspersky Internet Security 2011 (Version: 11.0.1.400)
Labtec WebCam Software (Version: 8.42.0000)
Labtec® Camera Driver
LADSPA_plugins-win-0.4.15
Live 6.0.9
MA_CMIDI (Version: 4.2.01v3)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Master Unit
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Links 2001
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WorldWide Telescope (Version: 3.0.5)
mIRC (Version: 6.21)
Mozilla Firefox 8.0.1 (x86 en-US) (Version: 8.0.1)
MSN
MSVCRT (Version: 14.0.1468.721)
Native Instruments Absynth 4
Native Instruments Akoustik Piano
Native Instruments B4 II
Native Instruments Compilation Vol. 1
Native Instruments Compilation Vol. 1 (Version: 1.0.0.001)
Native Instruments Compilation Vol. 2
Native Instruments Compilation Vol. 2 (Version: 1.0.0.003)
Native Instruments Kontakt 4
Native Instruments Kontakt 4 (Version: 4.2.2.4504)
Native Instruments Kontakt Factory Selection
Native Instruments Kontakt Factory Selection (Version: 1.0.0.002)
Native Instruments Kontakt Sax and Brass
Native Instruments Kore Player
Native Instruments Kore Player (Version: 2.1.2.8232)
Native Instruments Scarbee Pre-Bass
Native Instruments Scarbee Pre-Bass (Version: 1.0.0.002)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.2.5.596)
NI Service Center
Norton Spyware Scan (Version: 2.0.109.11)
NVIDIA Control Panel 260.99 (Version: 260.99)
NVIDIA Graphics Driver 260.99 (Version: 260.99)
NVIDIA Install Application (Version: 2.0.14.0)
NVIDIA nView 135.36 (Version: 135.36)
NVIDIA nView Desktop Manager (Version: 6.14.10.13065)
OmniPage SE (Version: 11.00.0001)
Platform (Version: 1.13)
Pool Paradise (Version: 1.0.0)
Postal 2
PowerDVD
QuickTime (Version: 7.71.80.42)
RealArcade
RealPlayer
Realtek AC'97 Audio (Version: 5.35)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.02.0000)
ReBirth RB-338
Samsung_MonSetup (Version: 1.00.0000)
Scrabble ®
Segoe UI (Version: 14.0.4327.805)
Smart Office Keyboard
SopCast 3.2.9 (Version: 3.2.9)
SopCore 1.1.1 (Version: 1.1.1)
SoulSeek Client 156c
Sound Blaster X-Fi (Version: 1.0)
Sound Studio Gold V1.02
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Spotify (Version: 0.4.10)
Steinberg Cubase Studio 4 (Version: 4.5.2.274)
Steinberg Drum Loop Expansion 01 (Version: 1.0.0.1)
Steinberg HALionOne (Version: 1.1.0.457)
Steinberg HALionOne Additional Content Set 01 (Version: 1.0.0.001)
Steinberg HALionOne GM Drum Set (Version: 1.0.1.457)
Steinberg HALionOne GM Set (Version: 1.0.1.457)
Steinberg HALionOne Studio Drum Set (Version: 1.0.1.457)
Steinberg HALionOne Studio Set (Version: 1.0.1.457)
Super Elf Bowling 2
SUPERAntiSpyware (Version: 4.54.1000)
Syncrosoft License Control
Toontrack solo (Version: 1.0)
TVUPlayer 2.5.3.1 (Version: 2.5.3.1)
VC 9.0 Runtime (Version: 1.0.0)
VIA Platform Device Manager (Version: 1.13)
VideoPad Video Editor
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WaveLab Lite
WebFldrs XP (Version: 9.50.7523)
Who Wants To Be A Millionaire (Version: 1.0.0.0000)
Winamp (Version: 5.601 )
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0017.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WinUAE 2.3.0 (Version: 2.3.0)
Worms World Party
Worms2
XviD MPEG-4 Codec
Yahoo! Search Protection
Yahoo! Software Update
ZoneAlarm Spy Blocker
Zune Desktop Theme (Version: 1.0.5341.0)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 2046.42 MB
Available physical RAM: 1494.06 MB
Total Pagefile: 3424.27 MB
Available Pagefile: 2699.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.6 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:66.57 GB) NTFS
3 Drive e: () (Fixed) (Total:186.31 GB) (Free:33.46 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-3A71525746

Administrator Guest HelpAssistant
SUPPORT_388945a0 user

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini102210-01.dmp
C:\WINDOWS\Minidump\Mini102210-02.dmp

**** End of log ****


21:37:57.0750 4036 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
21:37:58.0296 4036 ============================================================
21:37:58.0296 4036 Current date / time: 2011/12/08 21:37:58.0296
21:37:58.0296 4036 SystemInfo:
21:37:58.0296 4036
21:37:58.0296 4036 OS Version: 5.1.2600 ServicePack: 3.0
21:37:58.0296 4036 Product type: Workstation
21:37:58.0296 4036 ComputerName: USER-3A71525746
21:37:58.0296 4036 UserName: user
21:37:58.0296 4036 Windows directory: C:\WINDOWS
21:37:58.0296 4036 System windows directory: C:\WINDOWS
21:37:58.0296 4036 Processor architecture: Intel x86
21:37:58.0296 4036 Number of processors: 2
21:37:58.0296 4036 Page size: 0x1000
21:37:58.0296 4036 Boot type: Normal boot
21:37:58.0296 4036 ============================================================
21:38:18.0312 4036 Initialize success
21:38:22.0453 0828 ============================================================
21:38:22.0453 0828 Scan started
21:38:22.0453 0828 Mode: Manual;
21:38:22.0453 0828 ============================================================
21:38:25.0328 0828 Abiosdsk - ok
21:38:25.0640 0828 abp480n5 - ok
21:38:26.0312 0828 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:38:26.0390 0828 ACPI - ok
21:38:26.0765 0828 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:38:26.0765 0828 ACPIEC - ok
21:38:27.0156 0828 adpu160m - ok
21:38:27.0484 0828 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:38:27.0515 0828 aec - ok
21:38:27.0953 0828 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:38:27.0984 0828 AFD - ok
21:38:28.0296 0828 Aha154x - ok
21:38:28.0578 0828 aic78u2 - ok
21:38:28.0875 0828 aic78xx - ok
21:38:30.0890 0828 ALCXWDM (d9026163ed32a13923a2c909897a6b87) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:38:32.0406 0828 ALCXWDM - ok
21:38:32.0703 0828 AliIde - ok
21:38:33.0093 0828 amsint - ok
21:38:33.0453 0828 Asapi (1e0eeb62964513f4f1e18fee3c69c43d) C:\WINDOWS\system32\drivers\Asapi.sys
21:38:33.0453 0828 Asapi - ok
21:38:34.0125 0828 asbp2poa - ok
21:38:34.0468 0828 asc - ok
21:38:34.0750 0828 asc3350p - ok
21:38:35.0203 0828 asc3550 - ok
21:38:35.0546 0828 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:38:35.0546 0828 AsyncMac - ok
21:38:35.0859 0828 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:38:35.0875 0828 atapi - ok
21:38:36.0296 0828 Atdisk - ok
21:38:36.0609 0828 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:38:36.0609 0828 Atmarpc - ok
21:38:37.0125 0828 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:38:37.0125 0828 audstub - ok
21:38:37.0453 0828 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:38:37.0468 0828 Beep - ok
21:38:37.0781 0828 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:38:37.0796 0828 cbidf2k - ok
21:38:38.0281 0828 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:38:38.0281 0828 CCDECODE - ok
21:38:38.0531 0828 cd20xrnt - ok
21:38:38.0843 0828 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:38:38.0859 0828 Cdaudio - ok
21:38:39.0515 0828 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:38:39.0515 0828 Cdfs - ok
21:38:39.0828 0828 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:38:39.0828 0828 Cdrom - ok
21:38:40.0109 0828 Changer - ok
21:38:40.0390 0828 CmdIde - ok
21:38:40.0640 0828 Cpqarray - ok
21:38:40.0921 0828 cpuz132 - ok
21:38:41.0171 0828 cpuz134 - ok
21:38:41.0609 0828 ctac32k (05fb76214fc4b9f7dad99021b87ec25b) C:\WINDOWS\system32\drivers\ctac32k.sys
21:38:41.0750 0828 ctac32k - ok
21:38:42.0281 0828 ctaud2k (59d126f743db2f16ad5dc020057ee3f9) C:\WINDOWS\system32\drivers\ctaud2k.sys
21:38:42.0406 0828 ctaud2k - ok
21:38:42.0781 0828 ctdvda2k (5a0eeb00b02fc78605aa9d3590b24978) C:\WINDOWS\system32\drivers\ctdvda2k.sys
21:38:42.0890 0828 ctdvda2k - ok
21:38:43.0171 0828 ctprxy2k (34a8c98cf5fa4999e2df020ec1fd3444) C:\WINDOWS\system32\drivers\ctprxy2k.sys
21:38:43.0171 0828 ctprxy2k - ok
21:38:43.0484 0828 ctsfm2k (b2ff1a68ca3f67d72caba71bfdcfb2e4) C:\WINDOWS\system32\drivers\ctsfm2k.sys
21:38:43.0515 0828 ctsfm2k - ok
21:38:43.0765 0828 dac2w2k - ok
21:38:44.0015 0828 dac960nt - ok
21:38:44.0421 0828 DELTA (3c7463655096690cd0e6ee45a4529cb8) C:\WINDOWS\system32\drivers\delta.sys
21:38:44.0484 0828 DELTA - ok
21:38:44.0765 0828 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:38:44.0765 0828 Disk - ok
21:38:45.0593 0828 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:38:45.0843 0828 dmboot - ok
21:38:46.0171 0828 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:38:46.0203 0828 dmio - ok
21:38:46.0484 0828 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:38:46.0484 0828 dmload - ok
21:38:46.0796 0828 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:38:46.0796 0828 DMusic - ok
21:38:47.0078 0828 dpti2o - ok
21:38:47.0359 0828 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:38:47.0375 0828 drmkaud - ok
21:38:47.0703 0828 emupia (ac5f1a54b75d1941ccea7dfc37251c9b) C:\WINDOWS\system32\drivers\emupia2k.sys
21:38:47.0718 0828 emupia - ok
21:38:48.0062 0828 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:38:48.0109 0828 Fastfat - ok
21:38:48.0437 0828 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:38:48.0437 0828 Fdc - ok
21:38:48.0718 0828 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:38:48.0718 0828 Fips - ok
21:38:49.0000 0828 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:38:49.0015 0828 Flpydisk - ok
21:38:49.0328 0828 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:38:49.0343 0828 FltMgr - ok
21:38:49.0625 0828 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:38:49.0625 0828 Fs_Rec - ok
21:38:49.0984 0828 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:38:50.0015 0828 Ftdisk - ok
21:38:50.0031 0828 GMSIPCI - ok
21:38:50.0359 0828 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:38:50.0359 0828 Gpc - ok
21:38:51.0046 0828 ha20x2k (ed4724ee042d7e76cdfa19fcbd801dd4) C:\WINDOWS\system32\drivers\ha20x2k.sys
21:38:51.0375 0828 ha20x2k - ok
21:38:51.0687 0828 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:38:51.0687 0828 HidUsb - ok
21:38:51.0968 0828 hpn - ok
21:38:52.0343 0828 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:38:52.0421 0828 HTTP - ok
21:38:52.0687 0828 i2omgmt - ok
21:38:52.0968 0828 i2omp - ok
21:38:53.0250 0828 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:38:53.0265 0828 i8042prt - ok
21:38:53.0578 0828 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:38:53.0578 0828 Imapi - ok
21:38:53.0859 0828 ini910u - ok
21:38:54.0156 0828 IntelIde - ok
21:38:54.0468 0828 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:38:54.0468 0828 intelppm - ok
21:38:54.0765 0828 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:38:54.0765 0828 Ip6Fw - ok
21:38:55.0046 0828 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:38:55.0062 0828 IpFilterDriver - ok
21:38:55.0359 0828 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:38:55.0359 0828 IpInIp - ok
21:38:55.0703 0828 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:38:55.0734 0828 IpNat - ok
21:38:56.0062 0828 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:38:56.0062 0828 IPSec - ok
21:38:56.0343 0828 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:38:56.0343 0828 IRENUM - ok
21:38:56.0718 0828 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:38:56.0718 0828 isapnp - ok
21:38:57.0046 0828 Jukebox3 (c4d1e49a7d853a6fdfe8ec2906ae5aaa) C:\WINDOWS\system32\DRIVERS\ctpdusb.sys
21:38:57.0062 0828 Jukebox3 - ok
21:38:57.0328 0828 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:38:57.0328 0828 Kbdclass - ok
21:38:57.0656 0828 kl1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\drivers\kl1.sys
21:38:57.0687 0828 kl1 - ok
21:38:57.0984 0828 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
21:38:58.0000 0828 kl2 - ok
21:38:58.0437 0828 KLIF (395a295fd9ea657b4a3621e402cc56c5) C:\WINDOWS\system32\DRIVERS\klif.sys
21:38:58.0453 0828 KLIF - ok
21:38:58.0750 0828 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
21:38:58.0765 0828 klim5 - ok
21:38:59.0031 0828 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:38:59.0046 0828 klmouflt - ok
21:38:59.0359 0828 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:38:59.0375 0828 kmixer - ok
21:38:59.0687 0828 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:38:59.0703 0828 KSecDD - ok
21:38:59.0984 0828 Lbd - ok
21:39:00.0265 0828 lbrtfdc - ok
21:39:00.0609 0828 LVUSBSta (0be8e67a2639e6f663225e485cc1b2fb) C:\WINDOWS\system32\drivers\lvusbsta.sys
21:39:00.0625 0828 LVUSBSta - ok
21:39:00.0890 0828 MagicTune - ok
21:39:01.0187 0828 MA_CMIDI (68226ac1f255711ef87c8d03418148d5) C:\WINDOWS\system32\drivers\ma_cmidi.sys
21:39:01.0187 0828 MA_CMIDI - ok
21:39:01.0515 0828 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:39:01.0515 0828 mnmdd - ok
21:39:01.0828 0828 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:39:01.0828 0828 Modem - ok
21:39:02.0093 0828 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:39:02.0109 0828 Mouclass - ok
21:39:02.0390 0828 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:39:02.0390 0828 mouhid - ok
21:39:02.0671 0828 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:39:02.0687 0828 MountMgr - ok
21:39:02.0937 0828 mraid35x - ok
21:39:03.0093 0828 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
21:39:03.0093 0828 MREMP50 - ok
21:39:03.0125 0828 MREMP50a64 - ok
21:39:03.0171 0828 MREMPR5 - ok
21:39:03.0218 0828 MRENDIS5 - ok
21:39:03.0281 0828 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
21:39:03.0296 0828 MRESP50 - ok
21:39:03.0328 0828 MRESP50a64 - ok
21:39:03.0671 0828 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:39:03.0718 0828 MRxDAV - ok
21:39:04.0140 0828 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:39:04.0265 0828 MRxSmb - ok
21:39:04.0562 0828 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:39:04.0578 0828 Msfs - ok
21:39:04.0875 0828 msikbd2k (9b99b04c28ccd19741dbbed64480195c) C:\WINDOWS\system32\DRIVERS\msikbd2k.sys
21:39:04.0890 0828 msikbd2k - ok
21:39:05.0171 0828 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:39:05.0187 0828 MSKSSRV - ok
21:39:05.0468 0828 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:39:05.0468 0828 MSPCLOCK - ok
21:39:05.0734 0828 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:39:05.0750 0828 MSPQM - ok
21:39:06.0046 0828 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:39:06.0046 0828 mssmbios - ok
21:39:06.0343 0828 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:39:06.0343 0828 MSTEE - ok
21:39:06.0671 0828 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:39:06.0687 0828 Mup - ok
21:39:07.0015 0828 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:39:07.0015 0828 NABTSFEC - ok
21:39:07.0375 0828 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:39:07.0421 0828 NDIS - ok
21:39:07.0703 0828 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:39:07.0718 0828 NdisIP - ok
21:39:08.0015 0828 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:39:08.0015 0828 NdisTapi - ok
21:39:08.0312 0828 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:39:08.0312 0828 Ndisuio - ok
21:39:08.0625 0828 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:39:08.0640 0828 NdisWan - ok
21:39:09.0062 0828 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:39:09.0062 0828 NDProxy - ok
21:39:09.0406 0828 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:39:09.0406 0828 NetBIOS - ok
21:39:09.0734 0828 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:39:09.0765 0828 NetBT - ok
21:39:10.0171 0828 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:39:10.0171 0828 Npfs - ok
21:39:10.0640 0828 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:39:10.0812 0828 Ntfs - ok
21:39:11.0125 0828 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:39:11.0125 0828 Null - ok
21:39:14.0625 0828 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:39:17.0750 0828 nv - ok
21:39:18.0140 0828 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:39:18.0140 0828 NwlnkFlt - ok
21:39:18.0406 0828 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:39:18.0421 0828 NwlnkFwd - ok
21:39:18.0718 0828 ossrv (10bf60d011b332bdc4103fba4a7ac24d) C:\WINDOWS\system32\drivers\ctoss2k.sys
21:39:18.0734 0828 ossrv - ok
21:39:19.0046 0828 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
21:39:19.0062 0828 Parport - ok
21:39:19.0328 0828 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:39:19.0328 0828 PartMgr - ok
21:39:19.0625 0828 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:39:19.0640 0828 ParVdm - ok
21:39:19.0921 0828 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:39:19.0921 0828 PCI - ok
21:39:20.0171 0828 PCIDump - ok
21:39:20.0453 0828 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:39:20.0453 0828 PCIIde - ok
21:39:20.0796 0828 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:39:20.0828 0828 Pcmcia - ok
21:39:21.0078 0828 PDCOMP - ok
21:39:21.0343 0828 PDFRAME - ok
21:39:21.0593 0828 PDRELI - ok
21:39:21.0843 0828 PDRFRAME - ok
21:39:22.0109 0828 perc2 - ok
21:39:22.0359 0828 perc2hib - ok
21:39:22.0625 0828 PfModNT - ok
21:39:23.0000 0828 PID_0928 (a2b25662fb5faf875ccead2166b5f9ad) C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
21:39:23.0062 0828 PID_0928 - ok
21:39:23.0359 0828 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:39:23.0359 0828 PptpMiniport - ok
21:39:23.0718 0828 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:39:23.0718 0828 PSched - ok
21:39:24.0109 0828 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:39:24.0109 0828 Ptilink - ok
21:39:24.0390 0828 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:39:24.0390 0828 PxHelp20 - ok
21:39:24.0640 0828 ql1080 - ok
21:39:24.0906 0828 Ql10wnt - ok
21:39:25.0156 0828 ql12160 - ok
21:39:25.0687 0828 ql1240 - ok
21:39:26.0078 0828 ql1280 - ok
21:39:26.0375 0828 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:39:26.0390 0828 RasAcd - ok
21:39:26.0671 0828 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:39:26.0671 0828 Rasl2tp - ok
21:39:27.0015 0828 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:39:27.0031 0828 RasPppoe - ok
21:39:27.0406 0828 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:39:27.0406 0828 Raspti - ok
21:39:27.0781 0828 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:39:27.0828 0828 Rdbss - ok
21:39:28.0125 0828 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:39:28.0125 0828 RDPCDD - ok
21:39:28.0484 0828 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:39:28.0515 0828 RDPWD - ok
21:39:28.0812 0828 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:39:28.0828 0828 redbook - ok
21:39:29.0187 0828 RTL8023xp (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
21:39:29.0187 0828 RTL8023xp - ok
21:39:29.0296 0828 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:39:29.0296 0828 SASDIFSV - ok
21:39:29.0359 0828 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:39:29.0375 0828 SASKUTIL - ok
21:39:29.0718 0828 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:39:29.0734 0828 Secdrv - ok
21:39:30.0046 0828 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:39:30.0046 0828 serenum - ok
21:39:30.0359 0828 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
21:39:30.0359 0828 Serial - ok
21:39:30.0687 0828 sfdrv01 (b659e4af7534e3516ddc0b820db8f910) C:\WINDOWS\system32\drivers\sfdrv01.sys
21:39:30.0703 0828 sfdrv01 - ok
21:39:30.0984 0828 sfhlp02 (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
21:39:30.0984 0828 sfhlp02 - ok
21:39:31.0250 0828 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:39:31.0265 0828 Sfloppy - ok
21:39:31.0531 0828 sfsync02 (3fcb3fe43737b0ef6fe759fc0b886a69) C:\WINDOWS\system32\drivers\sfsync02.sys
21:39:31.0531 0828 sfsync02 - ok
21:39:31.0828 0828 Simbad - ok
21:39:32.0250 0828 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:39:32.0265 0828 SLIP - ok
21:39:32.0640 0828 Sparrow - ok
21:39:32.0953 0828 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:39:32.0953 0828 splitter - ok
21:39:33.0250 0828 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
21:39:33.0250 0828 sr - ok
21:39:33.0671 0828 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:39:33.0765 0828 Srv - ok
21:39:34.0093 0828 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:39:34.0093 0828 streamip - ok
21:39:34.0359 0828 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:39:34.0359 0828 swenum - ok
21:39:34.0656 0828 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:39:34.0656 0828 swmidi - ok
21:39:34.0953 0828 symc810 - ok
21:39:35.0234 0828 symc8xx - ok
21:39:35.0500 0828 sym_hi - ok
21:39:35.0781 0828 sym_u3 - ok
21:39:36.0109 0828 SynasUSB (e46088b882e6315518630e249ddf958c) C:\WINDOWS\system32\drivers\SynasUSB.sys
21:39:36.0125 0828 SynasUSB - ok
21:39:36.0406 0828 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:39:36.0421 0828 sysaudio - ok
21:39:36.0859 0828 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:39:36.0953 0828 Tcpip - ok
21:39:37.0265 0828 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:39:37.0281 0828 TDPIPE - ok
21:39:37.0562 0828 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:39:37.0562 0828 TDTCP - ok
21:39:37.0843 0828 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:39:37.0843 0828 TermDD - ok
21:39:38.0140 0828 TosIde - ok
21:39:38.0468 0828 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
21:39:38.0468 0828 uagp35 - ok
21:39:38.0781 0828 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:39:38.0796 0828 Udfs - ok
21:39:39.0062 0828 ultra - ok
21:39:39.0468 0828 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:39:39.0578 0828 Update - ok
21:39:39.0984 0828 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
21:39:40.0000 0828 usbaudio - ok
21:39:40.0281 0828 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:39:40.0281 0828 usbccgp - ok
21:39:40.0562 0828 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:39:40.0578 0828 usbehci - ok
21:39:40.0890 0828 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:39:40.0906 0828 usbhub - ok
21:39:41.0187 0828 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:39:41.0203 0828 usbohci - ok
21:39:41.0500 0828 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:39:41.0500 0828 usbprint - ok
21:39:41.0796 0828 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:39:41.0796 0828 usbscan - ok
21:39:42.0109 0828 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:39:42.0109 0828 USBSTOR - ok
21:39:42.0375 0828 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:39:42.0375 0828 usbuhci - ok
21:39:42.0671 0828 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:39:42.0671 0828 VgaSave - ok
21:39:42.0953 0828 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
21:39:42.0953 0828 ViaIde - ok
21:39:43.0265 0828 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:39:43.0265 0828 VolSnap - ok
21:39:43.0500 0828 vsdatant - ok
21:39:43.0859 0828 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:39:43.0859 0828 Wanarp - ok
21:39:44.0125 0828 WDICA - ok
21:39:44.0453 0828 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:39:44.0453 0828 wdmaud - ok
21:39:44.0906 0828 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:39:44.0921 0828 WpdUsb - ok
21:39:45.0218 0828 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:39:45.0218 0828 WSTCODEC - ok
21:39:45.0531 0828 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:39:45.0546 0828 WudfPf - ok
21:39:45.0843 0828 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:39:45.0875 0828 WudfRd - ok
21:39:46.0000 0828 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:39:46.0187 0828 \Device\Harddisk0\DR0 - ok
21:39:46.0234 0828 MBR (0x1B8) (7490e13dc489e4e704d2115976665d5e) \Device\Harddisk1\DR1
21:39:46.0625 0828 \Device\Harddisk1\DR1 - ok
21:39:46.0640 0828 Boot (0x1200) (5ccac7768056a347a3f952add60c6761) \Device\Harddisk0\DR0\Partition0
21:39:46.0640 0828 \Device\Harddisk0\DR0\Partition0 - ok
21:39:46.0656 0828 ============================================================
21:39:46.0656 0828 Scan finished
21:39:46.0656 0828 ============================================================
21:39:46.0718 3684 Detected object count: 0
21:39:46.0718 3684 Actual detected object count: 0
21:40:26.0718 2948 Deinitialize success

ESETScan:

C:\Documents and Settings\user\Application Data\Sun\Java\Deployment\cache\6.0\43\556445eb-7f071e29 Java/TrojanDownloader.Agent.NBL trojan deleted - quarantined
C:\Documents and Settings\user\Application Data\Sun\Java\Deployment\cache\6.0\44\5473416c-6f94e16b a variant of Java/TrojanDownloader.Agent.NAN trojan deleted - quarantined
C:\Documents and Settings\user\Local Settings\Temp\ICReinstall\cnet2_OEBackup65_setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\user\My Documents\Downloads\cnet2_OEBackup65_setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\user\My Documents\Downloads\winamp5601_full_emusic-7plus_en-us.exe Win32/OpenCandy application deleted - quarantined
C:\Program Files\ZoneAlarmSB\bar\1.bin\NPZONESB.DLL Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files\ZoneAlarmSB\bar\1.bin\Z4PLUGIN.DLL a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\System Volume Information\_restore{3EDDCEE9-9633-4643-B7AD-E3C3DE3E9510}\RP1521\A0286408.DLL Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\System Volume Information\_restore{3EDDCEE9-9633-4643-B7AD-E3C3DE3E9510}\RP1521\A0286409.DLL a variant of Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\WINDOWS\Motive\btbb\UninstallHelper.exe probably a variant of Win32/Adware.Agent.MFHERUJ application cleaned by deleting - quarantined

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:07 AM

Posted 09 December 2011 - 04:47 PM

Looks clean ...

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u1-windows-i586-s.exe (or jre-7u1-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Tommy gun

Tommy gun
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 09 December 2011 - 06:27 PM

Unfortunately this hasn't made one iota of a difference.
I have deleted all the Java things and reinstalled the latest one, but it is still running very painfully slow.

It takes an absolute age to fire up.....and programs struggle to load or do not load at all.
I now cannot even access system restore.
I can't even start up in safe mode anymore either.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:07 AM

Posted 09 December 2011 - 09:35 PM

It appears you have faulty system files.

Let us see if we can get Safe mode to run.
Vista users my need to save it to the desktop first then right-click the icon and choose "Run as Administrator".

Please download and run SafeBootKeyRepair.exe.

Once it has completed, please try booting into Safe Mode.


Now,Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Tommy gun

Tommy gun
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 10 December 2011 - 07:40 AM

I ran the safe boot repair and i am now able to start in safe mode.....albeit very slowly.
I have also ran the scannow.
And again nothing seems to have changed. It is still incredibly slow and struggles to do the most basic of tasks; system restore will still not load; Kaspersky has stopped loading when i fire the PC up; and other programs are behaving in a strange way; and i still have these strange icons on various programs.

Any other ideas?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:07 AM

Posted 10 December 2011 - 10:16 PM

Ok, yes we need a deeper look to see what is buried here.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Include a link back to this topic.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users