Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unsure if I am infected


  • Please log in to reply
7 replies to this topic

#1 Bookwyrm101

Bookwyrm101

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 13 September 2012 - 06:52 PM

A few days ago, I found out my hotmail account was used to send a spam link to just about everyone in my contacts list. I've notified every on that list, and changed my password.

I ran a scan with AVG free, and it came up clean. I also ran CCleaner. However, since I went to try and install (update) a new version of Java, based on a pop-up message that seemed legit, my AVG has been having trouble updating (requires restart every time). Also around then, something labeled FIU was VERY insistent on wanting access to my computer and the internet; I finally went into ZoneAlarm and blocked it completely. I want to have a more thorough check performed on my computer for viruses and stuff, but I'm not sure how to go about it.


My cd drive will also open spontaneously on occasion; this has been happening on rare occasions over the past few months, so I think it is unrelated. I mention it now because it just happened again.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 13 September 2012 - 07:34 PM

Hi, the CD drive may be a hardware forum question..

You will need to change your email password.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bookwyrm101

Bookwyrm101
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 15 September 2012 - 09:03 AM

Thanks for the really rapid response time, boopme. Also, thank you for helping me.

Here are the notes I made while running stuff:
-I'll copy/paste the logs in the same order that you posted them for running (MiniToolBox, TDSSKiller, SuperAntiSpyware).
-TDSSKiller did NOT need a reboot. SuperAntiSpyware DID reboot.
-I unchecked everything that was checked when I ran SuperAntiSpyware, except for the 3 items that you said to have checked.
-The SuperAntiSpyware interface has apparently been updated since you made your instruction list for it. I think I got everything that you wanted though (complete scan of C:\); let me know if you need something else.

==================================================
MiniToolBox by Farbar Version: 23-07-2012
Ran by Owner (administrator) on 14-09-2012 at 20:18:01
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : GameMaster

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : Belkin



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : Belkin

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-0B-DB-0E-76-58

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : Friday, September 14, 2012 7:26:38 PM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038 11:14:07 PM

Server: D7Q97MB1
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.137.101, 74.125.137.102, 74.125.137.113, 74.125.137.138
74.125.137.139, 74.125.137.100



Pinging google.com [74.125.134.102] with 32 bytes of data:



Reply from 74.125.134.102: bytes=32 time=24ms TTL=48

Reply from 74.125.134.102: bytes=32 time=24ms TTL=48



Ping statistics for 74.125.134.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 24ms, Average = 24ms

Server: D7Q97MB1
Address: 192.168.2.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=89ms TTL=50

Reply from 98.138.253.109: bytes=32 time=75ms TTL=51



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 75ms, Maximum = 89ms, Average = 82ms

Server: D7Q97MB1
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0b db 0e 76 58 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.3 192.168.2.3 20
192.168.2.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.2.255 255.255.255.255 192.168.2.3 192.168.2.3 20
224.0.0.0 240.0.0.0 192.168.2.3 192.168.2.3 20
255.255.255.255 255.255.255.255 192.168.2.3 192.168.2.3 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/24/2012 07:27:31 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/24/2012 07:27:31 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/15/2012 06:40:32 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:33 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:28 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:22 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:18 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:11 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (08/15/2012 06:39:00 PM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.


System errors:
=============
Error: (09/14/2012 07:28:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Beep

Error: (09/14/2012 07:26:55 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (09/13/2012 10:12:57 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:46 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:29 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:18 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:17 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:06 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:05 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).

Error: (09/13/2012 10:11:04 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service terminated with service-specific error 3758213657 (0xE001CA19).


Microsoft Office Sessions:
=========================
Error: (08/24/2012 07:27:31 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/24/2012 07:27:31 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/15/2012 06:40:32 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:33 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:28 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:22 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:18 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:11 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:04 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)

Error: (08/15/2012 06:39:00 PM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2011 -- SA_Error25101: StandardAction(0xC007620D): We have detected that ZoneAlarm is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

Adobe Download Manager (Version: 1.6.2.63)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Illustrator 10 (Version: 10)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe SVG Viewer 3.0 (Version: 3.0)
AGEIA PhysX v7.09.13 (Version: 7.09.13)
AOL Instant Messenger
AVG 2011 (Version: 10.0.1144)
AVG 2011 (Version: 10.0.1204)
AVG 2011 (Version: 10.0.1209)
AVG 2011 (Version: 10.0.1321)
AVG 2011 (Version: 10.0.1375)
AVG 2011 (Version: 10.0.1382)
AVG 2011 (Version: 10.0.1388)
AVG 2011 (Version: 10.0.1390)
AVG 2011 (Version: 10.0.1391)
AVG 2011 (Version: 10.0.1392)
AVG 2011 (Version: 10.0.1410)
AVG 2012 (Version: 12.0.1809)
AVG 2012 (Version: 12.0.1831)
AVG 2012 (Version: 12.0.1834)
AVG 2012 (Version: 12.0.1869)
AVG 2012 (Version: 12.0.1872)
AVG 2012 (Version: 12.0.1873)
AVG 2012 (Version: 12.0.1890)
AVG 2012 (Version: 12.0.1901)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
BioWare Premium Module: Neverwinter Nights™ Kingmaker
CCleaner (Version: 3.05)
Civilization III Complete Edition (Version: 1.00.0000)
Dell ResourceCD
Diablo
Diablo II
Impulse
Impulse (Version: 1.0)
Intel® Extreme Graphics Driver
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 24 (Version: 6.0.240)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE (Version: 2.0.687.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.687.0)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Visual Basic 6.0 Professional Edition
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSDN Library - Visual Studio 6.0a
MSVCRT (Version: 14.0.1468.721)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
MSXML4 Parser (Version: 1.0.0)
Segoe UI (Version: 14.0.4327.805)
Shockwave
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.3 (Version: 5.3.116)
SoundMAX
Starcraft
Steam (Version: 1.0.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
VC 9.0 Runtime (Version: 1.0.0)
Ventrilo Client (Version: 3.0.1)
Warcraft III: All Products
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format Runtime
Windows Media Player 10
Windows Messenger 5.0 (Version: 5.0.0381)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
ZoneAlarm Firewall (Version: 10.2.074.000)
ZoneAlarm Free Firewall (Version: 10.2.074.000)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 10.2.074.000)
ZoneAlarm Security Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 1022.48 MB
Available physical RAM: 643.24 MB
Total Pagefile: 2976.84 MB
Available Pagefile: 2521.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1966.65 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:55.89 GB) (Free:13.6 GB) NTFS
4 Drive e: (DISK1) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\GAMEMASTER

Administrator Guest HelpAssistant
Owner SUPPORT_388945a0


**** End of log ****
==================================================

==================================================
20:21:00.0640 1004 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:21:02.0640 1004 ============================================================
20:21:02.0640 1004 Current date / time: 2012/09/14 20:21:02.0640
20:21:02.0640 1004 SystemInfo:
20:21:02.0640 1004
20:21:02.0640 1004 OS Version: 5.1.2600 ServicePack: 3.0
20:21:02.0640 1004 Product type: Workstation
20:21:02.0640 1004 ComputerName: GAMEMASTER
20:21:02.0640 1004 UserName: Owner
20:21:02.0640 1004 Windows directory: C:\WINDOWS
20:21:02.0640 1004 System windows directory: C:\WINDOWS
20:21:02.0640 1004 Processor architecture: Intel x86
20:21:02.0640 1004 Number of processors: 1
20:21:02.0640 1004 Page size: 0x1000
20:21:02.0640 1004 Boot type: Normal boot
20:21:02.0640 1004 ============================================================
20:21:10.0078 1004 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:21:10.0078 1004 ============================================================
20:21:10.0078 1004 \Device\Harddisk0\DR0:
20:21:10.0078 1004 MBR partitions:
20:21:10.0078 1004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC7C41
20:21:10.0078 1004 ============================================================
20:21:10.0109 1004 C: <-> \Device\Harddisk0\DR0\Partition1
20:21:10.0109 1004 ============================================================
20:21:10.0109 1004 Initialize success
20:21:10.0109 1004 ============================================================
20:21:30.0453 2412 ============================================================
20:21:30.0453 2412 Scan started
20:21:30.0453 2412 Mode: Manual; TDLFS;
20:21:30.0453 2412 ============================================================
20:21:31.0390 2412 ================ Scan system memory ========================
20:21:31.0390 2412 System memory - ok
20:21:31.0390 2412 ================ Scan services =============================
20:21:31.0531 2412 Abiosdsk - ok
20:21:31.0546 2412 abp480n5 - ok
20:21:31.0609 2412 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:21:31.0609 2412 ACPI - ok
20:21:31.0656 2412 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:21:31.0656 2412 ACPIEC - ok
20:21:31.0671 2412 adpu160m - ok
20:21:31.0734 2412 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
20:21:31.0765 2412 aeaudio - ok
20:21:31.0812 2412 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:21:31.0812 2412 aec - ok
20:21:31.0859 2412 [ 355556D9E580915118CD7EF736653A89 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:21:31.0875 2412 AFD - ok
20:21:31.0890 2412 Aha154x - ok
20:21:31.0906 2412 aic78u2 - ok
20:21:31.0921 2412 aic78xx - ok
20:21:31.0984 2412 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:21:32.0000 2412 Alerter - ok
20:21:32.0031 2412 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:21:32.0031 2412 ALG - ok
20:21:32.0062 2412 AliIde - ok
20:21:32.0078 2412 amsint - ok
20:21:32.0093 2412 AppMgmt - ok
20:21:32.0109 2412 asc - ok
20:21:32.0125 2412 asc3350p - ok
20:21:32.0140 2412 asc3550 - ok
20:21:32.0296 2412 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:21:32.0343 2412 aspnet_state - ok
20:21:32.0390 2412 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:21:32.0406 2412 AsyncMac - ok
20:21:32.0453 2412 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:21:32.0515 2412 atapi - ok
20:21:32.0531 2412 Atdisk - ok
20:21:32.0562 2412 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:21:32.0562 2412 Atmarpc - ok
20:21:32.0609 2412 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:21:32.0609 2412 AudioSrv - ok
20:21:32.0671 2412 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:21:32.0671 2412 audstub - ok
20:21:32.0890 2412 [ 080D4FE1435401A370F122614EA514CD ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
20:21:33.0000 2412 AVG Security Toolbar Service - ok
20:21:33.0343 2412 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:21:33.0593 2412 AVGIDSAgent - ok
20:21:33.0625 2412 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
20:21:33.0625 2412 AVGIDSDriver - ok
20:21:33.0656 2412 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
20:21:33.0656 2412 AVGIDSFilter - ok
20:21:33.0671 2412 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
20:21:33.0671 2412 AVGIDSHX - ok
20:21:33.0703 2412 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
20:21:33.0703 2412 AVGIDSShim - ok
20:21:33.0750 2412 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:21:33.0828 2412 Avgldx86 - ok
20:21:33.0875 2412 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:21:33.0890 2412 Avgmfx86 - ok
20:21:33.0906 2412 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:21:33.0921 2412 Avgrkx86 - ok
20:21:33.0984 2412 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:21:34.0046 2412 Avgtdix - ok
20:21:34.0093 2412 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:21:34.0093 2412 avgwd - ok
20:21:34.0171 2412 [ 1B1CF5E962C15ABCA83D1EF2B3906E2F ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
20:21:34.0187 2412 BCM43XX - ok
20:21:34.0234 2412 [ F5C0D3C93235A455CDD13C954ADF1A80 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
20:21:34.0250 2412 bcm4sbxp - ok
20:21:34.0265 2412 Beep - ok
20:21:34.0328 2412 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:21:34.0343 2412 BITS - ok
20:21:34.0390 2412 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
20:21:34.0406 2412 Browser - ok
20:21:34.0406 2412 C-Dilla - ok
20:21:34.0453 2412 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:21:34.0453 2412 cbidf2k - ok
20:21:34.0515 2412 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:21:34.0515 2412 CCDECODE - ok
20:21:34.0531 2412 cd20xrnt - ok
20:21:34.0562 2412 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:21:34.0593 2412 Cdaudio - ok
20:21:34.0609 2412 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:21:34.0625 2412 Cdfs - ok
20:21:34.0656 2412 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:21:34.0671 2412 Cdrom - ok
20:21:34.0687 2412 Changer - ok
20:21:34.0734 2412 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:21:34.0734 2412 CiSvc - ok
20:21:34.0765 2412 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:21:34.0781 2412 ClipSrv - ok
20:21:34.0812 2412 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:21:34.0953 2412 clr_optimization_v2.0.50727_32 - ok
20:21:34.0953 2412 CmdIde - ok
20:21:34.0968 2412 COMSysApp - ok
20:21:34.0984 2412 Cpqarray - ok
20:21:35.0031 2412 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:21:35.0031 2412 CryptSvc - ok
20:21:35.0046 2412 dac2w2k - ok
20:21:35.0062 2412 dac960nt - ok
20:21:35.0125 2412 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:21:35.0156 2412 DcomLaunch - ok
20:21:35.0187 2412 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:21:35.0187 2412 Dhcp - ok
20:21:35.0218 2412 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:21:35.0234 2412 Disk - ok
20:21:35.0234 2412 dmadmin - ok
20:21:35.0296 2412 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:21:35.0328 2412 dmboot - ok
20:21:35.0359 2412 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:21:35.0375 2412 dmio - ok
20:21:35.0406 2412 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:21:35.0406 2412 dmload - ok
20:21:35.0453 2412 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:21:35.0453 2412 dmserver - ok
20:21:35.0484 2412 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:21:35.0500 2412 DMusic - ok
20:21:35.0531 2412 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:21:35.0531 2412 Dnscache - ok
20:21:35.0578 2412 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:21:35.0593 2412 Dot3svc - ok
20:21:35.0593 2412 dpti2o - ok
20:21:35.0640 2412 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:21:35.0640 2412 drmkaud - ok
20:21:35.0656 2412 dwshd - ok
20:21:35.0687 2412 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:21:35.0703 2412 EapHost - ok
20:21:35.0734 2412 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:21:35.0734 2412 ERSvc - ok
20:21:35.0781 2412 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:21:35.0781 2412 Eventlog - ok
20:21:35.0843 2412 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
20:21:35.0875 2412 EventSystem - ok
20:21:35.0921 2412 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:21:35.0921 2412 Fastfat - ok
20:21:36.0000 2412 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:21:36.0000 2412 FastUserSwitchingCompatibility - ok
20:21:36.0046 2412 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:21:36.0046 2412 Fdc - ok
20:21:36.0062 2412 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:21:36.0062 2412 Fips - ok
20:21:36.0078 2412 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:21:36.0093 2412 Flpydisk - ok
20:21:36.0140 2412 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:21:36.0140 2412 FltMgr - ok
20:21:36.0265 2412 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:21:36.0296 2412 FontCache3.0.0.0 - ok
20:21:36.0328 2412 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:21:36.0328 2412 Fs_Rec - ok
20:21:36.0343 2412 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:21:36.0359 2412 Ftdisk - ok
20:21:36.0406 2412 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
20:21:36.0437 2412 getPlusHelper - ok
20:21:36.0484 2412 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:21:36.0484 2412 Gpc - ok
20:21:36.0546 2412 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:21:36.0562 2412 helpsvc - ok
20:21:36.0593 2412 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:21:36.0593 2412 HidServ - ok
20:21:36.0640 2412 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:21:36.0640 2412 HidUsb - ok
20:21:36.0687 2412 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:21:36.0687 2412 hkmsvc - ok
20:21:36.0687 2412 hpn - ok
20:21:36.0750 2412 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:21:36.0765 2412 HTTP - ok
20:21:36.0828 2412 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:21:36.0828 2412 HTTPFilter - ok
20:21:36.0828 2412 i2omgmt - ok
20:21:36.0843 2412 i2omp - ok
20:21:36.0890 2412 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:21:36.0890 2412 i8042prt - ok
20:21:36.0968 2412 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:21:37.0046 2412 ialm - ok
20:21:37.0140 2412 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:21:37.0187 2412 IDriverT - ok
20:21:37.0296 2412 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:21:37.0343 2412 idsvc - ok
20:21:37.0390 2412 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:21:37.0390 2412 Imapi - ok
20:21:37.0437 2412 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:21:37.0453 2412 ImapiService - ok
20:21:37.0468 2412 ini910u - ok
20:21:37.0500 2412 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:21:37.0500 2412 IntelIde - ok
20:21:37.0531 2412 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:21:37.0531 2412 intelppm - ok
20:21:37.0562 2412 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:21:37.0562 2412 ip6fw - ok
20:21:37.0593 2412 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:21:37.0609 2412 IpFilterDriver - ok
20:21:37.0656 2412 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:21:37.0656 2412 IpInIp - ok
20:21:37.0703 2412 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:21:37.0703 2412 IpNat - ok
20:21:37.0718 2412 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:21:37.0734 2412 IPSec - ok
20:21:37.0750 2412 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:21:37.0765 2412 IRENUM - ok
20:21:37.0812 2412 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:21:37.0812 2412 isapnp - ok
20:21:37.0890 2412 [ A195C4FC49492928E8296B8C4AB00517 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
20:21:37.0890 2412 ISWKL - ok
20:21:37.0953 2412 [ E78EACA70B4E0C260E4B32972B7086AC ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
20:21:38.0000 2412 IswSvc - ok
20:21:38.0078 2412 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:21:38.0078 2412 JavaQuickStarterService - ok
20:21:38.0125 2412 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:21:38.0125 2412 Kbdclass - ok
20:21:38.0171 2412 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:21:38.0171 2412 kmixer - ok
20:21:38.0203 2412 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:21:38.0218 2412 KSecDD - ok
20:21:38.0265 2412 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:21:38.0281 2412 lanmanserver - ok
20:21:38.0328 2412 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:21:38.0328 2412 lanmanworkstation - ok
20:21:38.0343 2412 lbrtfdc - ok
20:21:38.0406 2412 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:21:38.0406 2412 LmHosts - ok
20:21:38.0421 2412 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:21:38.0421 2412 Messenger - ok
20:21:38.0468 2412 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:21:38.0468 2412 mnmdd - ok
20:21:38.0515 2412 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
20:21:38.0515 2412 mnmsrvc - ok
20:21:38.0562 2412 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:21:38.0562 2412 Modem - ok
20:21:38.0593 2412 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:21:38.0593 2412 Mouclass - ok
20:21:38.0640 2412 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:21:38.0640 2412 mouhid - ok
20:21:38.0671 2412 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:21:38.0687 2412 MountMgr - ok
20:21:38.0718 2412 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:21:38.0734 2412 MozillaMaintenance - ok
20:21:38.0750 2412 mraid35x - ok
20:21:38.0781 2412 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:21:38.0796 2412 MRxDAV - ok
20:21:38.0875 2412 [ 0DC719E9B15E902346E87E9DCD5751FA ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:21:38.0890 2412 MRxSmb - ok
20:21:38.0953 2412 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:21:38.0953 2412 MSDTC - ok
20:21:39.0000 2412 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:21:39.0015 2412 Msfs - ok
20:21:39.0015 2412 MSIServer - ok
20:21:39.0046 2412 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:21:39.0046 2412 MSKSSRV - ok
20:21:39.0078 2412 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:21:39.0093 2412 MSPCLOCK - ok
20:21:39.0156 2412 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:21:39.0156 2412 MSPQM - ok
20:21:39.0187 2412 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:21:39.0187 2412 mssmbios - ok
20:21:39.0234 2412 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:21:39.0234 2412 MSTEE - ok
20:21:39.0281 2412 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:21:39.0281 2412 Mup - ok
20:21:39.0328 2412 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:21:39.0328 2412 NABTSFEC - ok
20:21:39.0390 2412 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:21:39.0406 2412 napagent - ok
20:21:39.0453 2412 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:21:39.0468 2412 NDIS - ok
20:21:39.0484 2412 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:21:39.0500 2412 NdisIP - ok
20:21:39.0531 2412 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:21:39.0546 2412 NdisTapi - ok
20:21:39.0562 2412 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:21:39.0562 2412 Ndisuio - ok
20:21:39.0593 2412 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:21:39.0593 2412 NdisWan - ok
20:21:39.0609 2412 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:21:39.0625 2412 NDProxy - ok
20:21:39.0640 2412 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:21:39.0640 2412 NetBIOS - ok
20:21:39.0656 2412 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:21:39.0703 2412 NetBT - ok
20:21:39.0765 2412 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:21:39.0796 2412 NetDDE - ok
20:21:39.0812 2412 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:21:39.0812 2412 NetDDEdsdm - ok
20:21:39.0875 2412 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:21:39.0875 2412 Netlogon - ok
20:21:39.0937 2412 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:21:39.0937 2412 Netman - ok
20:21:40.0015 2412 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:21:40.0031 2412 NetTcpPortSharing - ok
20:21:40.0093 2412 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:21:40.0109 2412 Nla - ok
20:21:40.0156 2412 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:21:40.0156 2412 Npfs - ok
20:21:40.0203 2412 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:21:40.0234 2412 Ntfs - ok
20:21:40.0281 2412 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
20:21:40.0281 2412 NtLmSsp - ok
20:21:40.0343 2412 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:21:40.0375 2412 NtmsSvc - ok
20:21:40.0406 2412 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:21:40.0421 2412 Null - ok
20:21:40.0468 2412 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:21:40.0468 2412 NwlnkFlt - ok
20:21:40.0484 2412 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:21:40.0484 2412 NwlnkFwd - ok
20:21:40.0546 2412 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
20:21:40.0578 2412 OMCI - ok
20:21:40.0625 2412 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:21:40.0625 2412 Parport - ok
20:21:40.0656 2412 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:21:40.0656 2412 PartMgr - ok
20:21:40.0718 2412 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:21:40.0718 2412 ParVdm - ok
20:21:40.0734 2412 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:21:40.0750 2412 PCI - ok
20:21:40.0750 2412 PCIDump - ok
20:21:40.0765 2412 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
20:21:40.0781 2412 PCIIde - ok
20:21:40.0828 2412 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:21:40.0828 2412 Pcmcia - ok
20:21:40.0843 2412 PDCOMP - ok
20:21:40.0859 2412 PDFRAME - ok
20:21:40.0890 2412 PDRELI - ok
20:21:40.0906 2412 PDRFRAME - ok
20:21:40.0921 2412 perc2 - ok
20:21:40.0937 2412 perc2hib - ok
20:21:41.0015 2412 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:21:41.0031 2412 PlugPlay - ok
20:21:41.0046 2412 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:21:41.0046 2412 PolicyAgent - ok
20:21:41.0093 2412 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:21:41.0109 2412 PptpMiniport - ok
20:21:41.0156 2412 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
20:21:41.0156 2412 Processor - ok
20:21:41.0187 2412 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:21:41.0187 2412 ProtectedStorage - ok
20:21:41.0203 2412 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:21:41.0218 2412 PSched - ok
20:21:41.0250 2412 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:21:41.0250 2412 Ptilink - ok
20:21:41.0312 2412 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
20:21:41.0328 2412 PxHelp20 - ok
20:21:41.0375 2412 [ FDDD1AEB9F81EF1E6E48AE1EDC2A97D6 ] QCDonner C:\WINDOWS\system32\DRIVERS\OVCD.sys
20:21:41.0390 2412 QCDonner - ok
20:21:41.0406 2412 ql1080 - ok
20:21:41.0421 2412 Ql10wnt - ok
20:21:41.0437 2412 ql12160 - ok
20:21:41.0468 2412 ql1240 - ok
20:21:41.0484 2412 ql1280 - ok
20:21:41.0500 2412 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:21:41.0500 2412 RasAcd - ok
20:21:41.0562 2412 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:21:41.0578 2412 RasAuto - ok
20:21:41.0609 2412 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:21:41.0609 2412 Rasl2tp - ok
20:21:41.0671 2412 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:21:41.0671 2412 RasMan - ok
20:21:41.0718 2412 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:21:41.0718 2412 RasPppoe - ok
20:21:41.0750 2412 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:21:41.0750 2412 Raspti - ok
20:21:41.0812 2412 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:21:41.0828 2412 Rdbss - ok
20:21:41.0859 2412 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:21:41.0859 2412 RDPCDD - ok
20:21:41.0921 2412 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:21:41.0921 2412 RDPWD - ok
20:21:41.0984 2412 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:21:41.0984 2412 RDSessMgr - ok
20:21:42.0031 2412 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:21:42.0031 2412 redbook - ok
20:21:42.0093 2412 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:21:42.0093 2412 RemoteAccess - ok
20:21:42.0140 2412 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
20:21:42.0156 2412 RpcLocator - ok
20:21:42.0203 2412 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:21:42.0203 2412 RpcSs - ok
20:21:42.0281 2412 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
20:21:42.0281 2412 RSVP - ok
20:21:42.0312 2412 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:21:42.0328 2412 SamSs - ok
20:21:42.0375 2412 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:21:42.0390 2412 SCardSvr - ok
20:21:42.0437 2412 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:21:42.0453 2412 Schedule - ok
20:21:42.0500 2412 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:21:42.0515 2412 Secdrv - ok
20:21:42.0546 2412 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:21:42.0546 2412 seclogon - ok
20:21:42.0578 2412 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:21:42.0578 2412 SENS - ok
20:21:42.0625 2412 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:21:42.0671 2412 serenum - ok
20:21:42.0687 2412 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:21:42.0703 2412 Serial - ok
20:21:42.0765 2412 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:21:42.0765 2412 Sfloppy - ok
20:21:42.0828 2412 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:21:42.0843 2412 SharedAccess - ok
20:21:42.0875 2412 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:21:42.0875 2412 ShellHWDetection - ok
20:21:42.0890 2412 Simbad - ok
20:21:42.0937 2412 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:21:42.0953 2412 SLIP - ok
20:21:43.0031 2412 [ 70B8DD8707DBF6142530C106365DF67D ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
20:21:43.0093 2412 smwdm - ok
20:21:43.0156 2412 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
20:21:43.0187 2412 SONYPVU1 - ok
20:21:43.0203 2412 Sparrow - ok
20:21:43.0250 2412 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:21:43.0265 2412 splitter - ok
20:21:43.0312 2412 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:21:43.0312 2412 Spooler - ok
20:21:43.0343 2412 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:21:43.0343 2412 sr - ok
20:21:43.0406 2412 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:21:43.0406 2412 srservice - ok
20:21:43.0468 2412 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:21:43.0500 2412 Srv - ok
20:21:43.0562 2412 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:21:43.0562 2412 SSDPSRV - ok
20:21:43.0625 2412 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:21:43.0640 2412 stisvc - ok
20:21:43.0687 2412 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:21:43.0703 2412 streamip - ok
20:21:43.0750 2412 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:21:43.0750 2412 swenum - ok
20:21:43.0781 2412 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:21:43.0781 2412 swmidi - ok
20:21:43.0796 2412 SwPrv - ok
20:21:43.0828 2412 symc810 - ok
20:21:43.0843 2412 symc8xx - ok
20:21:43.0859 2412 sym_hi - ok
20:21:43.0890 2412 sym_u3 - ok
20:21:43.0937 2412 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:21:43.0937 2412 sysaudio - ok
20:21:44.0281 2412 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:21:44.0296 2412 SysmonLog - ok
20:21:44.0359 2412 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:21:44.0359 2412 TapiSrv - ok
20:21:44.0421 2412 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:21:44.0437 2412 Tcpip - ok
20:21:44.0500 2412 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:21:44.0500 2412 TDPIPE - ok
20:21:44.0531 2412 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:21:44.0531 2412 TDTCP - ok
20:21:44.0593 2412 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:21:44.0593 2412 TermDD - ok
20:21:44.0640 2412 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:21:44.0671 2412 TermService - ok
20:21:44.0703 2412 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:21:44.0718 2412 Themes - ok
20:21:44.0734 2412 TosIde - ok
20:21:44.0765 2412 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:21:44.0765 2412 TrkWks - ok
20:21:44.0843 2412 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:21:44.0843 2412 Udfs - ok
20:21:44.0859 2412 ultra - ok
20:21:44.0921 2412 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\System32\wdfmgr.exe
20:21:44.0921 2412 UMWdf - ok
20:21:45.0000 2412 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:21:45.0062 2412 Update - ok
20:21:45.0125 2412 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:21:45.0125 2412 upnphost - ok
20:21:45.0187 2412 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:21:45.0218 2412 UPS - ok
20:21:45.0265 2412 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:21:45.0281 2412 usbehci - ok
20:21:45.0328 2412 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:21:45.0328 2412 usbhub - ok
20:21:45.0359 2412 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:21:45.0375 2412 usbprint - ok
20:21:45.0406 2412 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:21:45.0437 2412 USBSTOR - ok
20:21:45.0468 2412 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:21:45.0468 2412 usbuhci - ok
20:21:45.0500 2412 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:21:45.0500 2412 VgaSave - ok
20:21:45.0515 2412 ViaIde - ok
20:21:45.0546 2412 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:21:45.0562 2412 VolSnap - ok
20:21:45.0625 2412 [ 9D889B338356B1BD1242B8841E0744A4 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys
20:21:45.0656 2412 Vsdatant - ok
20:21:45.0718 2412 vsmon - ok
20:21:45.0765 2412 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:21:45.0796 2412 VSS - ok
20:21:45.0875 2412 [ 8F83A261B7898C1793A21391685CF59F ] vToolbarUpdater C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
20:21:45.0890 2412 vToolbarUpdater - ok
20:21:45.0953 2412 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
20:21:45.0968 2412 W32Time - ok
20:21:46.0031 2412 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:21:46.0046 2412 Wanarp - ok
20:21:46.0062 2412 WDICA - ok
20:21:46.0109 2412 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:21:46.0109 2412 wdmaud - ok
20:21:46.0171 2412 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:21:46.0187 2412 WebClient - ok
20:21:46.0281 2412 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:21:46.0296 2412 winmgmt - ok
20:21:46.0359 2412 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
20:21:46.0390 2412 WmdmPmSN - ok
20:21:46.0453 2412 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
20:21:46.0453 2412 WmiApSrv - ok
20:21:46.0500 2412 [ C1B3D9D75C3FB735F5FA3A5806ADED57 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
20:21:46.0515 2412 WpdUsb - ok
20:21:46.0593 2412 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:21:46.0593 2412 WS2IFSL - ok
20:21:46.0640 2412 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:21:46.0640 2412 wscsvc - ok
20:21:46.0687 2412 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:21:46.0703 2412 WSTCODEC - ok
20:21:46.0734 2412 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:21:46.0750 2412 wuauserv - ok
20:21:46.0812 2412 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:21:46.0843 2412 WZCSVC - ok
20:21:46.0906 2412 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:21:46.0921 2412 xmlprov - ok
20:21:47.0000 2412 [ AFEFFE0F8805FCD47B05CF1FBDE08092 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
20:21:47.0015 2412 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
20:21:47.0078 2412 [ 85A36991A5CEAF9E65C4B743210E759B ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
20:21:47.0078 2412 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
20:21:47.0093 2412 ================ Scan global ===============================
20:21:47.0140 2412 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:21:47.0203 2412 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
20:21:47.0234 2412 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
20:21:47.0265 2412 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:21:47.0265 2412 [Global] - ok
20:21:47.0281 2412 ================ Scan MBR ==================================
20:21:47.0312 2412 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:21:47.0593 2412 \Device\Harddisk0\DR0 - ok
20:21:47.0609 2412 ================ Scan VBR ==================================
20:21:47.0640 2412 [ 01A4046BCD1EBA0E886A28D1D14CA32F ] \Device\Harddisk0\DR0\Partition1
20:21:47.0640 2412 \Device\Harddisk0\DR0\Partition1 - ok
20:21:47.0640 2412 ============================================================
20:21:47.0640 2412 Scan finished
20:21:47.0640 2412 ============================================================
20:21:47.0671 3904 Detected object count: 0
20:21:47.0671 3904 Actual detected object count: 0
==================================================

==================================================
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/14/2012 at 10:51 PM

Application Version : 5.5.1016

Core Rules Database Version : 9234
Trace Rules Database Version: 7046

Scan type : Complete Scan
Total Scan Time : 02:16:46

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 440
Memory threats detected : 0
Registry items scanned : 33588
Registry threats detected : 1
File items scanned : 100318
File threats detected : 94

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@avgtechnologies.112.2o7[2].txt [ /avgtechnologies.112.2o7 ]
core.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\22P85RKN ]
.oracle.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.ad.mlnadvertising.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.xm.xtendmedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.questionablecontent.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
www.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
.indieclick.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\S9ICEK0M.DEFAULT\COOKIES.SQLITE ]

Adware.IST/ISTBar (Slotch Bar)
HKU\S-1-5-21-1202660629-1383384898-725345543-1003\Software\Microsoft\Internet Explorer\Main#BandRest [ Never ]

Trojan.Agent/Gen-ReLoader
C:\DOCUMENTS AND SETTINGS\OWNER\MARSHALL PERGERSON VB PROJECTS\2.13.1 SWITCH\SWITCH.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\MARSHALL PERGERSON VB PROJECTS\3.6 SCOPE PRACTICE\SCOPE PRATICE.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\MARSHALL PERGERSON VB PROJECTS\4.15.4 CODE TEST\CODE TEST.EXE
C:\DOCUMENTS AND SETTINGS\OWNER\MARSHALL PERGERSON VB PROJECTS\4.6 ZORDER PRACTICE\ZORDER PRACTICE.EXE
C:\PROGRAM FILES\MICROSOFT VISUAL STUDIO\VB98\PROJECTS\2.13.1 SWITCH\SWITCH.EXE
C:\PROGRAM FILES\MICROSOFT VISUAL STUDIO\VB98\PROJECTS\3.6 SCOPE PRACTICE\SCOPE PRATICE.EXE
C:\PROGRAM FILES\MICROSOFT VISUAL STUDIO\VB98\PROJECTS\4.15.4 CODE TEST\CODE TEST.EXE
C:\PROGRAM FILES\MICROSOFT VISUAL STUDIO\VB98\PROJECTS\4.6 ZORDER PRACTICE\ZORDER PRACTICE.EXE
==================================================

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 15 September 2012 - 08:33 PM

Looks good now,
Change your email paaword.
Uninstall this from the Control Panel.Add / Remove and reboot
Java™ 6 Update 24 (Version: 6.0.240)



You removed some nadty stuff. Lets be sure there's nothing else.

Please run these.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Bookwyrm101

Bookwyrm101
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 17 September 2012 - 09:00 PM

Do I need to change my password a second time? I changed it once after I found out about the problem, but before I came here for help.


TDSS Log first, then ESET log.

======================================
19:17:30.0812 3828 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:17:39.0109 3828 ============================================================
19:17:39.0109 3828 Current date / time: 2012/09/17 19:17:39.0109
19:17:39.0109 3828 SystemInfo:
19:17:39.0109 3828
19:17:39.0109 3828 OS Version: 5.1.2600 ServicePack: 3.0
19:17:39.0109 3828 Product type: Workstation
19:17:39.0109 3828 ComputerName: GAMEMASTER
19:17:39.0109 3828 UserName: Owner
19:17:39.0109 3828 Windows directory: C:\WINDOWS
19:17:39.0109 3828 System windows directory: C:\WINDOWS
19:17:39.0109 3828 Processor architecture: Intel x86
19:17:39.0109 3828 Number of processors: 1
19:17:39.0109 3828 Page size: 0x1000
19:17:39.0109 3828 Boot type: Normal boot
19:17:39.0109 3828 ============================================================
19:17:40.0812 3828 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:17:40.0843 3828 ============================================================
19:17:40.0843 3828 \Device\Harddisk0\DR0:
19:17:40.0859 3828 MBR partitions:
19:17:40.0859 3828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC7C41
19:17:40.0859 3828 ============================================================
19:17:41.0015 3828 C: <-> \Device\Harddisk0\DR0\Partition1
19:17:41.0015 3828 ============================================================
19:17:41.0015 3828 Initialize success
19:17:41.0015 3828 ============================================================
19:17:58.0046 1696 ============================================================
19:17:58.0046 1696 Scan started
19:17:58.0046 1696 Mode: Manual; TDLFS;
19:17:58.0046 1696 ============================================================
19:17:58.0968 1696 ================ Scan system memory ========================
19:17:58.0968 1696 System memory - ok
19:17:58.0968 1696 ================ Scan services =============================
19:17:59.0109 1696 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:17:59.0156 1696 !SASCORE - ok
19:17:59.0359 1696 Abiosdsk - ok
19:17:59.0359 1696 abp480n5 - ok
19:17:59.0421 1696 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:17:59.0437 1696 ACPI - ok
19:17:59.0484 1696 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:17:59.0500 1696 ACPIEC - ok
19:17:59.0500 1696 adpu160m - ok
19:17:59.0562 1696 [ 11C04B17ED2ABBB4833694BCD644AC90 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
19:17:59.0593 1696 aeaudio - ok
19:17:59.0625 1696 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:17:59.0640 1696 aec - ok
19:17:59.0703 1696 [ 355556D9E580915118CD7EF736653A89 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:17:59.0703 1696 AFD - ok
19:17:59.0718 1696 Aha154x - ok
19:17:59.0734 1696 aic78u2 - ok
19:17:59.0765 1696 aic78xx - ok
19:17:59.0812 1696 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:17:59.0828 1696 Alerter - ok
19:17:59.0859 1696 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:17:59.0859 1696 ALG - ok
19:17:59.0875 1696 AliIde - ok
19:17:59.0890 1696 amsint - ok
19:17:59.0906 1696 AppMgmt - ok
19:17:59.0921 1696 asc - ok
19:17:59.0953 1696 asc3350p - ok
19:17:59.0968 1696 asc3550 - ok
19:18:00.0078 1696 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:18:00.0171 1696 aspnet_state - ok
19:18:00.0218 1696 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:18:00.0218 1696 AsyncMac - ok
19:18:00.0296 1696 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:18:00.0296 1696 atapi - ok
19:18:00.0312 1696 Atdisk - ok
19:18:00.0343 1696 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:18:00.0343 1696 Atmarpc - ok
19:18:00.0406 1696 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:18:00.0406 1696 AudioSrv - ok
19:18:00.0453 1696 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:18:00.0468 1696 audstub - ok
19:18:00.0640 1696 [ 080D4FE1435401A370F122614EA514CD ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
19:18:00.0687 1696 AVG Security Toolbar Service - ok
19:18:01.0015 1696 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
19:18:01.0250 1696 AVGIDSAgent - ok
19:18:01.0281 1696 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
19:18:01.0296 1696 AVGIDSDriver - ok
19:18:01.0359 1696 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
19:18:01.0359 1696 AVGIDSFilter - ok
19:18:01.0421 1696 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
19:18:01.0421 1696 AVGIDSHX - ok
19:18:01.0437 1696 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
19:18:01.0437 1696 AVGIDSShim - ok
19:18:01.0500 1696 [ DDA6A2A18841E4C9172BB85958B8D948 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
19:18:02.0296 1696 Avgldx86 - ok
19:18:02.0343 1696 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
19:18:02.0343 1696 Avgmfx86 - ok
19:18:02.0359 1696 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
19:18:02.0359 1696 Avgrkx86 - ok
19:18:02.0421 1696 [ 1263F2554ACE925C237A40B4C568D815 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
19:18:02.0812 1696 Avgtdix - ok
19:18:02.0843 1696 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
19:18:02.0859 1696 avgwd - ok
19:18:02.0906 1696 [ 1B1CF5E962C15ABCA83D1EF2B3906E2F ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
19:18:02.0921 1696 BCM43XX - ok
19:18:02.0968 1696 [ F5C0D3C93235A455CDD13C954ADF1A80 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
19:18:02.0968 1696 bcm4sbxp - ok
19:18:02.0984 1696 Beep - ok
19:18:03.0031 1696 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:18:03.0062 1696 BITS - ok
19:18:03.0093 1696 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
19:18:03.0109 1696 Browser - ok
19:18:03.0109 1696 C-Dilla - ok
19:18:03.0171 1696 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:18:03.0171 1696 cbidf2k - ok
19:18:03.0218 1696 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:18:03.0218 1696 CCDECODE - ok
19:18:03.0234 1696 cd20xrnt - ok
19:18:03.0328 1696 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:18:03.0328 1696 Cdaudio - ok
19:18:03.0359 1696 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:18:03.0359 1696 Cdfs - ok
19:18:03.0421 1696 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:18:03.0421 1696 Cdrom - ok
19:18:03.0437 1696 Changer - ok
19:18:03.0484 1696 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:18:03.0500 1696 CiSvc - ok
19:18:03.0515 1696 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:18:03.0515 1696 ClipSrv - ok
19:18:03.0562 1696 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:18:03.0671 1696 clr_optimization_v2.0.50727_32 - ok
19:18:03.0703 1696 CmdIde - ok
19:18:03.0718 1696 COMSysApp - ok
19:18:03.0734 1696 Cpqarray - ok
19:18:03.0781 1696 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:18:03.0781 1696 CryptSvc - ok
19:18:03.0796 1696 dac2w2k - ok
19:18:03.0812 1696 dac960nt - ok
19:18:03.0875 1696 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:18:03.0890 1696 DcomLaunch - ok
19:18:03.0937 1696 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:18:03.0937 1696 Dhcp - ok
19:18:03.0984 1696 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:18:03.0984 1696 Disk - ok
19:18:03.0984 1696 dmadmin - ok
19:18:04.0062 1696 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:18:04.0093 1696 dmboot - ok
19:18:04.0156 1696 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:18:04.0156 1696 dmio - ok
19:18:04.0203 1696 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:18:04.0203 1696 dmload - ok
19:18:04.0250 1696 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:18:04.0250 1696 dmserver - ok
19:18:04.0312 1696 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:18:04.0328 1696 DMusic - ok
19:18:04.0375 1696 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:18:04.0390 1696 Dnscache - ok
19:18:04.0453 1696 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:18:04.0453 1696 Dot3svc - ok
19:18:04.0468 1696 dpti2o - ok
19:18:04.0515 1696 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:18:04.0515 1696 drmkaud - ok
19:18:04.0531 1696 dwshd - ok
19:18:04.0578 1696 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:18:04.0578 1696 EapHost - ok
19:18:04.0625 1696 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:18:04.0625 1696 ERSvc - ok
19:18:04.0703 1696 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:18:04.0703 1696 Eventlog - ok
19:18:04.0968 1696 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
19:18:04.0984 1696 EventSystem - ok
19:18:05.0015 1696 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:18:05.0015 1696 Fastfat - ok
19:18:05.0062 1696 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:18:05.0062 1696 FastUserSwitchingCompatibility - ok
19:18:05.0078 1696 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:18:05.0078 1696 Fdc - ok
19:18:05.0109 1696 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:18:05.0109 1696 Fips - ok
19:18:05.0125 1696 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:18:05.0125 1696 Flpydisk - ok
19:18:05.0171 1696 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:18:05.0171 1696 FltMgr - ok
19:18:05.0281 1696 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:18:05.0281 1696 FontCache3.0.0.0 - ok
19:18:05.0343 1696 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:18:05.0343 1696 Fs_Rec - ok
19:18:05.0359 1696 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:18:05.0359 1696 Ftdisk - ok
19:18:05.0437 1696 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
19:18:05.0468 1696 getPlusHelper - ok
19:18:05.0515 1696 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:18:05.0546 1696 Gpc - ok
19:18:05.0609 1696 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:18:05.0609 1696 helpsvc - ok
19:18:05.0656 1696 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:18:05.0656 1696 HidServ - ok
19:18:05.0687 1696 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:18:05.0703 1696 HidUsb - ok
19:18:05.0734 1696 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:18:05.0734 1696 hkmsvc - ok
19:18:05.0750 1696 hpn - ok
19:18:05.0812 1696 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:18:05.0828 1696 HTTP - ok
19:18:05.0875 1696 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:18:05.0890 1696 HTTPFilter - ok
19:18:05.0890 1696 i2omgmt - ok
19:18:05.0906 1696 i2omp - ok
19:18:05.0937 1696 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:18:05.0953 1696 i8042prt - ok
19:18:06.0015 1696 [ 44B7D5A4F2BD9FE21AEA0BB0BACE38C4 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:18:06.0062 1696 ialm - ok
19:18:06.0171 1696 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:18:06.0187 1696 IDriverT - ok
19:18:06.0296 1696 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:18:06.0390 1696 idsvc - ok
19:18:06.0437 1696 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:18:06.0453 1696 Imapi - ok
19:18:06.0484 1696 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:18:06.0500 1696 ImapiService - ok
19:18:06.0515 1696 ini910u - ok
19:18:06.0546 1696 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:18:06.0546 1696 IntelIde - ok
19:18:06.0578 1696 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:18:06.0578 1696 intelppm - ok
19:18:06.0625 1696 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:18:06.0625 1696 ip6fw - ok
19:18:06.0640 1696 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:18:06.0640 1696 IpFilterDriver - ok
19:18:06.0687 1696 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:18:06.0703 1696 IpInIp - ok
19:18:06.0734 1696 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:18:06.0734 1696 IpNat - ok
19:18:06.0765 1696 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:18:06.0765 1696 IPSec - ok
19:18:06.0796 1696 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:18:06.0796 1696 IRENUM - ok
19:18:06.0828 1696 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:18:06.0843 1696 isapnp - ok
19:18:06.0921 1696 [ A195C4FC49492928E8296B8C4AB00517 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
19:18:06.0953 1696 ISWKL - ok
19:18:07.0015 1696 [ E78EACA70B4E0C260E4B32972B7086AC ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
19:18:07.0062 1696 IswSvc - ok
19:18:07.0093 1696 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:18:07.0093 1696 Kbdclass - ok
19:18:07.0140 1696 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:18:07.0140 1696 kmixer - ok
19:18:07.0171 1696 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:18:07.0187 1696 KSecDD - ok
19:18:07.0250 1696 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:18:07.0250 1696 lanmanserver - ok
19:18:07.0421 1696 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:18:07.0421 1696 lanmanworkstation - ok
19:18:07.0437 1696 lbrtfdc - ok
19:18:07.0484 1696 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:18:07.0484 1696 LmHosts - ok
19:18:07.0515 1696 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:18:07.0515 1696 Messenger - ok
19:18:07.0562 1696 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:18:07.0562 1696 mnmdd - ok
19:18:07.0609 1696 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:18:07.0609 1696 mnmsrvc - ok
19:18:07.0656 1696 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:18:07.0656 1696 Modem - ok
19:18:07.0703 1696 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:18:07.0703 1696 Mouclass - ok
19:18:07.0750 1696 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:18:07.0750 1696 mouhid - ok
19:18:07.0781 1696 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:18:07.0796 1696 MountMgr - ok
19:18:07.0828 1696 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:18:07.0843 1696 MozillaMaintenance - ok
19:18:07.0843 1696 mraid35x - ok
19:18:07.0890 1696 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:18:07.0890 1696 MRxDAV - ok
19:18:07.0968 1696 [ 0DC719E9B15E902346E87E9DCD5751FA ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:18:08.0015 1696 MRxSmb - ok
19:18:08.0078 1696 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:18:08.0078 1696 MSDTC - ok
19:18:08.0125 1696 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:18:08.0125 1696 Msfs - ok
19:18:08.0140 1696 MSIServer - ok
19:18:08.0171 1696 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:18:08.0171 1696 MSKSSRV - ok
19:18:08.0218 1696 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:18:08.0218 1696 MSPCLOCK - ok
19:18:08.0296 1696 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:18:08.0296 1696 MSPQM - ok
19:18:08.0328 1696 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:18:08.0343 1696 mssmbios - ok
19:18:08.0375 1696 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:18:08.0375 1696 MSTEE - ok
19:18:08.0421 1696 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:18:08.0437 1696 Mup - ok
19:18:08.0468 1696 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:18:08.0484 1696 NABTSFEC - ok
19:18:08.0546 1696 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:18:08.0562 1696 napagent - ok
19:18:08.0609 1696 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:18:08.0609 1696 NDIS - ok
19:18:08.0656 1696 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:18:08.0656 1696 NdisIP - ok
19:18:08.0687 1696 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:18:08.0687 1696 NdisTapi - ok
19:18:08.0734 1696 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:18:08.0734 1696 Ndisuio - ok
19:18:08.0750 1696 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:18:08.0750 1696 NdisWan - ok
19:18:08.0796 1696 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:18:08.0828 1696 NDProxy - ok
19:18:08.0859 1696 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:18:08.0859 1696 NetBIOS - ok
19:18:08.0906 1696 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:18:08.0921 1696 NetBT - ok
19:18:08.0968 1696 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:18:08.0984 1696 NetDDE - ok
19:18:08.0984 1696 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:18:09.0000 1696 NetDDEdsdm - ok
19:18:09.0062 1696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:18:09.0093 1696 Netlogon - ok
19:18:09.0125 1696 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:18:09.0140 1696 Netman - ok
19:18:09.0171 1696 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:18:09.0187 1696 NetTcpPortSharing - ok
19:18:09.0250 1696 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:18:09.0312 1696 Nla - ok
19:18:09.0375 1696 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:18:09.0375 1696 Npfs - ok
19:18:09.0421 1696 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:18:09.0500 1696 Ntfs - ok
19:18:09.0531 1696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:18:09.0546 1696 NtLmSsp - ok
19:18:09.0609 1696 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:18:09.0640 1696 NtmsSvc - ok
19:18:09.0687 1696 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:18:09.0703 1696 Null - ok
19:18:09.0734 1696 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:18:09.0734 1696 NwlnkFlt - ok
19:18:09.0750 1696 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:18:09.0765 1696 NwlnkFwd - ok
19:18:09.0812 1696 [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
19:18:09.0828 1696 OMCI - ok
19:18:09.0875 1696 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:18:09.0875 1696 Parport - ok
19:18:09.0906 1696 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:18:09.0906 1696 PartMgr - ok
19:18:09.0968 1696 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:18:09.0968 1696 ParVdm - ok
19:18:09.0984 1696 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:18:10.0000 1696 PCI - ok
19:18:10.0015 1696 PCIDump - ok
19:18:10.0031 1696 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
19:18:10.0031 1696 PCIIde - ok
19:18:10.0093 1696 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:18:10.0093 1696 Pcmcia - ok
19:18:10.0125 1696 PDCOMP - ok
19:18:10.0140 1696 PDFRAME - ok
19:18:10.0156 1696 PDRELI - ok
19:18:10.0187 1696 PDRFRAME - ok
19:18:10.0203 1696 perc2 - ok
19:18:10.0218 1696 perc2hib - ok
19:18:10.0296 1696 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:18:10.0296 1696 PlugPlay - ok
19:18:10.0343 1696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:18:10.0343 1696 PolicyAgent - ok
19:18:10.0390 1696 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:18:10.0390 1696 PptpMiniport - ok
19:18:10.0453 1696 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:18:10.0453 1696 Processor - ok
19:18:10.0484 1696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:18:10.0484 1696 ProtectedStorage - ok
19:18:10.0531 1696 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:18:10.0531 1696 PSched - ok
19:18:10.0562 1696 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:18:10.0562 1696 Ptilink - ok
19:18:10.0609 1696 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:18:10.0625 1696 PxHelp20 - ok
19:18:10.0671 1696 [ FDDD1AEB9F81EF1E6E48AE1EDC2A97D6 ] QCDonner C:\WINDOWS\system32\DRIVERS\OVCD.sys
19:18:10.0687 1696 QCDonner - ok
19:18:10.0718 1696 ql1080 - ok
19:18:10.0734 1696 Ql10wnt - ok
19:18:10.0750 1696 ql12160 - ok
19:18:10.0781 1696 ql1240 - ok
19:18:10.0796 1696 ql1280 - ok
19:18:10.0843 1696 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:18:10.0843 1696 RasAcd - ok
19:18:10.0890 1696 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:18:10.0906 1696 RasAuto - ok
19:18:10.0937 1696 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:18:10.0937 1696 Rasl2tp - ok
19:18:10.0984 1696 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:18:11.0000 1696 RasMan - ok
19:18:11.0046 1696 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:18:11.0046 1696 RasPppoe - ok
19:18:11.0062 1696 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:18:11.0062 1696 Raspti - ok
19:18:11.0125 1696 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:18:11.0125 1696 Rdbss - ok
19:18:11.0156 1696 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:18:11.0156 1696 RDPCDD - ok
19:18:11.0218 1696 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:18:11.0234 1696 RDPWD - ok
19:18:11.0312 1696 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:18:11.0328 1696 RDSessMgr - ok
19:18:11.0390 1696 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:18:11.0390 1696 redbook - ok
19:18:11.0453 1696 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:18:11.0468 1696 RemoteAccess - ok
19:18:11.0515 1696 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
19:18:11.0515 1696 RpcLocator - ok
19:18:11.0562 1696 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:18:11.0578 1696 RpcSs - ok
19:18:11.0656 1696 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:18:11.0656 1696 RSVP - ok
19:18:11.0687 1696 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:18:11.0703 1696 SamSs - ok
19:18:11.0750 1696 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:18:11.0750 1696 SASDIFSV - ok
19:18:11.0781 1696 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:18:11.0781 1696 SASKUTIL - ok
19:18:11.0812 1696 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:18:11.0828 1696 SCardSvr - ok
19:18:11.0890 1696 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:18:11.0906 1696 Schedule - ok
19:18:11.0953 1696 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:18:11.0984 1696 Secdrv - ok
19:18:12.0046 1696 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:18:12.0046 1696 seclogon - ok
19:18:12.0078 1696 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:18:12.0078 1696 SENS - ok
19:18:12.0125 1696 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:18:12.0125 1696 serenum - ok
19:18:12.0156 1696 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:18:12.0156 1696 Serial - ok
19:18:12.0203 1696 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:18:12.0203 1696 Sfloppy - ok
19:18:12.0296 1696 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:18:12.0328 1696 SharedAccess - ok
19:18:12.0390 1696 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:18:12.0390 1696 ShellHWDetection - ok
19:18:12.0421 1696 Simbad - ok
19:18:12.0484 1696 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:18:12.0484 1696 SLIP - ok
19:18:12.0562 1696 [ 70B8DD8707DBF6142530C106365DF67D ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
19:18:12.0593 1696 smwdm - ok
19:18:12.0656 1696 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
19:18:12.0656 1696 SONYPVU1 - ok
19:18:12.0671 1696 Sparrow - ok
19:18:12.0734 1696 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:18:12.0734 1696 splitter - ok
19:18:12.0765 1696 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:18:12.0781 1696 Spooler - ok
19:18:12.0796 1696 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:18:12.0812 1696 sr - ok
19:18:12.0859 1696 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:18:12.0875 1696 srservice - ok
19:18:12.0937 1696 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:18:12.0953 1696 Srv - ok
19:18:13.0000 1696 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:18:13.0015 1696 SSDPSRV - ok
19:18:13.0078 1696 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:18:13.0093 1696 stisvc - ok
19:18:13.0156 1696 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:18:13.0156 1696 streamip - ok
19:18:13.0203 1696 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:18:13.0203 1696 swenum - ok
19:18:13.0281 1696 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:18:13.0281 1696 swmidi - ok
19:18:13.0296 1696 SwPrv - ok
19:18:13.0328 1696 symc810 - ok
19:18:13.0343 1696 symc8xx - ok
19:18:13.0375 1696 sym_hi - ok
19:18:13.0390 1696 sym_u3 - ok
19:18:13.0437 1696 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:18:13.0437 1696 sysaudio - ok
19:18:13.0484 1696 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:18:13.0500 1696 SysmonLog - ok
19:18:13.0546 1696 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:18:13.0562 1696 TapiSrv - ok
19:18:13.0625 1696 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:18:13.0671 1696 Tcpip - ok
19:18:13.0765 1696 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:18:13.0781 1696 TDPIPE - ok
19:18:13.0796 1696 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:18:13.0796 1696 TDTCP - ok
19:18:13.0859 1696 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:18:13.0859 1696 TermDD - ok
19:18:13.0921 1696 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:18:13.0921 1696 TermService - ok
19:18:13.0968 1696 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:18:13.0968 1696 Themes - ok
19:18:13.0984 1696 TosIde - ok
19:18:14.0015 1696 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:18:14.0031 1696 TrkWks - ok
19:18:14.0078 1696 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:18:14.0078 1696 Udfs - ok
19:18:14.0109 1696 ultra - ok
19:18:14.0156 1696 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\System32\wdfmgr.exe
19:18:14.0156 1696 UMWdf - ok
19:18:14.0234 1696 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:18:14.0296 1696 Update - ok
19:18:14.0375 1696 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:18:14.0375 1696 upnphost - ok
19:18:14.0437 1696 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:18:14.0453 1696 UPS - ok
19:18:14.0500 1696 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:18:14.0500 1696 usbehci - ok
19:18:14.0546 1696 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:18:14.0546 1696 usbhub - ok
19:18:14.0593 1696 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:18:14.0593 1696 usbprint - ok
19:18:14.0640 1696 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:18:14.0640 1696 USBSTOR - ok
19:18:14.0703 1696 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:18:14.0703 1696 usbuhci - ok
19:18:14.0765 1696 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:18:14.0765 1696 VgaSave - ok
19:18:14.0781 1696 ViaIde - ok
19:18:14.0812 1696 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:18:14.0812 1696 VolSnap - ok
19:18:14.0890 1696 [ 9D889B338356B1BD1242B8841E0744A4 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys
19:18:14.0968 1696 Vsdatant - ok
19:18:15.0015 1696 vsmon - ok
19:18:15.0078 1696 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:18:15.0093 1696 VSS - ok
19:18:15.0187 1696 [ 8F83A261B7898C1793A21391685CF59F ] vToolbarUpdater C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
19:18:15.0203 1696 vToolbarUpdater - ok
19:18:15.0312 1696 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
19:18:15.0312 1696 W32Time - ok
19:18:15.0359 1696 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:18:15.0359 1696 Wanarp - ok
19:18:15.0390 1696 WDICA - ok
19:18:15.0437 1696 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:18:15.0437 1696 wdmaud - ok
19:18:15.0531 1696 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:18:15.0531 1696 WebClient - ok
19:18:15.0625 1696 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:18:15.0625 1696 winmgmt - ok
19:18:15.0703 1696 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
19:18:15.0703 1696 WmdmPmSN - ok
19:18:15.0765 1696 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:18:15.0781 1696 WmiApSrv - ok
19:18:15.0828 1696 [ C1B3D9D75C3FB735F5FA3A5806ADED57 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
19:18:15.0828 1696 WpdUsb - ok
19:18:15.0875 1696 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:18:15.0890 1696 WS2IFSL - ok
19:18:15.0937 1696 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:18:15.0937 1696 wscsvc - ok
19:18:16.0015 1696 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:18:16.0015 1696 WSTCODEC - ok
19:18:16.0062 1696 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:18:16.0062 1696 wuauserv - ok
19:18:16.0140 1696 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:18:16.0171 1696 WZCSVC - ok
19:18:16.0234 1696 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:18:16.0250 1696 xmlprov - ok
19:18:16.0328 1696 [ AFEFFE0F8805FCD47B05CF1FBDE08092 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys
19:18:16.0328 1696 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
19:18:16.0375 1696 [ 85A36991A5CEAF9E65C4B743210E759B ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys
19:18:16.0390 1696 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
19:18:16.0390 1696 ================ Scan global ===============================
19:18:16.0437 1696 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:18:16.0500 1696 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
19:18:16.0546 1696 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
19:18:16.0578 1696 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:18:16.0578 1696 [Global] - ok
19:18:16.0593 1696 ================ Scan MBR ==================================
19:18:16.0609 1696 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:18:16.0859 1696 \Device\Harddisk0\DR0 - ok
19:18:16.0875 1696 ================ Scan VBR ==================================
19:18:16.0890 1696 [ 01A4046BCD1EBA0E886A28D1D14CA32F ] \Device\Harddisk0\DR0\Partition1
19:18:16.0890 1696 \Device\Harddisk0\DR0\Partition1 - ok
19:18:16.0890 1696 ============================================================
19:18:16.0890 1696 Scan finished
19:18:16.0890 1696 ============================================================
19:18:16.0921 1512 Detected object count: 0
19:18:16.0921 1512 Actual detected object count: 0
======================================

======================================
C:\Documents and Settings\Owner\Desktop\A bunch of files\Zip Disk Contents\Stuff Dad needs to sort\exe\felix2.exe Win32/Joke.ScreenMate application cleaned by deleting - quarantined
C:\My Downloads\zlsSetup_70_462_000_en.exe a variant of Win32/AdInstaller application cleaned by deleting - quarantined
======================================

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 17 September 2012 - 09:10 PM

No,you are OK now.
Looks clear ,running well now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Bookwyrm101

Bookwyrm101
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 18 September 2012 - 05:43 PM

Seems to be running alright. Thanks for your help!

I'll open another thread, if I start experiencing more problems.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:22 AM

Posted 18 September 2012 - 07:55 PM

You're welcome!!

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users