Computer infected by win32 blaster worm. Please help!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
Hi!

I am using windows vista on my computer and it has been infected with win32 blaster worm. Please find attached the Hijackthis log as well as DDS.txt and Attach.txt.

I am trying to run TSG SysInfo on my computer but it has been stuck on 6% since the last 30 mins. so am aborting it.

Please help me get rid of this virus from my computer.

Thank you for all your help!
 

Attachments

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.
If you think you have similar problems, please post the required log/s in the forum and wait for help.
Hi va_girl and welcome..

I'm DFW and I am going to try and help you with your Malware problem. Please observe the following points and rules while we work:
  • The fixes are specific to your problem and should only be used for this issue on this machine!.
  • The clean up process can take time. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Some of the Logs we ask for can take some time to Analise, so please be patient
  • This may or may not, solve other issues you have with your machine.


Before we start:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer.
However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system.
It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Going over your Logs, be back as soon as possible
 

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
Hi va_girl


Windows Vista & 7 Advice

All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.
Your Operating System in use comes with a inbuilt utility called User Access Control(UAC).
When prompted by this with anything I ask you to do carry out please select the option Allow.



Any logs that I ask for can you please post them into the body of your post and do not attach any unless I ask, Thankyou.



Uninstall programs

These are out of date, or can cause more problems than there worth.
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Coupon Printer for Windows
Hitman Pro 3.5
Java(TM) 6 Update 26
WeatherBug Gadget




Next install updated java

Please download from HERE

  • Find Java SE 7u1.
  • Click the Download JRE button to the right.
  • Choose the correct Platform and Multi-language. Next, check the box that says I agree to the Java SE Runtime Environment 6 License Agreement.
  • Click the Continue button.
  • Click on the filename under Windows Offline Installation and save it to your desktop.
  • Close all active windows.
  • Install the program.




Update Malwarebytes Anti-Malware and run a scan.

  • Right click on Malwarebytes Anti-Malware icon, choose Run as administrator and Continue
  • Click on the update tab, then click update.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Next click on Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.




Download TDSSKiller.zip and extract it to your Desktop.
  • Right click on TDSSKiller.exe, choose Run as administrator to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT



Please post back with

Malwarebytes Anti-Malware Log
TDSSKiller Log




















.
 

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
Hi DFW,
I was trying to follow all the steps that you wanted me to as stated in your last post. I could complete all the steps upto updating the java SE 7. Unfortunately when I tried to update malware bytes, I had to restart my computer for the updates to take effect. After the restart I cannot do anything on my computer. A program called "privacy protection" starts performing a scan and shows me all the potential threats on my computer and tells me to buy the software and when I cancel that, it does not allow me to open either ie, word or any other program on my computer. I get a message saying that the program has been infected by win32/blaster virus.

Please advise as to what I should do next.

Thank you,
Va_girl.
 

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
OK try this below, privacy protection is a rouge program, which we will sort out for you.



Download and Run ComboFix (by sUBs)
Download ComboFix from one of the below links and save it to your Desktop.
Link 1
Link 2

Please visit this webpage for instructions for downloading and running ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix.

  • You must run Combofix from your Desktop
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
    For instructions on how to disable your security programs, please see this topic below
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Right click on Combofix and choose Run as administrator to launch it, follow the prompts.
    Click on Yes, to continue scanning for malware.
  • When finished, it will produce a log. Please save that log to post in your next reply
  • Re-enable all the programs that were disabled during the running of ComboFix..
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper



Please post back

Combofix Log
 

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
I cannot open anything on my computer.

As soon as I log on, "privacy protection" starts doing a scan automatically. Even if I try to launch Internet Explorer, it gives me a message saying "file iexplore.exe is infected by W32/Blaster.worm. Please activate privacy protection to protect your computer.

Please tell me what shoul I do now.
 

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
Hi va_girl

Try and run combofix in safe mode




  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

Now run Combofix as in my last post.



.
 

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
I ran combofix in the safe mode. But even though I ran it in "Administrator Mode", it still prompted me to run as administrator. But it ran the scan anyways and please find the log below:

ComboFix 11-12-04.02 - Ashutosh 12/04/2011 9:25.5.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.2179 [GMT -5:00]
Running from: c:\users\Ashutosh\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ashutosh\AppData\Roaming\privacy.exe
c:\users\Ashutosh\Desktop\Privacy Protection.lnk
.
.
((((((((((((((((((((((((( Files Created from 2011-11-04 to 2011-12-04 )))))))))))))))))))))))))))))))
.
.
2011-12-04 14:31 . 2011-12-04 14:32 -------- d-----w- c:\users\Ashutosh\AppData\Local\temp
2011-12-04 14:31 . 2011-12-04 14:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-04 14:31 . 2011-12-04 14:31 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-12-04 14:31 . 2011-12-04 14:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-04 14:31 . 2011-12-04 14:31 -------- d-----w- c:\users\Ashutosh_2\AppData\Local\temp
2011-12-04 14:31 . 2011-12-04 14:31 -------- d-----w- c:\users\Ash\AppData\Local\temp
2011-12-04 14:04 . 2011-12-04 14:04 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2F32D98-EB17-46B7-8D49-EDF93C71F1BE}\offreg.dll
2011-12-04 13:08 . 2011-12-04 13:08 -------- d-----w- c:\program files\Conduit
2011-12-04 13:08 . 2011-12-04 13:08 -------- d-----w- c:\users\Ashutosh\AppData\Local\Conduit
2011-12-04 13:08 . 2011-12-04 13:08 -------- d-----w- c:\program files\Swag_Bucks
2011-12-04 00:49 . 2011-12-04 00:49 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer
2011-12-03 18:40 . 2011-12-03 18:40 -------- d-----w- c:\program files\Common Files\Java
2011-12-03 17:13 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2F32D98-EB17-46B7-8D49-EDF93C71F1BE}\mpengine.dll
2011-11-29 15:40 . 2011-11-29 15:40 -------- d-----w- c:\users\Ashutosh\AppData\Roaming\com.w3i.FlipToast
2011-11-29 15:40 . 2011-11-29 16:34 -------- d-----w- c:\program files\fliptoast
2011-11-29 15:40 . 2011-11-29 15:40 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-11-18 01:39 . 2011-11-18 01:39 -------- d-----w- c:\program files\iPod
2011-11-18 01:39 . 2011-11-18 01:40 -------- d-----w- c:\program files\iTunes
2011-11-15 02:53 . 2011-11-15 02:53 -------- d-----w- c:\users\Ashutosh\AppData\Roaming\Sony Corporation
2011-11-15 02:44 . 2007-07-19 23:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-11-15 02:42 . 2011-11-15 02:53 -------- d-----w- c:\program files\Sony
2011-11-15 02:42 . 2011-11-15 02:42 -------- d-----w- c:\programdata\Sony Corporation
2011-11-09 19:29 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 19:29 . 2011-09-20 21:02 913280 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 19:29 . 2011-09-20 13:44 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-11-09 19:29 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-03 18:36 . 2011-06-14 19:38 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-02 16:01 . 2011-05-30 15:48 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-21 10:47 . 2010-05-25 20:42 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-24 18:29 . 2011-10-24 18:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 18:29 . 2011-10-24 18:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-11 20:16 . 2011-10-11 20:17 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5F9E52F6-7A3C-46FE-8832-0E5DF94A9972}\gapaengine.dll
2011-09-17 21:38 . 2003-03-19 01:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-09-17 21:38 . 2003-02-21 09:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-09-06 13:30 . 2011-10-13 18:29 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 02:24 . 2011-05-31 23:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
2011-05-09 08:49 176936 ----a-w- c:\program files\Swag_Bucks\prxtbSwag.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-13 4351216]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-03-11 159744]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2009-01-12 468264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-11-25 622592]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-23 114688]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" [2011-02-01 206120]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-09-17 273528]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-07 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 18:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 MpKsl0143311a;MpKsl0143311a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70672822-1A8F-4132-A0B9-4BEF45F95996}\MpKsl0143311a.sys [x]
R1 MpKsl1334fa1c;MpKsl1334fa1c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73A4A771-2A2E-4675-BD05-E7A97979F529}\MpKsl1334fa1c.sys [x]
R1 MpKsl216a607e;MpKsl216a607e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A2268C54-D826-4C5A-87BB-00F5CC2C6B6D}\MpKsl216a607e.sys [x]
R1 MpKsl237be86c;MpKsl237be86c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8443200F-98D2-494E-8B40-2C98351FC4C9}\MpKsl237be86c.sys [x]
R1 MpKsl281bb0b0;MpKsl281bb0b0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4109A3D-A73A-4C76-B999-EA7B93154FD7}\MpKsl281bb0b0.sys [x]
R1 MpKsl2861a1ff;MpKsl2861a1ff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73C08D08-D522-46A8-A689-D2D5A0FB0A99}\MpKsl2861a1ff.sys [x]
R1 MpKsl5b3a3dce;MpKsl5b3a3dce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A9129D5-1581-47C6-9C47-C2E4BF107692}\MpKsl5b3a3dce.sys [x]
R1 MpKsl5b546cf0;MpKsl5b546cf0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A501AA4-5828-4EAA-B9EB-A9BCBF54598A}\MpKsl5b546cf0.sys [x]
R1 MpKsl64b2e4f0;MpKsl64b2e4f0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0A501AA4-5828-4EAA-B9EB-A9BCBF54598A}\MpKsl64b2e4f0.sys [x]
R1 MpKsl7644f9f3;MpKsl7644f9f3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8443200F-98D2-494E-8B40-2C98351FC4C9}\MpKsl7644f9f3.sys [x]
R1 MpKsl873800cf;MpKsl873800cf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{994762E8-18DB-4606-8295-E02777E55EA0}\MpKsl873800cf.sys [x]
R1 MpKsl88935ecc;MpKsl88935ecc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1DA6A3DF-5DAC-4954-AA78-02C47612CE1D}\MpKsl88935ecc.sys [x]
R1 MpKsl93b60626;MpKsl93b60626;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9A6F383D-21E2-4B4D-8209-E3EA70DD1FBF}\MpKsl93b60626.sys [x]
R1 MpKsla19961ef;MpKsla19961ef;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B58075B6-0A17-4F17-BF7C-34988492563B}\MpKsla19961ef.sys [x]
R1 MpKslbf143013;MpKslbf143013;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{994762E8-18DB-4606-8295-E02777E55EA0}\MpKslbf143013.sys [x]
R1 MpKsld1e57c36;MpKsld1e57c36;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3F6D9151-A721-4650-AE73-3A3E19ED8E7F}\MpKsld1e57c36.sys [x]
R1 MpKsle77460fc;MpKsle77460fc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57F43A9E-A6B5-41E1-BC79-4DC9243F892C}\MpKsle77460fc.sys [x]
R1 MpKslf93c26fa;MpKslf93c26fa;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4ACEA5B9-D840-4A49-9BA2-CF1D24111C13}\MpKslf93c26fa.sys [x]
R1 MpKslfc0c75d5;MpKslfc0c75d5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8443200F-98D2-494E-8B40-2C98351FC4C9}\MpKslfc0c75d5.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 136176]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-07 366640]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-04-19 399416]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\VERIZONDM\bin\sprtsvc.exe [2011-02-01 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\VERIZONDM\bin\tgsrvc.exe [2011-02-01 185640]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-05-09 20032]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-07 22712]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-01-03 121192]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 136680]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 23:11]
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 23:11]
.
2011-12-03 c:\windows\Tasks\Norton Security Scan for Ashutosh.job
- c:\progra~1\NORTON~2\Engine\351~1.6\Nss.exe [2011-08-15 04:47]
.
2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{F9FFF33D-EEBD-480F-9293-0A18CF029FC2}.job
- c:\windows\system32\msfeedssync.exe [2011-06-08 15:15]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
FF - ProfilePath - c:\users\Ashutosh\AppData\Roaming\Mozilla\Firefox\Profiles\7rj18k6x.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Swagbucks.com
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Privacy Protection - c:\users\Ashutosh\AppData\Roaming\privacy.exe
AddRemove-{D0795B21-0CDA-4a92-AB9E-6E92D8111E44} - c:\users\Ashutosh\AppData\Local\Temp\SAMSUNG\USB Drivers\-r\Uninstall.exe
AddRemove-03_Swallowtail - c:\users\Ashutosh\AppData\Local\Temp\SAMSUNG\USB Drivers\-r\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\users\Ashutosh\AppData\Local\Temp\SAMSUNG\USB Drivers\-r\04_semseyite\Uninstall.exe
AddRemove-16_Shrewsbury - c:\users\Ashutosh\AppData\Local\Temp\SAMSUNG\USB Drivers\-r\16_Shrewsbury\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-04 09:32
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-12-04 09:35:02
ComboFix-quarantined-files.txt 2011-12-04 14:34
ComboFix2.txt 2011-06-16 18:40
.
Pre-Run: 149,100,326,912 bytes free
Post-Run: 149,120,909,312 bytes free
.
- - End Of File - - 211DE152CD0A46224546787763B1D21A




Thanks! Let me know what's next.
 

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
Hi va_girl

Lets try these scans again.




Update Malwarebytes Anti-Malware and run a scan.

  • Right click on Malwarebytes Anti-Malware icon, choose Run as administrator and Continue
  • Click on the update tab, then click update.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Next click on Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.




Download TDSSKiller.zip and extract it to your Desktop.
  • Right click on TDSSKiller.exe, choose Run as administrator to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT



Please post back with

Malwarebytes Anti-Malware Log
TDSSKiller Log
 

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
Performed the scan using Malwarebytes as well as TDSSKiller and here are the logs:

Malwarebytes log:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8311

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421

12/4/2011 4:39:20 PM
mbam-log-2011-12-04 (16-39-20).txt

Scan type: Quick scan
Objects scanned: 224935
Time elapsed: 2 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


-----------------------------------------------------------------
TDSSKiller log:

16:48:45.0140 1008 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
16:48:45.0239 1008 ============================================================
16:48:45.0239 1008 Current date / time: 2011/12/04 16:48:45.0239
16:48:45.0239 1008 SystemInfo:
16:48:45.0239 1008
16:48:45.0239 1008 OS Version: 6.0.6002 ServicePack: 2.0
16:48:45.0239 1008 Product type: Workstation
16:48:45.0239 1008 ComputerName: ASHU
16:48:45.0240 1008 UserName: Ashutosh
16:48:45.0240 1008 Windows directory: C:\Windows
16:48:45.0240 1008 System windows directory: C:\Windows
16:48:45.0240 1008 Processor architecture: Intel x86
16:48:45.0240 1008 Number of processors: 2
16:48:45.0240 1008 Page size: 0x1000
16:48:45.0240 1008 Boot type: Safe boot with network
16:48:45.0240 1008 ============================================================
16:48:45.0690 1008 Initialize success
16:48:47.0383 2552 ============================================================
16:48:47.0383 2552 Scan started
16:48:47.0383 2552 Mode: Manual;
16:48:47.0383 2552 ============================================================
16:48:47.0995 2552 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
16:48:47.0998 2552 ACPI - ok
16:48:48.0189 2552 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
16:48:48.0193 2552 adp94xx - ok
16:48:48.0317 2552 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
16:48:48.0321 2552 adpahci - ok
16:48:48.0398 2552 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
16:48:48.0399 2552 adpu160m - ok
16:48:48.0487 2552 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
16:48:48.0488 2552 adpu320 - ok
16:48:48.0601 2552 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
16:48:48.0604 2552 AFD - ok
16:48:48.0695 2552 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
16:48:48.0696 2552 agp440 - ok
16:48:48.0770 2552 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:48:48.0771 2552 aic78xx - ok
16:48:48.0854 2552 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
16:48:48.0855 2552 aliide - ok
16:48:48.0897 2552 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
16:48:48.0897 2552 amdagp - ok
16:48:48.0968 2552 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
16:48:48.0968 2552 amdide - ok
16:48:49.0056 2552 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
16:48:49.0057 2552 AmdK7 - ok
16:48:49.0127 2552 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
16:48:49.0128 2552 AmdK8 - ok
16:48:49.0207 2552 ApfiltrService (b49a709f65bf3beaa2b03f8ec139d568) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:48:49.0209 2552 ApfiltrService - ok
16:48:49.0367 2552 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
16:48:49.0369 2552 arc - ok
16:48:49.0453 2552 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
16:48:49.0455 2552 arcsas - ok
16:48:49.0541 2552 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:48:49.0542 2552 AsyncMac - ok
16:48:49.0615 2552 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
16:48:49.0615 2552 atapi - ok
16:48:49.0847 2552 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
16:48:49.0852 2552 BCM43XV - ok
16:48:49.0929 2552 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:48:49.0929 2552 Beep - ok
16:48:50.0067 2552 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
16:48:50.0068 2552 blbdrive - ok
16:48:50.0162 2552 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
16:48:50.0163 2552 bowser - ok
16:48:50.0364 2552 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:48:50.0365 2552 BrFiltLo - ok
16:48:50.0407 2552 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:48:50.0408 2552 BrFiltUp - ok
16:48:50.0474 2552 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:48:50.0475 2552 Brserid - ok
16:48:50.0639 2552 BrSerIf (56f59a4011f503149ae4de826982ca4f) C:\Windows\system32\Drivers\BrSerIf.sys
16:48:50.0640 2552 BrSerIf - ok
16:48:50.0793 2552 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:48:50.0794 2552 BrSerWdm - ok
16:48:50.0918 2552 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:48:50.0918 2552 BrUsbMdm - ok
16:48:50.0998 2552 BrUsbSer (a24c7b39602218f8dbdb2b6704325fc7) C:\Windows\system32\Drivers\BrUsbSer.sys
16:48:50.0998 2552 BrUsbSer - ok
16:48:51.0142 2552 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:48:51.0142 2552 BTHMODEM - ok
16:48:51.0312 2552 catchme - ok
16:48:51.0455 2552 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:48:51.0457 2552 cdfs - ok
16:48:51.0565 2552 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
16:48:51.0566 2552 cdrom - ok
16:48:51.0664 2552 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
16:48:51.0665 2552 circlass - ok
16:48:51.0767 2552 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
16:48:51.0770 2552 CLFS - ok
16:48:51.0925 2552 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:48:51.0926 2552 CmBatt - ok
16:48:51.0980 2552 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
16:48:51.0980 2552 cmdide - ok
16:48:52.0092 2552 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
16:48:52.0095 2552 CnxtHdAudService - ok
16:48:52.0215 2552 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:48:52.0216 2552 Compbatt - ok
16:48:52.0278 2552 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
16:48:52.0279 2552 crcdisk - ok
16:48:52.0471 2552 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
16:48:52.0472 2552 Crusoe - ok
16:48:52.0681 2552 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
16:48:52.0682 2552 DfsC - ok
16:48:52.0811 2552 dgderdrv (f4c7c13d736515ed5263d0019a9713b7) C:\Windows\system32\drivers\dgderdrv.sys
16:48:52.0811 2552 dgderdrv - ok
16:48:53.0015 2552 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
16:48:53.0016 2552 disk - ok
16:48:53.0139 2552 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:48:53.0140 2552 drmkaud - ok
16:48:53.0242 2552 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
16:48:53.0249 2552 DXGKrnl - ok
16:48:53.0339 2552 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:48:53.0341 2552 E1G60 - ok
16:48:53.0452 2552 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
16:48:53.0454 2552 Ecache - ok
16:48:53.0645 2552 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
16:48:53.0649 2552 elxstor - ok
16:48:53.0726 2552 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
16:48:53.0727 2552 ErrDev - ok
16:48:53.0893 2552 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
16:48:53.0895 2552 exfat - ok
16:48:54.0008 2552 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
16:48:54.0010 2552 fastfat - ok
16:48:54.0123 2552 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
16:48:54.0124 2552 fdc - ok
16:48:54.0209 2552 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:48:54.0211 2552 FileInfo - ok
16:48:54.0304 2552 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:48:54.0305 2552 Filetrace - ok
16:48:54.0422 2552 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:48:54.0422 2552 flpydisk - ok
16:48:54.0545 2552 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
16:48:54.0547 2552 FltMgr - ok
16:48:54.0680 2552 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
16:48:54.0681 2552 fssfltr - ok
16:48:54.0783 2552 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
16:48:54.0783 2552 Fs_Rec - ok
16:48:54.0840 2552 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
16:48:54.0841 2552 gagp30kx - ok
16:48:54.0987 2552 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:48:54.0988 2552 GEARAspiWDM - ok
16:48:55.0137 2552 HdAudAddService (4487da7bd384caafa0c620b19fea540a) C:\Windows\system32\drivers\CHDART.sys
16:48:55.0139 2552 HdAudAddService - ok
16:48:55.0285 2552 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:48:55.0291 2552 HDAudBus - ok
16:48:55.0371 2552 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:48:55.0371 2552 HidBth - ok
16:48:55.0522 2552 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:48:55.0523 2552 HidIr - ok
16:48:55.0639 2552 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
16:48:55.0640 2552 HidUsb - ok
16:48:55.0715 2552 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
16:48:55.0715 2552 HpCISSs - ok
16:48:55.0805 2552 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:48:55.0805 2552 HpqKbFiltr - ok
16:48:55.0866 2552 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
16:48:55.0867 2552 HpqRemHid - ok
16:48:55.0982 2552 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:48:55.0985 2552 HSFHWAZL - ok
16:48:56.0124 2552 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
16:48:56.0132 2552 HSF_DPV - ok
16:48:56.0289 2552 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
16:48:56.0291 2552 HSXHWAZL - ok
16:48:56.0454 2552 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
16:48:56.0458 2552 HTTP - ok
16:48:56.0576 2552 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
16:48:56.0577 2552 i2omp - ok
16:48:56.0676 2552 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:48:56.0677 2552 i8042prt - ok
16:48:56.0798 2552 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys
16:48:56.0801 2552 iaStor - ok
16:48:56.0913 2552 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
16:48:56.0916 2552 iaStorV - ok
16:48:57.0341 2552 igfx (a9221d13d8f1f772010ee293ba9baeb7) C:\Windows\system32\DRIVERS\igdkmd32.sys
16:48:57.0390 2552 igfx - ok
16:48:57.0529 2552 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:48:57.0530 2552 iirsp - ok
16:48:57.0616 2552 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
16:48:57.0617 2552 intelide - ok
16:48:57.0755 2552 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:48:57.0756 2552 intelppm - ok
16:48:57.0882 2552 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:48:57.0882 2552 IpFilterDriver - ok
16:48:57.0998 2552 IpInIp - ok
16:48:58.0066 2552 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
16:48:58.0067 2552 IPMIDRV - ok
16:48:58.0163 2552 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:48:58.0164 2552 IPNAT - ok
16:48:58.0257 2552 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:48:58.0257 2552 IRENUM - ok
16:48:58.0324 2552 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
16:48:58.0325 2552 isapnp - ok
16:48:58.0451 2552 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
16:48:58.0452 2552 iScsiPrt - ok
16:48:58.0558 2552 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:48:58.0559 2552 iteatapi - ok
16:48:58.0609 2552 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:48:58.0610 2552 iteraid - ok
16:48:58.0659 2552 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:48:58.0660 2552 kbdclass - ok
16:48:58.0729 2552 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
16:48:58.0729 2552 kbdhid - ok
16:48:58.0811 2552 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
16:48:58.0816 2552 KSecDD - ok
16:48:58.0914 2552 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:48:58.0915 2552 lltdio - ok
16:48:59.0004 2552 lmimirr - ok
16:48:59.0044 2552 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
16:48:59.0046 2552 LSI_FC - ok
16:48:59.0101 2552 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
16:48:59.0102 2552 LSI_SAS - ok
16:48:59.0126 2552 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
16:48:59.0127 2552 LSI_SCSI - ok
16:48:59.0222 2552 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:48:59.0223 2552 luafv - ok
16:48:59.0356 2552 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:48:59.0357 2552 mdmxsdk - ok
16:48:59.0515 2552 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
16:48:59.0516 2552 megasas - ok
16:48:59.0684 2552 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
16:48:59.0688 2552 MegaSR - ok
16:48:59.0865 2552 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\Windows\system32\drivers\mfeavfk.sys
16:48:59.0866 2552 mfeavfk - ok
16:48:59.0949 2552 mfebopk (1d003e3056a43d881597d6763e83b943) C:\Windows\system32\drivers\mfebopk.sys
16:48:59.0950 2552 mfebopk - ok
16:49:00.0140 2552 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\Windows\system32\drivers\mfehidk.sys
16:49:00.0143 2552 mfehidk - ok
16:49:00.0265 2552 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
16:49:00.0265 2552 mferkdk - ok
16:49:00.0368 2552 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
16:49:00.0369 2552 mfesmfk - ok
16:49:00.0534 2552 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:49:00.0535 2552 Modem - ok
16:49:00.0626 2552 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:49:00.0627 2552 monitor - ok
16:49:00.0698 2552 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:49:00.0698 2552 mouclass - ok
16:49:00.0785 2552 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:49:00.0786 2552 mouhid - ok
16:49:00.0846 2552 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:49:00.0847 2552 MountMgr - ok
16:49:00.0987 2552 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
16:49:00.0988 2552 MpFilter - ok
16:49:01.0039 2552 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
16:49:01.0061 2552 mpio - ok
16:49:01.0151 2552 MpKsl0143311a - ok
16:49:01.0172 2552 MpKsl1334fa1c - ok
16:49:01.0191 2552 MpKsl216a607e - ok
16:49:01.0211 2552 MpKsl237be86c - ok
16:49:01.0254 2552 MpKsl281bb0b0 - ok
16:49:01.0268 2552 MpKsl2861a1ff - ok
16:49:01.0304 2552 MpKsl5b3a3dce - ok
16:49:01.0312 2552 MpKsl5b546cf0 - ok
16:49:01.0334 2552 MpKsl64b2e4f0 - ok
16:49:01.0356 2552 MpKsl7644f9f3 - ok
16:49:01.0405 2552 MpKsl873800cf - ok
16:49:01.0412 2552 MpKsl88935ecc - ok
16:49:01.0458 2552 MpKsl93b60626 - ok
16:49:01.0466 2552 MpKsla19961ef - ok
16:49:01.0475 2552 MpKslbf143013 - ok
16:49:01.0483 2552 MpKsld1e57c36 - ok
16:49:01.0505 2552 MpKsle77460fc - ok
16:49:01.0513 2552 MpKslf93c26fa - ok
16:49:01.0521 2552 MpKslfc0c75d5 - ok
16:49:01.0649 2552 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:49:01.0650 2552 MpNWMon - ok
16:49:01.0704 2552 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:49:01.0705 2552 mpsdrv - ok
16:49:01.0804 2552 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:49:01.0804 2552 Mraid35x - ok
16:49:01.0981 2552 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
16:49:01.0982 2552 MRxDAV - ok
16:49:02.0085 2552 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:49:02.0087 2552 mrxsmb - ok
16:49:02.0268 2552 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:49:02.0271 2552 mrxsmb10 - ok
16:49:02.0326 2552 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:49:02.0328 2552 mrxsmb20 - ok
16:49:02.0435 2552 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
16:49:02.0436 2552 msahci - ok
16:49:02.0500 2552 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
16:49:02.0501 2552 msdsm - ok
16:49:02.0554 2552 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:49:02.0555 2552 Msfs - ok
16:49:02.0711 2552 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:49:02.0712 2552 msisadrv - ok
16:49:02.0811 2552 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:49:02.0811 2552 MSKSSRV - ok
16:49:02.0965 2552 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:49:02.0966 2552 MSPCLOCK - ok
16:49:03.0024 2552 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:49:03.0025 2552 MSPQM - ok
16:49:03.0075 2552 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
16:49:03.0077 2552 MsRPC - ok
16:49:03.0127 2552 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:49:03.0128 2552 mssmbios - ok
16:49:03.0187 2552 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:49:03.0188 2552 MSTEE - ok
16:49:03.0247 2552 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
16:49:03.0248 2552 Mup - ok
16:49:03.0325 2552 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
16:49:03.0327 2552 NativeWifiP - ok
16:49:03.0410 2552 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
16:49:03.0416 2552 NDIS - ok
16:49:03.0559 2552 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:49:03.0560 2552 NdisTapi - ok
16:49:03.0696 2552 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:49:03.0696 2552 Ndisuio - ok
16:49:03.0795 2552 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:49:03.0810 2552 NdisWan - ok
16:49:03.0851 2552 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:49:03.0852 2552 NDProxy - ok
16:49:03.0911 2552 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:49:03.0912 2552 NetBIOS - ok
16:49:03.0998 2552 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
16:49:04.0000 2552 netbt - ok
16:49:04.0199 2552 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
16:49:04.0221 2552 NETw4v32 - ok
16:49:04.0538 2552 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
16:49:04.0576 2552 NETw5v32 - ok
16:49:04.0697 2552 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:49:04.0697 2552 nfrd960 - ok
16:49:04.0756 2552 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:49:04.0757 2552 NisDrv - ok
16:49:04.0894 2552 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
16:49:04.0894 2552 Npfs - ok
16:49:04.0968 2552 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:49:04.0969 2552 nsiproxy - ok
16:49:05.0088 2552 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
16:49:05.0098 2552 Ntfs - ok
16:49:05.0231 2552 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:49:05.0231 2552 ntrigdigi - ok
16:49:05.0307 2552 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:49:05.0307 2552 Null - ok
16:49:05.0382 2552 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
16:49:05.0387 2552 NVENETFD - ok
16:49:05.0494 2552 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
16:49:05.0496 2552 nvraid - ok
16:49:05.0561 2552 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
16:49:05.0562 2552 nvstor - ok
16:49:05.0601 2552 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
16:49:05.0603 2552 nv_agp - ok
16:49:05.0619 2552 NwlnkFlt - ok
16:49:05.0633 2552 NwlnkFwd - ok
16:49:05.0694 2552 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
16:49:05.0696 2552 ohci1394 - ok
16:49:05.0806 2552 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:49:05.0808 2552 Parport - ok
16:49:05.0893 2552 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
16:49:05.0893 2552 partmgr - ok
16:49:05.0948 2552 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:49:05.0949 2552 Parvdm - ok
16:49:06.0031 2552 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
16:49:06.0033 2552 pci - ok
16:49:06.0173 2552 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
16:49:06.0174 2552 pciide - ok
16:49:06.0273 2552 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:49:06.0275 2552 pcmcia - ok
16:49:06.0416 2552 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:49:06.0424 2552 PEAUTH - ok
16:49:06.0575 2552 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:49:06.0576 2552 PptpMiniport - ok
16:49:06.0620 2552 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
16:49:06.0621 2552 Processor - ok
16:49:06.0721 2552 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
16:49:06.0722 2552 PSched - ok
16:49:06.0830 2552 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys
16:49:06.0831 2552 PSI - ok
16:49:06.0982 2552 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
16:49:06.0992 2552 ql2300 - ok
16:49:07.0046 2552 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:49:07.0047 2552 ql40xx - ok
16:49:07.0100 2552 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:49:07.0101 2552 QWAVEdrv - ok
16:49:07.0147 2552 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:49:07.0148 2552 RasAcd - ok
16:49:07.0246 2552 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:49:07.0247 2552 Rasl2tp - ok
16:49:07.0312 2552 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
16:49:07.0312 2552 RasPppoe - ok
16:49:07.0406 2552 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
16:49:07.0408 2552 RasSstp - ok
16:49:07.0477 2552 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
16:49:07.0491 2552 rdbss - ok
16:49:07.0577 2552 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:49:07.0577 2552 RDPCDD - ok
16:49:07.0647 2552 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
16:49:07.0650 2552 rdpdr - ok
16:49:07.0701 2552 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:49:07.0702 2552 RDPENCDD - ok
16:49:07.0786 2552 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
16:49:07.0788 2552 RDPWD - ok
16:49:07.0886 2552 rimmptsk (c35ca13d3627ebd9dd12a23ce781bc3d) C:\Windows\system32\DRIVERS\rimmptsk.sys
16:49:07.0887 2552 rimmptsk - ok
16:49:07.0938 2552 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
16:49:07.0939 2552 rimsptsk - ok
16:49:08.0011 2552 RimUsb - ok
16:49:08.0131 2552 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
16:49:08.0132 2552 RimVSerPort - ok
16:49:08.0202 2552 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
16:49:08.0203 2552 rismxdp - ok
16:49:08.0280 2552 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
16:49:08.0281 2552 ROOTMODEM - ok
16:49:08.0358 2552 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:49:08.0359 2552 rspndr - ok
16:49:08.0447 2552 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:49:08.0449 2552 sbp2port - ok
16:49:08.0566 2552 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
16:49:08.0567 2552 sdbus - ok
16:49:08.0624 2552 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:49:08.0625 2552 secdrv - ok
16:49:08.0737 2552 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:49:08.0738 2552 Serenum - ok
16:49:08.0784 2552 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:49:08.0786 2552 Serial - ok
16:49:08.0883 2552 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:49:08.0884 2552 sermouse - ok
16:49:08.0962 2552 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
16:49:08.0963 2552 sffdisk - ok
16:49:09.0018 2552 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
16:49:09.0019 2552 sffp_mmc - ok
16:49:09.0105 2552 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:49:09.0106 2552 sffp_sd - ok
16:49:09.0220 2552 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:49:09.0220 2552 sfloppy - ok
16:49:09.0310 2552 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
16:49:09.0311 2552 sisagp - ok
16:49:09.0365 2552 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
16:49:09.0366 2552 SiSRaid2 - ok
16:49:09.0490 2552 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
16:49:09.0491 2552 SiSRaid4 - ok
16:49:09.0584 2552 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
16:49:09.0585 2552 Smb - ok
16:49:09.0627 2552 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:49:09.0628 2552 spldr - ok
16:49:09.0737 2552 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
16:49:09.0741 2552 srv - ok
16:49:09.0853 2552 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
16:49:09.0855 2552 srv2 - ok
16:49:09.0941 2552 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
16:49:09.0944 2552 srvnet - ok
16:49:10.0044 2552 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\Windows\system32\DRIVERS\ssadbus.sys
16:49:10.0046 2552 ssadbus - ok
16:49:10.0180 2552 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\Windows\system32\DRIVERS\ssadmdfl.sys
16:49:10.0182 2552 ssadmdfl - ok
16:49:10.0282 2552 ssadmdm (9afaa23421622c392b55508fa9613949) C:\Windows\system32\DRIVERS\ssadmdm.sys
16:49:10.0283 2552 ssadmdm - ok
16:49:10.0368 2552 sscdbus (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys
16:49:10.0369 2552 sscdbus - ok
16:49:10.0429 2552 sscdmdfl (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
16:49:10.0430 2552 sscdmdfl - ok
16:49:10.0512 2552 sscdmdm (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys
16:49:10.0515 2552 sscdmdm - ok
16:49:10.0587 2552 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
16:49:10.0587 2552 StillCam - ok
16:49:10.0716 2552 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:49:10.0717 2552 swenum - ok
16:49:10.0784 2552 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:49:10.0785 2552 Symc8xx - ok
16:49:10.0842 2552 SymIMMP - ok
16:49:10.0900 2552 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:49:10.0901 2552 Sym_hi - ok
16:49:11.0006 2552 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:49:11.0007 2552 Sym_u3 - ok
16:49:11.0138 2552 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
16:49:11.0147 2552 Tcpip - ok
16:49:11.0217 2552 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
16:49:11.0226 2552 Tcpip6 - ok
16:49:11.0341 2552 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
16:49:11.0341 2552 tcpipreg - ok
16:49:11.0425 2552 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:49:11.0426 2552 TDPIPE - ok
16:49:11.0516 2552 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:49:11.0517 2552 TDTCP - ok
16:49:11.0603 2552 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
16:49:11.0604 2552 tdx - ok
16:49:11.0669 2552 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
16:49:11.0670 2552 TermDD - ok
16:49:11.0799 2552 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:49:11.0800 2552 tssecsrv - ok
16:49:11.0882 2552 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:49:11.0883 2552 tunmp - ok
16:49:11.0952 2552 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
16:49:11.0953 2552 tunnel - ok
16:49:12.0015 2552 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
16:49:12.0016 2552 uagp35 - ok
16:49:12.0096 2552 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
16:49:12.0099 2552 udfs - ok
16:49:12.0198 2552 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
16:49:12.0199 2552 uliagpkx - ok
16:49:12.0273 2552 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
16:49:12.0276 2552 uliahci - ok
16:49:12.0319 2552 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:49:12.0320 2552 UlSata - ok
16:49:12.0363 2552 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:49:12.0364 2552 ulsata2 - ok
16:49:12.0500 2552 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:49:12.0501 2552 umbus - ok
16:49:12.0562 2552 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
16:49:12.0563 2552 USBAAPL - ok
16:49:12.0634 2552 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
16:49:12.0636 2552 usbccgp - ok
16:49:12.0717 2552 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:49:12.0718 2552 usbcir - ok
16:49:12.0792 2552 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
16:49:12.0794 2552 usbehci - ok
16:49:12.0830 2552 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
16:49:12.0832 2552 usbhub - ok
16:49:12.0916 2552 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
16:49:12.0917 2552 usbohci - ok
16:49:13.0033 2552 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:49:13.0034 2552 usbprint - ok
16:49:13.0128 2552 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
16:49:13.0130 2552 usbscan - ok
16:49:13.0192 2552 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:49:13.0194 2552 USBSTOR - ok
16:49:13.0277 2552 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:49:13.0278 2552 usbuhci - ok
16:49:13.0373 2552 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
16:49:13.0375 2552 usbvideo - ok
16:49:13.0485 2552 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
16:49:13.0486 2552 vga - ok
16:49:13.0580 2552 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:49:13.0581 2552 VgaSave - ok
16:49:13.0647 2552 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
16:49:13.0650 2552 viaagp - ok
16:49:13.0766 2552 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
16:49:13.0767 2552 ViaC7 - ok
16:49:13.0865 2552 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
16:49:13.0866 2552 viaide - ok
16:49:13.0954 2552 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:49:13.0954 2552 volmgr - ok
16:49:14.0043 2552 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
16:49:14.0047 2552 volmgrx - ok
16:49:14.0170 2552 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
16:49:14.0174 2552 volsnap - ok
16:49:14.0322 2552 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
16:49:14.0324 2552 vsmraid - ok
16:49:14.0431 2552 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:49:14.0432 2552 WacomPen - ok
16:49:14.0525 2552 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:49:14.0526 2552 Wanarp - ok
16:49:14.0650 2552 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:49:14.0651 2552 Wanarpv6 - ok
16:49:14.0742 2552 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
16:49:14.0742 2552 Wd - ok
16:49:14.0854 2552 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
16:49:14.0855 2552 WDC_SAM - ok
16:49:14.0926 2552 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
16:49:14.0932 2552 Wdf01000 - ok
16:49:15.0006 2552 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
16:49:15.0012 2552 winachsf - ok
16:49:15.0173 2552 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:49:15.0174 2552 WmiAcpi - ok
16:49:15.0296 2552 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
16:49:15.0297 2552 WpdUsb - ok
16:49:15.0368 2552 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:49:15.0369 2552 ws2ifsl - ok
16:49:15.0470 2552 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:49:15.0471 2552 WUDFRd - ok
16:49:15.0552 2552 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
16:49:15.0553 2552 XAudio - ok
16:49:15.0645 2552 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
16:49:15.0649 2552 yukonwlh - ok
16:49:15.0701 2552 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
16:49:15.0759 2552 \Device\Harddisk0\DR0 - ok
16:49:15.0770 2552 Boot (0x1200) (c6cf1a7df1aebd4d37cecf659929487a) \Device\Harddisk0\DR0\Partition0
16:49:15.0793 2552 \Device\Harddisk0\DR0\Partition0 - ok
16:49:15.0798 2552 Boot (0x1200) (486b6d319a106d46b6871fbb06ea3800) \Device\Harddisk0\DR0\Partition1
16:49:15.0800 2552 \Device\Harddisk0\DR0\Partition1 - ok
16:49:15.0802 2552 ============================================================
16:49:15.0802 2552 Scan finished
16:49:15.0802 2552 ============================================================
16:49:15.0834 2204 Detected object count: 0
16:49:15.0834 2204 Actual detected object count: 0


Thanks!
 

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
I see that you have ccleaner installed, can you please run it.
CAUTION: Please do NOT use the "Registry" button in the left pane.
This is a built-in registry cleaner. Removing certain entries can render your computer inoperable!
  • Open up CCleaner
  • Click the "Run Cleaner" button.
  • A pop up box will appear advising this process will permanently delete files from your system.
  • Click "OK"
  • CCleaner will scan and clean your system.
  • When cleaning is complete:
  • Click "Exit".
  • Repeat for all usernames.



Now run a online scan, some of the steps below may not count as you have already have ESET Online Scanner v3 installed,
but go though the instructions so ESET Online Scanner v3 will update.



You can use either Internet Explorer or Mozilla FireFox for this scan.

Windows Vista or Windows 7 users, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Please post back with eset scan results.

And also a good description on how your system is now.







.
 

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
Hi DFW,

I have run CCleaner and ESET scan as per your instructions. I could not run CCleaner on the 'guest' account because for some reason I could not access the 'guest' account.

Please find the ESET log results below:
[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
[email protected] as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=722a3256bd95cf4280dccd2cc86a3a64
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-12-05 04:45:01
# local_time=2011-12-05 11:45:01 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 67901477 67901477 0 0
# compatibility_mode=5892 16776574 100 100 21879174 159704030 0 0
# compatibility_mode=8192 67108863 100 0 14922476 14922476 0 0
# scanned=183253
# found=7
# cleaned=0
# scan_time=6999
C:\Program Files\vShare\imedix-silent.exe Win32/Toolbar.Zugo application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Users\Ashutosh\AppData\Roaming\privacy.exe.vir a variant of Win32/Kryptik.WME trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Ashutosh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\7d358f61-7dbfb901 a variant of Java/TrojanDownloader.OpenStream.NCM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Ashutosh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\2b29fca3-72c22639 a variant of Java/Agent.BR trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Ashutosh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\7b47aa68-4a9586a1 a variant of Win32/Kryptik.WME trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Ashutosh\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\737e33f5-22f97ae8 multiple threats (unable to clean) 00000000000000000000000000000000 I
C:\Users\Ashutosh\Downloads\winamp5601_full_emusic-7plus_all.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 Ii

Regarding the performance of my system, I am still running everything in 'safe mode' so I am not sure if I will be able to access anything in the 'regular mode'. Do you want me to restart using 'regular mode' and report back to you regarding that?

Also, one thing that's been driving me crazy is that whenever I am typing something, my cursor jumps around like crazy.

Thanks.
 

DFW

Malware Specialist
Joined
Jun 12, 2004
Messages
1,458
Yes, please try normal mode and let me know.
 

va_girl

Thread Starter
Joined
May 29, 2011
Messages
34
I am running my computer in normal mode and everything seems to be working fine. I don't see the "privacy protection" software start scanning as soon as the computer starts. Also, I can open "IE" as well as "Firefox".

Everything looks normal from a functional standpoint.

Thanks!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top