Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Various Virus, + Rootkit.win32.TDSS.tdl4 + google redirect


  • Please log in to reply
9 replies to this topic

#1 CT_Vamp

CT_Vamp

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 12 January 2012 - 10:50 PM

I let my younger brother use my computer and then after awhile I attempted to use it. It all started with the Windows XP Antivirus 2012. I quickly found the process, stopped it, ran Malwarebytes. Updated the library and ran a full scan. It caught it and deleted it. So I left my computer alone but low and behold the next time I attempted to turn it on it would start restarting every 5-10 minutes.

I ran some searches through your website and found several tools that helped me eliminate the problem. The issue was that one after another, each big problem I found allowed the search to find other malware and viruses. I have several logs that I will attach to show the problems.

My question is, am I finally secure to use that laptop once again?

In order to run anything I had to boot it in safe mode with networking. This stopped the problem. To fix the TDSS problem I used TDSSkiller by kaspersky. (I will include the logs) It found "\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot" I rebooted and I booted in normal mode. It then stopped restarting and I was able to run MBAM. Then I installed Webroot Secure Anywhere and it found some more infections which I will also be showing the log.


+If need be I have two of the same laptop. One is uninfected and the other is the troubled one. So if any files need to be replaced I could just copy them over.

As for the google redirect I am not currently sure if I'm cured of that problem. I checked my hosts file and there were some links that should not have been there. So I deleted them and also flushed my DNS. I am now currently running Comodo firewall. Webroot secure anywhere as my active antivirus and malwarebytes as a search only. I usually only run malwarebytes but for this current case I found that a deeper search was needed.



TDSSKiller LOG #1
13:45:43.0078 0876	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
13:45:43.0625 0876	============================================================
13:45:43.0625 0876	Current date / time: 2011/12/30 13:45:43.0625
13:45:43.0625 0876	SystemInfo:
13:45:43.0625 0876	
13:45:43.0625 0876	OS Version: 5.1.2600 ServicePack: 3.0
13:45:43.0625 0876	Product type: Workstation
13:45:43.0625 0876	ComputerName: INS1DI0US5HR3WD
13:45:43.0625 0876	UserName: Administrator
13:45:43.0625 0876	Windows directory: C:\WINDOWS
13:45:43.0625 0876	System windows directory: C:\WINDOWS
13:45:43.0625 0876	Processor architecture: Intel x86
13:45:43.0625 0876	Number of processors: 2
13:45:43.0625 0876	Page size: 0x1000
13:45:43.0625 0876	Boot type: Safe boot with network
13:45:43.0625 0876	============================================================
13:45:49.0781 0876	Initialize success
13:45:52.0093 1428	============================================================
13:45:52.0093 1428	Scan started
13:45:52.0093 1428	Mode: Manual; 
13:45:52.0093 1428	============================================================
13:45:53.0750 1428	Abiosdsk - ok
13:45:53.0781 1428	abp480n5 - ok
13:45:53.0812 1428	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:45:53.0828 1428	ACPI - ok
13:45:53.0859 1428	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:45:53.0875 1428	ACPIEC - ok
13:45:53.0875 1428	adpu160m - ok
13:45:53.0953 1428	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:45:53.0968 1428	aec - ok
13:45:54.0015 1428	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:45:54.0015 1428	AFD - ok
13:45:54.0031 1428	Aha154x - ok
13:45:54.0046 1428	aic78u2 - ok
13:45:54.0062 1428	aic78xx - ok
13:45:54.0093 1428	AliIde - ok
13:45:54.0203 1428	Ambfilt         (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
13:45:54.0265 1428	Ambfilt - ok
13:45:54.0281 1428	amsint - ok
13:45:54.0328 1428	ApfiltrService  (0f83cb9bcb247869bcad28026b8f134b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
13:45:54.0328 1428	ApfiltrService - ok
13:45:54.0359 1428	asc - ok
13:45:54.0375 1428	asc3350p - ok
13:45:54.0390 1428	asc3550 - ok
13:45:54.0484 1428	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:45:54.0484 1428	AsyncMac - ok
13:45:54.0515 1428	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:45:54.0515 1428	atapi - ok
13:45:54.0531 1428	Atdisk - ok
13:45:54.0562 1428	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:45:54.0562 1428	Atmarpc - ok
13:45:54.0609 1428	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:45:54.0609 1428	audstub - ok
13:45:54.0671 1428	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:45:54.0671 1428	Beep - ok
13:45:54.0734 1428	BrScnUsb        (6cf3aed19c2185c60de2ae50ee37a342) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
13:45:54.0734 1428	BrScnUsb - ok
13:45:54.0765 1428	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:45:54.0765 1428	cbidf2k - ok
13:45:54.0781 1428	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:45:54.0781 1428	CCDECODE - ok
13:45:54.0796 1428	cd20xrnt - ok
13:45:54.0843 1428	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:45:54.0843 1428	Cdaudio - ok
13:45:54.0859 1428	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:45:54.0859 1428	Cdfs - ok
13:45:54.0875 1428	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:45:54.0890 1428	Cdrom - ok
13:45:54.0890 1428	Changer - ok
13:45:54.0953 1428	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:45:54.0953 1428	CmBatt - ok
13:45:54.0968 1428	CmdIde - ok
13:45:54.0984 1428	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:45:54.0984 1428	Compbatt - ok
13:45:55.0031 1428	Cpqarray - ok
13:45:55.0140 1428	cpudrv          (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
13:45:55.0140 1428	cpudrv - ok
13:45:55.0156 1428	dac2w2k - ok
13:45:55.0187 1428	dac960nt - ok
13:45:55.0218 1428	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:45:55.0218 1428	Disk - ok
13:45:55.0296 1428	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:45:55.0312 1428	dmboot - ok
13:45:55.0328 1428	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:45:55.0328 1428	dmio - ok
13:45:55.0343 1428	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:45:55.0343 1428	dmload - ok
13:45:55.0390 1428	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:45:55.0390 1428	DMusic - ok
13:45:55.0421 1428	dpti2o - ok
13:45:55.0437 1428	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:45:55.0437 1428	drmkaud - ok
13:45:55.0500 1428	dualshock3      (d9d593f97d2004e92e18fab0b6f7fe48) C:\WINDOWS\system32\DRIVERS\dualshock3.sys
13:45:55.0500 1428	dualshock3 - ok
13:45:55.0562 1428	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:45:55.0562 1428	Fastfat - ok
13:45:55.0609 1428	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
13:45:55.0609 1428	Fdc - ok
13:45:55.0671 1428	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:45:55.0671 1428	Fips - ok
13:45:55.0687 1428	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:45:55.0687 1428	Flpydisk - ok
13:45:55.0703 1428	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:45:55.0703 1428	FltMgr - ok
13:45:55.0734 1428	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:45:55.0734 1428	Fs_Rec - ok
13:45:55.0765 1428	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:45:55.0765 1428	Ftdisk - ok
13:45:55.0796 1428	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:45:55.0796 1428	Gpc - ok
13:45:55.0843 1428	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:45:55.0843 1428	HDAudBus - ok
13:45:55.0921 1428	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:45:55.0921 1428	HidUsb - ok
13:45:55.0937 1428	hpn - ok
13:45:56.0000 1428	HTCAND32        (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
13:45:56.0000 1428	HTCAND32 - ok
13:45:56.0046 1428	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:45:56.0046 1428	HTTP - ok
13:45:56.0062 1428	i2omgmt - ok
13:45:56.0093 1428	i2omp - ok
13:45:56.0140 1428	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:45:56.0140 1428	i8042prt - ok
13:45:56.0265 1428	ialm            (2f91ca49fb204262d234cae40e51c8cd) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
13:45:56.0359 1428	ialm - ok
13:45:56.0468 1428	IBMPMDRV        (fa3d0a6da7bb7968efe5c5bc267f0e55) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
13:45:56.0468 1428	IBMPMDRV - ok
13:45:56.0531 1428	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:45:56.0531 1428	Imapi - ok
13:45:56.0562 1428	ini910u - ok
13:45:56.0796 1428	IntcAzAudAddService (3ec118d7615d1ce90d0808b4b478378b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:45:56.0937 1428	IntcAzAudAddService - ok
13:45:56.0984 1428	IntcHdmiAddService (f5c70e41b19d33cc764998786ab74165) C:\WINDOWS\system32\drivers\IntcHdmi.sys
13:45:56.0984 1428	IntcHdmiAddService - ok
13:45:57.0000 1428	IntelIde - ok
13:45:57.0015 1428	intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:45:57.0015 1428	intelppm - ok
13:45:57.0062 1428	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:45:57.0062 1428	Ip6Fw - ok
13:45:57.0093 1428	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:45:57.0093 1428	IpFilterDriver - ok
13:45:57.0140 1428	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:45:57.0140 1428	IpInIp - ok
13:45:57.0218 1428	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:45:57.0218 1428	IpNat - ok
13:45:57.0250 1428	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:45:57.0250 1428	IPSec - ok
13:45:57.0281 1428	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:45:57.0281 1428	IRENUM - ok
13:45:57.0343 1428	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:45:57.0343 1428	isapnp - ok
13:45:57.0406 1428	JMCR            (a69a1b991824b98f744913555f665893) C:\WINDOWS\system32\DRIVERS\jmcr.sys
13:45:57.0406 1428	JMCR - ok
13:45:57.0421 1428	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:45:57.0421 1428	Kbdclass - ok
13:45:57.0484 1428	kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:45:57.0484 1428	kbdhid - ok
13:45:57.0515 1428	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:45:57.0515 1428	kmixer - ok
13:45:57.0531 1428	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:45:57.0531 1428	KSecDD - ok
13:45:57.0562 1428	lbrtfdc - ok
13:45:57.0640 1428	libusb0         (34d6730e198a5b0fce0790a6b4769ef2) C:\WINDOWS\system32\drivers\libusb0.sys
13:45:57.0640 1428	libusb0 - ok
13:45:57.0687 1428	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
13:45:57.0703 1428	MBAMProtector - ok
13:45:57.0734 1428	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:45:57.0750 1428	mnmdd - ok
13:45:57.0796 1428	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:45:57.0812 1428	Modem - ok
13:45:57.0875 1428	Monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
13:45:57.0906 1428	Monfilt - ok
13:45:57.0937 1428	MotioninJoyXFilter (787a5f57812f8b9d76d82c80d077c5ca) C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
13:45:57.0937 1428	MotioninJoyXFilter - ok
13:45:57.0984 1428	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:45:58.0000 1428	Mouclass - ok
13:45:58.0046 1428	mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:45:58.0046 1428	mouhid - ok
13:45:58.0093 1428	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:45:58.0093 1428	MountMgr - ok
13:45:58.0125 1428	mraid35x - ok
13:45:58.0171 1428	MRxDAV          (e3f17e1ea5256709d4e97ef0da04b3c9) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:45:58.0171 1428	MRxDAV - ok
13:45:58.0234 1428	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:45:58.0250 1428	MRxSmb - ok
13:45:58.0265 1428	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:45:58.0281 1428	Msfs - ok
13:45:58.0328 1428	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:45:58.0328 1428	MSKSSRV - ok
13:45:58.0343 1428	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:45:58.0359 1428	MSPCLOCK - ok
13:45:58.0375 1428	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:45:58.0375 1428	MSPQM - ok
13:45:58.0406 1428	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:45:58.0406 1428	mssmbios - ok
13:45:58.0453 1428	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
13:45:58.0453 1428	MSTEE - ok
13:45:58.0484 1428	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:45:58.0484 1428	Mup - ok
13:45:58.0500 1428	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:45:58.0515 1428	NABTSFEC - ok
13:45:58.0546 1428	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:45:58.0562 1428	NDIS - ok
13:45:58.0578 1428	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:45:58.0578 1428	NdisIP - ok
13:45:58.0640 1428	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:45:58.0640 1428	NdisTapi - ok
13:45:58.0656 1428	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:45:58.0656 1428	Ndisuio - ok
13:45:58.0671 1428	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:45:58.0671 1428	NdisWan - ok
13:45:58.0718 1428	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:45:58.0718 1428	NDProxy - ok
13:45:58.0734 1428	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:45:58.0734 1428	NetBIOS - ok
13:45:58.0750 1428	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:45:58.0765 1428	NetBT - ok
13:45:58.0984 1428	NETw1x32        (6f66be80e4806825f2e78ddf987efe0a) C:\WINDOWS\system32\DRIVERS\NETw1x32.sys
13:45:59.0109 1428	NETw1x32 - ok
13:45:59.0171 1428	NPF             (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
13:45:59.0171 1428	NPF - ok
13:45:59.0203 1428	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:45:59.0203 1428	Npfs - ok
13:45:59.0265 1428	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:45:59.0265 1428	Ntfs - ok
13:45:59.0312 1428	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:45:59.0312 1428	Null - ok
13:45:59.0343 1428	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:45:59.0343 1428	NwlnkFlt - ok
13:45:59.0375 1428	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:45:59.0375 1428	NwlnkFwd - ok
13:45:59.0453 1428	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
13:45:59.0453 1428	Parport - ok
13:45:59.0484 1428	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:45:59.0484 1428	PartMgr - ok
13:45:59.0515 1428	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:45:59.0515 1428	ParVdm - ok
13:45:59.0546 1428	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:45:59.0546 1428	PCI - ok
13:45:59.0562 1428	PCIDump - ok
13:45:59.0578 1428	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:45:59.0578 1428	PCIIde - ok
13:45:59.0625 1428	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:45:59.0625 1428	Pcmcia - ok
13:45:59.0671 1428	PCTCore         (0edb74bd0d52d6d94cf862322e48b94e) C:\WINDOWS\system32\drivers\PCTCore.sys
13:45:59.0687 1428	PCTCore - ok
13:45:59.0750 1428	pctDS           (af08ec0f2093867ab955e24121ee7002) C:\WINDOWS\system32\drivers\pctDS.sys
13:45:59.0750 1428	pctDS - ok
13:45:59.0812 1428	pctEFA          (4b1b0cd45a047c0941f6b6151f6fb3c1) C:\WINDOWS\system32\drivers\pctEFA.sys
13:45:59.0828 1428	pctEFA - ok
13:45:59.0875 1428	PCTSD           (86b9af53e46d0618d230608aed82622f) C:\WINDOWS\system32\Drivers\PCTSD.sys
13:45:59.0875 1428	PCTSD - ok
13:45:59.0890 1428	PDCOMP - ok
13:45:59.0906 1428	PDFRAME - ok
13:45:59.0921 1428	PDRELI - ok
13:45:59.0937 1428	PDRFRAME - ok
13:45:59.0953 1428	perc2 - ok
13:45:59.0984 1428	perc2hib - ok
13:46:00.0078 1428	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:46:00.0078 1428	PptpMiniport - ok
13:46:00.0125 1428	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:46:00.0125 1428	PSched - ok
13:46:00.0140 1428	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:46:00.0156 1428	Ptilink - ok
13:46:00.0218 1428	pxkbf           (0c738845c7c12c45f05b127edff2cc87) C:\WINDOWS\system32\drivers\pxkbf.sys
13:46:00.0218 1428	pxkbf - ok
13:46:00.0250 1428	pxrts           (04d1c97a0818f9378eeaa793a09f8202) C:\WINDOWS\system32\drivers\pxrts.sys
13:46:00.0250 1428	pxrts - ok
13:46:00.0265 1428	pxscan          (e6e1f9f717feab3e16c3b160b17e6855) C:\WINDOWS\system32\drivers\pxscan.sys
13:46:00.0265 1428	pxscan - ok
13:46:00.0281 1428	ql1080 - ok
13:46:00.0296 1428	Ql10wnt - ok
13:46:00.0312 1428	ql12160 - ok
13:46:00.0343 1428	ql1240 - ok
13:46:00.0359 1428	ql1280 - ok
13:46:00.0406 1428	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:46:00.0406 1428	RasAcd - ok
13:46:00.0421 1428	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:46:00.0421 1428	Rasl2tp - ok
13:46:00.0453 1428	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:46:00.0453 1428	RasPppoe - ok
13:46:00.0468 1428	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:46:00.0468 1428	Raspti - ok
13:46:00.0500 1428	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:46:00.0500 1428	Rdbss - ok
13:46:00.0515 1428	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:46:00.0515 1428	RDPCDD - ok
13:46:00.0562 1428	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:46:00.0562 1428	rdpdr - ok
13:46:00.0609 1428	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
13:46:00.0609 1428	RDPWD - ok
13:46:00.0656 1428	redbook         (55f7fa7c581d3508de96e4adf418d370) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:46:00.0656 1428	redbook - ok
13:46:00.0734 1428	RTLE8023xp      (12abd8964c2f1b33b3b9ea2ad170be80) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:46:00.0734 1428	RTLE8023xp - ok
13:46:00.0781 1428	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:46:00.0781 1428	sdbus - ok
13:46:00.0796 1428	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:46:00.0796 1428	Secdrv - ok
13:46:00.0859 1428	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
13:46:00.0859 1428	Serial - ok
13:46:00.0890 1428	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:46:00.0906 1428	Sfloppy - ok
13:46:00.0937 1428	Simbad - ok
13:46:00.0968 1428	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:46:00.0968 1428	SLIP - ok
13:46:01.0000 1428	Sparrow - ok
13:46:01.0046 1428	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:46:01.0046 1428	splitter - ok
13:46:01.0109 1428	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:46:01.0125 1428	sr - ok
13:46:01.0171 1428	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:46:01.0171 1428	Srv - ok
13:46:01.0218 1428	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:46:01.0218 1428	streamip - ok
13:46:01.0250 1428	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:46:01.0250 1428	swenum - ok
13:46:01.0265 1428	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:46:01.0265 1428	swmidi - ok
13:46:01.0281 1428	symc810 - ok
13:46:01.0312 1428	symc8xx - ok
13:46:01.0328 1428	sym_hi - ok
13:46:01.0343 1428	sym_u3 - ok
13:46:01.0437 1428	SynTP           (4a1917415a08fcd77dd6d6ed649d5e9d) C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:46:01.0468 1428	SynTP - ok
13:46:01.0500 1428	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:46:01.0500 1428	sysaudio - ok
13:46:01.0546 1428	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:46:01.0562 1428	Tcpip - ok
13:46:01.0593 1428	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:46:01.0593 1428	TDPIPE - ok
13:46:01.0609 1428	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:46:01.0609 1428	TDTCP - ok
13:46:01.0656 1428	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:46:01.0656 1428	TermDD - ok
13:46:01.0703 1428	TosIde - ok
13:46:01.0734 1428	TPPWRIF         (c037817e2498d9db736e4ba355b1f4e7) C:\WINDOWS\system32\drivers\Tppwrif.sys
13:46:01.0734 1428	TPPWRIF - ok
13:46:01.0796 1428	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:46:01.0796 1428	Udfs - ok
13:46:01.0812 1428	ultra - ok
13:46:01.0843 1428	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:46:01.0843 1428	Update - ok
13:46:01.0921 1428	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
13:46:01.0937 1428	usbaudio - ok
13:46:01.0953 1428	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:46:01.0953 1428	usbccgp - ok
13:46:01.0984 1428	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:46:01.0984 1428	usbehci - ok
13:46:01.0984 1428	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:46:02.0000 1428	usbhub - ok
13:46:02.0046 1428	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:46:02.0046 1428	usbprint - ok
13:46:02.0078 1428	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:46:02.0078 1428	USBSTOR - ok
13:46:02.0140 1428	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:46:02.0140 1428	usbuhci - ok
13:46:02.0156 1428	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
13:46:02.0156 1428	usbvideo - ok
13:46:02.0234 1428	uxpatch         (628c632710ab55747cb5bcc68716be21) C:\WINDOWS\system32\drivers\uxpatch.sys
13:46:02.0234 1428	uxpatch - ok
13:46:02.0281 1428	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:46:02.0281 1428	VgaSave - ok
13:46:02.0296 1428	ViaIde - ok
13:46:02.0312 1428	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:46:02.0312 1428	VolSnap - ok
13:46:02.0359 1428	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:46:02.0359 1428	Wanarp - ok
13:46:02.0406 1428	WDC_SAM         (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
13:46:02.0406 1428	WDC_SAM - ok
13:46:02.0468 1428	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:46:02.0484 1428	Wdf01000 - ok
13:46:02.0500 1428	WDICA - ok
13:46:02.0531 1428	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:46:02.0531 1428	wdmaud - ok
13:46:02.0671 1428	WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:46:02.0671 1428	WmiAcpi - ok
13:46:02.0765 1428	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:46:02.0765 1428	WSTCODEC - ok
13:46:02.0812 1428	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:46:02.0812 1428	WudfPf - ok
13:46:02.0828 1428	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:46:02.0828 1428	WudfRd - ok
13:46:02.0906 1428	xusb21          (ee9144207ee0211eb5656ba6808ac4a0) C:\WINDOWS\system32\DRIVERS\xusb21.sys
13:46:02.0906 1428	xusb21 - ok
13:46:02.0953 1428	MBR (0x1B8)     (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0
13:46:02.0984 1428	\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
13:46:02.0984 1428	\Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
13:46:03.0015 1428	Boot (0x1200)   (36673ddea0ae0750361a59f4d199f253) \Device\Harddisk0\DR0\Partition0
13:46:03.0015 1428	\Device\Harddisk0\DR0\Partition0 - ok
13:46:03.0015 1428	============================================================
13:46:03.0015 1428	Scan finished
13:46:03.0015 1428	============================================================
13:46:03.0031 0576	Detected object count: 1
13:46:03.0031 0576	Actual detected object count: 1
13:46:16.0968 0576	\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
13:46:16.0968 0576	\Device\Harddisk0\DR0 - ok
13:46:16.0968 0576	\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure 
13:46:19.0968 1964	Deinitialize success


After it cured the \Device\Harddisk0\ I ran another scan on Normal boot

TDSSKiller Log #2
19:17:53.0296 3664	TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
19:17:53.0375 3664	============================================================
19:17:53.0375 3664	Current date / time: 2012/01/12 19:17:53.0375
19:17:53.0375 3664	SystemInfo:
19:17:53.0375 3664	
19:17:53.0375 3664	OS Version: 5.1.2600 ServicePack: 3.0
19:17:53.0375 3664	Product type: Workstation
19:17:53.0375 3664	ComputerName: INS1DI0US5HR3WD
19:17:53.0375 3664	UserName: Administrator
19:17:53.0375 3664	Windows directory: C:\WINDOWS
19:17:53.0375 3664	System windows directory: C:\WINDOWS
19:17:53.0375 3664	Processor architecture: Intel x86
19:17:53.0375 3664	Number of processors: 2
19:17:53.0375 3664	Page size: 0x1000
19:17:53.0375 3664	Boot type: Normal boot
19:17:53.0375 3664	============================================================
19:17:55.0031 3664	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000, SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
19:17:55.0046 3664	Drive \Device\Harddisk1\DR14 - Size: 0xF3630000, SectorSize: 0x200, Cylinders: 0x1F0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:17:55.0093 3664	Initialize success
19:18:01.0171 3644	============================================================
19:18:01.0171 3644	Scan started
19:18:01.0171 3644	Mode: Manual; SigCheck; TDLFS; 
19:18:01.0171 3644	============================================================
19:18:02.0546 3644	Abiosdsk - ok
19:18:02.0546 3644	abp480n5 - ok
19:18:02.0625 3644	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:18:02.0968 3644	ACPI - ok
19:18:02.0984 3644	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:18:03.0093 3644	ACPIEC - ok
19:18:03.0109 3644	adpu160m - ok
19:18:03.0171 3644	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:18:03.0281 3644	aec - ok
19:18:03.0328 3644	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:18:03.0343 3644	AFD - ok
19:18:03.0359 3644	Aha154x - ok
19:18:03.0375 3644	aic78u2 - ok
19:18:03.0375 3644	aic78xx - ok
19:18:03.0406 3644	AliIde - ok
19:18:03.0484 3644	Ambfilt         (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
19:18:03.0578 3644	Ambfilt - ok
19:18:03.0578 3644	amsint - ok
19:18:03.0609 3644	ApfiltrService  (0f83cb9bcb247869bcad28026b8f134b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:18:03.0640 3644	ApfiltrService - ok
19:18:03.0656 3644	asc - ok
19:18:03.0671 3644	asc3350p - ok
19:18:03.0671 3644	asc3550 - ok
19:18:03.0734 3644	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:18:03.0828 3644	AsyncMac - ok
19:18:03.0859 3644	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:18:03.0953 3644	atapi - ok
19:18:03.0968 3644	Atdisk - ok
19:18:04.0000 3644	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:18:04.0109 3644	Atmarpc - ok
19:18:04.0156 3644	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:18:04.0250 3644	audstub - ok
19:18:04.0265 3644	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:18:04.0375 3644	Beep - ok
19:18:04.0437 3644	BrScnUsb        (6cf3aed19c2185c60de2ae50ee37a342) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
19:18:04.0453 3644	BrScnUsb - ok
19:18:04.0468 3644	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:18:04.0593 3644	cbidf2k - ok
19:18:04.0625 3644	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:18:04.0734 3644	CCDECODE - ok
19:18:04.0750 3644	cd20xrnt - ok
19:18:04.0750 3644	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:18:04.0859 3644	Cdaudio - ok
19:18:04.0890 3644	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:18:05.0000 3644	Cdfs - ok
19:18:05.0015 3644	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:18:05.0125 3644	Cdrom - ok
19:18:05.0140 3644	Changer - ok
19:18:05.0187 3644	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:18:05.0281 3644	CmBatt - ok
19:18:05.0328 3644	cmdGuard        (a2c97b4f0db351930d58f467948dc51d) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
19:18:05.0343 3644	cmdGuard - ok
19:18:05.0390 3644	cmdHlp          (a736f2263310fee1799de88cb50c1023) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
19:18:05.0406 3644	cmdHlp - ok
19:18:05.0406 3644	CmdIde - ok
19:18:05.0453 3644	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:18:05.0562 3644	Compbatt - ok
19:18:05.0578 3644	Cpqarray - ok
19:18:05.0687 3644	cpudrv          (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
19:18:05.0703 3644	cpudrv - ok
19:18:05.0734 3644	dac2w2k - ok
19:18:05.0734 3644	dac960nt - ok
19:18:05.0765 3644	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:18:05.0890 3644	Disk - ok
19:18:05.0937 3644	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:18:06.0093 3644	dmboot - ok
19:18:06.0156 3644	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:18:06.0265 3644	dmio - ok
19:18:06.0281 3644	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:18:06.0390 3644	dmload - ok
19:18:06.0437 3644	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:18:06.0546 3644	DMusic - ok
19:18:06.0562 3644	dpti2o - ok
19:18:06.0578 3644	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:18:06.0687 3644	drmkaud - ok
19:18:06.0718 3644	dualshock3      (d9d593f97d2004e92e18fab0b6f7fe48) C:\WINDOWS\system32\DRIVERS\dualshock3.sys
19:18:06.0734 3644	dualshock3 ( UnsignedFile.Multi.Generic ) - warning
19:18:06.0734 3644	dualshock3 - detected UnsignedFile.Multi.Generic (1)
19:18:06.0765 3644	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:18:06.0859 3644	Fastfat - ok
19:18:06.0906 3644	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:18:07.0015 3644	Fdc - ok
19:18:07.0062 3644	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:18:07.0171 3644	Fips - ok
19:18:07.0171 3644	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:18:07.0281 3644	Flpydisk - ok
19:18:07.0296 3644	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:18:07.0406 3644	FltMgr - ok
19:18:07.0421 3644	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:18:07.0531 3644	Fs_Rec - ok
19:18:07.0546 3644	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:18:07.0656 3644	Ftdisk - ok
19:18:07.0703 3644	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:18:07.0812 3644	Gpc - ok
19:18:07.0875 3644	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:18:07.0968 3644	HDAudBus - ok
19:18:08.0031 3644	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:18:08.0125 3644	HidUsb - ok
19:18:08.0140 3644	hpn - ok
19:18:08.0203 3644	HTCAND32        (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
19:18:08.0218 3644	HTCAND32 - ok
19:18:08.0265 3644	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:18:08.0296 3644	HTTP - ok
19:18:08.0312 3644	i2omgmt - ok
19:18:08.0328 3644	i2omp - ok
19:18:08.0390 3644	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:18:08.0500 3644	i8042prt - ok
19:18:08.0593 3644	ialm            (2f91ca49fb204262d234cae40e51c8cd) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:18:08.0703 3644	ialm - ok
19:18:08.0765 3644	IBMPMDRV        (fa3d0a6da7bb7968efe5c5bc267f0e55) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
19:18:08.0781 3644	IBMPMDRV - ok
19:18:08.0828 3644	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:18:08.0921 3644	Imapi - ok
19:18:08.0953 3644	ini910u - ok
19:18:09.0015 3644	Inspect         (456003490faa4a2361ceacbfb6409172) C:\WINDOWS\system32\DRIVERS\inspect.sys
19:18:09.0031 3644	Inspect - ok
19:18:09.0250 3644	IntcAzAudAddService (3ec118d7615d1ce90d0808b4b478378b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:18:09.0500 3644	IntcAzAudAddService - ok
19:18:09.0562 3644	IntcHdmiAddService (f5c70e41b19d33cc764998786ab74165) C:\WINDOWS\system32\drivers\IntcHdmi.sys
19:18:09.0578 3644	IntcHdmiAddService - ok
19:18:09.0593 3644	IntelIde - ok
19:18:09.0656 3644	intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:18:09.0765 3644	intelppm - ok
19:18:09.0796 3644	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:18:09.0906 3644	Ip6Fw - ok
19:18:09.0953 3644	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:18:10.0062 3644	IpFilterDriver - ok
19:18:10.0093 3644	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:18:10.0203 3644	IpInIp - ok
19:18:10.0250 3644	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:18:10.0359 3644	IpNat - ok
19:18:10.0390 3644	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:18:10.0515 3644	IPSec - ok
19:18:10.0546 3644	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:18:10.0593 3644	IRENUM - ok
19:18:10.0640 3644	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:18:10.0750 3644	isapnp - ok
19:18:10.0796 3644	JMCR            (a69a1b991824b98f744913555f665893) C:\WINDOWS\system32\DRIVERS\jmcr.sys
19:18:10.0828 3644	JMCR - ok
19:18:10.0875 3644	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:18:10.0984 3644	Kbdclass - ok
19:18:11.0031 3644	kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:18:11.0125 3644	kbdhid - ok
19:18:11.0156 3644	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:18:11.0281 3644	kmixer - ok
19:18:11.0296 3644	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:18:11.0312 3644	KSecDD - ok
19:18:11.0328 3644	lbrtfdc - ok
19:18:11.0390 3644	libusb0         (34d6730e198a5b0fce0790a6b4769ef2) C:\WINDOWS\system32\drivers\libusb0.sys
19:18:11.0390 3644	libusb0 ( UnsignedFile.Multi.Generic ) - warning
19:18:11.0390 3644	libusb0 - detected UnsignedFile.Multi.Generic (1)
19:18:11.0421 3644	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
19:18:11.0437 3644	MBAMProtector - ok
19:18:11.0468 3644	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:18:11.0578 3644	mnmdd - ok
19:18:11.0656 3644	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:18:11.0750 3644	Modem - ok
19:18:11.0828 3644	Monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
19:18:11.0921 3644	Monfilt - ok
19:18:11.0953 3644	MotioninJoyXFilter (787a5f57812f8b9d76d82c80d077c5ca) C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
19:18:11.0968 3644	MotioninJoyXFilter - ok
19:18:12.0031 3644	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:18:12.0125 3644	Mouclass - ok
19:18:12.0156 3644	mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:18:12.0250 3644	mouhid - ok
19:18:12.0312 3644	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:18:12.0421 3644	MountMgr - ok
19:18:12.0437 3644	mraid35x - ok
19:18:12.0484 3644	MRxDAV          (e3f17e1ea5256709d4e97ef0da04b3c9) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:18:12.0515 3644	MRxDAV - ok
19:18:12.0593 3644	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:18:12.0625 3644	MRxSmb - ok
19:18:12.0656 3644	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:18:12.0765 3644	Msfs - ok
19:18:12.0812 3644	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:18:12.0937 3644	MSKSSRV - ok
19:18:12.0968 3644	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:18:13.0078 3644	MSPCLOCK - ok
19:18:13.0078 3644	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:18:13.0218 3644	MSPQM - ok
19:18:13.0234 3644	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:18:13.0343 3644	mssmbios - ok
19:18:13.0375 3644	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:18:13.0468 3644	MSTEE - ok
19:18:13.0531 3644	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:18:13.0546 3644	Mup - ok
19:18:13.0578 3644	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:18:13.0718 3644	NABTSFEC - ok
19:18:13.0875 3644	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:18:14.0000 3644	NDIS - ok
19:18:14.0171 3644	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:18:14.0312 3644	NdisIP - ok
19:18:14.0343 3644	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:18:14.0359 3644	NdisTapi - ok
19:18:14.0406 3644	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:18:14.0531 3644	Ndisuio - ok
19:18:14.0562 3644	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:18:14.0687 3644	NdisWan - ok
19:18:14.0906 3644	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:18:14.0937 3644	NDProxy - ok
19:18:15.0140 3644	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:18:15.0234 3644	NetBIOS - ok
19:18:15.0359 3644	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:18:15.0468 3644	NetBT - ok
19:18:15.0656 3644	NETw1x32        (6f66be80e4806825f2e78ddf987efe0a) C:\WINDOWS\system32\DRIVERS\NETw1x32.sys
19:18:15.0921 3644	NETw1x32 - ok
19:18:16.0140 3644	NPF             (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
19:18:16.0156 3644	NPF - ok
19:18:16.0234 3644	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:18:16.0343 3644	Npfs - ok
19:18:16.0453 3644	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:18:16.0562 3644	Ntfs - ok
19:18:16.0609 3644	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:18:16.0734 3644	Null - ok
19:18:16.0968 3644	NVureIue - ok
19:18:17.0187 3644	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:18:17.0312 3644	NwlnkFlt - ok
19:18:17.0500 3644	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:18:17.0609 3644	NwlnkFwd - ok
19:18:17.0734 3644	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
19:18:17.0843 3644	Parport - ok
19:18:17.0984 3644	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:18:18.0093 3644	PartMgr - ok
19:18:18.0265 3644	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:18:18.0375 3644	ParVdm - ok
19:18:18.0437 3644	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:18:18.0546 3644	PCI - ok
19:18:18.0546 3644	PCIDump - ok
19:18:18.0562 3644	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:18:18.0703 3644	PCIIde - ok
19:18:18.0859 3644	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:18:19.0000 3644	Pcmcia - ok
19:18:19.0203 3644	PCTCore         (0edb74bd0d52d6d94cf862322e48b94e) C:\WINDOWS\system32\drivers\PCTCore.sys
19:18:19.0218 3644	PCTCore - ok
19:18:19.0234 3644	pctDS           (af08ec0f2093867ab955e24121ee7002) C:\WINDOWS\system32\drivers\pctDS.sys
19:18:19.0250 3644	pctDS - ok
19:18:19.0312 3644	pctEFA          (4b1b0cd45a047c0941f6b6151f6fb3c1) C:\WINDOWS\system32\drivers\pctEFA.sys
19:18:19.0343 3644	pctEFA - ok
19:18:19.0375 3644	PCTSD           (86b9af53e46d0618d230608aed82622f) C:\WINDOWS\system32\Drivers\PCTSD.sys
19:18:19.0390 3644	PCTSD - ok
19:18:19.0406 3644	PDCOMP - ok
19:18:19.0421 3644	PDFRAME - ok
19:18:19.0437 3644	PDRELI - ok
19:18:19.0453 3644	PDRFRAME - ok
19:18:19.0468 3644	perc2 - ok
19:18:19.0484 3644	perc2hib - ok
19:18:19.0546 3644	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:18:19.0671 3644	PptpMiniport - ok
19:18:19.0765 3644	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:18:19.0906 3644	PSched - ok
19:18:20.0062 3644	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:18:20.0171 3644	Ptilink - ok
19:18:20.0203 3644	ql1080 - ok
19:18:20.0218 3644	Ql10wnt - ok
19:18:20.0234 3644	ql12160 - ok
19:18:20.0250 3644	ql1240 - ok
19:18:20.0250 3644	ql1280 - ok
19:18:20.0296 3644	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:18:20.0406 3644	RasAcd - ok
19:18:20.0437 3644	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:18:20.0546 3644	Rasl2tp - ok
19:18:20.0593 3644	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:18:20.0734 3644	RasPppoe - ok
19:18:20.0890 3644	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:18:21.0062 3644	Raspti - ok
19:18:21.0203 3644	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:18:21.0296 3644	Rdbss - ok
19:18:21.0406 3644	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:18:21.0500 3644	RDPCDD - ok
19:18:21.0546 3644	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:18:21.0703 3644	rdpdr - ok
19:18:21.0953 3644	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:18:22.0000 3644	RDPWD - ok
19:18:22.0234 3644	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:18:22.0406 3644	redbook - ok
19:18:22.0593 3644	RTLE8023xp      (12abd8964c2f1b33b3b9ea2ad170be80) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:18:22.0656 3644	RTLE8023xp - ok
19:18:22.0859 3644	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:18:22.0984 3644	sdbus - ok
19:18:23.0218 3644	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:18:23.0328 3644	Secdrv - ok
19:18:23.0546 3644	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
19:18:23.0656 3644	Serial - ok
19:18:23.0906 3644	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:18:24.0078 3644	Sfloppy - ok
19:18:24.0265 3644	Simbad - ok
19:18:24.0562 3644	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:18:24.0703 3644	SLIP - ok
19:18:24.0828 3644	Sparrow - ok
19:18:25.0031 3644	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:18:25.0140 3644	splitter - ok
19:18:25.0343 3644	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:18:25.0406 3644	sr - ok
19:18:25.0468 3644	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:18:25.0500 3644	Srv - ok
19:18:25.0687 3644	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:18:25.0812 3644	streamip - ok
19:18:26.0031 3644	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:18:26.0140 3644	swenum - ok
19:18:26.0406 3644	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:18:26.0515 3644	swmidi - ok
19:18:26.0578 3644	symc810 - ok
19:18:26.0593 3644	symc8xx - ok
19:18:26.0609 3644	sym_hi - ok
19:18:26.0625 3644	sym_u3 - ok
19:18:26.0703 3644	SynTP           (4a1917415a08fcd77dd6d6ed649d5e9d) C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:18:26.0781 3644	SynTP - ok
19:18:27.0015 3644	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:18:27.0109 3644	sysaudio - ok
19:18:27.0156 3644	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:18:27.0187 3644	Tcpip - ok
19:18:27.0234 3644	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:18:27.0328 3644	TDPIPE - ok
19:18:27.0359 3644	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:18:27.0453 3644	TDTCP - ok
19:18:27.0500 3644	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:18:27.0593 3644	TermDD - ok
19:18:27.0625 3644	TosIde - ok
19:18:27.0656 3644	TPPWRIF         (c037817e2498d9db736e4ba355b1f4e7) C:\WINDOWS\system32\drivers\Tppwrif.sys
19:18:27.0671 3644	TPPWRIF - ok
19:18:27.0734 3644	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:18:27.0828 3644	Udfs - ok
19:18:27.0843 3644	ultra - ok
19:18:27.0906 3644	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:18:28.0015 3644	Update - ok
19:18:28.0078 3644	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:18:28.0187 3644	usbaudio - ok
19:18:28.0250 3644	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:18:28.0359 3644	usbccgp - ok
19:18:28.0390 3644	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:18:28.0484 3644	usbehci - ok
19:18:28.0500 3644	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:18:28.0593 3644	usbhub - ok
19:18:28.0656 3644	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:18:28.0765 3644	usbprint - ok
19:18:28.0828 3644	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:18:28.0937 3644	USBSTOR - ok
19:18:28.0968 3644	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:18:29.0078 3644	usbuhci - ok
19:18:29.0125 3644	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:18:29.0218 3644	usbvideo - ok
19:18:29.0281 3644	uxpatch         (628c632710ab55747cb5bcc68716be21) C:\WINDOWS\system32\drivers\uxpatch.sys
19:18:29.0296 3644	uxpatch - ok
19:18:29.0343 3644	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:18:29.0437 3644	VgaSave - ok
19:18:29.0453 3644	ViaIde - ok
19:18:29.0468 3644	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:18:29.0578 3644	VolSnap - ok
19:18:29.0593 3644	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:18:29.0703 3644	Wanarp - ok
19:18:29.0750 3644	WDC_SAM         (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
19:18:29.0796 3644	WDC_SAM - ok
19:18:29.0875 3644	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:18:29.0890 3644	Wdf01000 - ok
19:18:29.0906 3644	WDICA - ok
19:18:29.0937 3644	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:18:30.0046 3644	wdmaud - ok
19:18:30.0093 3644	WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:18:30.0187 3644	WmiAcpi - ok
19:18:30.0234 3644	WRkrn           (20fe8507d2c728191f1e02b590a590bf) C:\WINDOWS\system32\drivers\WRkrn.sys
19:18:30.0250 3644	WRkrn - ok
19:18:30.0296 3644	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:18:30.0421 3644	WSTCODEC - ok
19:18:30.0453 3644	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:18:30.0484 3644	WudfPf - ok
19:18:30.0515 3644	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:18:30.0531 3644	WudfRd - ok
19:18:30.0578 3644	xusb21          (ee9144207ee0211eb5656ba6808ac4a0) C:\WINDOWS\system32\DRIVERS\xusb21.sys
19:18:30.0593 3644	xusb21 - ok
19:18:30.0609 3644	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:18:30.0703 3644	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:18:30.0703 3644	\Device\Harddisk0\DR0 - detected TDSS File System (1)
19:18:30.0703 3644	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR14
19:18:30.0796 3644	\Device\Harddisk1\DR14 - ok
19:18:30.0796 3644	Boot (0x1200)   (36673ddea0ae0750361a59f4d199f253) \Device\Harddisk0\DR0\Partition0
19:18:30.0796 3644	\Device\Harddisk0\DR0\Partition0 - ok
19:18:30.0812 3644	Boot (0x1200)   (72f87465bc726a1c8fd52196254f3921) \Device\Harddisk1\DR14\Partition0
19:18:30.0812 3644	\Device\Harddisk1\DR14\Partition0 - ok
19:18:30.0812 3644	============================================================
19:18:30.0812 3644	Scan finished
19:18:30.0812 3644	============================================================
19:18:30.0921 3064	Detected object count: 3
19:18:30.0921 3064	Actual detected object count: 3
19:18:42.0296 3064	dualshock3 ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:42.0296 3064	dualshock3 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:18:42.0296 3064	libusb0 ( UnsignedFile.Multi.Generic ) - skipped by user
19:18:42.0296 3064	libusb0 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:18:42.0296 3064	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:18:42.0296 3064	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 


The Dualshock3 and libusb0 was installed by me as part of motionjoy a program to allow me to use my PS3 bluetooth control on my laptop to play some steam games

MBAM Log #1
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8384

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/17/2011 4:13:19 AM
mbam-log-2011-12-17 (04-13-19).txt

Scan type: Quick scan
Objects scanned: 65100
Time elapsed: 23 minute(s), 5 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 25

Memory Processes Infected:
c:\WINDOWS\Temp\_ex-68.exe (Spyware.Passwords.XGen) -> 512 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Trojan.Downloader.BH) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MozillaAgent (Spyware.Passwords.XGen) -> Value: MozillaAgent -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\Temp\_ex-68.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\documents and settings\brfr7856\my documents\downloads\oi_setup.exe (PUP.Adware.K.OpenInstall) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\my documents\downloads\flvblaster.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\my documents\downloads\flvplayersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\my documents\downloads\gamewrangler_v3b.exe (PUP.Adware.OpenInstall) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\my documents\downloads\morphster.exe (PUP.Adware.OpenInstall) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\my documents\downloads\oi_setup.exe (PUP.Adware.OpenInstall) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-789336058-1677128483-1801674531-500\Dc14.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
c:\documents and settings\default user\start menu\Programs\Startup\uvtiib.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Guest\start menu\Programs\Startup\ejux.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\avifile32.dll (Trojan.Tracur.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\administrator.r-nb\local settings\Temp\Rar$EX00.875\adobe photoshop  cs2 keygen.exe (Trojan.Agent.CK) -> Not selected for removal.
c:\documents and settings\Matt\local settings\Temp\shoptowin11_ff.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\local settings\Temp\icreinstall\flvplayersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\0.2723210599174235.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\0.7654081996486437.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\5689.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\hki801.exe (Trojan.Email) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\nnnv0.8473482171284658.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.7596542566299459.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.9629759090953504.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kolendas0.123447593428066.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kolendas0.40671348354759174.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\uddvne\setup.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kpmjua\setup.exe (Trojan.Email) -> Quarantined and deleted successfully.

MBAM Log #2
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8390

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/20/2011 7:25:19 PM
mbam-log-2011-12-20 (19-25-19).txt

Scan type: Quick scan
Objects scanned: 300553
Time elapsed: 1 hour(s), 33 minute(s), 11 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 34

Memory Processes Infected:
c:\WINDOWS\Temp\_ex-68.exe (Spyware.Passwords.XGen) -> 3336 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\5689 (Heuristics.Shuriken) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Trojan.Downloader.BH) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MozillaAgent (Spyware.Passwords.XGen) -> Value: MozillaAgent -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen.A) -> Bad: (Explorer.exe, C:\Documents and Settings\All Users\Application Data\cK28300KkOiK28300\cK28300KkOiK28300.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\Temp\_ex-68.exe (Spyware.Passwords.XGen) -> Delete on reboot.
c:\WINDOWS\Temp\5689.sys (Heuristics.Shuriken) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\nnnv0.9773925229066168.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.08946100822061143.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.3333345312763165.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.3609694856354957.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.4425561430771029.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.5582482859750926.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.7945293035923754.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.797188081940539.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.8483381851619799.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.867849663701152.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.8964447078712044.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.9302959214604821.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.9937155135718241.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.851192228475874.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.1087421511830099.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.1103925246177172.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.11526676560817473.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.20495062636050965.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.4885656289137854.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.583448281062873.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.6345387226048165.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.6647419495373914.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.7691773736208165.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.8263325256665037.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.8495103182092697.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.8942643759853889.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.9086065536493299.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\kna0.9532385464890731.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\pvcrjc\setup.exe (Trojan.Downloader.BH) -> Quarantined and deleted successfully.
c:\documents and settings\Matt\local settings\Temp\kolf0.38302108461481243.exe (Exploit.Drop.6) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.11558073003014757.exe (Exploit.Drop.6) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\opre0.027364584606388243.exe (Exploit.Drop.6) -> Quarantined and deleted successfully.

MBAM Log #3
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8390

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/20/2011 11:23:29 PM
mbam-log-2011-12-20 (23-23-29).txt

Scan type: Full scan (C:\|)
Objects scanned: 462946
Time elapsed: 3 hour(s), 39 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\Matt\foxtabflvplayer\uninstall\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\networkservice.nt authority\application data\Sun\Java\deployment\cache\6.0\48\5920e8b0-6a527734 (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8d4919b7-fb30-40c2-a1a8-4ec3efaa3d26}\RP102\A0057357.com (Trojan.Email) -> Quarantined and deleted successfully.


MBAM Log #4
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8390

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/21/2011 8:19:06 PM
mbam-log-2011-12-21 (20-19-06).txt

Scan type: Quick scan
Objects scanned: 41055
Time elapsed: 36 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\Temp\kna0.5279252352343352.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.


Webroot Secure Anywhere Threat Log
Automated Cleanup Engine
Starting Cleanup at 02/01/2012 - 08:08:04 GMT

Starting Routine> Removing C:\WINDOWS\system32\DRIVERS\redbook.sys...#(PX5:  - MD5: )...
Writing Registry Value> HKLM\System\CurrentControlSet\Services\redbook - imagepath
Writing Registry Value> HKLM\System\CurrentControlSet\Services\redbook - imagepath

Automated Cleanup Engine
Starting Cleanup at 02/01/2012 - 09:35:24 GMT

Starting Routine> Removing c:\windows\system32\iassdo32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\iassdo32.exe

Automated Cleanup Engine
Starting Cleanup at 02/01/2012 - 09:35:37 GMT

Starting Routine> Removing c:\windows\system32\iassdo32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\iassdo32.exe

Automated Cleanup Engine
Starting Cleanup at 02/01/2012 - 10:02:52 GMT

Starting Routine> Removing c:\windows\system32\avifile32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\avifile32.exe
Starting Routine> Removing c:\windows\system32\itircl32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\itircl32.exe
Starting Routine> Removing c:\windows\system32\kbdal32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\kbdal32.exe
Starting Routine> Removing c:\windows\system32\kbdcz232.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\kbdcz232.exe
Starting Routine> Removing c:\windows\system32\rasadhlp32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\rasadhlp32.exe
Starting Routine> Removing c:\windows\system32\wuauserv32.exe...#(PX5: 06F9C698007F2543DA330B1D190C8200D0C0C789 - MD5: CE7E9FE2F6E8D3EA4099418DF2A47147)...
Deleting File> c:\windows\system32\wuauserv32.exe
Starting Routine> Removing c:\windows\system32\lxeccuir32.dll...#(PX5: 85E3BC6000349E6F9A23023405C96F009D9FE5F8 - MD5: 84F2C7904C169A4D6E2676623CFF7483)...
Deleting File> c:\windows\system32\lxeccuir32.dll

Automated Cleanup Engine
Starting Cleanup at 02/01/2012 - 23:10:14 GMT

Starting Routine> Removing c:\documents and settings\administrator.r-nb\my documents\downloads\u.zip/u1017.exe...#(PX5: A017722C00D611B9E02410F251B9FB00A738A26B - MD5: 9860B1BBF9C34FD466BDD12230C2342C)...
Deleting File> c:\documents and settings\administrator.r-nb\my documents\downloads\u.zip
Starting Routine> Removing c:\documents and settings\administrator.r-nb\my documents\downloads\ms/new folder\ms2010.rar/microsoft office 2010 professional plus x64_x86 activator\keygen.exe...#(PX5: DE3B217500F5A757302101D05B00EE0061EB5EFF - MD5: B3B9295385F4E74D023181E5A24F4D83)...
Deleting File> c:\documents and settings\administrator.r-nb\my documents\downloads\ms
Starting Routine> Removing c:\documents and settings\administrator\local settings\temp\passwords.rar/passwords\accessdiver.exe...#(PX5: 8B98308C72FC6C07DAD221E1D988C30059166CED - MD5: 30EBF2D3D672C7BBEEC64E9D8980694C)...
Deleting File> c:\documents and settings\administrator\local settings\temp\passwords.rar
Starting Routine> Removing c:\documents and settings\matt\local settings\temp\shoptowin11.exe...#(PX5: F63E9F1A888D4AE456320FBB03DDAA00218F9AD1 - MD5: C649B317319DFE48E816FB5FF128848F)...
Deleting File> c:\documents and settings\matt\local settings\temp\shoptowin11.exe
Starting Routine> Removing c:\documents and settings\matt\local settings\temp\glb1c8.tmp...#(PX5: 3F725D7F000B04F41867016C83852300212B6B00 - MD5: 7BE34D720CDED07671DDB8A327CB654E)...
Deleting File> c:\documents and settings\matt\local settings\temp\glb1c8.tmp
Starting Routine> Removing c:\sec_50\serverinstaller\uicomm.cab/filb05291cb4be6597a8143946a5ed49994...#(PX5: 2CA253C2000441BC506F1143A7C7EC005D5C494E - MD5: C0D9F4A236E087C20CBCBDD15A8D5DF6)...
Deleting File> c:\sec_50\serverinstaller\uicomm.cab

That was the last one

If anything else is needed just ask. Appreciate any and all help
Thanks

-CTv

Edited by CT_Vamp, 12 January 2012 - 10:58 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:13 PM

Posted 12 January 2012 - 10:59 PM

Hello,your MBAM is outdated....
Yours >> Malwarebytes' Anti-Malware 1.51.2.1300

Mow at 1.60.

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select FULL scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.



Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

How is it now?

Edited by boopme, 12 January 2012 - 11:00 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 CT_Vamp

CT_Vamp
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 14 January 2012 - 06:22 PM

I apologize for the late reply, I would have replied the same day but as you will see in my MBAM log it took 6 hours to complete.

The MBAM log found nothing

MBAM Log
Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.13.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: User [administrator]

Protection: Enabled

1/12/2012 8:49:24 PM
mbam-log-2012-01-12 (20-49-24).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 484917
Time elapsed: 6 hour(s), 15 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



I ran into an error when trying to use the temp file cleaner, It would not finish I let it run for three hours and it would just stay stuck on "Stopping Processes"


As I wish we were done the Eset Scanner found some stuff here is the log
ESET Log

C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{0dc4b6e5-dfba-4b4f-a815-479dfba52469}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{0dc4b6e5-dfba-4b4f-a815-479dfba52469}\chrome\xulcache.jar JS/Agent.NDB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{501826c6-7b2a-437d-a1f0-881071bb9c27}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{501826c6-7b2a-437d-a1f0-881071bb9c27}\chrome\xulcache.jar JS/Agent.NDB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{5f2b49e4-7751-4205-946f-03f18eb0b12b}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{5f2b49e4-7751-4205-946f-03f18eb0b12b}\chrome\xulcache.jar JS/Agent.NDB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{832c2409-b488-476d-b646-7591661408c5}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{832c2409-b488-476d-b646-7591661408c5}\chrome\xulcache.jar JS/Agent.NDB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{d79dac3a-cbbe-4871-988d-32bf540ee395}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5q99xovq.default\extensions\{d79dac3a-cbbe-4871-988d-32bf540ee395}\chrome\xulcache.jar JS/Agent.NDB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\7d358f61-1b103846 a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\7d358f61-1ca4c111 a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\7d358f61-2c5a14f0 a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\7d358f61-4c78ade5 a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\7d358f61-5acfad99 a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\7d358f61-6af0e4c7 a variant of Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\35\79b15a3-592fbd2b multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\38\4c7836e6-36329694 a variant of Java/Agent.AR trojan deleted - quarantined
C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\58630b2b-5a38407f Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\Hirens.BootCD.13.1.zip Win32/PSWTool.KonBoot.A application deleted - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\is271270771\WhiteSmokeTrial.exe multiple threats deleted - quarantined
C:\Documents and Settings\Administrator\Local Settings\Temp\is271270771\WSZugo.exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Documents and Settings\Administrator.R-NB\Application Data\Sun\Java\Deployment\cache\6.0\17\6e684651-3783efab a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\BestVideoDownloaderSetup-TurboUpgrade.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\cnet_EFRCSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\cnet_HotRecorder_2_1_4_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\ConnectifyInstaller.exe Win32/OpenCandy application deleted - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\UltraSurf.exe a variant of MSIL/Solimba.A application deleted - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\v100.zip a variant of Win32/Packed.Themida application deleted - quarantined
C:\Documents and Settings\Administrator.R-NB\My Documents\Downloads\winzip155.exe Win32/OpenCandy application deleted - quarantined
C:\Documents and Settings\brfr7856\Application Data\Sun\Java\Deployment\cache\6.0\35\2a57d1a3-2ef55be5 Java/TrojanDownloader.OpenStream.NCA trojan deleted - quarantined
C:\Documents and Settings\brfr7856\My Documents\Downloads\Setup_FreeBurner.exe Win32/Adware.Toolbar.Dealio application deleted - quarantined
C:\Documents and Settings\brfr7856\My Documents\Downloads\SkipScreen-Setup.exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Documents and Settings\brfr7856\My Documents\Downloads\SoftonicDownloader_for_ultrasurf.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Documents and Settings\brfr7856\My Documents\Downloads\winzip155.exe Win32/OpenCandy application deleted - quarantined
C:\Documents and Settings\Matt\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\guppy-silent.exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\jar_cache4626797195182637263.tmp a variant of Java/Exploit.CVE-2011-3544.A trojan deleted - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\mia1D4.tmp\data\OFFLINE\D038292B\DBD9B16A\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\mia1D4.tmp\data\OFFLINE\D038292B\DBD9B16A\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\mia1D4.tmp\data\OFFLINE\D038292B\DBD9B16A\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\mia1D4.tmp\data\OFFLINE\D038292B\DBD9B16A\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\mia1D4.tmp\data\OFFLINE\D038292B\DBD9B16A\rb_ubm.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\Local Settings\Temp\mia1D4.tmp\data\OFFLINE\D038292B\DBD9B16A\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Documents and Settings\Matt\My Documents\Downloads\PageRageSetup.exe probably a variant of Win32/Adware.LRYETGT application cleaned by deleting - quarantined
C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\43\e5a51ab-283284c2 a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\53\3a249fb5-72d18338 a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\6\511051c6-57fd2e90 a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\8\1a03c108-43387c9e a variant of Java/Agent.DZ trojan deleted - quarantined
C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
[/code]




---------On a side note this might be an easy fix but I have an issue when I click "Start" and the "Search" button nothing comes up. I can go to windows explorer and click search there and it will work, but anything it has found when I right click and try to click "Open containing folder" it won't open it.

Edited by boopme, 14 January 2012 - 08:29 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:13 PM

Posted 14 January 2012 - 08:37 PM

Hello, the Tracur infection has stolen any passwords on here,they need changing.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder (C:\Documents and Settings\username\Application Data\Sun\Java\Deployment\cache) for quick execution later and better performance. Malicious applets are also stored in the Java cache directory and your anti-virus may detect them and provide alerts. For more specific information about Java exploits, please refer to Virus found in the Java cache directory.

Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. As a precaution, I recommend clearing the entire cache to ensure everything is cleaned out:==Thanks quietman7
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 CT_Vamp

CT_Vamp
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 14 January 2012 - 10:34 PM

For the minitoolbox under "List Devices" They gave three options I selected "ALL" do you want me to re-run it as problem devices only, Here is the log

MiniToolBox Log
MiniToolBox by Farbar 
Ran by Administrator (administrator) on 14-01-2012 at 19:27:17
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel(R) WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=static addr=8.26.56.26 register=PRIMARY
add dns name="Wireless Network Connection" addr=156.154.70.22 index=2
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=static addr=8.26.56.26 register=PRIMARY
add dns name="Local Area Connection" addr=156.154.70.22 index=2
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Ins1di0us5hr3wd

        Primary Dns Suffix  . . . . . . . : 

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . : gateway.2wire.net

        Description . . . . . . . . . . . : Intel(R) WiFi Link 1000 BGN

        Physical Address. . . . . . . . . : 00-26-C7-21-C7-F4

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.108

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.254

        DHCP Server . . . . . . . . . . . : 192.168.1.254

        DNS Servers . . . . . . . . . . . : 8.26.56.26

                                            156.154.70.22

        Lease Obtained. . . . . . . . . . : Saturday, January 14, 2012 2:53:41 PM

        Lease Expires . . . . . . . . . . : Sunday, January 15, 2012 2:53:41 PM



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

        Physical Address. . . . . . . . . : C8-0A-A9-24-CE-10

Server:  ns1.recursive.dns.com
Address:  8.26.56.26

Name:    google.com.gateway.2wire.net
Address:  92.242.144.50



Pinging google.com [72.14.203.105] with 32 bytes of data:



Reply from 72.14.203.105: bytes=32 time=167ms TTL=50

Reply from 72.14.203.105: bytes=32 time=190ms TTL=50



Ping statistics for 72.14.203.105:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 167ms, Maximum = 190ms, Average = 178ms

Server:  ns1.recursive.dns.com
Address:  8.26.56.26

Name:    yahoo.com.gateway.2wire.net
Address:  92.242.144.50



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=35ms TTL=55

Reply from 72.30.2.43: bytes=32 time=36ms TTL=55



Ping statistics for 72.30.2.43:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 35ms, Maximum = 36ms, Average = 35ms

Server:  ns1.recursive.dns.com
Address:  8.26.56.26

DNS request timed out.
    timeout was 2 seconds.
Name:    bleepingcomputer.com
Address:  208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 26 c7 21 c7 f4 ...... Intel(R) WiFi Link 1000 BGN - Packet Scheduler Miniport
0x3 ...c8 0a a9 24 ce 10 ...... Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254   192.168.1.108	  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1
      192.168.1.0    255.255.255.0    192.168.1.108   192.168.1.108	  25
    192.168.1.108  255.255.255.255        127.0.0.1       127.0.0.1	  25
    192.168.1.255  255.255.255.255    192.168.1.108   192.168.1.108	  25
        224.0.0.0        240.0.0.0    192.168.1.108   192.168.1.108	  25
  255.255.255.255  255.255.255.255    192.168.1.108   192.168.1.108	  1
  255.255.255.255  255.255.255.255    192.168.1.108               3	  1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/14/2012 04:42:51 PM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/13/2012 00:10:37 PM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/13/2012 11:10:28 AM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/13/2012 10:56:17 AM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/13/2012 10:41:10 AM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/13/2012 03:50:32 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (01/12/2012 08:37:21 PM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/12/2012 08:26:53 PM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/12/2012 06:43:30 PM) (Source: Application Error) (User: )
Description: Faulting application CLPS.exe, version 3.3.0.59, faulting module LPSGUI.dll, version 2.1.27288.2, fault address 0x0004889e.
Processing media-specific event for [CLPS.exe!ws!]

Error: (01/10/2012 01:50:57 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (2968) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.


System errors:
=============
Error: (01/14/2012 02:02:29 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.108 on the
Network Card with network address 0026C721C7F4.

Error: (01/13/2012 00:10:00 PM) (Source: Service Control Manager) (User: )
Description: The IMAPI CD-Burning COM Service service failed to start due to the following error: 
%%1053

Error: (01/13/2012 00:10:00 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

Error: (01/13/2012 00:09:00 PM) (Source: Service Control Manager) (User: )
Description: The Cisco EnergyWise Enabler service failed to start due to the following error: 
%%1053

Error: (01/13/2012 00:09:00 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Cisco EnergyWise Enabler service to connect.

Error: (01/13/2012 00:09:00 PM) (Source: Service Control Manager) (User: )
Description: The DUALSHOCK3 Controller HID Minidriver (USB) Beta service failed to start due to the following error: 
%%1058

Error: (01/13/2012 11:51:49 AM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (01/13/2012 11:32:42 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/13/2012 11:32:42 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/13/2012 11:32:42 AM) (Source: Service Control Manager) (User: )
Description: The Brother Popup Suspend service for Resource manager service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (01/14/2012 04:42:51 PM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/13/2012 00:10:37 PM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/13/2012 11:10:28 AM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/13/2012 10:56:17 AM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/13/2012 10:41:10 AM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/13/2012 03:50:32 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (01/12/2012 08:37:21 PM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/12/2012 08:26:53 PM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/12/2012 06:43:30 PM) (Source: Application Error)(User: )
Description: CLPS.exe3.3.0.59LPSGUI.dll2.1.27288.20004889e

Error: (01/10/2012 01:50:57 PM) (Source: ESENT)(User: )
Description: wuaueng.dll2968SUS20ClientDataStore: C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log-1032 (0xfffffbf8)


=========================== Installed Programs ============================

Acoustica Effects Pack (Version: 3.0)
Acoustica Mixcraft 5
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader X (10.1.2) (Version: 10.1.2)
AlienGUIse Theme Manager
ALPS Touch Pad Driver
ATI Catalyst Install Manager (Version: 3.0.808.0)
authorSTREAM Desktop (Version: 2.0.0)
Beat Hazard Demo
BF3 Alpha Trial (Version: 1.0.0.0)
Brother MFL-Pro Suite (Version: 1.00.000)
Comodo Dragon (Version: 16.1.1.0)
COMODO GeekBuddy (Version: 3.3.217083.59)
COMODO Internet Security (Version: 5.9.23255.2196)
DriveImage XML (Private Edition) (Version: 2.30)
ESET Online Scanner v3
FileZilla Client 3.5.1 (Version: 3.5.1)
Google Talk Plugin (Version: 2.5.8.4958)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2427.2330)
Google Update Helper (Version: 1.3.21.79)
Intel(R) Graphics Media Accelerator Driver (Version: 6.14.10.5355)
Java Auto Updater (Version: 2.0.5.1)
Java(TM) 6 Update 26 (Version: 6.0.260)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MotioninJoy ds3 driver version 0.6.0004 (Version: 0.6.00001)
Mozilla Firefox 8.0 (x86 en-US) (Version: 8.0)
ObjectDock Free (Version: 2.0)
Origin (Version: 8.2.1.458)
Portal
Portal 2
Portal 2 Authoring Tools - Beta
PS3 Media Server (Version: 1.40.0)
PX3 Presets Manager (Version: 1.00.0000)
Rainlendar2 (remove only)
Realtek High Definition Audio Driver
Skype™ 5.5 (Version: 5.5.119)
Skype™ 5.5 (Version: 5.5.124)
Steam (Version: 1.0.0.0)
System Requirements Lab for Intel (Version: 4.4.24.0)
ThinkPad Power Management Driver (Version: 1.62.00.00)
ThinkPad Power Manager (Version: 1.99j)
ThinkPad UltraNav Driver (Version: 15.3.8.0)
TweetDeck (Version: 0.38.1)
UxStyle Core Beta (Version: 0.2.1.1)
WD SmartWare (Version: 1.5.0)
WD Software Upgrader (Version: 1.5.0)
WebFldrs XP (Version: 9.50.7523)
Webroot SecureAnywhere (Version: 8.0.1.44)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell(TM) 1.0 (Version: 2)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinZip 15.5 (Version: 15.5.9510)
Xvid Video Codec (Version: 1.3.2)
Yahoo! Install Manager
Yahoo! Widgets (Version: 4.5.2.0)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Devices: ================================

Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Mobile Intel(R) 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel(R) 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: 

Name: Mobile Intel(R) 4 Series Express Chipset Family
Description: Mobile Intel(R) 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service: 

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service: 

Name: Mobile Intel(R) 4 Series Express Chipset Family
Description: Mobile Intel(R) 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service: 

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2937
Description: Intel(R) ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2938
Description: Intel(R) ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2939
Description: Intel(R) ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: Intel(R) High Definition Audio HDMI Service
Description: Intel(R) High Definition Audio HDMI Service
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel(R) Corporation
Service: IntcHdmiAddService

Name: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: JMB38X SD/MMC Host Controller
Description: JMB38X SD/MMC Host Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR

Name: JMB38X SD Host Controller
Description: JMB38X SD Host Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR

Name: JMB38X MS Host Controller
Description: JMB38X MS Host Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR

Name: JMB38X xD Host Controller
Description: JMB38X xD Host Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: JMicron Technology Corp.
Service: JMCR

Name: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel(R) ICH9 Family PCI Express Root Port 3 - 2944
Description: Intel(R) ICH9 Family PCI Express Root Port 3 - 2944
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel(R) ICH9 Family PCI Express Root Port 4 - 2946
Description: Intel(R) ICH9 Family PCI Express Root Port 4 - 2946
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel(R) WiFi Link 1000 BGN
Description: Intel(R) WiFi Link 1000 BGN
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: NETw1x32

Name: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
Description: Intel(R) ICH9 Family PCI Express Root Port 5 - 2948
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel(R) ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel(R) ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023xp

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2934
Description: Intel(R) ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2935
Description: Intel(R) ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel(R) ICH9 Family USB Universal Host Controller - 2936
Description: Intel(R) ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: USB Video Device #2
Description: USB Video Device
Class Guid: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service: usbvideo

Name: Intel(R) 82801 PCI Bridge - 2448
Description: Intel(R) 82801 PCI Bridge - 2448
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel(R) ICH9M LPC Interface Controller - 2919
Description: Intel(R) ICH9M LPC Interface Controller - 2919
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Intel(R) 82802 Firmware Hub Device
Description: Intel(R) 82802 Firmware Hub Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: 

Name: High precision event timer
Description: High precision event timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: ThinkPad UltraNav Pointing Device
Description: ThinkPad UltraNav Pointing Device
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Lenovo
Service: i8042prt

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC

Name: ThinkPad PM Device
Description: ThinkPad PM Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Lenovo
Service: IBMPMDRV

Name: Intel(R) ICH9M/M-E 2 port Serial ATA Storage Controller 1 - 2928
Description: Intel(R) ICH9M/M-E 2 port Serial ATA Storage Controller 1 - 2928
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: WDC WD2500BEVS-08VAT2
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: HL-DT-ST DVDRAM GSA-T50N
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel(R) ICH9 Family SMBus Controller - 2930
Description: Intel(R) ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: 

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Intel(R) Core(TM)2 Duo CPU     T6570  @ 2.10GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: Intel(R) Core(TM)2 Duo CPU     T6570  @ 2.10GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: 

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service: 

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AFD

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Beep

Name: COMODO Internet Security Helper Driver
Description: COMODO Internet Security Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cmdHlp

Name: cpudrv
Description: cpudrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cpudrv

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: dmload

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Fips

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: HTTP

Name: COMODO Internet Security Firewall Driver
Description: COMODO Internet Security Firewall Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Inspect

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ksecdd

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NetBT

Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NPF

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Null

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: PartMgr

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ParVdm

Name: PC Tools Data Store
Description: PC Tools Data Store
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: pctDS

Name: PC Tools Spyware Doctor Driver
Description: PC Tools Spyware Doctor Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: PCTSD

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: RDPCDD

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Tcpip

Name: TPPWRIF
Description: TPPWRIF
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TPPWRIF

Name: uxpatch
Description: uxpatch
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: uxpatch

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VgaSave

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Wanarp

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Wdf01000

Name: WRkrn
Description: WRkrn
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WRkrn

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Intel(R) WiFi Link 1000 BGN - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios


========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 1912.79 MB
Available physical RAM: 1045.01 MB
Total Pagefile: 4627.28 MB
Available Pagefile: 3811.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1966.61 MB

========================= Partitions: =====================================

1 Drive c: (OSDisk) (Fixed) (Total:232.88 GB) (Free:124.74 GB) NTFS

========================= Users: ========================================

User accounts for \\INS1DI0US5HR3WD

Administrator            ASPNET                   Guest                    
HelpAssistant            Matt                     SUPPORT_388945a0                             

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini090311-01.dmp
C:\WINDOWS\Minidump\Mini090311-02.dmp
C:\WINDOWS\Minidump\Mini090311-03.dmp
C:\WINDOWS\Minidump\Mini091411-01.dmp
C:\WINDOWS\Minidump\Mini091811-01.dmp
C:\WINDOWS\Minidump\Mini101911-01.dmp
C:\WINDOWS\Minidump\Mini112511-01.dmp
C:\WINDOWS\Minidump\Mini121511-01.dmp

**** End of log ****


While waiting for a reply I will be doing the 5 steps you provided at the end


NEW PROBLEM

It appears I cannot access Internet Options through control panel nor can I even open Internet Explorer. I even went as far as attempting to remove Windows SP 3 to uninstall I.E. and re-install but I do not see them in the Add or Remove Programs. My computer information still reads that it has it installed.

Edited by CT_Vamp, 14 January 2012 - 11:02 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:13 PM

Posted 14 January 2012 - 11:16 PM

Hello see if one of these methods corrects it.

http://answers.microsoft.com/en-us/ie/forum/ie7_6-windows_xp/cant-access-internet-options-through-control-panel/60eb1ae2-f667-452f-92ef-88e5d8946598
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 CT_Vamp

CT_Vamp
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 15 January 2012 - 01:20 AM

None of the solutions worked, so I went ahead and downloaded the IE8 installer and ran it. It then installed the core components that I was missing and that solved:
  • Accessing internet options through control panel
  • Accessing Internet Explorer
  • Accessing Automatic updates

Is there anything else other than changing my passwords that there might be left of any viruses?

I really appreciate the time you take out of your schedule to help us out BoopMe and thanks for getting me this far.

Edited by CT_Vamp, 15 January 2012 - 01:20 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:13 PM

Posted 15 January 2012 - 03:14 PM

Looks good now and you're welcome..
Java needs an update it's at 7.. This needs to be removed.. Java™ 6 Update 26 (Version: 6.0.260)

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u2-windows-i586.exe (or jre-7u2-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 CT_Vamp

CT_Vamp
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 17 January 2012 - 07:23 AM

Ok I finished everything there you asked I just have one more question as a antivirus would you recommend Antivir? I just need one until I get the $80 for webroot

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:13 PM

Posted 17 January 2012 - 11:19 AM

Yes I have used Avira Antivir for years along with Malwarevytes and SUPERAntispyware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users