Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems after XP Antivirus 2012 Removal


  • Please log in to reply
18 replies to this topic

#1 Frazzled1

Frazzled1

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 28 December 2011 - 10:12 PM

Hey guys, and thank you for the work you do here. How you are smart enough to thwart those nasty virus writers is beyond me. I ran, as instructed, your removal instructions for the XP Antivirus 2012 virus/trojan/hijacker or whatever you call it. Wow, it sure was a persistent bug. Got into and changed all kinds of stuff. Well I believe it is all gone now, with everything seeming back to normal except that the Windows security center says that Automatic Updates are turned off. I tried to turn them off and back on from the control panel with no results. I was thinking of doing a system restore now that I have access to it but back to where and maybe there is a corruption of some sorts.(I had that happen once before too) What is your take on this?

I am running a Dell DIM3000
with win XP SP3
Microsoft Security Essentials
Windows Firewall (now able to be turned back on)
Wireless networking

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 28 December 2011 - 10:46 PM

Hello, I moved this from XP to the Am I Infected forum.

We need to repair some of windows' internal registration settings
  • Please download Dial-A-Fix from one of the following mirrors:
  • Extract the zip file to your desktop.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:
    Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.
    Posted Image
  • Exit/Close Dial-A-Fix

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 28 December 2011 - 11:33 PM

Hello, and thank you for the fast reply. I ran Dial-a-fix as you suggested and it completed albeit with several error messages. I took screen shots and saved them for you to see. Perhaps they are nothing or perhaps we need to go further on this problem. Hmmm, I guess I cannot just attach the pictures as files....How do I do this??? The editor is asking for an URL???

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 29 December 2011 - 09:48 AM

Inserting An Image Within A Post
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 29 December 2011 - 10:14 AM

I will work on this later this afternoon.
Thanks again

#6 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 29 December 2011 - 07:31 PM

Here is the link to photo bucket and my error messages.

http://s1211.photobucket.com/albums/cc438/wreckaway/

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 29 December 2011 - 10:38 PM

Ok, a lot of corruption lets try SFC

Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see How To Use Sfc.exe To Repair System Files

NOTE for Vista/WIN 7 users..The command needs to be run from an Elevated Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'


You will need your operating system CD handy.

Open Windows Task Manager....by pressing CTRL+SHIFT+ESC

Then click File.. then New Task(Run)

In the box that opens type sfc /scannow ......There is a space between c and /

Click OK
Let it run and insert the CD when asked.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 30 December 2011 - 06:06 PM

Hello Again,
I ran SFC /scannow and it finished w/o needing me to insert any disk. What other thoughts do you have?

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 30 December 2011 - 10:18 PM

Lets check again for malware..

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.



May as well Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 01 January 2012 - 04:19 PM

Here are the results of the scans:

for Eset:
C:\Documents and Settings\Rudy\DoctorWeb\Quarantine\A0029334.exe multiple threats deleted - quarantined
C:\Documents and Settings\Rudy\My Documents\My Received Files\cnet_br_free_advanced_msi.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\Rudy\My Documents\My Received Files\SoftonicDownloader_for_clonezilla-live.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP361\A0014641.exe multiple threats deleted - quarantined

For TDDSKiller:
12:30:18.0265 3564 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
12:30:20.0281 3564 ============================================================
12:30:20.0281 3564 Current date / time: 2012/01/01 12:30:20.0281
12:30:20.0281 3564 SystemInfo:
12:30:20.0281 3564
12:30:20.0281 3564 OS Version: 5.1.2600 ServicePack: 3.0
12:30:20.0281 3564 Product type: Workstation
12:30:20.0359 3564 ComputerName: RUDYS
12:30:20.0359 3564 UserName: Rudy
12:30:20.0359 3564 Windows directory: C:\WINDOWS
12:30:20.0359 3564 System windows directory: C:\WINDOWS
12:30:20.0359 3564 Processor architecture: Intel x86
12:30:20.0359 3564 Number of processors: 1
12:30:20.0359 3564 Page size: 0x1000
12:30:20.0359 3564 Boot type: Normal boot
12:30:20.0359 3564 ============================================================
12:30:24.0453 3564 Initialize success
12:31:42.0750 2032 ============================================================
12:31:42.0750 2032 Scan started
12:31:42.0750 2032 Mode: Manual;
12:31:42.0750 2032 ============================================================
12:31:43.0062 2032 Abiosdsk - ok
12:31:43.0125 2032 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:31:43.0140 2032 abp480n5 - ok
12:31:43.0281 2032 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:31:43.0296 2032 ACPI - ok
12:31:43.0375 2032 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:31:43.0375 2032 ACPIEC - ok
12:31:43.0468 2032 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:31:43.0468 2032 adpu160m - ok
12:31:43.0562 2032 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:31:43.0562 2032 aec - ok
12:31:43.0703 2032 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:31:43.0703 2032 AFD - ok
12:31:43.0843 2032 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:31:43.0843 2032 agp440 - ok
12:31:44.0046 2032 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:31:44.0046 2032 agpCPQ - ok
12:31:44.0156 2032 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:31:44.0156 2032 Aha154x - ok
12:31:44.0234 2032 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:31:44.0250 2032 aic78u2 - ok
12:31:44.0328 2032 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:31:44.0328 2032 aic78xx - ok
12:31:44.0421 2032 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:31:44.0421 2032 AliIde - ok
12:31:44.0500 2032 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:31:44.0500 2032 alim1541 - ok
12:31:44.0578 2032 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:31:44.0593 2032 amdagp - ok
12:31:44.0656 2032 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:31:44.0671 2032 amsint - ok
12:31:44.0750 2032 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:31:44.0750 2032 asc - ok
12:31:44.0843 2032 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:31:44.0843 2032 asc3350p - ok
12:31:44.0921 2032 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:31:44.0921 2032 asc3550 - ok
12:31:45.0046 2032 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:31:45.0046 2032 AsyncMac - ok
12:31:45.0156 2032 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:31:45.0156 2032 atapi - ok
12:31:45.0187 2032 Atdisk - ok
12:31:45.0265 2032 ATITool (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
12:31:45.0296 2032 ATITool - ok
12:31:45.0359 2032 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:31:45.0359 2032 Atmarpc - ok
12:31:45.0453 2032 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:31:45.0453 2032 audstub - ok
12:31:45.0531 2032 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:31:45.0531 2032 Beep - ok
12:31:45.0562 2032 BOCDRIVE - ok
12:31:45.0640 2032 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:31:45.0640 2032 cbidf - ok
12:31:45.0703 2032 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:31:45.0703 2032 cbidf2k - ok
12:31:45.0750 2032 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:31:45.0765 2032 cd20xrnt - ok
12:31:45.0843 2032 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:31:45.0843 2032 Cdaudio - ok
12:31:45.0921 2032 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:31:45.0937 2032 Cdfs - ok
12:31:46.0046 2032 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:31:46.0046 2032 Cdrom - ok
12:31:46.0093 2032 Changer - ok
12:31:46.0187 2032 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:31:46.0187 2032 CmdIde - ok
12:31:46.0296 2032 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:31:46.0296 2032 Cpqarray - ok
12:31:46.0390 2032 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:31:46.0390 2032 dac2w2k - ok
12:31:46.0468 2032 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:31:46.0468 2032 dac960nt - ok
12:31:46.0562 2032 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:31:46.0562 2032 Disk - ok
12:31:46.0656 2032 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:31:46.0671 2032 dmboot - ok
12:31:46.0796 2032 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:31:46.0812 2032 dmio - ok
12:31:47.0046 2032 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:31:47.0046 2032 dmload - ok
12:31:47.0250 2032 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:31:47.0250 2032 DMusic - ok
12:31:47.0421 2032 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:31:47.0421 2032 dpti2o - ok
12:31:47.0562 2032 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:31:47.0562 2032 drmkaud - ok
12:31:47.0828 2032 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
12:31:47.0875 2032 drvmcdb - ok
12:31:48.0140 2032 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
12:31:48.0859 2032 drvnddm - ok
12:31:49.0046 2032 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:31:49.0062 2032 E100B - ok
12:31:49.0234 2032 eBoost (c7dbd82d7f593621eabd4796944a232c) C:\WINDOWS\system32\drivers\eBoost.sys
12:31:49.0406 2032 eBoost - ok
12:31:49.0562 2032 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
12:31:49.0578 2032 exFat - ok
12:31:49.0812 2032 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:31:49.0828 2032 Fastfat - ok
12:31:49.0968 2032 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:31:49.0968 2032 Fdc - ok
12:31:50.0218 2032 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:31:50.0218 2032 Fips - ok
12:31:50.0359 2032 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:31:50.0359 2032 Flpydisk - ok
12:31:50.0593 2032 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:31:50.0609 2032 FltMgr - ok
12:31:50.0937 2032 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:31:50.0937 2032 Fs_Rec - ok
12:31:51.0093 2032 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:31:51.0109 2032 Ftdisk - ok
12:31:51.0468 2032 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:31:51.0468 2032 Gpc - ok
12:31:51.0625 2032 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:31:51.0625 2032 hpn - ok
12:31:51.0937 2032 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:31:51.0937 2032 HTTP - ok
12:31:52.0109 2032 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:31:52.0109 2032 i2omgmt - ok
12:31:52.0250 2032 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:31:52.0250 2032 i2omp - ok
12:31:52.0390 2032 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:31:52.0390 2032 i8042prt - ok
12:31:52.0578 2032 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:31:52.0593 2032 ialm - ok
12:31:52.0750 2032 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:31:52.0765 2032 Imapi - ok
12:31:52.0921 2032 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:31:52.0921 2032 ini910u - ok
12:31:53.0109 2032 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:31:53.0109 2032 IntelIde - ok
12:31:53.0296 2032 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:31:53.0296 2032 intelppm - ok
12:31:53.0437 2032 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:31:53.0437 2032 Ip6Fw - ok
12:31:53.0578 2032 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:31:53.0578 2032 IpFilterDriver - ok
12:31:53.0656 2032 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:31:53.0656 2032 IpInIp - ok
12:31:53.0812 2032 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:31:53.0812 2032 IpNat - ok
12:31:53.0984 2032 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:31:53.0984 2032 IPSec - ok
12:31:54.0093 2032 IPVNMon (f60af0f89204a9177d110e3b2bd9fa0b) C:\WINDOWS\system32\drivers\IPVNMon.sys
12:31:54.0234 2032 IPVNMon - ok
12:31:54.0375 2032 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:31:54.0375 2032 IRENUM - ok
12:31:54.0515 2032 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:31:54.0515 2032 isapnp - ok
12:31:54.0593 2032 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:31:54.0593 2032 Kbdclass - ok
12:31:54.0671 2032 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:31:54.0671 2032 kmixer - ok
12:31:54.0765 2032 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:31:54.0781 2032 KSecDD - ok
12:31:54.0843 2032 lbrtfdc - ok
12:31:55.0171 2032 ltmodem5 (829ef680a308c12e2a80e5e0da0d958d) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
12:31:55.0171 2032 ltmodem5 - ok
12:31:55.0453 2032 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:31:55.0453 2032 mnmdd - ok
12:31:55.0718 2032 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:31:55.0718 2032 Modem - ok
12:31:55.0937 2032 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
12:31:56.0062 2032 MODEMCSA - ok
12:31:56.0375 2032 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:31:56.0375 2032 Mouclass - ok
12:31:56.0531 2032 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:31:56.0531 2032 MountMgr - ok
12:31:56.0609 2032 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:31:56.0609 2032 MpFilter - ok
12:31:56.0812 2032 MpKsldbc07d56 (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{20996D0D-5495-495C-A3BB-A359C5C5E8D3}\MpKsldbc07d56.sys
12:31:56.0812 2032 MpKsldbc07d56 - ok
12:31:57.0000 2032 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:31:57.0000 2032 mraid35x - ok
12:31:57.0156 2032 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:31:57.0156 2032 MRxDAV - ok
12:31:57.0265 2032 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:31:57.0281 2032 MRxSmb - ok
12:31:57.0421 2032 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:31:57.0421 2032 Msfs - ok
12:31:57.0484 2032 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:31:57.0500 2032 MSKSSRV - ok
12:31:57.0640 2032 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:31:57.0640 2032 MSPCLOCK - ok
12:31:57.0765 2032 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:31:57.0765 2032 MSPQM - ok
12:31:57.0921 2032 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:31:57.0921 2032 mssmbios - ok
12:31:58.0109 2032 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:31:58.0125 2032 Mup - ok
12:31:58.0203 2032 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:31:58.0203 2032 NDIS - ok
12:31:58.0359 2032 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:31:58.0359 2032 NdisTapi - ok
12:31:58.0515 2032 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:31:58.0515 2032 Ndisuio - ok
12:31:58.0687 2032 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:31:58.0687 2032 NdisWan - ok
12:31:58.0843 2032 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:31:58.0843 2032 NDProxy - ok
12:31:59.0015 2032 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:31:59.0015 2032 NetBIOS - ok
12:31:59.0125 2032 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:31:59.0125 2032 NetBT - ok
12:31:59.0265 2032 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:31:59.0265 2032 Npfs - ok
12:31:59.0437 2032 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:31:59.0468 2032 Ntfs - ok
12:31:59.0593 2032 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:31:59.0593 2032 Null - ok
12:31:59.0796 2032 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:31:59.0890 2032 nv - ok
12:32:00.0046 2032 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:32:00.0046 2032 NwlnkFlt - ok
12:32:00.0109 2032 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:32:00.0125 2032 NwlnkFwd - ok
12:32:00.0218 2032 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:32:00.0218 2032 Parport - ok
12:32:00.0375 2032 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:32:00.0375 2032 PartMgr - ok
12:32:00.0531 2032 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:32:00.0531 2032 ParVdm - ok
12:32:00.0671 2032 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:32:00.0671 2032 PCI - ok
12:32:00.0781 2032 PCIDump - ok
12:32:00.0859 2032 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:32:00.0859 2032 PCIIde - ok
12:32:01.0015 2032 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:32:01.0015 2032 Pcmcia - ok
12:32:01.0125 2032 PDCOMP - ok
12:32:01.0156 2032 PDFRAME - ok
12:32:01.0187 2032 PDRELI - ok
12:32:01.0218 2032 PDRFRAME - ok
12:32:01.0281 2032 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:32:01.0281 2032 perc2 - ok
12:32:01.0406 2032 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:32:01.0406 2032 perc2hib - ok
12:32:01.0578 2032 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:32:01.0578 2032 PptpMiniport - ok
12:32:01.0750 2032 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:32:01.0750 2032 PSched - ok
12:32:01.0796 2032 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:32:01.0796 2032 Ptilink - ok
12:32:01.0921 2032 PxHelp20 (30cbae0a34359f1cd19d1576245149ed) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:32:01.0953 2032 PxHelp20 - ok
12:32:02.0078 2032 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:32:02.0078 2032 ql1080 - ok
12:32:02.0171 2032 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:32:02.0171 2032 Ql10wnt - ok
12:32:02.0296 2032 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:32:02.0296 2032 ql12160 - ok
12:32:02.0375 2032 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:32:02.0375 2032 ql1240 - ok
12:32:02.0500 2032 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:32:02.0500 2032 ql1280 - ok
12:32:02.0609 2032 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:32:02.0609 2032 RasAcd - ok
12:32:02.0703 2032 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:32:02.0703 2032 Rasl2tp - ok
12:32:02.0796 2032 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:32:02.0796 2032 RasPppoe - ok
12:32:02.0843 2032 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:32:02.0843 2032 Raspti - ok
12:32:02.0968 2032 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:32:02.0968 2032 Rdbss - ok
12:32:03.0125 2032 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:32:03.0125 2032 RDPCDD - ok
12:32:03.0281 2032 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:32:03.0296 2032 rdpdr - ok
12:32:03.0375 2032 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:32:03.0390 2032 RDPWD - ok
12:32:03.0484 2032 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:32:03.0484 2032 redbook - ok
12:32:03.0625 2032 RT73 (da4980fad2b7d86d6ed8e35e3874f65e) C:\WINDOWS\system32\DRIVERS\rt73.sys
12:32:03.0625 2032 RT73 - ok
12:32:03.0718 2032 SABProcEnum - ok
12:32:03.0812 2032 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:32:03.0812 2032 SASDIFSV - ok
12:32:03.0953 2032 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
12:32:03.0953 2032 SASENUM - ok
12:32:04.0015 2032 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:32:04.0015 2032 SASKUTIL - ok
12:32:04.0156 2032 SBRE - ok
12:32:04.0250 2032 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:32:04.0250 2032 Secdrv - ok
12:32:04.0421 2032 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
12:32:04.0437 2032 senfilt - ok
12:32:04.0593 2032 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:32:04.0593 2032 serenum - ok
12:32:04.0687 2032 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:32:04.0687 2032 Serial - ok
12:32:04.0828 2032 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:32:04.0828 2032 Sfloppy - ok
12:32:04.0953 2032 Simbad - ok
12:32:05.0062 2032 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:32:05.0062 2032 sisagp - ok
12:32:05.0312 2032 smwdm (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
12:32:05.0312 2032 smwdm - ok
12:32:05.0406 2032 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:32:05.0406 2032 Sparrow - ok
12:32:05.0484 2032 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:32:05.0484 2032 splitter - ok
12:32:05.0546 2032 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:32:05.0546 2032 sr - ok
12:32:05.0703 2032 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:32:05.0703 2032 Srv - ok
12:32:05.0859 2032 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
12:32:05.0875 2032 sscdbhk5 - ok
12:32:06.0015 2032 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
12:32:06.0062 2032 ssrtln - ok
12:32:06.0156 2032 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:32:06.0156 2032 swenum - ok
12:32:06.0234 2032 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:32:06.0234 2032 swmidi - ok
12:32:06.0390 2032 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:32:06.0390 2032 symc810 - ok
12:32:06.0453 2032 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:32:06.0468 2032 symc8xx - ok
12:32:06.0593 2032 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:32:06.0593 2032 sym_hi - ok
12:32:06.0656 2032 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:32:06.0671 2032 sym_u3 - ok
12:32:06.0812 2032 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:32:06.0812 2032 sysaudio - ok
12:32:06.0953 2032 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:32:06.0953 2032 Tcpip - ok
12:32:07.0062 2032 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:32:07.0062 2032 TDPIPE - ok
12:32:07.0140 2032 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:32:07.0140 2032 TDTCP - ok
12:32:07.0234 2032 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:32:07.0234 2032 TermDD - ok
12:32:07.0312 2032 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
12:32:07.0343 2032 tfsnboio - ok
12:32:07.0453 2032 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
12:32:07.0484 2032 tfsncofs - ok
12:32:07.0593 2032 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
12:32:07.0609 2032 tfsndrct - ok
12:32:07.0640 2032 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
12:32:07.0671 2032 tfsndres - ok
12:32:07.0765 2032 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
12:32:07.0843 2032 tfsnifs - ok
12:32:07.0984 2032 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
12:32:08.0000 2032 tfsnopio - ok
12:32:08.0046 2032 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
12:32:08.0062 2032 tfsnpool - ok
12:32:08.0156 2032 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
12:32:08.0234 2032 tfsnudf - ok
12:32:08.0312 2032 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
12:32:08.0390 2032 tfsnudfa - ok
12:32:08.0515 2032 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:32:08.0515 2032 TosIde - ok
12:32:08.0625 2032 TSKNF900.SYS (11dec713a1fc4cad3ea5e0fd4454d44a) C:\WINDOWS\system32\Drivers\TSKNF900.SYS
12:32:08.0718 2032 TSKNF900.SYS - ok
12:32:08.0921 2032 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
12:32:08.0921 2032 tunmp - ok
12:32:09.0093 2032 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:32:09.0093 2032 Udfs - ok
12:32:09.0187 2032 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:32:09.0187 2032 ultra - ok
12:32:09.0296 2032 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:32:09.0312 2032 Update - ok
12:32:09.0390 2032 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:32:09.0390 2032 usbccgp - ok
12:32:09.0484 2032 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:32:09.0500 2032 usbehci - ok
12:32:09.0562 2032 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:32:09.0562 2032 usbhub - ok
12:32:09.0656 2032 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:32:09.0656 2032 usbprint - ok
12:32:09.0734 2032 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:32:09.0734 2032 usbscan - ok
12:32:09.0812 2032 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:32:09.0828 2032 USBSTOR - ok
12:32:09.0937 2032 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:32:09.0937 2032 usbuhci - ok
12:32:10.0000 2032 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:32:10.0000 2032 VgaSave - ok
12:32:10.0078 2032 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:32:10.0078 2032 viaagp - ok
12:32:10.0203 2032 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:32:10.0203 2032 ViaIde - ok
12:32:10.0296 2032 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:32:10.0296 2032 VolSnap - ok
12:32:10.0421 2032 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:32:10.0421 2032 Wanarp - ok
12:32:10.0453 2032 WDICA - ok
12:32:10.0531 2032 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:32:10.0531 2032 wdmaud - ok
12:32:10.0687 2032 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:32:10.0703 2032 WS2IFSL - ok
12:32:10.0750 2032 ZD1211BU(ZyDAS) - ok
12:32:10.0796 2032 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
12:32:10.0828 2032 \Device\Harddisk0\DR0 - ok
12:32:10.0828 2032 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
12:32:10.0843 2032 \Device\Harddisk1\DR4 - ok
12:32:10.0859 2032 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR6
12:32:11.0812 2032 \Device\Harddisk2\DR6 - ok
12:32:11.0843 2032 Boot (0x1200) (18dd22b38ebc991d2bdf9a05d425395e) \Device\Harddisk0\DR0\Partition0
12:32:11.0843 2032 \Device\Harddisk0\DR0\Partition0 - ok
12:32:11.0859 2032 Boot (0x1200) (2be17848d73282efb125f41df2a51978) \Device\Harddisk1\DR4\Partition0
12:32:11.0859 2032 \Device\Harddisk1\DR4\Partition0 - ok
12:32:11.0875 2032 Boot (0x1200) (6631d3a53d73d984101024d896006b9c) \Device\Harddisk2\DR6\Partition0
12:32:11.0875 2032 \Device\Harddisk2\DR6\Partition0 - ok
12:32:11.0875 2032 ============================================================
12:32:11.0875 2032 Scan finished
12:32:11.0875 2032 ============================================================

For MBAM:
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.01.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Rudy :: RUDYS [administrator]

1/1/2012 3:13:48 PM
mbam-log-2012-01-01 (15-13-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 178143
Time elapsed: 4 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0

Things look good now as the files detected were already in quarantine or were not used.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 01 January 2012 - 07:01 PM

Yes that does look good.

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 01 January 2012 - 07:24 PM

Thank you,
It seems I am back up to speed here. I followed the instructions on System Restore (I noticed that the Eset program found something in there) Everything is clean now and good to go. Do you have anything I could install to prevent the technically illiterate form clicking on, or opening email e-cards or attachments that contain these viruses?
Thanks again

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 01 January 2012 - 07:37 PM

See •How did I get infected?, With steps so it does not happen again!.

Let's see what you have on hre.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 01 January 2012 - 07:54 PM

Here is the MiniToolBox log.... Way beyond my comprehension :-)

MiniToolBox by Farbar
Ran by Rudy (administrator) on 01-01-2012 at 18:43:42
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14997 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Disconnected)
Wireless USB Card = Wireless Network Connection 4 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection 4"

set address name="Wireless Network Connection 4" source=dhcp
set dns name="Wireless Network Connection 4" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 4" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : rudys

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Wireless Network Connection 4:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Wireless USB Card

Physical Address. . . . . . . . . : 00-D0-41-B8-54-A3

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.67

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Sunday, January 01, 2012 12:25:25 PM

Lease Expires . . . . . . . . . . : Monday, January 02, 2012 12:25:25 PM

Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.48, 74.125.225.52, 74.125.225.50, 74.125.225.49
74.125.225.51



Pinging google.com [74.125.225.147] with 32 bytes of data:



Reply from 74.125.225.147: bytes=32 time=23ms TTL=54

Reply from 74.125.225.147: bytes=32 time=22ms TTL=54



Ping statistics for 74.125.225.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 22ms, Maximum = 23ms, Average = 22ms

Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.137.149.56, 98.139.180.149, 209.191.122.70, 72.30.2.43



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=118ms TTL=55

Reply from 72.30.2.43: bytes=32 time=95ms TTL=55



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 95ms, Maximum = 118ms, Average = 106ms

Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 d0 41 b8 54 a3 ...... Wireless USB Card
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.67 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.67 192.168.1.67 25
192.168.1.67 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.67 192.168.1.67 25
224.0.0.0 240.0.0.0 192.168.1.67 192.168.1.67 25
255.255.255.255 255.255.255.255 192.168.1.67 192.168.1.67 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/01/2012 00:25:18 PM) (Source: Microsoft Fax) (User: )
Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources.


Reinstall Fax service using Repair mode.
Win32 error code: 13.
This error code indicates the cause of the error.

Error: (12/30/2011 01:56:10 PM) (Source: Microsoft Fax) (User: )
Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources.


Reinstall Fax service using Repair mode.
Win32 error code: 13.
This error code indicates the cause of the error.

Error: (12/29/2011 02:30:14 PM) (Source: Microsoft Fax) (User: )
Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources.


Reinstall Fax service using Repair mode.
Win32 error code: 13.
This error code indicates the cause of the error.

Error: (12/28/2011 11:04:10 PM) (Source: Microsoft Fax) (User: )
Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources.


Reinstall Fax service using Repair mode.
Win32 error code: 13.
This error code indicates the cause of the error.

Error: (12/28/2011 10:08:18 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/28/2011 09:57:51 PM) (Source: Microsoft Fax) (User: )
Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources.


Reinstall Fax service using Repair mode.
Win32 error code: 13.
This error code indicates the cause of the error.

Error: (12/28/2011 07:49:42 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/28/2011 07:39:25 PM) (Source: Microsoft Fax) (User: )
Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources.


Reinstall Fax service using Repair mode.
Win32 error code: 13.
This error code indicates the cause of the error.

Error: (12/28/2011 07:38:12 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (12/28/2011 05:23:45 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (01/01/2012 00:27:14 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/30/2011 01:57:37 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/29/2011 02:31:40 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/28/2011 11:05:36 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/28/2011 10:08:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.1757.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/28/2011 09:59:12 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde

Error: (12/28/2011 09:59:12 PM) (Source: Service Control Manager) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/28/2011 09:57:53 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (12/28/2011 07:49:41 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.1757.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/28/2011 07:40:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde


Microsoft Office Sessions:
=========================
Error: (01/01/2012 00:25:18 PM) (Source: Microsoft Fax)(User: )
Description: 13

Error: (12/30/2011 01:56:10 PM) (Source: Microsoft Fax)(User: )
Description: 13

Error: (12/29/2011 02:30:14 PM) (Source: Microsoft Fax)(User: )
Description: 13

Error: (12/28/2011 11:04:10 PM) (Source: Microsoft Fax)(User: )
Description: 13

Error: (12/28/2011 10:08:18 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (12/28/2011 09:57:51 PM) (Source: Microsoft Fax)(User: )
Description: 13

Error: (12/28/2011 07:49:42 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (12/28/2011 07:39:25 PM) (Source: Microsoft Fax)(User: )
Description: 13

Error: (12/28/2011 07:38:12 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (12/28/2011 05:23:45 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL


=========================== Installed Programs ============================

{329899E1-CBBA-49BC-9FFE-199E94316727} (Version: 7.15.14)
{403EF592-953B-4794-BCEF-ECAB835C2095} (Version: 8.00.0005)
{F543B12A-13F5-487E-9314-F7D25E1BBE3E} (Version: 15.0.4002.469)
Abassis Finance Manager 1.3
AceMoney Lite
AcuteFinder 3.0 (Version: 3.0)
Ad-Aware SE Plus (Version: 1.06)
Adobe Acrobat - Reader 6.0.2 Update (Version: 6.0.2)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.32)
Adobe Flash Player 10 Plugin (Version: 10.1.85.3)
Adobe Reader 6.0.1 (Version: 006.000.001)
AML Free Registry Cleaner 4.21
Applian FLV Player (Version: 2.0.24)
ArcSoft PhotoStudio 5.5
Ashampoo StartUp Tuner 2.00 (Version: 2.0.0)
AutoStreamer (Version: 1.0.33)
BetterInvesting Portfolio Manager 5 (Demo) (Version: 5.0.0000)
Branding
BufferChm (Version: 100.0.170.000)
Canon CanoScan LiDE 200 User Registration
Canon CanoScan Toolbox 5.0
Canon MP Navigator EX 2.0
CanoScan LiDE 200 Scanner Driver
CCleaner (Version: 3.11)
CleanUp!
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
COMODO Registry Cleaner 1.0.17.23
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
D4300 (Version: 100.0.206.000)
D4300_Help (Version: 100.0.206.000)
DCE AutoEnhance 3.3 (Version: DCE AutoEnhance 3.3)
DefragExpress! (Version: 1.0.0.46)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell Support 5.0.0 (630)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DJ_SF_03_D4300_ProductContext (Version: 100.0.215.000)
DJ_SF_03_D4300_Software (Version: 100.0.206.000)
DJ_SF_03_D4300_Software_Min (Version: 100.0.206.000)
dlatray.exe
DriveSpacio 0.2.2 Build 1 (Beta)
Duplicate File Hunter 2.21
eBoostr 4 (Version: 4.0 (BETA))
ERUNT 1.1j
eSupportQFolder (Version: 1.00.0000)
Eusing Free Registry Cleaner
Eusing Free Registry Defrag
Every Landlord's Legal Guide
Free CraigsList Reader Pro from CraigsPal 4.0.19 (Version: 4.0.19)
FXCM MT4 powered by BT 4.00 (Version: 4.00)
Glary Registry Repair 3.2.0.828
Glary Utilities 2.26.0.956 (Version: 2.26.0.956)
GPBaseService (Version: 100.0.187.000)
GPBaseService2 (Version: 130.0.371.000)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.008.001)
HP USB Disk Storage Format Tool
HPDiagnosticAlert (Version: 1.00.0000)
HPProductAssistant (Version: 130.0.371.000)
Image Resizer Powertoy for Windows XP (Version: 1.00.0001)
ImgBurn (Version: 2.5.1.0)
Info Center 1.0.0.5 (Version: 1.0.0.5)
InfraRecorder
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Intel® Integrated Performance Primitives 1.1
Internet Explorer (Enable DEP)
Internet Explorer Default Page (Version: 1.00.03)
Investment Account Manager 2 (Version: 2.0.0000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
jv16 PowerTools 1.3
jv16 PowerTools 2011 (Version: )
Little Registry Cleaner
Macromedia Flash Player (Version: 7.0.19.0)
MagicPDF 2.01
MailWasher Free 6.5.4
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Master Investor 6.1.6
Micro-Sys Ajour (Version: 5.63)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Interactive Training
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Tool Web Package:NetDiag.exe (Version: 1.0.0.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Money Manager Ex 0.9.5.1
Moneydance 2010
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
MSN
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
Musicmatch® Jukebox (Version: 9.00.2028)
MV RegClean 5.9 English
PCHealth
PCLReader (Version: 8.87)
Personal Portfolio Manager 7.0.10
PowerTools Lite
Presto! PageManager 7.15.14 (Version: 7.15.14E)
PSSWCORE (Version: 2.02.0000)
QuickBooks Simple Start Special Edition
RecordNow.exe
Revo Uninstaller 1.92 (Version: 1.92)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
SGTRAY.EXE
Simple Business Accounting 4.0.5
SmartFolio 3
SmartWebPrinting (Version: 140.0.186.000)
Sonic DLA (Version: 4.95)
Sonic RecordNow! (Version: 7.3)
Sonic Update Manager (Version: 2.9)
Spybot-S&D Boot CD creator (Version: 1.0.4)
SpywareBlaster 4.4 (Version: 4.4.0)
StarOffice 9 (Version: 9.00.9358)
Status (Version: 100.0.175.000)
SUPERAntiSpyware (Version: 4.45.1000)
SystemBooster 2.0
TaskInfo 9.0.0.300 (Version: 9.0.0.300)
TeraCopy 2.12
The Pro Gold i2 Installation Wizard (Version: 1.0.0)
Toolbox (Version: 100.0.170.000)
TrayApp (Version: 100.0.170.000)
TweakNow RegCleaner (Version: 5.1.1)
UltimateDefrag V1 FREE Public Domain Version (Version: 1.72)
UnloadSupport (Version: 10.0.0)
VideoToolkit01 (Version: 100.0.128.000)
WebFldrs XP
WebReg (Version: 100.0.170.000)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 (Version: 9.00.3636)
Windows PowerShell™ 1.0 (Version: 2)
Windows Support Tools (Version: 5.1.2510.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
Wireless USB Card (Version: 6.0.1)
WordPerfect Office 12 (Version: 12.0.0.238)

========================= Devices: ================================

Name: Intel® PRO/100 VE Network Connection
Description: Intel® PRO/100 VE Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 2045.98 MB
Available physical RAM: 1220.25 MB
Total Pagefile: 2664.45 MB
Available Pagefile: 2036.05 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:34.21 GB) (Free:3.07 GB) NTFS
3 Drive e: (E-BOOSTR) (Removable) (Total:3.73 GB) (Free:0 GB) FAT32

========================= Users: ========================================

User accounts for \\RUDYS

Administrator Guest HelpAssistant
Rudy SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,440 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:38 AM

Posted 01 January 2012 - 08:39 PM

Ok, I see a number of things to do and consider.
Un and re install Microsoft Antimalware

First is your hard drive is nearly full. Total:34.21 GB) (Free:3.07 GB) NTFS. this is the cause of much of your slowness ( I believe is why you install all the reg cleaners).
Does your Forex even run? i see your WinFax won't.

From Control Panel ,Add/Remove.. Remove all these and reboot.
eBoostr.. I am unsure if this does any thing,so it's your call.

Remove these,I don't like any of these Reg cleaners,but if you keep one keep CCleaner or Comodo.
Eusing Free Registry Cleaner
Glary Registry Repair
Little Registry Cleaner
SystemBooster
TweakNow RegCleaner (Version: 5.1.1)



Remove Adobe Reader 6.0.1 (Version: 006.000.001)
Udate to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional



What is your Antivirus??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users