Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Issues after Virus Removal - almost %100 CPU usage


  • Please log in to reply
5 replies to this topic

#1 gnikk

gnikk

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 22 January 2012 - 08:22 PM

My desktop computer started running really slow a few weeks ago. IE won't open, and other programs run REALLY slow. I looked at Windows Task Manager and the CPU usage is above 90%. I was able to figure out if the Plug and Play service is not running, then things speed up (of course there are a lot of things that won't work without Plug and Play). I've run Malwarebytes and it comes back clean. Any help is much appreciated.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:11 PM

Posted 22 January 2012 - 10:31 PM

Hello, please run these next.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Run RKill....Go not reboot if asked until after MBAM again.


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 gnikk

gnikk
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 23 January 2012 - 03:25 PM

When I tried to run MiniTooolBox, it would freeze on the 'List IP Configuration' step. If I unchecked that box, it did run.

Results:

MiniToolBox by Farbar Version: 18-01-2012
Ran by The Kings (administrator) on 23-01-2012 at 10:07:30
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 coo0lnet.net
127.0.0.1 localhost
127.0.0.1 www.8minutedating.com
127.0.0.1 whysohardx.com
127.0.0.1 protectyourpc-11.com
127.0.0.1 checkserverstatux.com
127.0.0.1 xinmin.cn
127.0.0.1 xy95.cn
127.0.0.1 koralda.com
127.0.0.1 weirden.com
127.0.0.1 nanocloudcontroller.com
127.0.0.1 coo0lnet.net

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/23/2012 10:07:24 AM) (Source: Bonjour Service) (User: )
Description: Local Hostname King.local already in use; will try King-2.local instead

Error: (01/23/2012 10:07:24 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 King.local. Addr 192.168.1.12

Error: (01/23/2012 10:07:24 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353 4 King.local. Addr 192.168.1.9

Error: (01/23/2012 10:05:40 AM) (Source: Bonjour Service) (User: )
Description: Local Hostname King.local already in use; will try King-2.local instead

Error: (01/23/2012 10:05:40 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 King.local. Addr 192.168.1.12

Error: (01/23/2012 10:05:40 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353 4 King.local. Addr 192.168.1.9

Error: (01/23/2012 10:04:44 AM) (Source: Bonjour Service) (User: )
Description: Local Hostname King.local already in use; will try King-2.local instead

Error: (01/23/2012 10:04:44 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 King.local. Addr 192.168.1.12

Error: (01/23/2012 10:04:44 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353 4 King.local. Addr 192.168.1.9

Error: (01/23/2012 09:58:45 AM) (Source: Bonjour Service) (User: )
Description: Local Hostname King.local already in use; will try King-2.local instead


System errors:
=============
Error: (01/23/2012 10:06:34 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error: (01/23/2012 10:06:34 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (01/23/2012 10:00:00 AM) (Source: Schedule) (User: )
Description: The At35.job command failed to start due to the following error:
%%2147942402

Error: (01/23/2012 10:00:00 AM) (Source: Schedule) (User: )
Description: The At11.job command failed to start due to the following error:
%%2147942402

Error: (01/23/2012 09:59:41 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error: (01/23/2012 09:59:41 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (01/23/2012 09:56:32 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068

Error: (01/23/2012 09:56:32 AM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058

Error: (01/23/2012 09:56:32 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068

Error: (01/23/2012 09:56:32 AM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (01/23/2012 10:07:24 AM) (Source: Bonjour Service)(User: )
Description: Local Hostname King.local already in use; will try King-2.local instead

Error: (01/23/2012 10:07:24 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 King.local. Addr 192.168.1.12

Error: (01/23/2012 10:07:24 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353 4 King.local. Addr 192.168.1.9

Error: (01/23/2012 10:05:40 AM) (Source: Bonjour Service)(User: )
Description: Local Hostname King.local already in use; will try King-2.local instead

Error: (01/23/2012 10:05:40 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 King.local. Addr 192.168.1.12

Error: (01/23/2012 10:05:40 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353 4 King.local. Addr 192.168.1.9

Error: (01/23/2012 10:04:44 AM) (Source: Bonjour Service)(User: )
Description: Local Hostname King.local already in use; will try King-2.local instead

Error: (01/23/2012 10:04:44 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 King.local. Addr 192.168.1.12

Error: (01/23/2012 10:04:44 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.9:5353 4 King.local. Addr 192.168.1.9

Error: (01/23/2012 09:58:45 AM) (Source: Bonjour Service)(User: )
Description: Local Hostname King.local already in use; will try King-2.local instead


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (Version: 6.1.2)
3D Groove Playback Engine
3DVIA player 4.1 (Version: 4.1.0.78)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 Plugin (Version: 10.2.152.26)
Adobe Media Player (Version: 1.6)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.0.69)
Apple Software Update (Version: 2.1.2.120)
ATI Catalyst Control Center (Version: 1.2.2400.31026)
ATI Display Driver (Version: 8.263.5.1-060607a-035600C-Dell)
Bonjour (Version: 2.0.3.0)
Broadcom ASF Management Applications (Version: 8.18.14)
Broadcom Management Programs (Version: 9.03.02)
CCleaner (Version: 2.28)
City of Villains/City of Heroes (remove only)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
ConvertXtoDVD 2.2.3.258h (Version: 2.2.3.258h)
Coupon Printer for Windows (Version: 2.0)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.0)
Dell ETS Factory Installation (Version: 1.0.0)
Dell Support 3.2.1 (Version: 5.5.2087)
Disney's Mickey Mouse Preschool
DivX Content Uploader (Version: 1.2.1)
DivX Setup (Version: 2.6.0.34)
DocProc (Version: 12.0.0.0)
Dora Lost City
Dora the Explorer: Animal Adventures
DVD Flick 1.3.0.6 (Version: 1.3.0.6)
Easy-WebPrint
Google Chrome (Version: 16.0.912.63)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Updater (Version: 2.4.2432.1652)
H&R Block Deluxe + Efile + State 2010 (Version: 10.04.6402)
H&R Block Deluxe + Efile 2009 (Version: 09.03.6901)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Hitman Pro 3.5 (Version: 3.5.8.121)
iPhone Configuration Utility (Version: 2.1.0.163)
iPodRip (Version: 2.0.0)
iTunes (Version: 10.1.1.4)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 6 Update 7 (Version: 1.6.0.70)
JumpStart Kindergarten v2.4b
LEGO Racers
LEGO Universe
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MobileMe Control Panel (Version: 3.1.5.0)
Mozilla Firefox 8.0.1 (x86 en-US) (Version: 8.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
NVIDIA PhysX (Version: 9.09.0814)
OCR Software by I.R.I.S. 12.0 (Version: 12.0)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Origin (Version: 8.2.6.475)
Palringo
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
Photo Story 3 for Windows (Version: 3.0.1115.11)
Picasa 3 (Version: 3.8)
PowerDVD 5.7
Presto! PageManager 7.15.14 (Version: 7.15.14E)
QuickTime (Version: 7.69.80.9)
Ralink Wireless LAN (Version: 1.00.0000)
Registry Mechanic 10.0 (Version: 10.0)
Roxio DLA (Version: 5.2.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
Safari (Version: 5.31.21.10)
Sibelius Scorch (ActiveX Only) (Version: 1.0.0)
Sonic Update Manager (Version: 3.0.0)
Sony USB Driver
Star Wars: Knights of the Old Republic
StarFlyers Alien Space Chase
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 4.51.1000)
TaxCut Premium + Efile 2008 (Version: 08.06.5901)
TaxCut Premium 2007 (Version: 07.03.0000)
Terraria
The Elder Scrolls IV: Oblivion
The Sims™ 3 (Version: 1.24.3)
The Sims™ 3 Create a World Tool - Beta (Version: 1.6.72)
Unity Web Player (Version: 2.6.0f7_29850)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Ventrilo Client (Version: 3.0.8)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.0.1 (Version: 1.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Yahoo! Internet Mail
Yahoo! Messenger

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 2045.54 MB
Available physical RAM: 1691.3 MB
Total Pagefile: 3942.17 MB
Available Pagefile: 3766.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.77 GB) (Free:113.18 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator ASPNET Guest
HelpAssistant SUPPORT_388945a0 The Kings

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

TDSS:

10:14:34.0015 1716 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
10:14:36.0031 1716 ============================================================
10:14:36.0031 1716 Current date / time: 2012/01/23 10:14:36.0031
10:14:36.0031 1716 SystemInfo:
10:14:36.0031 1716
10:14:36.0031 1716 OS Version: 5.1.2600 ServicePack: 3.0
10:14:36.0031 1716 Product type: Workstation
10:14:36.0031 1716 ComputerName: KING
10:14:36.0031 1716 UserName: The Kings
10:14:36.0031 1716 Windows directory: C:\WINDOWS
10:14:36.0031 1716 System windows directory: C:\WINDOWS
10:14:36.0031 1716 Processor architecture: Intel x86
10:14:36.0031 1716 Number of processors: 2
10:14:36.0031 1716 Page size: 0x1000
10:14:36.0031 1716 Boot type: Normal boot
10:14:36.0031 1716 ============================================================
10:14:37.0515 1716 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:14:37.0656 1716 Initialize success
10:14:41.0328 1392 ============================================================
10:14:41.0343 1392 Scan started
10:14:41.0343 1392 Mode: Manual;
10:14:41.0343 1392 ============================================================
10:14:42.0109 1392 Abiosdsk - ok
10:14:42.0187 1392 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:14:42.0187 1392 abp480n5 - ok
10:14:42.0281 1392 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:14:42.0296 1392 ACPI - ok
10:14:42.0343 1392 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:14:42.0359 1392 ACPIEC - ok
10:14:42.0421 1392 ADIHdAudAddService (62afc64108bbdb8d3ca32aad559e5af1) C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:14:42.0468 1392 ADIHdAudAddService - ok
10:14:42.0531 1392 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:14:42.0531 1392 adpu160m - ok
10:14:42.0625 1392 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:14:42.0625 1392 aec - ok
10:14:42.0687 1392 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:14:42.0687 1392 AegisP - ok
10:14:42.0734 1392 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
10:14:42.0765 1392 AFD - ok
10:14:42.0812 1392 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
10:14:42.0828 1392 agp440 - ok
10:14:42.0859 1392 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:14:42.0859 1392 agpCPQ - ok
10:14:42.0921 1392 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:14:42.0937 1392 Aha154x - ok
10:14:43.0109 1392 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:14:43.0109 1392 aic78u2 - ok
10:14:43.0187 1392 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:14:43.0187 1392 aic78xx - ok
10:14:43.0281 1392 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
10:14:43.0296 1392 AliIde - ok
10:14:43.0453 1392 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:14:43.0453 1392 alim1541 - ok
10:14:43.0500 1392 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:14:43.0500 1392 amdagp - ok
10:14:43.0546 1392 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
10:14:43.0546 1392 amsint - ok
10:14:43.0703 1392 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
10:14:43.0703 1392 asc - ok
10:14:43.0750 1392 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:14:43.0750 1392 asc3350p - ok
10:14:43.0812 1392 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:14:43.0812 1392 asc3550 - ok
10:14:43.0968 1392 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:14:44.0000 1392 AsyncMac - ok
10:14:44.0093 1392 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:14:44.0109 1392 atapi - ok
10:14:44.0234 1392 Atdisk - ok
10:14:44.0437 1392 ati2mtag (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:14:44.0625 1392 ati2mtag - ok
10:14:44.0750 1392 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:14:44.0765 1392 Atmarpc - ok
10:14:44.0906 1392 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:14:44.0906 1392 audstub - ok
10:14:45.0062 1392 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:14:45.0062 1392 b57w2k - ok
10:14:45.0156 1392 BASFND (3d87b0484be1093c6614062701f375c5) C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
10:14:45.0156 1392 BASFND - ok
10:14:45.0375 1392 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:14:45.0375 1392 Beep - ok
10:14:45.0562 1392 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:14:45.0593 1392 cbidf - ok
10:14:45.0656 1392 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:14:45.0656 1392 cbidf2k - ok
10:14:45.0703 1392 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:14:45.0718 1392 CCDECODE - ok
10:14:45.0750 1392 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:14:45.0765 1392 cd20xrnt - ok
10:14:45.0796 1392 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:14:45.0796 1392 Cdaudio - ok
10:14:45.0843 1392 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:14:45.0843 1392 Cdfs - ok
10:14:45.0875 1392 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:14:45.0890 1392 Cdrom - ok
10:14:45.0921 1392 Changer - ok
10:14:46.0125 1392 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:14:46.0125 1392 CmdIde - ok
10:14:46.0218 1392 COH_Mon - ok
10:14:46.0500 1392 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:14:46.0500 1392 Cpqarray - ok
10:14:46.0562 1392 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:14:46.0578 1392 dac2w2k - ok
10:14:46.0640 1392 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:14:46.0640 1392 dac960nt - ok
10:14:46.0890 1392 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:14:46.0890 1392 Disk - ok
10:14:46.0968 1392 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
10:14:46.0968 1392 DLABOIOM - ok
10:14:46.0984 1392 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
10:14:46.0984 1392 DLACDBHM - ok
10:14:47.0015 1392 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
10:14:47.0015 1392 DLADResN - ok
10:14:47.0031 1392 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
10:14:47.0031 1392 DLAIFS_M - ok
10:14:47.0140 1392 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
10:14:47.0140 1392 DLAOPIOM - ok
10:14:47.0296 1392 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
10:14:47.0296 1392 DLAPoolM - ok
10:14:47.0421 1392 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
10:14:47.0421 1392 DLARTL_N - ok
10:14:47.0546 1392 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
10:14:47.0562 1392 DLAUDFAM - ok
10:14:47.0625 1392 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
10:14:47.0640 1392 DLAUDF_M - ok
10:14:47.0843 1392 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:14:47.0906 1392 dmboot - ok
10:14:47.0968 1392 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:14:47.0984 1392 dmio - ok
10:14:48.0031 1392 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:14:48.0031 1392 dmload - ok
10:14:48.0203 1392 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:14:48.0203 1392 DMusic - ok
10:14:48.0390 1392 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:14:48.0406 1392 dpti2o - ok
10:14:48.0546 1392 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:14:48.0546 1392 drmkaud - ok
10:14:48.0656 1392 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
10:14:48.0687 1392 DRVMCDB - ok
10:14:48.0718 1392 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
10:14:48.0718 1392 DRVNDDM - ok
10:14:48.0843 1392 DSproct (2ac2372ffad9adc85672cc8e8ae14be9) C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
10:14:48.0859 1392 DSproct - ok
10:14:48.0921 1392 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:14:48.0921 1392 E100B - ok
10:14:48.0984 1392 EraserUtilRebootDrv - ok
10:14:49.0296 1392 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:14:49.0312 1392 Fastfat - ok
10:14:49.0406 1392 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:14:49.0421 1392 Fdc - ok
10:14:49.0515 1392 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:14:49.0515 1392 Fips - ok
10:14:49.0578 1392 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:14:49.0593 1392 Flpydisk - ok
10:14:49.0625 1392 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:14:49.0656 1392 FltMgr - ok
10:14:49.0687 1392 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:14:49.0687 1392 Fs_Rec - ok
10:14:49.0750 1392 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:14:49.0765 1392 Ftdisk - ok
10:14:49.0921 1392 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
10:14:49.0921 1392 GEARAspiWDM - ok
10:14:50.0000 1392 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:14:50.0000 1392 Gpc - ok
10:14:50.0046 1392 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
10:14:50.0046 1392 hamachi - ok
10:14:50.0234 1392 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:14:50.0234 1392 HDAudBus - ok
10:14:50.0359 1392 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:14:50.0375 1392 HidUsb - ok
10:14:50.0546 1392 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
10:14:50.0546 1392 hpn - ok
10:14:50.0734 1392 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:14:50.0734 1392 HPZid412 - ok
10:14:50.0796 1392 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:14:50.0796 1392 HPZipr12 - ok
10:14:50.0875 1392 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:14:50.0890 1392 HPZius12 - ok
10:14:50.0968 1392 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:14:50.0968 1392 HTTP - ok
10:14:51.0046 1392 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
10:14:51.0046 1392 i2omgmt - ok
10:14:51.0156 1392 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:14:51.0156 1392 i2omp - ok
10:14:51.0281 1392 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:14:51.0281 1392 i8042prt - ok
10:14:51.0359 1392 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:14:51.0359 1392 Imapi - ok
10:14:51.0625 1392 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:14:51.0625 1392 ini910u - ok
10:14:51.0765 1392 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
10:14:51.0765 1392 IntelIde - ok
10:14:51.0843 1392 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:14:51.0859 1392 intelppm - ok
10:14:51.0906 1392 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:14:51.0906 1392 Ip6Fw - ok
10:14:52.0031 1392 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:14:52.0046 1392 IpFilterDriver - ok
10:14:52.0187 1392 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:14:52.0187 1392 IpInIp - ok
10:14:52.0265 1392 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:14:52.0281 1392 IpNat - ok
10:14:52.0421 1392 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:14:52.0453 1392 IPSec - ok
10:14:52.0546 1392 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:14:52.0546 1392 IRENUM - ok
10:14:52.0609 1392 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:14:52.0625 1392 isapnp - ok
10:14:52.0703 1392 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:14:52.0703 1392 Kbdclass - ok
10:14:52.0781 1392 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:14:52.0781 1392 kbdhid - ok
10:14:52.0875 1392 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:14:52.0875 1392 kmixer - ok
10:14:52.0953 1392 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:14:52.0953 1392 KSecDD - ok
10:14:53.0046 1392 lbrtfdc - ok
10:14:53.0390 1392 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:14:53.0390 1392 mnmdd - ok
10:14:53.0640 1392 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:14:53.0671 1392 Modem - ok
10:14:53.0734 1392 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:14:53.0734 1392 Mouclass - ok
10:14:53.0953 1392 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:14:53.0968 1392 mouhid - ok
10:14:54.0125 1392 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:14:54.0125 1392 MountMgr - ok
10:14:54.0250 1392 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:14:54.0250 1392 mraid35x - ok
10:14:54.0406 1392 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:14:54.0406 1392 MRxDAV - ok
10:14:54.0500 1392 MRxSmb (421f7b922cec5a5f340e7574a98f7b7c) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:14:54.0515 1392 MRxSmb - ok
10:14:54.0687 1392 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:14:54.0687 1392 Msfs - ok
10:14:54.0875 1392 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:14:54.0875 1392 MSKSSRV - ok
10:14:55.0031 1392 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:14:55.0046 1392 MSPCLOCK - ok
10:14:55.0093 1392 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:14:55.0093 1392 MSPQM - ok
10:14:55.0187 1392 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:14:55.0187 1392 mssmbios - ok
10:14:55.0281 1392 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
10:14:55.0312 1392 MSTEE - ok
10:14:55.0406 1392 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
10:14:55.0406 1392 Mup - ok
10:14:55.0531 1392 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:14:55.0562 1392 NABTSFEC - ok
10:14:55.0734 1392 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:14:55.0750 1392 NDIS - ok
10:14:55.0843 1392 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:14:55.0843 1392 NdisIP - ok
10:14:56.0000 1392 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:14:56.0000 1392 NdisTapi - ok
10:14:56.0078 1392 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:14:56.0078 1392 Ndisuio - ok
10:14:56.0171 1392 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:14:56.0203 1392 NdisWan - ok
10:14:56.0343 1392 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
10:14:56.0359 1392 NDProxy - ok
10:14:56.0406 1392 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:14:56.0421 1392 NetBIOS - ok
10:14:56.0531 1392 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:14:56.0531 1392 NetBT - ok
10:14:56.0875 1392 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:14:56.0875 1392 Npfs - ok
10:14:57.0000 1392 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:14:57.0078 1392 Ntfs - ok
10:14:57.0156 1392 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:14:57.0156 1392 Null - ok
10:14:57.0328 1392 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:14:57.0578 1392 nv - ok
10:14:57.0703 1392 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:14:57.0718 1392 NwlnkFlt - ok
10:14:57.0781 1392 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:14:57.0781 1392 NwlnkFwd - ok
10:14:57.0890 1392 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:14:57.0906 1392 Parport - ok
10:14:57.0921 1392 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:14:57.0921 1392 PartMgr - ok
10:14:57.0953 1392 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:14:57.0953 1392 ParVdm - ok
10:14:58.0015 1392 PCANDIS5 (58c5ea3de400fe1d08cfeca6d5c14ebd) C:\WINDOWS\system32\PCANDIS5.SYS
10:14:58.0140 1392 PCANDIS5 - ok
10:14:58.0203 1392 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:14:58.0203 1392 PCI - ok
10:14:58.0218 1392 PCIDump - ok
10:14:58.0281 1392 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:14:58.0296 1392 PCIIde - ok
10:14:58.0328 1392 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:14:58.0359 1392 Pcmcia - ok
10:14:58.0468 1392 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
10:14:58.0468 1392 pcouffin - ok
10:14:58.0546 1392 PDCOMP - ok
10:14:58.0562 1392 PDFRAME - ok
10:14:58.0578 1392 PDRELI - ok
10:14:58.0625 1392 PDRFRAME - ok
10:14:58.0656 1392 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
10:14:58.0656 1392 perc2 - ok
10:14:58.0687 1392 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:14:58.0687 1392 perc2hib - ok
10:14:59.0015 1392 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:14:59.0015 1392 PptpMiniport - ok
10:14:59.0078 1392 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:14:59.0109 1392 PSched - ok
10:14:59.0156 1392 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:14:59.0156 1392 Ptilink - ok
10:14:59.0312 1392 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:14:59.0312 1392 PxHelp20 - ok
10:14:59.0375 1392 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:14:59.0390 1392 ql1080 - ok
10:14:59.0437 1392 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:14:59.0453 1392 Ql10wnt - ok
10:14:59.0500 1392 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:14:59.0500 1392 ql12160 - ok
10:14:59.0546 1392 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:14:59.0546 1392 ql1240 - ok
10:14:59.0640 1392 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:14:59.0656 1392 ql1280 - ok
10:14:59.0734 1392 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:14:59.0734 1392 RasAcd - ok
10:14:59.0890 1392 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:14:59.0906 1392 Rasl2tp - ok
10:14:59.0953 1392 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:14:59.0953 1392 RasPppoe - ok
10:15:00.0000 1392 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:15:00.0000 1392 Raspti - ok
10:15:00.0187 1392 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:15:00.0203 1392 Rdbss - ok
10:15:00.0375 1392 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:15:00.0406 1392 RDPCDD - ok
10:15:00.0546 1392 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:15:00.0546 1392 rdpdr - ok
10:15:00.0609 1392 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
10:15:00.0625 1392 RDPWD - ok
10:15:00.0718 1392 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:15:00.0734 1392 redbook - ok
10:15:00.0984 1392 RT61 (ef64988c8e699e2481d1fd45bf472ef0) C:\WINDOWS\system32\DRIVERS\RT61.sys
10:15:00.0984 1392 RT61 - ok
10:15:01.0078 1392 SABKUTIL - ok
10:15:01.0281 1392 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:15:01.0296 1392 SASDIFSV - ok
10:15:01.0312 1392 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:15:01.0312 1392 SASKUTIL - ok
10:15:01.0546 1392 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:15:01.0546 1392 Secdrv - ok
10:15:01.0671 1392 SenFiltService (b6a6b409fda9d9ebd3aadb838d3d7173) C:\WINDOWS\system32\drivers\Senfilt.sys
10:15:01.0718 1392 SenFiltService - ok
10:15:01.0890 1392 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:15:01.0906 1392 serenum - ok
10:15:01.0937 1392 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:15:01.0953 1392 Serial - ok
10:15:02.0328 1392 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:15:02.0343 1392 Sfloppy - ok
10:15:02.0562 1392 Simbad - ok
10:15:02.0656 1392 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:15:02.0656 1392 sisagp - ok
10:15:02.0734 1392 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:15:02.0750 1392 SLIP - ok
10:15:02.0859 1392 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
10:15:02.0875 1392 sonypvs1 - ok
10:15:02.0921 1392 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:15:02.0937 1392 Sparrow - ok
10:15:03.0015 1392 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:15:03.0015 1392 splitter - ok
10:15:03.0171 1392 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:15:03.0171 1392 sr - ok
10:15:03.0390 1392 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:15:03.0406 1392 streamip - ok
10:15:03.0484 1392 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:15:03.0484 1392 swenum - ok
10:15:03.0640 1392 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:15:03.0640 1392 swmidi - ok
10:15:03.0781 1392 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
10:15:03.0796 1392 symc810 - ok
10:15:03.0859 1392 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:15:03.0859 1392 symc8xx - ok
10:15:04.0000 1392 SymIM - ok
10:15:04.0156 1392 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
10:15:04.0156 1392 symlcbrd - ok
10:15:04.0265 1392 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:15:04.0265 1392 sym_hi - ok
10:15:04.0312 1392 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:15:04.0312 1392 sym_u3 - ok
10:15:04.0390 1392 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:15:04.0390 1392 sysaudio - ok
10:15:04.0531 1392 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:15:04.0546 1392 Tcpip - ok
10:15:04.0656 1392 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:15:04.0671 1392 TDPIPE - ok
10:15:04.0765 1392 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:15:04.0765 1392 TDTCP - ok
10:15:04.0843 1392 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:15:04.0859 1392 TermDD - ok
10:15:05.0000 1392 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
10:15:05.0000 1392 TosIde - ok
10:15:05.0109 1392 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:15:05.0109 1392 Udfs - ok
10:15:05.0250 1392 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
10:15:05.0265 1392 ultra - ok
10:15:05.0406 1392 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:15:05.0421 1392 Update - ok
10:15:05.0640 1392 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
10:15:05.0656 1392 USBAAPL - ok
10:15:05.0750 1392 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
10:15:05.0765 1392 usbaudio - ok
10:15:05.0828 1392 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:15:05.0828 1392 usbccgp - ok
10:15:05.0906 1392 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:15:05.0906 1392 usbehci - ok
10:15:05.0953 1392 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:15:05.0968 1392 usbhub - ok
10:15:06.0093 1392 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:15:06.0093 1392 usbprint - ok
10:15:06.0203 1392 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:15:06.0250 1392 usbscan - ok
10:15:06.0343 1392 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:15:06.0343 1392 USBSTOR - ok
10:15:06.0406 1392 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:15:06.0406 1392 usbuhci - ok
10:15:06.0546 1392 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:15:06.0578 1392 VgaSave - ok
10:15:06.0687 1392 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:15:06.0718 1392 viaagp - ok
10:15:06.0812 1392 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
10:15:06.0812 1392 ViaIde - ok
10:15:06.0859 1392 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:15:06.0859 1392 VolSnap - ok
10:15:06.0953 1392 vtcgtrh - ok
10:15:07.0078 1392 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:15:07.0078 1392 Wanarp - ok
10:15:07.0187 1392 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
10:15:07.0312 1392 Wdf01000 - ok
10:15:07.0390 1392 WDICA - ok
10:15:07.0468 1392 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:15:07.0468 1392 wdmaud - ok
10:15:07.0546 1392 wg111nd5 (5dc04e2badf701d7a9d00365b623df2f) C:\WINDOWS\system32\DRIVERS\wg111nd5.sys
10:15:07.0562 1392 wg111nd5 - ok
10:15:08.0171 1392 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:15:08.0171 1392 WS2IFSL - ok
10:15:08.0265 1392 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:15:08.0265 1392 WSTCODEC - ok
10:15:08.0312 1392 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:15:08.0312 1392 WudfPf - ok
10:15:08.0328 1392 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:15:08.0328 1392 WudfRd - ok
10:15:08.0546 1392 xusb21 (09e5340bd9b2cb730bf4dc6be7721291) C:\WINDOWS\system32\DRIVERS\xusb21.sys
10:15:08.0546 1392 xusb21 - ok
10:15:08.0703 1392 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
10:15:09.0062 1392 \Device\Harddisk0\DR0 - ok
10:15:09.0078 1392 Boot (0x1200) (2f15d13e380a6f66e774428ea5c5b530) \Device\Harddisk0\DR0\Partition0
10:15:09.0078 1392 \Device\Harddisk0\DR0\Partition0 - ok
10:15:09.0078 1392 ============================================================
10:15:09.0078 1392 Scan finished
10:15:09.0078 1392 ============================================================
10:15:09.0328 1712 Detected object count: 0
10:15:09.0328 1712 Actual detected object count: 0

MBAM:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.23.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
The Kings :: KING [administrator]

1/23/2012 2:08:45 PM
mbam-log-2012-01-23 (14-08-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203486
Time elapsed: 4 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Thank you for your help!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:11 PM

Posted 23 January 2012 - 09:48 PM

You're welcome. Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.


>>>>>>>>>>>
Java and Adobe Reader are exploitable.

Remove these,see below.
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 6 Update 7 (Version: 1.6.0.70)

Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Reader 8.1.2 Security Update 1 (KB403742)



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u2-windows-i586.exe (or jre-7u2-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 gnikk

gnikk
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 24 January 2012 - 11:14 AM

I reset the HOSTS file, I removed the older versions of JAVA, and the ESET scan did not find any threats and did not produce a log. I was unable to remove the older version of Adobe reader, when I tried to remove it, I received this message:
Error 1402.Could not open key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CuurentVersion\Run\OptionalComponents\MSFS.
Verify that you have sufficient access to that key, or contact your support personnel.

I am still having the issue with the high CPU usage and not being able to open IE if the Plug and Play service is enabled.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:11 PM

Posted 24 January 2012 - 09:23 PM

We cannot see the malware here and need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users