Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SPAMMER:Win32/Cutwail.gen!D disabled my access to Microsoft Firew

Started by geeksugarbaby , Oct 08 2012 08:34 PM

  • This topic is locked This topic is locked

#16
gringo_pr
Posted 15 October 2012 - 10:26 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings geeksugarbaby

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

Advertisements

#17
geeksugarbaby
Posted 15 October 2012 - 11:11 PM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
NO REBOOT WAS REQUIRED.... HERE IS TDSSKILLER RESULTS:


01:09:36.0734 1864 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
01:09:37.0406 1864 ============================================================
01:09:37.0421 1864 Current date / time: 2012/10/16 01:09:37.0406
01:09:37.0421 1864 SystemInfo:
01:09:37.0421 1864
01:09:37.0421 1864 OS Version: 5.1.2600 ServicePack: 3.0
01:09:37.0421 1864 Product type: Workstation
01:09:37.0421 1864 ComputerName: TOSHIBAM45-S169
01:09:37.0421 1864 UserName: CRC
01:09:37.0421 1864 Windows directory: C:\WINDOWS
01:09:37.0421 1864 System windows directory: C:\WINDOWS
01:09:37.0421 1864 Processor architecture: Intel x86
01:09:37.0421 1864 Number of processors: 1
01:09:37.0421 1864 Page size: 0x1000
01:09:37.0421 1864 Boot type: Normal boot
01:09:37.0421 1864 ============================================================
01:09:39.0828 1864 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:09:39.0828 1864 ============================================================
01:09:39.0828 1864 \Device\Harddisk0\DR0:
01:09:39.0828 1864 MBR partitions:
01:09:39.0828 1864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E1EDEC
01:09:39.0828 1864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E1EE2B, BlocksNum 0x2711676
01:09:39.0828 1864 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x75304A1, BlocksNum 0x1F78086
01:09:39.0828 1864 ============================================================
01:09:39.0859 1864 C: <-> \Device\Harddisk0\DR0\Partition1
01:09:39.0890 1864 D: <-> \Device\Harddisk0\DR0\Partition2
01:09:39.0921 1864 E: <-> \Device\Harddisk0\DR0\Partition3
01:09:39.0921 1864 ============================================================
01:09:39.0921 1864 Initialize success
01:09:39.0921 1864 ============================================================
01:09:45.0875 2624 ============================================================
01:09:45.0875 2624 Scan started
01:09:45.0875 2624 Mode: Manual;
01:09:45.0875 2624 ============================================================
01:09:46.0703 2624 ================ Scan system memory ========================
01:09:46.0703 2624 System memory - ok
01:09:46.0703 2624 ================ Scan services =============================
01:09:46.0781 2624 Abiosdsk - ok
01:09:46.0796 2624 abp480n5 - ok
01:09:46.0859 2624 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:09:46.0875 2624 ACPI - ok
01:09:46.0906 2624 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
01:09:46.0906 2624 ACPIEC - ok
01:09:46.0984 2624 [ 539802224D334C25AC439FF0518D36CD ] ACS C:\WINDOWS\system32\ACS.exe
01:09:47.0031 2624 ACS - ok
01:09:47.0046 2624 adpu160m - ok
01:09:47.0093 2624 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
01:09:47.0109 2624 aec - ok
01:09:47.0171 2624 [ 7618D5218F2A614672EC61A80D854A37 ] AFD C:\WINDOWS\System32\drivers\afd.sys
01:09:47.0171 2624 AFD - ok
01:09:47.0234 2624 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
01:09:47.0234 2624 AFS2K - ok
01:09:47.0328 2624 [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
01:09:47.0343 2624 AgereSoftModem - ok
01:09:47.0375 2624 Aha154x - ok
01:09:47.0390 2624 aic78u2 - ok
01:09:47.0406 2624 aic78xx - ok
01:09:47.0625 2624 [ BEA942FF21154FEE4F71DDD477621C70 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
01:09:47.0687 2624 ALCXWDM - ok
01:09:47.0750 2624 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
01:09:47.0750 2624 Alerter - ok
01:09:47.0781 2624 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
01:09:47.0781 2624 ALG - ok
01:09:47.0781 2624 AliIde - ok
01:09:47.0796 2624 amsint - ok
01:09:47.0828 2624 AppMgmt - ok
01:09:47.0875 2624 [ 37E1A3630872B3CCAA45E2468F437DF0 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
01:09:47.0906 2624 AR5211 - ok
01:09:47.0953 2624 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:09:47.0953 2624 Arp1394 - ok
01:09:47.0968 2624 asc - ok
01:09:47.0984 2624 asc3350p - ok
01:09:48.0000 2624 asc3550 - ok
01:09:48.0125 2624 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:09:48.0171 2624 aspnet_state - ok
01:09:48.0203 2624 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:09:48.0203 2624 AsyncMac - ok
01:09:48.0250 2624 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
01:09:48.0250 2624 atapi - ok
01:09:48.0265 2624 Atdisk - ok
01:09:48.0328 2624 [ 9FB66CDB75A069A156208EF98B6EEB62 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
01:09:48.0343 2624 Ati HotKey Poller - ok
01:09:48.0406 2624 [ 9DC33D25EE0ED27752455A52F25DDB6E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
01:09:48.0437 2624 ati2mtag - ok
01:09:48.0484 2624 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:09:48.0484 2624 Atmarpc - ok
01:09:48.0515 2624 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
01:09:48.0515 2624 AudioSrv - ok
01:09:48.0562 2624 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
01:09:48.0562 2624 audstub - ok
01:09:48.0656 2624 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:09:48.0656 2624 Beep - ok
01:09:48.0703 2624 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
01:09:48.0734 2624 BITS - ok
01:09:48.0765 2624 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
01:09:48.0765 2624 Bridge - ok
01:09:48.0781 2624 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
01:09:48.0781 2624 BridgeMP - ok
01:09:48.0828 2624 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
01:09:48.0828 2624 Browser - ok
01:09:48.0875 2624 [ A0B1AEB65397ADCAE5A199BD152C107D ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
01:09:48.0921 2624 BVRPMPR5 - ok
01:09:48.0937 2624 BW2NDIS5 - ok
01:09:49.0078 2624 catchme - ok
01:09:49.0125 2624 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
01:09:49.0125 2624 cbidf2k - ok
01:09:49.0218 2624 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
01:09:49.0218 2624 CCALib8 - ok
01:09:49.0234 2624 cd20xrnt - ok
01:09:49.0296 2624 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
01:09:49.0296 2624 Cdaudio - ok
01:09:49.0328 2624 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
01:09:49.0328 2624 Cdfs - ok
01:09:49.0359 2624 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:09:49.0359 2624 Cdrom - ok
01:09:49.0421 2624 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
01:09:49.0468 2624 CFSvcs - ok
01:09:49.0484 2624 Changer - ok
01:09:49.0515 2624 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
01:09:49.0515 2624 CiSvc - ok
01:09:49.0578 2624 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
01:09:49.0578 2624 ClipSrv - ok
01:09:49.0640 2624 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:09:49.0671 2624 clr_optimization_v2.0.50727_32 - ok
01:09:49.0718 2624 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
01:09:49.0718 2624 CmBatt - ok
01:09:49.0734 2624 CmdIde - ok
01:09:49.0750 2624 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
01:09:49.0750 2624 Compbatt - ok
01:09:49.0765 2624 COMSysApp - ok
01:09:49.0796 2624 Cpqarray - ok
01:09:49.0843 2624 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
01:09:49.0843 2624 CryptSvc - ok
01:09:49.0859 2624 dac2w2k - ok
01:09:49.0875 2624 dac960nt - ok
01:09:49.0953 2624 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:09:49.0953 2624 DcomLaunch - ok
01:09:49.0984 2624 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
01:09:50.0000 2624 Dhcp - ok
01:09:50.0031 2624 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
01:09:50.0031 2624 Disk - ok
01:09:50.0031 2624 dmadmin - ok
01:09:50.0078 2624 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
01:09:50.0093 2624 dmboot - ok
01:09:50.0140 2624 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
01:09:50.0140 2624 dmio - ok
01:09:50.0187 2624 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
01:09:50.0187 2624 dmload - ok
01:09:50.0218 2624 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
01:09:50.0218 2624 dmserver - ok
01:09:50.0250 2624 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
01:09:50.0250 2624 DMusic - ok
01:09:50.0296 2624 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:09:50.0296 2624 Dnscache - ok
01:09:50.0359 2624 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
01:09:50.0359 2624 Dot3svc - ok
01:09:50.0390 2624 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
01:09:50.0406 2624 Dot4 - ok
01:09:50.0453 2624 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
01:09:50.0453 2624 Dot4Print - ok
01:09:50.0500 2624 [ 6EC3AF6BB5B30E488A0C559921F012E1 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
01:09:50.0515 2624 dot4usb - ok
01:09:50.0515 2624 dpti2o - ok
01:09:50.0546 2624 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:09:50.0546 2624 drmkaud - ok
01:09:50.0593 2624 [ 96BC8F872F0270C10EDC3931F1C03776 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
01:09:50.0609 2624 drvmcdb - ok
01:09:50.0656 2624 [ 5AFBEC7A6AC61B211633DFDB1D9E0C89 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
01:09:50.0656 2624 drvnddm - ok
01:09:50.0718 2624 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
01:09:50.0796 2624 DVD-RAM_Service - ok
01:09:50.0812 2624 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
01:09:50.0812 2624 EapHost - ok
01:09:50.0859 2624 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
01:09:50.0859 2624 ERSvc - ok
01:09:50.0906 2624 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
01:09:50.0921 2624 Eventlog - ok
01:09:50.0968 2624 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
01:09:50.0968 2624 EventSystem - ok
01:09:51.0031 2624 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
01:09:51.0031 2624 Fastfat - ok
01:09:51.0093 2624 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:09:51.0093 2624 FastUserSwitchingCompatibility - ok
01:09:51.0125 2624 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
01:09:51.0140 2624 Fax - ok
01:09:51.0156 2624 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
01:09:51.0156 2624 Fdc - ok
01:09:51.0187 2624 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
01:09:51.0187 2624 Fips - ok
01:09:51.0218 2624 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
01:09:51.0218 2624 Flpydisk - ok
01:09:51.0265 2624 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
01:09:51.0265 2624 FltMgr - ok
01:09:51.0343 2624 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:09:51.0343 2624 FontCache3.0.0.0 - ok
01:09:51.0390 2624 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:09:51.0390 2624 Fs_Rec - ok
01:09:51.0453 2624 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:09:51.0453 2624 Ftdisk - ok
01:09:51.0484 2624 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:09:51.0484 2624 Gpc - ok
01:09:51.0562 2624 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:09:51.0562 2624 gusvc - ok
01:09:51.0625 2624 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:09:51.0625 2624 helpsvc - ok
01:09:51.0656 2624 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
01:09:51.0671 2624 HidServ - ok
01:09:51.0687 2624 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:09:51.0687 2624 HidUsb - ok
01:09:51.0734 2624 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
01:09:51.0734 2624 hkmsvc - ok
01:09:51.0750 2624 hpn - ok
01:09:51.0828 2624 [ CA990306ED4EF732AF9695BFF24FC96F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:09:51.0828 2624 HPZius12 - ok
01:09:51.0875 2624 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
01:09:51.0890 2624 HTTP - ok
01:09:52.0281 2624 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
01:09:52.0296 2624 HTTPFilter - ok
01:09:52.0312 2624 i2omgmt - ok
01:09:52.0328 2624 i2omp - ok
01:09:52.0359 2624 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:09:52.0359 2624 i8042prt - ok
01:09:52.0421 2624 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:09:52.0453 2624 idsvc - ok
01:09:52.0500 2624 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
01:09:52.0500 2624 Imapi - ok
01:09:52.0546 2624 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
01:09:52.0546 2624 ImapiService - ok
01:09:52.0578 2624 ini910u - ok
01:09:52.0609 2624 IntelIde - ok
01:09:52.0656 2624 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:09:52.0656 2624 intelppm - ok
01:09:52.0687 2624 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
01:09:52.0687 2624 Ip6Fw - ok
01:09:52.0734 2624 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:09:52.0750 2624 IpFilterDriver - ok
01:09:52.0765 2624 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:09:52.0765 2624 IpInIp - ok
01:09:52.0812 2624 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:09:52.0812 2624 IpNat - ok
01:09:52.0843 2624 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:09:52.0843 2624 IPSec - ok
01:09:52.0890 2624 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
01:09:52.0890 2624 IRENUM - ok
01:09:52.0937 2624 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:09:52.0937 2624 isapnp - ok
01:09:52.0953 2624 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
01:09:52.0968 2624 Iviaspi - ok
01:09:53.0062 2624 [ 09417134F248DFCEEA15C72BCC87F592 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
01:09:53.0078 2624 JavaQuickStarterService - ok
01:09:53.0093 2624 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:09:53.0093 2624 Kbdclass - ok
01:09:53.0140 2624 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
01:09:53.0140 2624 kmixer - ok
01:09:53.0187 2624 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
01:09:53.0187 2624 KSecDD - ok
01:09:53.0250 2624 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
01:09:53.0250 2624 lanmanserver - ok
01:09:53.0296 2624 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:09:53.0312 2624 lanmanworkstation - ok
01:09:53.0328 2624 lbrtfdc - ok
01:09:53.0375 2624 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
01:09:53.0375 2624 LmHosts - ok
01:09:53.0453 2624 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
01:09:53.0468 2624 McciCMService - ok
01:09:53.0515 2624 [ 8FEE53C104223973ED9919936D9CD156 ] MDC8021X C:\WINDOWS\system32\DRIVERS\mdc8021x.sys
01:09:53.0546 2624 MDC8021X - ok
01:09:53.0609 2624 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
01:09:53.0625 2624 MDM - ok
01:09:53.0656 2624 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
01:09:53.0656 2624 meiudf - ok
01:09:53.0718 2624 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
01:09:53.0718 2624 Messenger - ok
01:09:53.0750 2624 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
01:09:53.0750 2624 mnmdd - ok
01:09:53.0796 2624 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
01:09:53.0796 2624 mnmsrvc - ok
01:09:53.0859 2624 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
01:09:53.0859 2624 Modem - ok
01:09:53.0906 2624 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:09:53.0906 2624 Mouclass - ok
01:09:53.0968 2624 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:09:53.0968 2624 mouhid - ok
01:09:54.0000 2624 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
01:09:54.0000 2624 MountMgr - ok
01:09:54.0062 2624 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
01:09:54.0062 2624 MozillaMaintenance - ok
01:09:54.0109 2624 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
01:09:54.0109 2624 MpFilter - ok
01:09:54.0265 2624 [ A69630D039C38018689190234F866D77 ] MpKsl5c966a6b C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6CD9A228-1877-4445-981D-C12947DA0535}\MpKsl5c966a6b.sys
01:09:54.0265 2624 MpKsl5c966a6b - ok
01:09:54.0281 2624 mraid35x - ok
01:09:54.0312 2624 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
01:09:54.0312 2624 MREMP50 - ok
01:09:54.0328 2624 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
01:09:54.0328 2624 MRESP50 - ok
01:09:54.0375 2624 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:09:54.0390 2624 MRxDAV - ok
01:09:54.0453 2624 [ 0EA4D8ED179B75F8AFA7998BA22285CA ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:09:54.0453 2624 MRxSmb - ok
01:09:54.0500 2624 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
01:09:54.0500 2624 MSDTC - ok
01:09:54.0515 2624 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:09:54.0515 2624 Msfs - ok
01:09:54.0531 2624 MSIServer - ok
01:09:54.0562 2624 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:09:54.0562 2624 MSKSSRV - ok
01:09:54.0640 2624 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
01:09:54.0640 2624 MsMpSvc - ok
01:09:54.0671 2624 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:09:54.0671 2624 MSPCLOCK - ok
01:09:54.0718 2624 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:09:54.0718 2624 MSPQM - ok
01:09:54.0765 2624 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:09:54.0765 2624 mssmbios - ok
01:09:54.0796 2624 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
01:09:54.0812 2624 Mup - ok
01:09:54.0875 2624 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
01:09:54.0875 2624 napagent - ok
01:09:54.0921 2624 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
01:09:54.0937 2624 NDIS - ok
01:09:54.0953 2624 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:09:54.0953 2624 NdisTapi - ok
01:09:54.0984 2624 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:09:54.0984 2624 Ndisuio - ok
01:09:55.0015 2624 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:09:55.0015 2624 NdisWan - ok
01:09:55.0062 2624 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:09:55.0062 2624 NDProxy - ok
01:09:55.0078 2624 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:09:55.0093 2624 NetBIOS - ok
01:09:55.0125 2624 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:09:55.0125 2624 NetBT - ok
01:09:55.0187 2624 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
01:09:55.0187 2624 NetDDE - ok
01:09:55.0203 2624 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
01:09:55.0203 2624 NetDDEdsdm - ok
01:09:55.0250 2624 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
01:09:55.0250 2624 Netdevio - ok
01:09:55.0265 2624 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:09:55.0265 2624 Netlogon - ok
01:09:55.0296 2624 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
01:09:55.0312 2624 Netman - ok
01:09:55.0359 2624 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:09:55.0359 2624 NetTcpPortSharing - ok
01:09:55.0390 2624 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:09:55.0390 2624 NIC1394 - ok
01:09:55.0421 2624 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
01:09:55.0437 2624 Nla - ok
01:09:55.0484 2624 [ A32EA921CD2E99E9C180B1D478B4DA0F ] Nokia USB Generic C:\WINDOWS\system32\drivers\nmwcdc.sys
01:09:55.0484 2624 Nokia USB Generic - ok
01:09:55.0515 2624 [ EEFF633BC334D09DC4DB5BF48E466A0A ] Nokia USB Modem C:\WINDOWS\system32\drivers\nmwcdcm.sys
01:09:55.0515 2624 Nokia USB Modem - ok
01:09:55.0531 2624 [ D2E494F5B5748628CE2823C187CDDA7F ] Nokia USB Phone Parent C:\WINDOWS\system32\drivers\nmwcd.sys
01:09:55.0546 2624 Nokia USB Phone Parent - ok
01:09:55.0546 2624 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:09:55.0562 2624 Npfs - ok
01:09:55.0609 2624 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:09:55.0625 2624 Ntfs - ok
01:09:55.0640 2624 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
01:09:55.0656 2624 NtLmSsp - ok
01:09:55.0703 2624 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
01:09:55.0718 2624 NtmsSvc - ok
01:09:55.0765 2624 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
01:09:55.0765 2624 Null - ok
01:09:55.0812 2624 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:09:55.0812 2624 NwlnkFlt - ok
01:09:55.0828 2624 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:09:55.0828 2624 NwlnkFwd - ok
01:09:55.0875 2624 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:09:55.0875 2624 ohci1394 - ok
01:09:55.0937 2624 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:09:55.0937 2624 ose - ok
01:09:55.0984 2624 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
01:09:55.0984 2624 Parport - ok
01:09:56.0031 2624 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
01:09:56.0031 2624 PartMgr - ok
01:09:56.0078 2624 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
01:09:56.0078 2624 ParVdm - ok
01:09:56.0109 2624 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
01:09:56.0109 2624 PCI - ok
01:09:56.0125 2624 PCIDump - ok
01:09:56.0140 2624 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
01:09:56.0156 2624 PCIIde - ok
01:09:56.0171 2624 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
01:09:56.0171 2624 Pcmcia - ok
01:09:56.0187 2624 PDCOMP - ok
01:09:56.0218 2624 PDFRAME - ok
01:09:56.0234 2624 PDRELI - ok
01:09:56.0250 2624 PDRFRAME - ok
01:09:56.0265 2624 perc2 - ok
01:09:56.0281 2624 perc2hib - ok
01:09:56.0359 2624 [ 6C1618A07B49E3873582B6449E744088 ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
01:09:56.0406 2624 Pfc - ok
01:09:56.0437 2624 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
01:09:56.0453 2624 PlugPlay - ok
01:09:56.0468 2624 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
01:09:56.0484 2624 PolicyAgent - ok
01:09:56.0500 2624 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:09:56.0500 2624 PptpMiniport - ok
01:09:56.0531 2624 [ C049B5A821C8375B48E7337AAA58916F ] PQNTDrv C:\WINDOWS\system32\drivers\PQNTDrv.sys
01:09:56.0562 2624 PQNTDrv - ok
01:09:56.0578 2624 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:09:56.0578 2624 ProtectedStorage - ok
01:09:56.0609 2624 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
01:09:56.0609 2624 PSched - ok
01:09:56.0640 2624 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:09:56.0656 2624 Ptilink - ok
01:09:56.0750 2624 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:09:56.0750 2624 PxHelp20 - ok
01:09:56.0765 2624 ql1080 - ok
01:09:56.0781 2624 Ql10wnt - ok
01:09:56.0796 2624 ql12160 - ok
01:09:56.0812 2624 ql1240 - ok
01:09:56.0828 2624 ql1280 - ok
01:09:56.0875 2624 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:09:56.0875 2624 RasAcd - ok
01:09:56.0937 2624 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:09:56.0937 2624 RasAuto - ok
01:09:56.0968 2624 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:09:56.0968 2624 Rasl2tp - ok
01:09:57.0031 2624 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:09:57.0031 2624 RasMan - ok
01:09:57.0062 2624 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:09:57.0062 2624 RasPppoe - ok
01:09:57.0093 2624 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
01:09:57.0093 2624 Raspti - ok
01:09:57.0125 2624 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:09:57.0125 2624 Rdbss - ok
01:09:57.0156 2624 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:09:57.0156 2624 RDPCDD - ok
01:09:57.0234 2624 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
01:09:57.0234 2624 RDPWD - ok
01:09:57.0265 2624 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
01:09:57.0281 2624 RDSessMgr - ok
01:09:57.0312 2624 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
01:09:57.0312 2624 redbook - ok
01:09:57.0359 2624 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:09:57.0375 2624 RemoteAccess - ok
01:09:57.0390 2624 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
01:09:57.0406 2624 RpcLocator - ok
01:09:57.0453 2624 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
01:09:57.0453 2624 RpcSs - ok
01:09:57.0500 2624 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
01:09:57.0515 2624 RSVP - ok
01:09:57.0562 2624 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
01:09:57.0578 2624 RTL8023xp - ok
01:09:57.0625 2624 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
01:09:57.0625 2624 rtl8139 - ok
01:09:57.0656 2624 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
01:09:57.0656 2624 SamSs - ok
01:09:57.0703 2624 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
01:09:57.0718 2624 SCardSvr - ok
01:09:57.0750 2624 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:09:57.0765 2624 Schedule - ok
01:09:57.0812 2624 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:09:57.0812 2624 Secdrv - ok
01:09:57.0843 2624 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
01:09:57.0859 2624 seclogon - ok
01:09:57.0890 2624 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
01:09:57.0890 2624 SENS - ok
01:09:57.0921 2624 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
01:09:57.0921 2624 Serial - ok
01:09:57.0968 2624 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
01:09:57.0968 2624 Sfloppy - ok
01:09:58.0015 2624 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:09:58.0031 2624 SharedAccess - ok
01:09:58.0062 2624 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:09:58.0062 2624 ShellHWDetection - ok
01:09:58.0078 2624 Simbad - ok
01:09:58.0109 2624 Sparrow - ok
01:09:58.0125 2624 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
01:09:58.0125 2624 splitter - ok
01:09:58.0171 2624 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
01:09:58.0171 2624 Spooler - ok
01:09:58.0203 2624 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
01:09:58.0203 2624 sr - ok
01:09:58.0250 2624 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
01:09:58.0250 2624 srservice - ok
01:09:58.0312 2624 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:09:58.0312 2624 Srv - ok
01:09:58.0359 2624 [ 98625722AD52B40305E74AAA83C93086 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
01:09:58.0375 2624 sscdbhk5 - ok
01:09:58.0390 2624 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:09:58.0390 2624 SSDPSRV - ok
01:09:58.0406 2624 [ D79412E3942C8A257253487536D5A994 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
01:09:58.0421 2624 ssrtln - ok
01:09:58.0468 2624 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
01:09:58.0468 2624 stisvc - ok
01:09:58.0500 2624 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
01:09:58.0515 2624 swenum - ok
01:09:58.0531 2624 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
01:09:58.0531 2624 swmidi - ok
01:09:58.0546 2624 SwPrv - ok
01:09:58.0625 2624 [ 486A64AABD88E4E174681E89E9736BC9 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
01:09:59.0109 2624 Swupdtmr - ok
01:09:59.0125 2624 symc810 - ok
01:09:59.0140 2624 symc8xx - ok
01:09:59.0156 2624 sym_hi - ok
01:09:59.0171 2624 sym_u3 - ok
01:09:59.0265 2624 [ F6770219B73BD989D5613D2E9C78A227 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
01:09:59.0281 2624 SynTP - ok
01:09:59.0328 2624 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
01:09:59.0328 2624 sysaudio - ok
01:09:59.0375 2624 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
01:09:59.0375 2624 SysmonLog - ok
01:09:59.0421 2624 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:09:59.0437 2624 TapiSrv - ok
01:09:59.0484 2624 [ 1F7B00B95FC726721941306F3D688D21 ] TAPPSRV C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
01:09:59.0578 2624 TAPPSRV - ok
01:09:59.0640 2624 [ EECA2B57545E7B7BE949B5E70E31444F ] TBiosDrv C:\WINDOWS\system32\drivers\TBiosDrv.sys
01:09:59.0671 2624 TBiosDrv - ok
01:09:59.0734 2624 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:09:59.0750 2624 Tcpip - ok
01:09:59.0781 2624 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
01:09:59.0781 2624 TDPIPE - ok
01:09:59.0796 2624 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
01:09:59.0812 2624 TDTCP - ok
01:09:59.0843 2624 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
01:09:59.0843 2624 TermDD - ok
01:09:59.0875 2624 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
01:09:59.0890 2624 TermService - ok
01:09:59.0953 2624 [ D0177776E11B0B3F272EEBD262A69661 ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
01:09:59.0984 2624 tfsnboio - ok
01:10:00.0000 2624 [ 599804BC938B8305A5422319774DA871 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
01:10:00.0031 2624 tfsncofs - ok
01:10:00.0062 2624 [ A1902C00ADC11C4D83F8E3ED947A6A32 ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
01:10:00.0093 2624 tfsndrct - ok
01:10:00.0109 2624 [ D8DDB3F2B1BEF15CFF6728D89C042C61 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
01:10:00.0125 2624 tfsndres - ok
01:10:00.0171 2624 [ C4F2DEA75300971CDAEE311007DE138D ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
01:10:00.0234 2624 tfsnifs - ok
01:10:00.0265 2624 [ 272925BE0EA919F08286D2EE6F102B0F ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
01:10:00.0296 2624 tfsnopio - ok
01:10:00.0312 2624 [ 7B7D955E5CEBC2FB88B03EF875D52A2F ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
01:10:00.0343 2624 tfsnpool - ok
01:10:00.0375 2624 [ E3D01263109D800C1967C12C10A0B018 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
01:10:00.0437 2624 tfsnudf - ok
01:10:00.0453 2624 [ B9E9C377906E3A65BC74598FFF7F7458 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
01:10:00.0531 2624 tfsnudfa - ok
01:10:00.0562 2624 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
01:10:00.0562 2624 Themes - ok
01:10:00.0593 2624 TosIde - ok
01:10:00.0640 2624 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
01:10:00.0640 2624 TrkWks - ok
01:10:00.0687 2624 [ EF88219DBDD15A7F28B434C72A3D7233 ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys
01:10:00.0718 2624 TVALD - ok
01:10:00.0734 2624 [ 7BC87D123F504D161693F672CFE99EC4 ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys
01:10:00.0781 2624 Tvs - ok
01:10:00.0828 2624 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
01:10:00.0828 2624 Udfs - ok
01:10:00.0843 2624 ultra - ok
01:10:00.0921 2624 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
01:10:00.0937 2624 Update - ok
01:10:00.0968 2624 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
01:10:00.0968 2624 upnphost - ok
01:10:01.0000 2624 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
01:10:01.0000 2624 UPS - ok
01:10:01.0062 2624 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
01:10:01.0062 2624 usbaudio - ok
01:10:01.0093 2624 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:10:01.0093 2624 usbccgp - ok
01:10:01.0125 2624 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:10:01.0125 2624 usbehci - ok
01:10:01.0156 2624 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:10:01.0156 2624 usbhub - ok
01:10:01.0187 2624 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
01:10:01.0187 2624 usbohci - ok
01:10:01.0218 2624 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:10:01.0218 2624 usbprint - ok
01:10:01.0250 2624 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:10:01.0250 2624 usbscan - ok
01:10:01.0281 2624 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:10:01.0281 2624 USBSTOR - ok
01:10:01.0296 2624 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
01:10:01.0296 2624 VgaSave - ok
01:10:01.0312 2624 ViaIde - ok
01:10:01.0343 2624 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
01:10:01.0343 2624 VolSnap - ok
01:10:01.0375 2624 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
01:10:01.0390 2624 VSS - ok
01:10:01.0437 2624 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
01:10:01.0453 2624 W32Time - ok
01:10:01.0500 2624 [ 738244934C71118A21F8D678067D057D ] W8335XP C:\WINDOWS\system32\DRIVERS\WG511v2XP.sys
01:10:01.0515 2624 W8335XP - ok
01:10:01.0531 2624 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:10:01.0531 2624 Wanarp - ok
01:10:01.0546 2624 wanatw - ok
01:10:01.0562 2624 WDICA - ok
01:10:01.0593 2624 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
01:10:01.0593 2624 wdmaud - ok
01:10:01.0640 2624 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
01:10:01.0640 2624 WebClient - ok
01:10:01.0703 2624 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:10:01.0718 2624 winmgmt - ok
01:10:01.0843 2624 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:10:01.0890 2624 wlidsvc - ok
01:10:01.0953 2624 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
01:10:01.0953 2624 WmdmPmSN - ok
01:10:02.0000 2624 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:10:02.0000 2624 WmiApSrv - ok
01:10:02.0093 2624 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
01:10:02.0125 2624 WMPNetworkSvc - ok
01:10:02.0156 2624 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
01:10:02.0156 2624 WpdUsb - ok
01:10:02.0218 2624 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:10:02.0218 2624 WS2IFSL - ok
01:10:02.0265 2624 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
01:10:02.0265 2624 wscsvc - ok
01:10:02.0296 2624 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
01:10:02.0296 2624 wuauserv - ok
01:10:02.0343 2624 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:10:02.0343 2624 WudfPf - ok
01:10:02.0375 2624 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:10:02.0375 2624 WudfRd - ok
01:10:02.0406 2624 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
01:10:02.0421 2624 WudfSvc - ok
01:10:02.0484 2624 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
01:10:02.0500 2624 WZCSVC - ok
01:10:02.0531 2624 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
01:10:02.0531 2624 xmlprov - ok
01:10:02.0578 2624 ================ Scan global ===============================
01:10:02.0609 2624 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
01:10:02.0703 2624 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
01:10:02.0734 2624 [ 42B5427FAC23BF6F1F31E466B7FEB084 ] C:\WINDOWS\system32\winsrv.dll
01:10:02.0765 2624 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
01:10:02.0765 2624 [Global] - ok
01:10:02.0765 2624 ================ Scan MBR ==================================
01:10:02.0796 2624 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
01:10:02.0968 2624 \Device\Harddisk0\DR0 - ok
01:10:02.0968 2624 ================ Scan VBR ==================================
01:10:02.0984 2624 [ C6C6E21FF30A714B02CD46B24E79FF5C ] \Device\Harddisk0\DR0\Partition1
01:10:02.0984 2624 \Device\Harddisk0\DR0\Partition1 - ok
01:10:03.0015 2624 [ BBA99E2C8144FD6A507B73A2557808B7 ] \Device\Harddisk0\DR0\Partition2
01:10:03.0015 2624 \Device\Harddisk0\DR0\Partition2 - ok
01:10:03.0031 2624 [ DAEE3FE11A8FACA156B5D22AC152EBDD ] \Device\Harddisk0\DR0\Partition3
01:10:03.0031 2624 \Device\Harddisk0\DR0\Partition3 - ok
01:10:03.0046 2624 ============================================================
01:10:03.0046 2624 Scan finished
01:10:03.0046 2624 ============================================================
01:10:03.0062 3092 Detected object count: 0
01:10:03.0062 3092 Actual detected object count: 0
  • 0

#18
gringo_pr
Posted 15 October 2012 - 11:19 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Ok that looks good but i still want the aswMBR report when it is complete


I also want you to uninstall MSE and reinstall and see if that clears it up


gringo
  • 0

#19
geeksugarbaby
Posted 16 October 2012 - 12:13 AM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
its taking forever to load the new definitions..... I'll eventually turn in to sleep..... but will do a SCAN and send you the report in the morning
  • 0

#20
gringo_pr
Posted 16 October 2012 - 01:59 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
see you then


gringo
  • 0

#21
geeksugarbaby
Posted 16 October 2012 - 10:09 AM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
here is the next log for aMBR



awaiting your next instructions, coach

Attached Files


  • 0

#22
gringo_pr
Posted 16 October 2012 - 11:52 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello coach

Please do not attach the reports - copy and paste them into the topic


did you uninstall MSE and reinstall it?



:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#23
geeksugarbaby
Posted 16 October 2012 - 01:54 PM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-16 01:12:25
-----------------------------
01:12:25.671 OS Version: Windows 5.1.2600 Service Pack 3
01:12:25.671 Number of processors: 1 586 0xD08
01:12:25.671 ComputerName: TOSHIBAM45-S169 UserName: CRC
01:12:26.406 Initialize success
02:28:58.484 AVAST engine defs: 12101501
11:28:27.609 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:28:27.609 Disk 0 Vendor: TOSHIBA_MK8026GAX PA000U Size: 76319MB BusType: 3
11:28:27.625 Disk 0 MBR read successfully
11:28:27.625 Disk 0 MBR scan
11:28:27.703 Disk 0 Windows XP default MBR code
11:28:27.703 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39997 MB offset 63
11:28:27.812 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 20002 MB offset 81915435
11:28:27.875 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16112 MB offset 122881185
11:28:27.890 Disk 0 Partition 4 00 88 Linux plaintext A Kárň'ó 203 MB offset 155878695
11:28:27.921 Disk 0 scanning sectors +156296385
11:28:28.031 Disk 0 scanning C:\WINDOWS\system32\drivers
11:29:01.781 Service scanning
11:29:25.656 Service MpKsl5c966a6b C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6CD9A228-1877-4445-981D-C12947DA0535}\MpKsl5c966a6b.sys **LOCKED** 32
11:29:43.531 Modules scanning
11:29:51.203 Disk 0 trace - called modules:
11:29:51.234 ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
11:29:51.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863e16a8]
11:29:51.250 3 CLASSPNP.SYS[f77c4fd7] -> nt!IofCallDriver -> \Device\00000078[0x8636b9e8]
11:29:51.250 5 ACPI.sys[f771b620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x863d1940]
11:29:52.125 AVAST engine scan C:\WINDOWS
11:30:14.953 AVAST engine scan C:\WINDOWS\system32
11:35:29.140 AVAST engine scan C:\WINDOWS\system32\drivers
11:36:05.718 AVAST engine scan C:\Documents and Settings\CRC
11:47:56.750 AVAST engine scan C:\Documents and Settings\All Users
11:49:28.390 Scan finished successfully
12:08:04.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\CRC\Desktop\MBR.dat"
12:08:04.421 The log file has been saved successfully to "C:\Documents and Settings\CRC\Desktop\aswMBR.txt"
  • 0

#24
geeksugarbaby
Posted 16 October 2012 - 02:01 PM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
Just pasted the info (sorry about that)

i am now uninstalling and reinstalling Msoft Essentials before I do the CF Script routine...
  • 0

#25
gringo_pr
Posted 16 October 2012 - 02:19 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Thank you geeksugarbaby and let me know how it goes with MSE
  • 0

Advertisements

#26
geeksugarbaby
Posted 16 October 2012 - 02:21 PM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
Your post said:
=================================================================

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:
===================================================================

I have no idea what you mean by this statement.....

Please restate this for me...

This is not clear....


Are you saying to rename aswMBR.txt and call it CF SCRIPT??? then drage that onto the ComboFix Icon??????
  • 0

#27
gringo_pr
Posted 16 October 2012 - 03:25 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I have attached a file Called CFScript.txt - I want you to save it to the desktop and the follow the rest of the instruction


Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

Attached Files


  • 0

#28
geeksugarbaby
Posted 16 October 2012 - 03:57 PM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
reinstalled MS Essentials.

It told me WINDOWS FIREWALL IS TURNED OFF. ASKED ME TO DO IT MANUALLY. I STILL CANNOT ACCESS THE SETTINGS




I AM NOW STILL LOADING THE VIRUS FILES FOR MSESSENTIALS
  • 0

#29
gringo_pr
Posted 16 October 2012 - 04:00 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
click on the fix it here for the firewall - http://support.microsoft.com/kb/914230


gringo
  • 0

#30
geeksugarbaby
Posted 16 October 2012 - 04:01 PM

geeksugarbaby

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 110 posts
GOT IT... YOU GAVE ME THE INSTRUX BUT YOUR EARLIER POST HAD NO ATTACHMENT.... WILL DO
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP