Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 2012 Windows XP


  • Please log in to reply
10 replies to this topic

#1 zoso0

zoso0

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 03 January 2012 - 09:23 AM

This past weekend had the Antivirus 2012 popup on my PC. I tried to follow different instructions for removing it to no success, I tried the following


all these options were done from a 2nd user the primary user is unworkable.
Opt 1 - change the date in the future - Failed
Opt 2 - FixNCR.reg failed unable to execute
Opt 3 - Rkill and then run a MBAM 1.6 still unable to resolve my issue

Presently I can boot up my computer with either user.
User A - Boots up, no more Antivirus 2012, but when I double click on a application it prompts me how to open it?
User B - Same

Edited by hamluis, 03 January 2012 - 09:34 AM.
Moved from XP to Am I Infected.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:06 AM

Posted 03 January 2012 - 12:45 PM

Download and run exeHelper.

  • Please download exeHelper from Raktor to your desktop.
  • Double-click on exeHelper.com to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • A log file named log.txt will be created in the directory where you ran exeHelper.com
  • Attach the log.txt file to your next message.

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,488 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:06 AM

Posted 03 January 2012 - 12:46 PM

Please follow our Removal Guide here Remove Win 7 Antispyware 2012 .
After reading how the malware is misleading you ...
You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Also the other tool log.. A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.


For User A/B
Go here to Doug KNox's Windows® XP File Association Fixes
Run 9th down on left... EXE File Association Fix ... the EXE not EML one.

Edited by boopme, 03 January 2012 - 12:48 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 zoso0

zoso0
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 03 January 2012 - 05:32 PM

I've pasted the following two logs.

exeHelper by Raktor
Build 20100414
Run at 17:23:00 on 01/03/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

exeHelper by Raktor
Build 20100414
Run at 17:29:53 on 01/03/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

==============================

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.02.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
angelo :: ALBERTO-W0QLL5B [administrator]

Protection: Enabled

1/2/2011 10:03:42 PM
mbam-log-2011-01-02 (22-03-42).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 84014
Time elapsed: 49 minute(s), 11 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,488 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:06 AM

Posted 03 January 2012 - 10:45 PM

I see Broni and I were posting at the same time :)
OK, Did you \do the other steps,TDSS and the Association fix?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 zoso0

zoso0
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 04 January 2012 - 08:15 AM

I didn't run the TDSS fix, but I did the associated fix (run 9th)

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,488 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:06 AM

Posted 04 January 2012 - 03:38 PM

Well is all good now then??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 zoso0

zoso0
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 04 January 2012 - 07:16 PM

Looks ok now...

I ran TDSSKILLER log pasted below

19:12:59.0453 3868 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
19:13:01.0453 3868 ============================================================
19:13:01.0453 3868 Current date / time: 2012/01/04 19:13:01.0453
19:13:01.0453 3868 SystemInfo:
19:13:01.0453 3868
19:13:01.0453 3868 OS Version: 5.1.2600 ServicePack: 3.0
19:13:01.0453 3868 Product type: Workstation
19:13:01.0468 3868 ComputerName: ALBERTO-W0QLL5B
19:13:01.0468 3868 UserName: Alberto
19:13:01.0468 3868 Windows directory: C:\WINDOWS
19:13:01.0468 3868 System windows directory: C:\WINDOWS
19:13:01.0468 3868 Processor architecture: Intel x86
19:13:01.0468 3868 Number of processors: 1
19:13:01.0468 3868 Page size: 0x1000
19:13:01.0468 3868 Boot type: Normal boot
19:13:01.0468 3868 ============================================================
19:13:03.0062 3868 Initialize success
19:13:10.0750 0672 ============================================================
19:13:10.0750 0672 Scan started
19:13:10.0750 0672 Mode: Manual;
19:13:10.0750 0672 ============================================================
19:13:11.0187 0672 Abiosdsk - ok
19:13:11.0250 0672 abp480n5 - ok
19:13:11.0343 0672 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:13:11.0343 0672 ACPI - ok
19:13:11.0453 0672 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:13:11.0453 0672 ACPIEC - ok
19:13:11.0531 0672 adpu160m - ok
19:13:11.0625 0672 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:13:11.0625 0672 aec - ok
19:13:11.0734 0672 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
19:13:11.0734 0672 AFD - ok
19:13:11.0796 0672 Aha154x - ok
19:13:11.0859 0672 aic78u2 - ok
19:13:11.0921 0672 aic78xx - ok
19:13:12.0000 0672 AliIde - ok
19:13:12.0093 0672 AmdK7 (8fce268cdbdd83b23419d1f35f42c7b1) C:\WINDOWS\system32\DRIVERS\amdk7.sys
19:13:12.0093 0672 AmdK7 - ok
19:13:12.0156 0672 amsint - ok
19:13:12.0234 0672 asc - ok
19:13:12.0281 0672 asc3350p - ok
19:13:12.0343 0672 asc3550 - ok
19:13:12.0468 0672 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:13:12.0468 0672 AsyncMac - ok
19:13:12.0562 0672 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:13:12.0578 0672 atapi - ok
19:13:12.0656 0672 Atdisk - ok
19:13:12.0750 0672 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:13:12.0750 0672 Atmarpc - ok
19:13:12.0875 0672 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:13:12.0875 0672 audstub - ok
19:13:13.0000 0672 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
19:13:13.0000 0672 BANTExt - ok
19:13:13.0109 0672 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:13:13.0109 0672 Beep - ok
19:13:13.0343 0672 BHDrvx86 (80f390347c7754835a900349ba1e4b75) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20101104.001\BHDrvx86.sys
19:13:13.0359 0672 BHDrvx86 - ok
19:13:13.0531 0672 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:13:13.0531 0672 cbidf2k - ok
19:13:13.0656 0672 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:13:13.0656 0672 CCDECODE - ok
19:13:13.0859 0672 ccHP (1fa1c0e73eca849bed29a47c508f7f17) C:\WINDOWS\system32\drivers\NIS\1109000.00C\ccHPx86.sys
19:13:13.0875 0672 ccHP - ok
19:13:13.0953 0672 cd20xrnt - ok
19:13:14.0046 0672 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:13:14.0046 0672 Cdaudio - ok
19:13:14.0140 0672 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:13:14.0140 0672 Cdfs - ok
19:13:14.0265 0672 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:13:14.0265 0672 Cdrom - ok
19:13:14.0328 0672 Changer - ok
19:13:14.0453 0672 CmdIde - ok
19:13:14.0562 0672 cmuda (c9acb382326b55748b2fc38b8a6a0759) C:\WINDOWS\system32\drivers\cmuda.sys
19:13:14.0578 0672 cmuda - ok
19:13:14.0703 0672 Cpqarray - ok
19:13:14.0796 0672 cpuz132 (097a0a4899b759a4f032bd464963b4be) C:\WINDOWS\system32\drivers\cpuz132_x32.sys
19:13:14.0796 0672 cpuz132 - ok
19:13:14.0937 0672 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
19:13:14.0953 0672 d347bus - ok
19:13:15.0062 0672 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
19:13:15.0062 0672 d347prt - ok
19:13:15.0140 0672 dac2w2k - ok
19:13:15.0187 0672 dac960nt - ok
19:13:15.0281 0672 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:13:15.0281 0672 Disk - ok
19:13:15.0453 0672 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:13:15.0484 0672 dmboot - ok
19:13:15.0578 0672 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
19:13:15.0593 0672 dmio - ok
19:13:15.0687 0672 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:13:15.0687 0672 dmload - ok
19:13:15.0812 0672 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:13:15.0812 0672 DMusic - ok
19:13:15.0906 0672 dpti2o - ok
19:13:15.0968 0672 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:13:15.0968 0672 drmkaud - ok
19:13:16.0093 0672 easytether (5d67e5f2ca692f7dba2568182b394541) C:\WINDOWS\system32\DRIVERS\easytthr.sys
19:13:16.0093 0672 easytether - ok
19:13:16.0250 0672 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:13:16.0265 0672 eeCtrl - ok
19:13:16.0375 0672 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:13:16.0375 0672 EraserUtilRebootDrv - ok
19:13:16.0531 0672 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:13:16.0546 0672 Fastfat - ok
19:13:16.0656 0672 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:13:16.0656 0672 Fdc - ok
19:13:16.0750 0672 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:13:16.0750 0672 Fips - ok
19:13:16.0859 0672 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:13:16.0859 0672 Flpydisk - ok
19:13:16.0968 0672 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:13:16.0968 0672 FltMgr - ok
19:13:17.0093 0672 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:13:17.0093 0672 Fs_Rec - ok
19:13:17.0203 0672 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:13:17.0203 0672 Ftdisk - ok
19:13:17.0296 0672 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:13:17.0312 0672 gameenum - ok
19:13:17.0437 0672 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
19:13:17.0437 0672 ggflt - ok
19:13:17.0546 0672 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
19:13:17.0546 0672 ggsemc - ok
19:13:17.0656 0672 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:13:17.0656 0672 Gpc - ok
19:13:17.0765 0672 hpn - ok
19:13:17.0875 0672 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
19:13:17.0875 0672 HTTP - ok
19:13:17.0968 0672 i2omgmt - ok
19:13:18.0031 0672 i2omp - ok
19:13:18.0109 0672 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:13:18.0125 0672 i8042prt - ok
19:13:18.0250 0672 ICsrvr (a5be1de90c87865dc5ac6984c5bc4f92) C:\WINDOWS\system32\DRIVERS\ICsrvr.sys
19:13:18.0265 0672 ICsrvr - ok
19:13:18.0390 0672 ICtdi (1e517dab9666eef3c93f2ac4cf650ee4) C:\WINDOWS\system32\DRIVERS\ictdi.sys
19:13:18.0390 0672 ICtdi - ok
19:13:18.0500 0672 ICvnic (aabd2bb9fb1e14c9b7baed7df77f78ed) C:\WINDOWS\system32\DRIVERS\ICvnic.sys
19:13:18.0515 0672 ICvnic - ok
19:13:18.0781 0672 IDSxpx86 (0308238c582a55d83d34feee39542793) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20101231.001\IDSxpx86.sys
19:13:18.0796 0672 IDSxpx86 - ok
19:13:18.0937 0672 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:13:18.0937 0672 Imapi - ok
19:13:19.0031 0672 ini910u - ok
19:13:19.0093 0672 IntelIde - ok
19:13:19.0203 0672 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:13:19.0203 0672 Ip6Fw - ok
19:13:19.0328 0672 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:13:19.0343 0672 IpFilterDriver - ok
19:13:19.0421 0672 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:13:19.0437 0672 IpInIp - ok
19:13:19.0531 0672 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:13:19.0531 0672 IpNat - ok
19:13:19.0656 0672 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:13:19.0656 0672 IPSec - ok
19:13:19.0796 0672 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
19:13:19.0796 0672 irda - ok
19:13:19.0921 0672 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:13:19.0921 0672 IRENUM - ok
19:13:20.0015 0672 irsir - ok
19:13:20.0109 0672 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:13:20.0109 0672 isapnp - ok
19:13:20.0218 0672 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:13:20.0218 0672 Kbdclass - ok
19:13:20.0328 0672 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:13:20.0328 0672 kmixer - ok
19:13:20.0421 0672 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
19:13:20.0421 0672 KSecDD - ok
19:13:20.0546 0672 lbrtfdc - ok
19:13:20.0687 0672 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
19:13:20.0687 0672 LVUSBSta - ok
19:13:20.0812 0672 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
19:13:20.0812 0672 MBAMProtector - ok
19:13:20.0937 0672 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:13:20.0937 0672 mnmdd - ok
19:13:21.0062 0672 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:13:21.0062 0672 Modem - ok
19:13:21.0171 0672 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:13:21.0171 0672 Mouclass - ok
19:13:21.0265 0672 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:13:21.0281 0672 MountMgr - ok
19:13:21.0343 0672 mraid35x - ok
19:13:21.0437 0672 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:13:21.0437 0672 MRxDAV - ok
19:13:21.0562 0672 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:13:21.0578 0672 MRxSmb - ok
19:13:21.0703 0672 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:13:21.0703 0672 Msfs - ok
19:13:21.0812 0672 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:13:21.0812 0672 MSKSSRV - ok
19:13:21.0921 0672 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:13:21.0921 0672 MSPCLOCK - ok
19:13:22.0015 0672 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:13:22.0031 0672 MSPQM - ok
19:13:22.0109 0672 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:13:22.0109 0672 mssmbios - ok
19:13:22.0218 0672 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:13:22.0218 0672 MSTEE - ok
19:13:22.0328 0672 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
19:13:22.0328 0672 ms_mpu401 - ok
19:13:22.0406 0672 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
19:13:22.0421 0672 Mup - ok
19:13:22.0531 0672 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:13:22.0562 0672 NABTSFEC - ok
19:13:22.0765 0672 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110104.002\NAVENG.SYS
19:13:22.0765 0672 NAVENG - ok
19:13:22.0906 0672 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110104.002\NAVEX15.SYS
19:13:22.0937 0672 NAVEX15 - ok
19:13:23.0078 0672 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:13:23.0078 0672 NDIS - ok
19:13:23.0187 0672 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:13:23.0187 0672 NdisIP - ok
19:13:23.0265 0672 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:13:23.0281 0672 NdisTapi - ok
19:13:23.0375 0672 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:13:23.0375 0672 Ndisuio - ok
19:13:23.0468 0672 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:13:23.0468 0672 NdisWan - ok
19:13:23.0546 0672 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
19:13:23.0546 0672 NDProxy - ok
19:13:23.0640 0672 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:13:23.0640 0672 NetBIOS - ok
19:13:23.0765 0672 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:13:23.0781 0672 NetBT - ok
19:13:23.0968 0672 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
19:13:23.0984 0672 nm - ok
19:13:24.0109 0672 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
19:13:24.0109 0672 NPF - ok
19:13:24.0203 0672 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:13:24.0218 0672 Npfs - ok
19:13:24.0343 0672 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:13:24.0359 0672 Ntfs - ok
19:13:24.0484 0672 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:13:24.0484 0672 Null - ok
19:13:24.0578 0672 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:13:24.0578 0672 NwlnkFlt - ok
19:13:24.0671 0672 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:13:24.0687 0672 NwlnkFwd - ok
19:13:24.0812 0672 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:13:24.0828 0672 Parport - ok
19:13:24.0921 0672 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:13:24.0921 0672 PartMgr - ok
19:13:25.0015 0672 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:13:25.0015 0672 ParVdm - ok
19:13:25.0109 0672 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:13:25.0109 0672 PCI - ok
19:13:25.0171 0672 PCIDump - ok
19:13:25.0250 0672 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:13:25.0250 0672 PCIIde - ok
19:13:25.0359 0672 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:13:25.0375 0672 Pcmcia - ok
19:13:25.0531 0672 PCTCore (ccbbf4ddf14e779c2a63a1ca140663b3) C:\WINDOWS\system32\drivers\PCTCore.sys
19:13:25.0531 0672 PCTCore - ok
19:13:25.0671 0672 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys
19:13:25.0687 0672 pctDS - ok
19:13:25.0843 0672 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys
19:13:25.0859 0672 pctEFA - ok
19:13:25.0984 0672 PCTSD (83ddd552f7f1043f764e8cc88ff41232) C:\WINDOWS\system32\Drivers\PCTSD.sys
19:13:26.0015 0672 PCTSD - ok
19:13:26.0078 0672 PDCOMP - ok
19:13:26.0140 0672 PDFRAME - ok
19:13:26.0187 0672 PDRELI - ok
19:13:26.0250 0672 PDRFRAME - ok
19:13:26.0328 0672 perc2 - ok
19:13:26.0375 0672 perc2hib - ok
19:13:26.0546 0672 PID_0928 (5bd2c6d982481d548107c602e7ccfbbc) C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
19:13:26.0546 0672 PID_0928 - ok
19:13:26.0687 0672 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:13:26.0687 0672 PptpMiniport - ok
19:13:26.0765 0672 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:13:26.0765 0672 Processor - ok
19:13:26.0875 0672 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:13:26.0875 0672 PSched - ok
19:13:26.0953 0672 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:13:26.0968 0672 Ptilink - ok
19:13:27.0046 0672 ql1080 - ok
19:13:27.0093 0672 Ql10wnt - ok
19:13:27.0156 0672 ql12160 - ok
19:13:27.0218 0672 ql1240 - ok
19:13:27.0265 0672 ql1280 - ok
19:13:27.0359 0672 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:13:27.0359 0672 RasAcd - ok
19:13:27.0484 0672 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:13:27.0484 0672 Rasirda - ok
19:13:27.0562 0672 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:13:27.0578 0672 Rasl2tp - ok
19:13:27.0687 0672 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:13:27.0703 0672 RasPppoe - ok
19:13:27.0781 0672 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:13:27.0796 0672 Raspti - ok
19:13:27.0890 0672 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:13:27.0906 0672 Rdbss - ok
19:13:28.0000 0672 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:13:28.0000 0672 RDPCDD - ok
19:13:28.0109 0672 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:13:28.0109 0672 rdpdr - ok
19:13:28.0234 0672 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
19:13:28.0250 0672 RDPWD - ok
19:13:28.0343 0672 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:13:28.0343 0672 redbook - ok
19:13:28.0593 0672 SASDIFSV (5bf35c4ea3f00fa8d3f1e5bf03d24584) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:13:28.0593 0672 SASDIFSV - ok
19:13:28.0656 0672 SASENUM (a22f08c98ac2f44587bf3a1fb52bf8cd) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
19:13:28.0656 0672 SASENUM - ok
19:13:28.0750 0672 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
19:13:28.0750 0672 SASKUTIL - ok
19:13:28.0937 0672 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:13:28.0937 0672 Secdrv - ok
19:13:29.0062 0672 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:13:29.0062 0672 serenum - ok
19:13:29.0156 0672 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:13:29.0156 0672 Serial - ok
19:13:29.0312 0672 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:13:29.0312 0672 Sfloppy - ok
19:13:29.0406 0672 Simbad - ok
19:13:29.0515 0672 SiS315 (31d0cfcced484c10b30381c25d149c63) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
19:13:29.0531 0672 SiS315 - ok
19:13:29.0625 0672 SISAGP (61ca562def09a782d26b3e7edec5369a) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
19:13:29.0625 0672 SISAGP - ok
19:13:29.0734 0672 SiSkp (4a1b7fe21eba582f3c7d6036cb089c06) C:\WINDOWS\system32\DRIVERS\srvkp.sys
19:13:29.0734 0672 SiSkp - ok
19:13:29.0828 0672 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
19:13:29.0828 0672 SISNIC - ok
19:13:29.0937 0672 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:13:29.0937 0672 SLIP - ok
19:13:30.0078 0672 Sparrow - ok
19:13:30.0140 0672 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:13:30.0156 0672 splitter - ok
19:13:30.0265 0672 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:13:30.0265 0672 sr - ok
19:13:30.0453 0672 SRTSP (ec5c3c6260f4019b03dfaa03ec8cbf6a) C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SRTSP.SYS
19:13:30.0468 0672 SRTSP - ok
19:13:30.0656 0672 SRTSPX (55d5c37ed41231e3ac2063d16df50840) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SRTSPX.SYS
19:13:30.0656 0672 SRTSPX - ok
19:13:30.0781 0672 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
19:13:30.0781 0672 Srv - ok
19:13:30.0921 0672 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:13:30.0921 0672 streamip - ok
19:13:31.0031 0672 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:13:31.0031 0672 swenum - ok
19:13:31.0140 0672 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:13:31.0140 0672 swmidi - ok
19:13:31.0250 0672 symc810 - ok
19:13:31.0312 0672 symc8xx - ok
19:13:31.0484 0672 SymDS (56890bf9d9204b93042089d4b45ae671) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SYMDS.SYS
19:13:31.0484 0672 SymDS - ok
19:13:31.0656 0672 SymEFA (10ba64273feff4df0a7ccb0ff3b9b26b) C:\WINDOWS\system32\drivers\NIS\1109000.00C\SYMEFA.SYS
19:13:31.0671 0672 SymEFA - ok
19:13:31.0781 0672 SymEvent (961b48b86f94d4cc8ceb483f8aa89374) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
19:13:31.0781 0672 SymEvent - ok
19:13:31.0906 0672 SymIM (fcde811209f6e05720676effa36e9a38) C:\WINDOWS\system32\DRIVERS\SymIM.sys
19:13:31.0921 0672 SymIM - ok
19:13:31.0937 0672 SymIMMP (fcde811209f6e05720676effa36e9a38) C:\WINDOWS\system32\DRIVERS\SymIM.sys
19:13:31.0953 0672 SymIMMP - ok
19:13:32.0093 0672 SymIRON (dc80fbf0a348e54853ef82eed4e11e35) C:\WINDOWS\system32\drivers\NIS\1109000.00C\Ironx86.SYS
19:13:32.0093 0672 SymIRON - ok
19:13:32.0218 0672 SYMREDRV (7c73b65f1bdfab9052a5076c0ca622de) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
19:13:32.0218 0672 SYMREDRV - ok
19:13:32.0406 0672 SYMTDI (be6de8fbf2df9f13a90b8b6e943871b7) C:\WINDOWS\System32\Drivers\NIS\1109000.00C\SYMTDI.SYS
19:13:32.0421 0672 SYMTDI - ok
19:13:32.0515 0672 sym_hi - ok
19:13:32.0578 0672 sym_u3 - ok
19:13:32.0656 0672 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:13:32.0656 0672 sysaudio - ok
19:13:32.0812 0672 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:13:32.0843 0672 Tcpip - ok
19:13:32.0953 0672 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:13:32.0953 0672 TDPIPE - ok
19:13:33.0046 0672 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:13:33.0046 0672 TDTCP - ok
19:13:33.0156 0672 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:13:33.0156 0672 TermDD - ok
19:13:33.0265 0672 TosIde - ok
19:13:33.0390 0672 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:13:33.0390 0672 Udfs - ok
19:13:33.0468 0672 ultra - ok
19:13:33.0609 0672 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:13:33.0609 0672 Update - ok
19:13:33.0781 0672 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:13:33.0796 0672 usbaudio - ok
19:13:33.0906 0672 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:13:33.0906 0672 usbccgp - ok
19:13:34.0015 0672 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:13:34.0031 0672 usbehci - ok
19:13:34.0125 0672 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:13:34.0125 0672 usbhub - ok
19:13:34.0250 0672 USBNET_XP (f2eadc6a8f9bce582af6ba855426a47e) C:\WINDOWS\system32\DRIVERS\netusbxp.sys
19:13:34.0250 0672 USBNET_XP - ok
19:13:34.0359 0672 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:13:34.0359 0672 usbohci - ok
19:13:34.0484 0672 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:13:34.0484 0672 usbscan - ok
19:13:34.0593 0672 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:13:34.0593 0672 USBSTOR - ok
19:13:34.0703 0672 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:13:34.0718 0672 VgaSave - ok
19:13:34.0781 0672 ViaIde - ok
19:13:34.0859 0672 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:13:34.0875 0672 VolSnap - ok
19:13:35.0093 0672 VX1000 (56d237a542fc494f6cd77c480dbf1a15) C:\WINDOWS\system32\DRIVERS\VX1000.sys
19:13:35.0125 0672 VX1000 - ok
19:13:35.0328 0672 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:13:35.0328 0672 Wanarp - ok
19:13:35.0468 0672 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:13:35.0484 0672 Wdf01000 - ok
19:13:35.0578 0672 WDICA - ok
19:13:35.0656 0672 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:13:35.0656 0672 wdmaud - ok
19:13:35.0843 0672 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
19:13:35.0843 0672 WinUSB - ok
19:13:35.0984 0672 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:13:35.0984 0672 WS2IFSL - ok
19:13:36.0125 0672 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:13:36.0125 0672 WSTCODEC - ok
19:13:36.0265 0672 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:13:36.0265 0672 WudfPf - ok
19:13:36.0390 0672 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:13:36.0406 0672 WudfRd - ok
19:13:36.0578 0672 zebrbus (812a1e9b0dd3bf23606c32ce696d042b) C:\WINDOWS\system32\DRIVERS\zebrbus.sys
19:13:36.0578 0672 zebrbus - ok
19:13:36.0703 0672 zebrceb (6e49cf9c48c551264c4af6de19447515) C:\WINDOWS\system32\DRIVERS\zebrceb.sys
19:13:36.0703 0672 zebrceb - ok
19:13:36.0828 0672 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:13:36.0968 0672 \Device\Harddisk0\DR0 - ok
19:13:37.0000 0672 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR2
19:13:37.0000 0672 \Device\Harddisk1\DR2 - ok
19:13:37.0031 0672 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR3
19:13:37.0125 0672 \Device\Harddisk2\DR3 - ok
19:13:37.0140 0672 Boot (0x1200) (6554bcdf11afbac2d14760e8c9dff103) \Device\Harddisk0\DR0\Partition0
19:13:37.0140 0672 \Device\Harddisk0\DR0\Partition0 - ok
19:13:37.0171 0672 Boot (0x1200) (e410ea74bbb07464f5e4e2c380cea8e6) \Device\Harddisk1\DR2\Partition0
19:13:37.0171 0672 \Device\Harddisk1\DR2\Partition0 - ok
19:13:37.0203 0672 Boot (0x1200) (871f6bd9a8b96d02b4d00b48d3e4e31b) \Device\Harddisk2\DR3\Partition0
19:13:37.0203 0672 \Device\Harddisk2\DR3\Partition0 - ok
19:13:37.0203 0672 ============================================================
19:13:37.0203 0672 Scan finished
19:13:37.0203 0672 ============================================================
19:13:37.0250 4068 Detected object count: 0
19:13:37.0250 4068 Actual detected object count: 0

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,488 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:06 AM

Posted 04 January 2012 - 08:05 PM

OK great!! Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 zoso0

zoso0
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:06 AM

Posted 07 January 2012 - 06:50 PM

Seems ok, but my PC seems a little slower then before and noticed that PCtools appears on firefox toolbar.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,488 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:06 AM

Posted 10 January 2012 - 12:21 PM

Sometimes there is a bit of slowness after removal due to some file removal. Are things OK now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users