Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove a BOT


  • Please log in to reply
14 replies to this topic

#1 Steve_Ski

Steve_Ski

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 23 January 2012 - 11:15 PM

Hello to all in the Forum. I was informed by Comcast Internet Security that according to their analysis of the internet traffic from my IP address that I might have a BOT infection.

I have AVG and Malware Anti Malware software. The only indication I have that I might possibly have an infection is that Malware indicates that it has blocked a possible malicious outgoing IP Address.

I also find that I am not able to access some websites such as my community college unless I use a proxy server.

My Laptop is a Dell Inspiron 1501 running XP Profesional Version 5.1.2600
Processor AMD Turion™ 64 Mobile Technology MK-36
Processor Speed 1.95 GHz
Memory (RAM) 1024 MB
Operating System Microsoft Windows XP Professional
Operating System Version 5.1.2600

AVG and Malware Antimalware bytes do not detect any abnormal issues when I run them.

How can I detect this bot and then how to remove it?

Thanks

Steve

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:33 AM

Posted 23 January 2012 - 11:41 PM

Hello and welcome.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log

    have a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension

(i.e. 123abc.com). If you do not see the file extension, please refer to these[/color]

instructions
. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the compute




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include

    the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.





Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 24 January 2012 - 09:33 PM

19:22:45.0656 5872 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
19:22:46.0141 5872 ============================================================
19:22:46.0141 5872 Current date / time: 2012/01/24 19:22:46.0141
19:22:46.0141 5872 SystemInfo:
19:22:46.0141 5872
19:22:46.0141 5872 OS Version: 5.1.2600 ServicePack: 3.0
19:22:46.0141 5872 Product type: Workstation
19:22:46.0141 5872 ComputerName: AT-A80B5E6228C6
19:22:46.0141 5872 UserName: Stephan W Shemenski
19:22:46.0141 5872 Windows directory: C:\WINDOWS
19:22:46.0141 5872 System windows directory: C:\WINDOWS
19:22:46.0141 5872 Processor architecture: Intel x86
19:22:46.0141 5872 Number of processors: 1
19:22:46.0141 5872 Page size: 0x1000
19:22:46.0141 5872 Boot type: Normal boot
19:22:46.0141 5872 ============================================================
19:22:49.0204 5872 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:22:49.0267 5872 Initialize success
19:22:52.0830 0328 ============================================================
19:22:52.0830 0328 Scan started
19:22:52.0830 0328 Mode: Manual;
19:22:52.0830 0328 ============================================================
19:22:54.0815 0328 Abiosdsk - ok
19:22:56.0253 0328 abp480n5 - ok
19:22:57.0691 0328 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:22:57.0691 0328 ACPI - ok
19:23:00.0348 0328 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:23:00.0348 0328 ACPIEC - ok
19:23:01.0755 0328 adpu160m - ok
19:23:03.0193 0328 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:23:03.0193 0328 aec - ok
19:23:05.0444 0328 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:23:05.0444 0328 AFD - ok
19:23:06.0835 0328 Aha154x - ok
19:23:08.0210 0328 aic78u2 - ok
19:23:09.0648 0328 aic78xx - ok
19:23:11.0070 0328 AliIde - ok
19:23:12.0462 0328 amsint - ok
19:23:14.0181 0328 asc - ok
19:23:15.0572 0328 asc3350p - ok
19:23:16.0963 0328 asc3550 - ok
19:23:18.0401 0328 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:23:18.0401 0328 AsyncMac - ok
19:23:19.0808 0328 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:23:19.0808 0328 atapi - ok
19:23:21.0183 0328 Atdisk - ok
19:23:22.0840 0328 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:23:23.0215 0328 ati2mtag - ok
19:23:25.0825 0328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:23:25.0825 0328 Atmarpc - ok
19:23:27.0341 0328 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:23:27.0341 0328 audstub - ok
19:23:28.0810 0328 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
19:23:28.0810 0328 AVGIDSDriver - ok
19:23:30.0248 0328 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
19:23:30.0248 0328 AVGIDSEH - ok
19:23:31.0639 0328 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
19:23:31.0639 0328 AVGIDSFilter - ok
19:23:33.0093 0328 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
19:23:33.0093 0328 AVGIDSShim - ok
19:23:34.0515 0328 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
19:23:34.0515 0328 Avgldx86 - ok
19:23:36.0313 0328 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
19:23:36.0313 0328 Avgmfx86 - ok
19:23:37.0751 0328 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
19:23:37.0751 0328 Avgrkx86 - ok
19:23:39.0189 0328 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
19:23:39.0204 0328 Avgtdix - ok
19:23:40.0642 0328 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:23:40.0642 0328 BCM43XX - ok
19:23:42.0065 0328 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
19:23:42.0065 0328 bcm4sbxp - ok
19:23:43.0503 0328 BCMH43XX (b770039886598aab7cf5eaeec2409e31) C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
19:23:43.0643 0328 BCMH43XX - ok
19:23:45.0128 0328 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:23:45.0128 0328 Beep - ok
19:23:46.0550 0328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:23:46.0550 0328 cbidf2k - ok
19:23:47.0988 0328 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:23:47.0988 0328 CCDECODE - ok
19:23:49.0379 0328 cd20xrnt - ok
19:23:50.0786 0328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:23:50.0786 0328 Cdaudio - ok
19:23:52.0224 0328 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:23:52.0224 0328 Cdfs - ok
19:23:53.0724 0328 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:23:53.0724 0328 Cdrom - ok
19:23:55.0413 0328 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
19:23:55.0428 0328 cercsr6 - ok
19:23:58.0585 0328 Changer - ok
19:24:00.0242 0328 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:24:00.0242 0328 CmBatt - ok
19:24:01.0633 0328 CmdIde - ok
19:24:03.0071 0328 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:24:03.0071 0328 Compbatt - ok
19:24:04.0493 0328 Cpqarray - ok
19:24:05.0900 0328 dac2w2k - ok
19:24:07.0307 0328 dac960nt - ok
19:24:08.0745 0328 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:24:08.0745 0328 Disk - ok
19:24:10.0167 0328 DLPortIO (1d95d36db805787d54eb50e45ed4af40) C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS
19:24:10.0230 0328 DLPortIO - ok
19:24:11.0730 0328 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:24:11.0746 0328 dmboot - ok
19:24:13.0184 0328 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:24:13.0184 0328 dmio - ok
19:24:14.0653 0328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:24:14.0653 0328 dmload - ok
19:24:16.0185 0328 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:24:16.0185 0328 DMusic - ok
19:24:17.0669 0328 dpti2o - ok
19:24:19.0279 0328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:24:19.0279 0328 drmkaud - ok
19:24:20.0749 0328 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:24:20.0749 0328 Fastfat - ok
19:24:22.0187 0328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:24:22.0187 0328 Fdc - ok
19:24:23.0703 0328 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:24:23.0703 0328 Fips - ok
19:24:25.0109 0328 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:24:25.0109 0328 Flpydisk - ok
19:24:26.0610 0328 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:24:26.0610 0328 FltMgr - ok
19:24:28.0032 0328 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
19:24:28.0048 0328 fssfltr - ok
19:24:29.0470 0328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:24:29.0470 0328 Fs_Rec - ok
19:24:30.0892 0328 FTDIBUS (8142d5d886829b9876cb93af59475c09) C:\WINDOWS\system32\drivers\ftdibus.sys
19:24:30.0892 0328 FTDIBUS - ok
19:24:34.0472 0328 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:24:34.0472 0328 Ftdisk - ok
19:24:36.0504 0328 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\WINDOWS\system32\drivers\ftser2k.sys
19:24:36.0504 0328 FTSER2K - ok
19:24:37.0926 0328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:24:37.0926 0328 Gpc - ok
19:24:39.0426 0328 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:24:39.0426 0328 HDAudBus - ok
19:24:40.0864 0328 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:24:40.0864 0328 hidusb - ok
19:24:42.0271 0328 hpn - ok
19:24:43.0678 0328 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:24:43.0693 0328 HPZid412 - ok
19:24:45.0116 0328 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:24:45.0131 0328 HPZipr12 - ok
19:24:46.0554 0328 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:24:46.0569 0328 HPZius12 - ok
19:24:48.0054 0328 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
19:24:48.0070 0328 HSF_DPV - ok
19:24:49.0508 0328 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
19:24:49.0508 0328 HSXHWAZL - ok
19:24:50.0992 0328 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:24:50.0992 0328 HTTP - ok
19:24:52.0384 0328 i2omgmt - ok
19:24:53.0806 0328 i2omp - ok
19:24:55.0213 0328 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:24:55.0213 0328 i8042prt - ok
19:24:56.0713 0328 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:24:56.0713 0328 Imapi - ok
19:24:58.0135 0328 ini910u - ok
19:24:59.0511 0328 IntelIde - ok
19:25:00.0933 0328 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:25:00.0933 0328 Ip6Fw - ok
19:25:02.0449 0328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:25:02.0449 0328 IpFilterDriver - ok
19:25:04.0278 0328 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:25:04.0278 0328 IpInIp - ok
19:25:05.0763 0328 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:25:05.0763 0328 IpNat - ok
19:25:09.0186 0328 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:25:09.0186 0328 IPSec - ok
19:25:10.0592 0328 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:25:10.0592 0328 IRENUM - ok
19:25:12.0030 0328 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:25:12.0030 0328 isapnp - ok
19:25:13.0468 0328 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:25:13.0468 0328 Kbdclass - ok
19:25:14.0891 0328 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:25:14.0906 0328 kbdhid - ok
19:25:16.0375 0328 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:25:16.0375 0328 kmixer - ok
19:25:17.0829 0328 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:25:17.0829 0328 KSecDD - ok
19:25:19.0236 0328 lbrtfdc - ok
19:25:20.0877 0328 LVcKap (2d0ab9d29e6b0c42cce955b5a8e0d62d) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
19:25:20.0908 0328 LVcKap - ok
19:25:22.0393 0328 LVMVDrv (a3963e3d997c3646e1d3338eb88a48e9) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
19:25:22.0440 0328 LVMVDrv - ok
19:25:24.0128 0328 LVPr2Mon (39c767bd6d99c23d28e71b6e0cba3129) C:\WINDOWS\system32\drivers\LVPr2Mon.sys
19:25:24.0143 0328 LVPr2Mon - ok
19:25:25.0550 0328 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
19:25:25.0550 0328 MBAMProtector - ok
19:25:27.0004 0328 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:25:27.0004 0328 mdmxsdk - ok
19:25:28.0426 0328 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:25:28.0426 0328 MHNDRV - ok
19:25:29.0848 0328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:25:29.0880 0328 mnmdd - ok
19:25:31.0318 0328 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:25:31.0318 0328 Modem - ok
19:25:32.0740 0328 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:25:32.0740 0328 Mouclass - ok
19:25:34.0147 0328 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:25:34.0147 0328 mouhid - ok
19:25:35.0663 0328 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:25:35.0663 0328 MountMgr - ok
19:25:37.0069 0328 mraid35x - ok
19:25:38.0539 0328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:25:38.0539 0328 MRxDAV - ok
19:25:41.0196 0328 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:25:41.0196 0328 MRxSmb - ok
19:25:43.0525 0328 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:25:43.0525 0328 Msfs - ok
19:25:44.0994 0328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:25:45.0009 0328 MSKSSRV - ok
19:25:46.0416 0328 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:25:46.0432 0328 MSPCLOCK - ok
19:25:47.0838 0328 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:25:47.0838 0328 MSPQM - ok
19:25:49.0261 0328 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:25:49.0261 0328 mssmbios - ok
19:25:50.0730 0328 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:25:50.0730 0328 MSTEE - ok
19:25:52.0137 0328 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:25:52.0137 0328 Mup - ok
19:25:53.0559 0328 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:25:53.0559 0328 NABTSFEC - ok
19:25:55.0059 0328 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:25:55.0059 0328 NDIS - ok
19:25:56.0513 0328 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:25:56.0513 0328 NdisIP - ok
19:25:57.0904 0328 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:25:57.0935 0328 NdisTapi - ok
19:25:59.0373 0328 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:25:59.0373 0328 Ndisuio - ok
19:26:00.0811 0328 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:26:00.0827 0328 NdisWan - ok
19:26:02.0187 0328 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:26:02.0187 0328 NDProxy - ok
19:26:03.0875 0328 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:26:03.0875 0328 NetBIOS - ok
19:26:05.0313 0328 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:26:05.0313 0328 NetBT - ok
19:26:06.0782 0328 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\DRIVERS\npf.sys
19:26:06.0782 0328 NPF - ok
19:26:08.0189 0328 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:26:08.0204 0328 Npfs - ok
19:26:09.0658 0328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:26:09.0658 0328 Ntfs - ok
19:26:11.0080 0328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:26:11.0080 0328 Null - ok
19:26:12.0487 0328 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:26:12.0487 0328 NwlnkFlt - ok
19:26:15.0425 0328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:26:15.0456 0328 NwlnkFwd - ok
19:26:17.0473 0328 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
19:26:17.0473 0328 Parport - ok
19:26:18.0911 0328 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:26:18.0911 0328 PartMgr - ok
19:26:20.0317 0328 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:26:20.0317 0328 ParVdm - ok
19:26:21.0708 0328 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:26:21.0708 0328 PCI - ok
19:26:23.0178 0328 PCIDump - ok
19:26:24.0600 0328 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:26:24.0600 0328 PCIIde - ok
19:26:26.0007 0328 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:26:26.0007 0328 Pcmcia - ok
19:26:27.0413 0328 PDCOMP - ok
19:26:28.0804 0328 PDFRAME - ok
19:26:30.0242 0328 PDRELI - ok
19:26:31.0633 0328 PDRFRAME - ok
19:26:33.0071 0328 perc2 - ok
19:26:34.0462 0328 perc2hib - ok
19:26:35.0994 0328 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
19:26:36.0119 0328 PID_PEPI - ok
19:26:37.0557 0328 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:26:37.0557 0328 PptpMiniport - ok
19:26:39.0386 0328 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:26:39.0386 0328 Processor - ok
19:26:40.0824 0328 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:26:40.0824 0328 PSched - ok
19:26:42.0309 0328 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:26:42.0324 0328 Ptilink - ok
19:26:43.0778 0328 PxHelp20 (617accada2e0a0f43ec6030bbac49513) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:26:43.0778 0328 PxHelp20 - ok
19:26:45.0153 0328 ql1080 - ok
19:26:46.0732 0328 Ql10wnt - ok
19:26:51.0374 0328 ql12160 - ok
19:26:52.0765 0328 ql1240 - ok
19:26:54.0250 0328 ql1280 - ok
19:26:55.0672 0328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:26:55.0672 0328 RasAcd - ok
19:26:57.0141 0328 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:26:57.0157 0328 Rasl2tp - ok
19:26:58.0579 0328 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:26:58.0579 0328 RasPppoe - ok
19:27:00.0017 0328 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:27:00.0017 0328 Raspti - ok
19:27:01.0408 0328 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:27:01.0424 0328 Rdbss - ok
19:27:02.0909 0328 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:27:02.0909 0328 RDPCDD - ok
19:27:04.0315 0328 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:27:04.0315 0328 rdpdr - ok
19:27:05.0800 0328 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:27:05.0800 0328 RDPWD - ok
19:27:07.0223 0328 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:27:07.0223 0328 redbook - ok
19:27:08.0676 0328 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
19:27:08.0676 0328 rimmptsk - ok
19:27:10.0130 0328 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:27:10.0130 0328 sdbus - ok
19:27:11.0552 0328 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:27:11.0568 0328 Secdrv - ok
19:27:13.0021 0328 Ser2pl (e42f03d1081c4f60d3db6c38235b1456) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
19:27:13.0240 0328 Ser2pl - ok
19:27:14.0756 0328 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:27:14.0756 0328 Serenum - ok
19:27:16.0163 0328 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
19:27:16.0163 0328 Serial - ok
19:27:17.0617 0328 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:27:17.0617 0328 Sfloppy - ok
19:27:19.0070 0328 Simbad - ok
19:27:20.0508 0328 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:27:20.0508 0328 SLIP - ok
19:27:21.0884 0328 Sparrow - ok
19:27:24.0462 0328 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:27:24.0478 0328 splitter - ok
19:27:26.0744 0328 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:27:26.0760 0328 sr - ok
19:27:28.0198 0328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:27:28.0214 0328 Srv - ok
19:27:29.0855 0328 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
19:27:29.0870 0328 STHDA - ok
19:27:31.0324 0328 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:27:31.0324 0328 streamip - ok
19:27:32.0715 0328 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:27:32.0731 0328 swenum - ok
19:27:34.0278 0328 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:27:34.0278 0328 swmidi - ok
19:27:35.0700 0328 symc810 - ok
19:27:37.0076 0328 symc8xx - ok
19:27:38.0498 0328 sym_hi - ok
19:27:39.0889 0328 sym_u3 - ok
19:27:41.0327 0328 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:27:41.0327 0328 sysaudio - ok
19:27:42.0796 0328 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:27:42.0796 0328 Tcpip - ok
19:27:44.0234 0328 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:27:44.0234 0328 TDPIPE - ok
19:27:45.0719 0328 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:27:45.0719 0328 TDTCP - ok
19:27:47.0157 0328 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:27:47.0157 0328 TermDD - ok
19:27:48.0611 0328 TosIde - ok
19:27:50.0064 0328 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:27:50.0064 0328 Udfs - ok
19:27:51.0518 0328 UIUSys - ok
19:27:52.0893 0328 ultra - ok
19:27:54.0362 0328 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:27:54.0362 0328 Update - ok
19:27:55.0800 0328 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:27:55.0816 0328 usbccgp - ok
19:27:57.0395 0328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:27:57.0395 0328 usbehci - ok
19:28:01.0021 0328 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:28:01.0021 0328 usbhub - ok
19:28:02.0459 0328 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:28:02.0506 0328 usbohci - ok
19:28:03.0928 0328 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:28:03.0928 0328 usbprint - ok
19:28:05.0366 0328 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:28:05.0366 0328 usbscan - ok
19:28:06.0773 0328 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:28:06.0773 0328 USBSTOR - ok
19:28:08.0179 0328 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:28:08.0179 0328 VgaSave - ok
19:28:09.0570 0328 ViaIde - ok
19:28:10.0993 0328 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:28:10.0993 0328 VolSnap - ok
19:28:12.0431 0328 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:28:12.0431 0328 Wanarp - ok
19:28:13.0837 0328 WDICA - ok
19:28:15.0291 0328 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:28:15.0291 0328 wdmaud - ok
19:28:16.0729 0328 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
19:28:16.0744 0328 winachsf - ok
19:28:18.0214 0328 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:28:18.0214 0328 WmiAcpi - ok
19:28:19.0636 0328 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:28:19.0636 0328 WSTCODEC - ok
19:28:19.0699 0328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:28:19.0995 0328 \Device\Harddisk0\DR0 - ok
19:28:19.0995 0328 Boot (0x1200) (7d39c7f076da00abefeeec6533c462ca) \Device\Harddisk0\DR0\Partition0
19:28:19.0995 0328 \Device\Harddisk0\DR0\Partition0 - ok
19:28:19.0995 0328 ============================================================
19:28:19.0995 0328 Scan finished
19:28:19.0995 0328 ============================================================
19:28:20.0011 3776 Detected object count: 0

MiniToolBox by Farbar Version: 18-01-2012
Ran by Stephan W Shemenski (administrator) on 24-01-2012 at 19:14:42
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Disconnected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : at-a80b5e6228c6

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Home



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : Home

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-15-C5-CA-9B-9B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 213.109.68.117

213.109.75.211

1.1.1.1

Lease Obtained. . . . . . . . . . : Tuesday, January 24, 2012 6:01:17 PM

Lease Expires . . . . . . . . . . : Wednesday, January 25, 2012 6:01:17 PM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.68.117

Name: google.com
Addresses: 74.125.113.105, 74.125.113.106, 74.125.113.147, 74.125.113.99
74.125.113.103, 74.125.113.104



Pinging google.com [74.125.113.103] with 32 bytes of data:



Reply from 74.125.113.103: bytes=32 time=97ms TTL=50

Reply from 74.125.113.103: bytes=32 time=105ms TTL=50



Ping statistics for 74.125.113.103:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 97ms, Maximum = 105ms, Average = 101ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.68.117

Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 98.139.180.149, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=53ms TTL=51

Reply from 209.191.122.70: bytes=32 time=52ms TTL=51



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 52ms, Maximum = 53ms, Average = 52ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.68.117

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 c5 ca 9b 9b ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/22/2012 01:46:51 PM) (Source: Application Hang) (User: )
Description: Fault bucket -1787626038.

Error: (01/22/2012 01:46:49 PM) (Source: Application Hang) (User: )
Description: Fault bucket -1787626038.

Error: (01/22/2012 01:46:49 PM) (Source: Application Hang) (User: )
Description: Fault bucket -1787626038.

Error: (01/22/2012 01:46:03 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2009, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2012 01:46:01 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2009, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2012 01:46:01 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2009, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2012 01:46:01 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2009, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/15/2012 08:07:32 AM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 7.0.0.4276, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/14/2012 07:23:17 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.0.0.2009, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/10/2012 11:28:25 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/24/2012 06:01:15 PM) (Source: Dhcp) (User: )
Description: The IP address lease 0.0.0.0 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/24/2012 06:01:10 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/23/2012 07:22:31 PM) (Source: Dhcp) (User: )
Description: The IP address lease 0.0.0.0 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/23/2012 07:22:28 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/23/2012 06:50:36 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/22/2012 09:41:24 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.100 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/22/2012 01:37:57 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/21/2012 10:19:08 PM) (Source: Dhcp) (User: )
Description: The IP address lease 0.0.0.0 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/21/2012 10:19:02 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.101 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/21/2012 01:56:01 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.100 for the Network Card with network address 0015C5CA9B9B has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================
Error: (01/22/2012 01:46:51 PM) (Source: Application Hang)(User: )
Description: -1787626038

Error: (01/22/2012 01:46:49 PM) (Source: Application Hang)(User: )
Description: -1787626038

Error: (01/22/2012 01:46:49 PM) (Source: Application Hang)(User: )
Description: -1787626038

Error: (01/22/2012 01:46:03 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2009hungapp0.0.0.000000000

Error: (01/22/2012 01:46:01 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2009hungapp0.0.0.000000000

Error: (01/22/2012 01:46:01 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2009hungapp0.0.0.000000000

Error: (01/22/2012 01:46:01 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2009hungapp0.0.0.000000000

Error: (01/15/2012 08:07:32 AM) (Source: Application Hang)(User: )
Description: firefox.exe7.0.0.4276hungapp0.0.0.000000000

Error: (01/14/2012 07:23:17 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.0.0.2009hungapp0.0.0.000000000

Error: (01/10/2012 11:28:25 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000


=========================== Installed Programs ============================

1400 (Version: 50.0.206.000)
1400_Help (Version: 50.0.206.000)
1400Trb (Version: 50.0.206.000)
4nec2 version 5.7.4
aaa
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 10 Plugin (Version: 10.2.152.26)
Adobe Reader 8.3.1 (Version: 8.3.1)
AiO_Scan (Version: 50.0.206.000)
AiOSoftware (Version: 50.0.206.000)
Amazon MP3 Downloader 1.0.12 (Version: 1.0.12)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
ATI - Software Uninstall Utility (Version: 6.14.10.1016)
ATI Catalyst Control Center (Version: 1.2.2475.36837)
ATI Display Driver (Version: 8.31-061011a-053721C-Dell)
AVG 2012 (Version: 12.0.1890)
AVG 2012 (Version: 12.0.2109)
AVG 2012 (Version: 2012.0.1890)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01)
BufferChm (Version: 53.0.13.000)
CA Pest Patrol Realtime Protection (Version: 001.001.0034)
Call Lookup Ver 1.0
Cartes du Ciel V3.2
Chinese Simplified Fonts Support For Adobe Reader 8 (Version: 8.0.0)
Command & Conquer The First Decade (Version: 1.00.0000)
Conexant HDA D110 MDC V.92 Modem
CP_Package_Variety1 (Version: 53.0.13.000)
CP_Package_Variety2 (Version: 53.0.13.000)
CP_Package_Variety3 (Version: 53.0.13.000)
Dell Wireless WLAN Card (Version: 4.100.15.8)
Destinations (Version: 53.0.13.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 5.2.0.0)
ESPNMotion (Version: 2.1.6.0011)
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 50.0.206.000)
GcmWin
GemMaster Mystic
Ham Radio Deluxe (Version: 1.4)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP Image Zone Express (Version: 1.5.1.29)
HP Imaging Device Functions 5.3 (Version: 5.3)
HP PSC & OfficeJet 5.3.B
HP Software Update (Version: 3.0.5.001)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HPProductAssistant (Version: 53.0.13.000)
ITS HF Propagation 2008.01.21 (Version: 2008.01.21)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 14.0.8117.416)
LogConv (Version: 2.0.2)
Logitech Audio Echo Cancellation Component (Version: 10.00.1439)
Logitech QuickCam (Version: 10.00.1439)
Logitech Video Enumerator (Version: 10.00.1439)
Logitech® Camera Driver
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MediaBar (Version: 2.5.0.100449)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 7.0 (x86 en-US) (Version: 7.0)
MSN
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
N1MM logger (Version: 10.0.0)
NETGEAR WNA3100 wireless USB 2.0 adapter (Version: 1.01.206)
NewCopy (Version: 50.0.206.000)
OpenOffice.org 3.2 (Version: 3.2.9502)
Otto
ProductContext (Version: 50.0.206.000)
QuickTime (Version: 7.70.80.34)
Readme (Version: 50.0.206.000)
RealFlight G3 R/C Simulator
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
Segoe UI (Version: 14.0.4327.805)
SigmaTel Audio (Version: 5.10.5210.0)
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.3 (Version: 5.3.111)
SolutionCenter (Version: 50.0.152.000)
Sonic Encoders (Version: 1.00)
Status (Version: 53.0.13.000)
TrayApp (Version: 53.0.13.000)
TrustedQSL 1.13
UMVPLStandalone (Version: 10.00.1439)
Unload (Version: 5.0.0)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (Version: 11/14/2006 6.00.01.04)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format Runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
XFINITY Toolbar (Version: 3.5.1.10)
Yahoo! BrowserPlus 2.9.8
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================

Name: ACPI Uniprocessor PC
Description: ACPI Uniprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: AMD Turion™ 64 Mobile Technology MK-36
Description: Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: (Standard processor types)
Service: Processor

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: ATI Radeon Xpress 1150
Description: ATI Radeon Xpress 1150
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc.
Service: ati2mtag

Name: Default Monitor
Description: Default Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Default Monitor
Description: Default Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Default Monitor
Description: Default Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Dell Wireless 1390 WLAN Mini-Card
Description: Dell Wireless 1390 WLAN Mini-Card
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Hitachi HTS541680J9SA00
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: ATI SMBus
Description: ATI SMBus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: ATI Technologies Inc
Service:

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: TSSTcorp DVD+-RW TS-L632D
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Conexant HDA D110 MDC V.92 Modem
Description: Conexant HDA D110 MDC V.92 Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Conexant
Service: Modem

Name: SigmaTel High Definition Audio CODEC
Description: SigmaTel High Definition Audio CODEC
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: SigmaTel
Service: STHDA

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC

Name: High precision event timer
Description: High precision event timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Broadcom 440x 10/100 Integrated Controller
Description: Broadcom 440x 10/100 Integrated Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: bcm4sbxp

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: Ricoh MMC Host Controller
Description: Ricoh MMC Host Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Ricoh Company
Service: rimmptsk

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: AVGIDSDriver
Description: AVGIDSDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSDriver

Name: AVGIDSEH
Description: AVGIDSEH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSEH

Name: AVGIDSFilter
Description: AVGIDSFilter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSFilter

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx86

Name: AVG TDI Driver
Description: AVG TDI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgtdix

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: DriverLINX Port I/O Driver
Description: DriverLINX Port I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DLPortIO

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: FssFltr
Description: FssFltr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fssfltr

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: Logitech LVPr2Mon Driver
Description: Logitech LVPr2Mon Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LVPr2Mon

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PartMgr

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Dell Wireless 1390 WLAN Mini-Card - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Wireless N-300 USB Adapter WNA3100 - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios


========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 893.98 MB
Available physical RAM: 536.59 MB
Total Pagefile: 2165.91 MB
Available Pagefile: 1530.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:69.82 GB) (Free:40.59 GB) NTFS
2 Drive d: (CNCTFD) (CDROM) (Total:7.7 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\AT-A80B5E6228C6

Administrator ASPNET Guest
HelpAssistant Stephan W Shemenski SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:33 AM

Posted 24 January 2012 - 09:48 PM

Did I miss the ESET log or was it clean?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,925 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:33 AM

Posted 24 January 2012 - 10:14 PM

Malware indicates that it has blocked a possible malicious outgoing IP Address.

Some legitimate programs on your computer have access to the Internet and that action can also trigger an IP alert. These events are stored in the "protection-log". Your firewall should be able to give you a list of such programs so you can confirm if they are legitimate. If you are using peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, Kontiki, BitTorrent, uTorrent, BitLord, BitLord, BearShare, Azureus/Vuze, etc) or an Instant messaging (IM) client, be aware they can trigger IP Protection alerts.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 24 January 2012 - 11:03 PM

ESET Scan Results


C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\12\4604e10c-1f4790f7 Java/TrojanDownloader.OpenStream.NBL trojan cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\16\5a187610-57700a56 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\18\520c5812-788b3e0f a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\25\3cb4aa99-5ec2041a multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\25\44fc5319-16cb0858 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\35\330d3ca3-2eb811c5 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\36\66f19264-35cbf108 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\38\36cabf66-4c1ebc88 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\39\18b35727-3b4269e7 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\44\30c80c6c-24cf6912 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\45\321ce2ad-68e98b4d Java/TrojanDownloader.OpenStream.NCA trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\9\17c51509-36c5218b Java/TrojanDownloader.OpenStream.NBL trojan cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\BandooV6.exe probably a variant of Win32/Adware.CNUKWUS application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache1862636111435446098.tmp probably a variant of Java/Exploit.CVE-2009-2843.B trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache1877120241344588126.tmp Java/Agent.BW trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache2778718057951798560.tmp probably a variant of Java/Exploit.CVE-2009-2843.B trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache3348893503874236529.tmp multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache5802241170963617730.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache839674357092583657.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\BandooFiles\Bin\InstallerHelper.dll probably a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\nsb84.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\nse4D.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temporary Internet Files\Content.IE5\35IFPEP0\BandooV6[1].exe probably a variant of Win32/Adware.CNUKWUS application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temporary Internet Files\Content.IE5\7EKHBKBC\04[1].htm JS/Kryptik.AP trojan cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temporary Internet Files\Content.IE5\PA34MGKN\SetupDataMngr_Searchqu[1].exe a variant of Win32/Toolbar.SearchSuite application deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\My Documents\My Videos\Veoh\VeohWebPlayerSetup_upgrade_eng.exe multiple threats deleted - quarantined
C:\RECYCLER\S-1-5-21-1085031214-1935655697-725345543-1003\Dc18.exe Win32/OpenCandy application deleted - quarantined

ESET Results


C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\12\4604e10c-1f4790f7 Java/TrojanDownloader.OpenStream.NBL trojan cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\16\5a187610-57700a56 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\18\520c5812-788b3e0f a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\25\3cb4aa99-5ec2041a multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\25\44fc5319-16cb0858 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\35\330d3ca3-2eb811c5 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\36\66f19264-35cbf108 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\38\36cabf66-4c1ebc88 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\39\18b35727-3b4269e7 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\44\30c80c6c-24cf6912 multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\45\321ce2ad-68e98b4d Java/TrojanDownloader.OpenStream.NCA trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Application Data\Sun\Java\Deployment\cache\6.0\9\17c51509-36c5218b Java/TrojanDownloader.OpenStream.NBL trojan cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\BandooV6.exe probably a variant of Win32/Adware.CNUKWUS application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache1862636111435446098.tmp probably a variant of Java/Exploit.CVE-2009-2843.B trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache1877120241344588126.tmp Java/Agent.BW trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache2778718057951798560.tmp probably a variant of Java/Exploit.CVE-2009-2843.B trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache3348893503874236529.tmp multiple threats deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache5802241170963617730.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\jar_cache839674357092583657.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\BandooFiles\Bin\InstallerHelper.dll probably a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\nsb84.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temp\nse4D.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temporary Internet Files\Content.IE5\35IFPEP0\BandooV6[1].exe probably a variant of Win32/Adware.CNUKWUS application cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temporary Internet Files\Content.IE5\7EKHBKBC\04[1].htm JS/Kryptik.AP trojan cleaned by deleting - quarantined
C:\Documents and Settings\Stephan W Shemenski\Local Settings\Temporary Internet Files\Content.IE5\PA34MGKN\SetupDataMngr_Searchqu[1].exe a variant of Win32/Toolbar.SearchSuite application deleted - quarantined
C:\Documents and Settings\Stephan W Shemenski\My Documents\My Videos\Veoh\VeohWebPlayerSetup_upgrade_eng.exe multiple threats deleted - quarantined
C:\RECYCLER\S-1-5-21-1085031214-1935655697-725345543-1003\Dc18.exe Win32/OpenCandy application deleted - quarantined

#7 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 25 January 2012 - 12:38 AM

Should MBAM take over an hour to scan 45000 files out of 70000? The System Idle was using 97% of the resources when I looked at the task manager.

I am going to repeat some of the other scans and see if all the virus' were quarantined or if there are more to be found.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,925 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:33 AM

Posted 25 January 2012 - 11:14 AM

The speed and ability to complete an anti-virus or anti-malware scan depends on a variety of factors.
  • The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning or a combination of both.
  • Options to scan for spyware, adware, riskware and potentially unwanted programs (PUPS).
  • Options to scan memory, boot sectors, registry and alternate data streams (ADS).
  • Type of scan performed: Deep, Quick or Custom scanning.
  • What action has to be performed when malware is detected.
  • A computer's hard drive size.
  • Disk size and used capacity (number of files that have to be scanned).
  • Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned.
  • Whether external drives are included in the scan.
  • Competition for and utilization of system resources by the scanner.
  • Other running processes and programs in the background.
  • Whether it stalls, hangs or freezes.
  • Interference from malware.
  • Interference from the user (whether or not you use the computer during the scan).
-- Using two security scanning engines at the same time can cause each to interfere with the other, cause systems hangs, false detections, unreliable results and other unpredictable behavior.

-- If the screensaver, hibernation or Sleep Mode are not turned off before scanning, those features can sometimes have odd effects when attempting to resume normal mode.


To resolve scanning issues, uninstall unnecessary programs, clean out temporary files, temporarily disable any other real-time protection tools, close all open programs, only perform a Quick Scan and do not use the computer during the scan.

Malwarebytes Anti-Malware is designed to remove malware as effectively with a Quick Scan as it will with a Full Scan which takes much longer to complete. Both scans use heuristics that bypasses polymorphic blackhat packers & encryption, MD5 Hash, check memory (loaded .exes and .dlls), unique strings, autostart load points and hotspots (everywhere current malware is known to load from) and multiple other malware checks which are not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes. The Quick Scan looks at the most prevalent places for active malware so scanning every single file on the drive isn't always necessary. The Full Scan only has the ability to catch more traces in rare circumstances.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 26 January 2012 - 08:13 AM

Here are the results from MBAM, took over 7 hours for a quick scan.

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.25.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Stephan W Shemenski :: AT-A80B5E6228C6 [administrator]

Protection: Enabled

1/25/2012 6:12:01 PM
mbam-log-2012-01-25 (18-12-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 186297
Time elapsed: 7 hour(s), 3 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,925 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:33 AM

Posted 26 January 2012 - 11:21 AM

Let boopme know how your computer is running now.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 26 January 2012 - 08:51 PM

I just got this from ComCast a moment ago:

Alureon Malware Detected - Immediate Action is Required!

I suspect that they are pushing their version of a virus detection and elimination program.


What would I need to detect the Alureon MalWare? What I have been using here to fix these issues?

Got to go to Astronomy Lab. Will be back later on.


Steve

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:33 AM

Posted 26 January 2012 - 09:08 PM

The TDSS tool we ran earlier should remove a Aleuron infection.

Run it once more .

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 27 January 2012 - 12:01 AM

I ran TDSSKiller as you recommended and the results were negative. However, I ran it again looking for digital certificates and the other box below that and it found 5 threats. I tried to copy the report to here but was not able. I'll run it again and try once more to post the results.

Thanks

Steve

#14 Steve_Ski

Steve_Ski
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 27 January 2012 - 12:27 AM

Here are the results from the last TDSSKiller scan.

I had the software scan for digital certificates and another item. The software found more objects, I believe 5 in total which all are now removed.



22:01:14.0905 3356 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
22:01:15.0937 3356 ============================================================
22:01:15.0937 3356 Current date / time: 2012/01/26 22:01:15.0937
22:01:15.0937 3356 SystemInfo:
22:01:15.0937 3356
22:01:15.0937 3356 OS Version: 5.1.2600 ServicePack: 3.0
22:01:15.0937 3356 Product type: Workstation
22:01:15.0937 3356 ComputerName: AT-A80B5E6228C6
22:01:15.0937 3356 UserName: Stephan W Shemenski
22:01:15.0937 3356 Windows directory: C:\WINDOWS
22:01:15.0937 3356 System windows directory: C:\WINDOWS
22:01:15.0937 3356 Processor architecture: Intel x86
22:01:15.0937 3356 Number of processors: 1
22:01:15.0937 3356 Page size: 0x1000
22:01:15.0937 3356 Boot type: Normal boot
22:01:15.0937 3356 ============================================================
22:01:17.0312 3356 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:01:17.0327 3356 Initialize success
22:01:38.0265 4032 ============================================================
22:01:38.0265 4032 Scan started
22:01:38.0265 4032 Mode: Manual; SigCheck; TDLFS;
22:01:38.0265 4032 ============================================================
22:01:39.0749 4032 Abiosdsk - ok
22:01:41.0140 4032 abp480n5 - ok
22:01:42.0562 4032 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:01:42.0905 4032 ACPI - ok
22:01:44.0327 4032 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:01:44.0484 4032 ACPIEC - ok
22:01:45.0874 4032 adpu160m - ok
22:01:47.0296 4032 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:01:47.0421 4032 aec - ok
22:01:48.0921 4032 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:01:48.0952 4032 AFD - ok
22:01:50.0359 4032 Aha154x - ok
22:01:51.0749 4032 aic78u2 - ok
22:01:53.0140 4032 aic78xx - ok
22:01:54.0546 4032 AliIde - ok
22:01:55.0937 4032 amsint - ok
22:01:57.0343 4032 asc - ok
22:01:58.0734 4032 asc3350p - ok
22:02:00.0124 4032 asc3550 - ok
22:02:01.0562 4032 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:02:01.0687 4032 AsyncMac - ok
22:02:03.0124 4032 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:02:03.0265 4032 atapi - ok
22:02:04.0671 4032 Atdisk - ok
22:02:06.0202 4032 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:02:06.0249 4032 ati2mtag - ok
22:02:07.0702 4032 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:02:07.0827 4032 Atmarpc - ok
22:02:09.0265 4032 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:02:09.0405 4032 audstub - ok
22:02:10.0874 4032 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
22:02:10.0937 4032 BCM43XX - ok
22:02:12.0359 4032 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:02:12.0405 4032 bcm4sbxp - ok
22:02:13.0859 4032 BCMH43XX (b770039886598aab7cf5eaeec2409e31) C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
22:02:13.0921 4032 BCMH43XX - ok
22:02:15.0327 4032 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:02:15.0515 4032 Beep - ok
22:02:16.0968 4032 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:02:17.0124 4032 cbidf2k - ok
22:02:18.0530 4032 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:02:18.0655 4032 CCDECODE - ok
22:02:20.0046 4032 cd20xrnt - ok
22:02:21.0437 4032 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:02:21.0593 4032 Cdaudio - ok
22:02:23.0062 4032 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:02:23.0202 4032 Cdfs - ok
22:02:24.0640 4032 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:02:24.0765 4032 Cdrom - ok
22:02:26.0187 4032 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
22:02:26.0218 4032 cercsr6 ( UnsignedFile.Multi.Generic ) - warning
22:02:26.0218 4032 cercsr6 - detected UnsignedFile.Multi.Generic (1)
22:02:27.0609 4032 Changer - ok
22:02:29.0030 4032 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:02:29.0171 4032 CmBatt - ok
22:02:30.0562 4032 CmdIde - ok
22:02:31.0968 4032 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:02:32.0093 4032 Compbatt - ok
22:02:33.0484 4032 Cpqarray - ok
22:02:34.0859 4032 dac2w2k - ok
22:02:36.0249 4032 dac960nt - ok
22:02:37.0671 4032 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:02:37.0812 4032 Disk - ok
22:02:39.0202 4032 DLPortIO (1d95d36db805787d54eb50e45ed4af40) C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS
22:02:39.0218 4032 DLPortIO ( UnsignedFile.Multi.Generic ) - warning
22:02:39.0218 4032 DLPortIO - detected UnsignedFile.Multi.Generic (1)
22:02:40.0671 4032 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:02:40.0812 4032 dmboot - ok
22:02:42.0249 4032 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:02:42.0405 4032 dmio - ok
22:02:43.0812 4032 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:02:43.0968 4032 dmload - ok
22:02:45.0374 4032 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:02:45.0499 4032 DMusic - ok
22:02:46.0874 4032 dpti2o - ok
22:02:48.0296 4032 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:02:48.0421 4032 drmkaud - ok
22:02:49.0905 4032 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:02:50.0046 4032 Fastfat - ok
22:02:51.0484 4032 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:02:51.0609 4032 Fdc - ok
22:02:53.0046 4032 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:02:53.0187 4032 Fips - ok
22:02:54.0609 4032 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:02:54.0734 4032 Flpydisk - ok
22:02:56.0140 4032 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:02:56.0265 4032 FltMgr - ok
22:02:57.0671 4032 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
22:02:57.0687 4032 fssfltr - ok
22:02:59.0093 4032 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:02:59.0249 4032 Fs_Rec - ok
22:03:00.0655 4032 FTDIBUS (8142d5d886829b9876cb93af59475c09) C:\WINDOWS\system32\drivers\ftdibus.sys
22:03:00.0655 4032 FTDIBUS - ok
22:03:02.0077 4032 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:03:02.0249 4032 Ftdisk - ok
22:03:03.0671 4032 FTSER2K (63d72a4cf9f163b59db0ceed940a7d76) C:\WINDOWS\system32\drivers\ftser2k.sys
22:03:03.0671 4032 FTSER2K - ok
22:03:05.0093 4032 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:03:05.0218 4032 Gpc - ok
22:03:06.0624 4032 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:03:06.0749 4032 HDAudBus - ok
22:03:08.0155 4032 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:03:08.0296 4032 hidusb - ok
22:03:09.0749 4032 hpn - ok
22:03:11.0171 4032 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:03:11.0187 4032 HPZid412 - ok
22:03:12.0624 4032 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:03:12.0640 4032 HPZipr12 - ok
22:03:14.0062 4032 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:03:14.0093 4032 HPZius12 - ok
22:03:15.0546 4032 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
22:03:15.0593 4032 HSF_DPV - ok
22:03:17.0015 4032 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
22:03:17.0046 4032 HSXHWAZL - ok
22:03:18.0468 4032 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:03:18.0499 4032 HTTP - ok
22:03:19.0890 4032 i2omgmt - ok
22:03:21.0265 4032 i2omp - ok
22:03:22.0687 4032 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:03:22.0812 4032 i8042prt - ok
22:03:24.0218 4032 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:03:24.0343 4032 Imapi - ok
22:03:25.0749 4032 ini910u - ok
22:03:27.0124 4032 IntelIde - ok
22:03:28.0530 4032 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:03:28.0671 4032 Ip6Fw - ok
22:03:30.0077 4032 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:03:30.0234 4032 IpFilterDriver - ok
22:03:31.0640 4032 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:03:31.0765 4032 IpInIp - ok
22:03:33.0187 4032 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:03:33.0312 4032 IpNat - ok
22:03:34.0718 4032 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:03:34.0843 4032 IPSec - ok
22:03:36.0249 4032 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:03:36.0374 4032 IRENUM - ok
22:03:37.0796 4032 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:03:37.0921 4032 isapnp - ok
22:03:39.0327 4032 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:03:39.0452 4032 Kbdclass - ok
22:03:40.0859 4032 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:03:40.0968 4032 kbdhid - ok
22:03:42.0374 4032 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:03:42.0468 4032 kmixer - ok
22:03:43.0890 4032 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:03:43.0905 4032 KSecDD - ok
22:03:45.0327 4032 lbrtfdc - ok
22:03:46.0921 4032 LVcKap (2d0ab9d29e6b0c42cce955b5a8e0d62d) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
22:03:46.0968 4032 LVcKap - ok
22:03:48.0484 4032 LVMVDrv (a3963e3d997c3646e1d3338eb88a48e9) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
22:03:48.0609 4032 LVMVDrv - ok
22:03:50.0030 4032 LVPr2Mon (39c767bd6d99c23d28e71b6e0cba3129) C:\WINDOWS\system32\drivers\LVPr2Mon.sys
22:03:50.0046 4032 LVPr2Mon - ok
22:03:51.0468 4032 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
22:03:51.0499 4032 MBAMProtector - ok
22:03:52.0937 4032 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:03:52.0968 4032 mdmxsdk - ok
22:03:54.0390 4032 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
22:03:54.0405 4032 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
22:03:54.0405 4032 MHNDRV - detected UnsignedFile.Multi.Generic (1)
22:03:55.0796 4032 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:03:55.0968 4032 mnmdd - ok
22:03:57.0374 4032 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:03:57.0499 4032 Modem - ok
22:03:58.0905 4032 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:03:59.0030 4032 Mouclass - ok
22:04:00.0452 4032 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:04:00.0609 4032 mouhid - ok
22:04:02.0015 4032 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:04:02.0140 4032 MountMgr - ok
22:04:03.0562 4032 mraid35x - ok
22:04:04.0984 4032 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:04:05.0093 4032 MRxDAV - ok
22:04:06.0546 4032 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:04:06.0577 4032 MRxSmb - ok
22:04:08.0062 4032 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:04:08.0171 4032 Msfs - ok
22:04:09.0609 4032 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:04:09.0718 4032 MSKSSRV - ok
22:04:11.0140 4032 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:04:11.0249 4032 MSPCLOCK - ok
22:04:12.0671 4032 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:04:12.0796 4032 MSPQM - ok
22:04:14.0187 4032 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:04:14.0312 4032 mssmbios - ok
22:04:15.0734 4032 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:04:15.0859 4032 MSTEE - ok
22:04:17.0280 4032 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:04:17.0312 4032 Mup - ok
22:04:18.0718 4032 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:04:18.0827 4032 NABTSFEC - ok
22:04:20.0265 4032 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:04:20.0390 4032 NDIS - ok
22:04:21.0812 4032 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:04:21.0937 4032 NdisIP - ok
22:04:23.0327 4032 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:04:23.0359 4032 NdisTapi - ok
22:04:24.0765 4032 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:04:24.0890 4032 Ndisuio - ok
22:04:26.0312 4032 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:04:26.0437 4032 NdisWan - ok
22:04:27.0874 4032 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:04:27.0890 4032 NDProxy - ok
22:04:29.0296 4032 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:04:29.0405 4032 NetBIOS - ok
22:04:30.0843 4032 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:04:30.0968 4032 NetBT - ok
22:04:32.0405 4032 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\DRIVERS\npf.sys
22:04:32.0405 4032 NPF - ok
22:04:33.0812 4032 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:04:33.0937 4032 Npfs - ok
22:04:35.0359 4032 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:04:35.0499 4032 Ntfs - ok
22:04:36.0921 4032 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:04:37.0077 4032 Null - ok
22:04:38.0484 4032 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:04:38.0640 4032 NwlnkFlt - ok
22:04:40.0030 4032 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:04:40.0171 4032 NwlnkFwd - ok
22:04:41.0577 4032 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
22:04:41.0702 4032 Parport - ok
22:04:43.0109 4032 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:04:43.0234 4032 PartMgr - ok
22:04:44.0655 4032 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:04:44.0812 4032 ParVdm - ok
22:04:46.0265 4032 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:04:46.0374 4032 PCI - ok
22:04:47.0765 4032 PCIDump - ok
22:04:49.0171 4032 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:04:49.0312 4032 PCIIde - ok
22:04:50.0734 4032 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:04:50.0859 4032 Pcmcia - ok
22:04:52.0249 4032 PDCOMP - ok
22:04:53.0640 4032 PDFRAME - ok
22:04:55.0015 4032 PDRELI - ok
22:04:56.0405 4032 PDRFRAME - ok
22:04:57.0780 4032 perc2 - ok
22:04:59.0155 4032 perc2hib - ok
22:05:00.0687 4032 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
22:05:00.0968 4032 PID_PEPI - ok
22:05:02.0421 4032 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:05:02.0546 4032 PptpMiniport - ok
22:05:03.0968 4032 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
22:05:04.0093 4032 Processor - ok
22:05:05.0515 4032 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:05:05.0624 4032 PSched - ok
22:05:06.0999 4032 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:05:07.0171 4032 Ptilink - ok
22:05:08.0593 4032 PxHelp20 (617accada2e0a0f43ec6030bbac49513) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:05:08.0624 4032 PxHelp20 - ok
22:05:10.0015 4032 ql1080 - ok
22:05:11.0390 4032 Ql10wnt - ok
22:05:12.0765 4032 ql12160 - ok
22:05:14.0140 4032 ql1240 - ok
22:05:15.0530 4032 ql1280 - ok
22:05:16.0937 4032 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:05:17.0093 4032 RasAcd - ok
22:05:18.0499 4032 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:05:18.0609 4032 Rasl2tp - ok
22:05:20.0015 4032 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:05:20.0124 4032 RasPppoe - ok
22:05:21.0530 4032 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:05:21.0671 4032 Raspti - ok
22:05:23.0062 4032 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:05:23.0171 4032 Rdbss - ok
22:05:24.0593 4032 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:05:24.0734 4032 RDPCDD - ok
22:05:26.0155 4032 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:05:26.0265 4032 rdpdr - ok
22:05:27.0718 4032 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:05:27.0734 4032 RDPWD - ok
22:05:29.0155 4032 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:05:29.0280 4032 redbook - ok
22:05:30.0702 4032 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:05:30.0734 4032 rimmptsk - ok
22:05:32.0187 4032 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:05:32.0296 4032 sdbus - ok
22:05:33.0734 4032 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:05:33.0859 4032 Secdrv - ok
22:05:35.0280 4032 Ser2pl (e42f03d1081c4f60d3db6c38235b1456) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
22:05:35.0296 4032 Ser2pl ( UnsignedFile.Multi.Generic ) - warning
22:05:35.0296 4032 Ser2pl - detected UnsignedFile.Multi.Generic (1)
22:05:36.0702 4032 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:05:36.0812 4032 Serenum - ok
22:05:38.0249 4032 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
22:05:38.0374 4032 Serial - ok
22:05:39.0827 4032 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:05:39.0937 4032 Sfloppy - ok
22:05:41.0327 4032 Simbad - ok
22:05:42.0749 4032 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:05:42.0874 4032 SLIP - ok
22:05:44.0265 4032 Sparrow - ok
22:05:45.0671 4032 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:05:45.0780 4032 splitter - ok
22:05:47.0202 4032 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:05:47.0327 4032 sr - ok
22:05:48.0749 4032 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:05:48.0796 4032 Srv - ok
22:05:50.0296 4032 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
22:05:50.0359 4032 STHDA - ok
22:05:51.0812 4032 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:05:51.0921 4032 streamip - ok
22:05:53.0374 4032 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:05:53.0499 4032 swenum - ok
22:05:54.0905 4032 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:05:55.0030 4032 swmidi - ok
22:05:56.0421 4032 symc810 - ok
22:05:57.0812 4032 symc8xx - ok
22:05:59.0187 4032 sym_hi - ok
22:06:00.0577 4032 sym_u3 - ok
22:06:01.0984 4032 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:06:02.0093 4032 sysaudio - ok
22:06:03.0530 4032 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:06:03.0609 4032 Tcpip - ok
22:06:05.0046 4032 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:06:05.0155 4032 TDPIPE - ok
22:06:06.0577 4032 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:06:06.0702 4032 TDTCP - ok
22:06:08.0140 4032 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:06:08.0265 4032 TermDD - ok
22:06:09.0655 4032 TosIde - ok
22:06:11.0062 4032 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:06:11.0187 4032 Udfs - ok
22:06:12.0562 4032 UIUSys - ok
22:06:13.0952 4032 ultra - ok
22:06:15.0359 4032 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:06:15.0499 4032 Update - ok
22:06:16.0952 4032 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:06:17.0062 4032 usbccgp - ok
22:06:18.0468 4032 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:06:18.0593 4032 usbehci - ok
22:06:20.0015 4032 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:06:20.0124 4032 usbhub - ok
22:06:21.0546 4032 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:06:21.0655 4032 usbohci - ok
22:06:23.0077 4032 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:06:23.0187 4032 usbprint - ok
22:06:24.0593 4032 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:06:24.0718 4032 usbscan - ok
22:06:26.0124 4032 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:06:26.0234 4032 USBSTOR - ok
22:06:27.0671 4032 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:06:27.0780 4032 VgaSave - ok
22:06:29.0171 4032 ViaIde - ok
22:06:30.0577 4032 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:06:30.0687 4032 VolSnap - ok
22:06:32.0109 4032 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:06:32.0234 4032 Wanarp - ok
22:06:33.0609 4032 WDICA - ok
22:06:35.0030 4032 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:06:35.0140 4032 wdmaud - ok
22:06:36.0577 4032 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
22:06:36.0624 4032 winachsf - ok
22:06:38.0062 4032 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:06:38.0171 4032 WmiAcpi - ok
22:06:39.0593 4032 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:06:39.0718 4032 WSTCODEC - ok
22:06:39.0765 4032 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:06:39.0984 4032 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:06:39.0984 4032 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:06:39.0999 4032 Boot (0x1200) (7d39c7f076da00abefeeec6533c462ca) \Device\Harddisk0\DR0\Partition0
22:06:39.0999 4032 \Device\Harddisk0\DR0\Partition0 - ok
22:06:39.0999 4032 ============================================================
22:06:39.0999 4032 Scan finished
22:06:39.0999 4032 ============================================================
22:06:40.0109 1380 Detected object count: 5
22:06:40.0109 1380 Actual detected object count: 5
22:08:24.0984 1380 HKLM\SYSTEM\ControlSet001\services\cercsr6 - will be deleted on reboot
22:08:24.0984 1380 HKLM\SYSTEM\ControlSet003\services\cercsr6 - will be deleted on reboot
22:08:25.0390 1380 C:\WINDOWS\system32\drivers\cercsr6.sys - will be deleted on reboot
22:08:25.0390 1380 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:08:25.0390 1380 HKLM\SYSTEM\ControlSet001\services\DLPortIO - will be deleted on reboot
22:08:25.0390 1380 HKLM\SYSTEM\ControlSet003\services\DLPortIO - will be deleted on reboot
22:08:25.0390 1380 C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS - will be deleted on reboot
22:08:25.0390 1380 DLPortIO ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:08:25.0390 1380 HKLM\SYSTEM\ControlSet001\services\MHNDRV - will be deleted on reboot
22:08:25.0390 1380 HKLM\SYSTEM\ControlSet003\services\MHNDRV - will be deleted on reboot
22:08:25.0390 1380 C:\WINDOWS\system32\DRIVERS\mhndrv.sys - will be deleted on reboot
22:08:25.0390 1380 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:08:25.0405 1380 HKLM\SYSTEM\ControlSet001\services\Ser2pl - will be deleted on reboot
22:08:25.0405 1380 HKLM\SYSTEM\ControlSet003\services\Ser2pl - will be deleted on reboot
22:08:25.0405 1380 C:\WINDOWS\system32\DRIVERS\ser2pl.sys - will be deleted on reboot
22:08:25.0405 1380 Ser2pl ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:08:25.0405 1380 \Device\Harddisk0\DR0\TDLFS - deleted
22:08:25.0405 1380 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
22:12:56.0421 0824 Deinitialize success

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:33 AM

Posted 27 January 2012 - 02:08 PM

Looking good. Change the passwords that were stored on here. If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users