Author Topic: [Resolved] Multiple Issues: IE notifications, grey icons, netflix  (Read 1691 times)

Offline adammedonca

  • Bronze Member
  • Posts: 51
I think I recently got some sort of malware on my laptop. My desktop became totally black and only the my computer icon and the recycling bin was present I was also getting multiple error messages. I ran malwarebytes but it did not help. I did a system restore to a date before the problem started and things returned to normal for the most part. There are still some issues however:

1. I keep getting a netflix error code saying the settings in internet explorer and firefox need to be changed. i made the necessary changes but i still get the error code.

2. icons on my desktop are greyed out. they work as if nothing is wrong, but they are grey. most of these are documents.

3. i get a notification in the bottom left corner saying internet explorer has stopped working and is restarting. but, i never open internet explorer in the first place.

4. certain websites are redirected to random pages

here is my hijack this log





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:05:23 PM, on 11/6/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19154)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\ctfmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Adam\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Adam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\users\adam\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0509&m=e625
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0509&m=e625
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=2&o=vb32&d=0509&m=e625
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL, avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

--
End of file - 10190 bytes
« Last Edit: November 06, 2011, 10:04:41 PM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #1 on: November 06, 2011, 10:05:44 PM »
Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.


Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.





  • If an infected file is detected, the default action will be Cure, click on Continue.





  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.





  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Also can you give me a screenshot of some of the icons you are talking about?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #2 on: November 08, 2011, 10:45:24 AM »
I followed your instructions. upon reboot, i got a black screen with white writing saying that the operating system could not be found. i held the power button to shut it down again and it restarted normally. here is the log:


10:26:21.0619 1248   TDSS rootkit removing tool 2.6.16.0 Nov  7 2011 16:26:51
10:26:22.0243 1248   ============================================================
10:26:22.0243 1248   Current date / time: 2011/11/08 10:26:22.0243
10:26:22.0244 1248   SystemInfo:
10:26:22.0244 1248   
10:26:22.0244 1248   OS Version: 6.0.6002 ServicePack: 2.0
10:26:22.0244 1248   Product type: Workstation
10:26:22.0244 1248   ComputerName: ADAM-LAPTOP
10:26:22.0273 1248   UserName: Adam
10:26:22.0273 1248   Windows directory: C:\Windows
10:26:22.0273 1248   System windows directory: C:\Windows
10:26:22.0273 1248   Processor architecture: Intel x86
10:26:22.0273 1248   Number of processors: 1
10:26:22.0273 1248   Page size: 0x1000
10:26:22.0273 1248   Boot type: Normal boot
10:26:22.0273 1248   ============================================================
10:26:24.0286 1248   Initialize success
10:27:49.0613 1252   ============================================================
10:27:49.0613 1252   Scan started
10:27:49.0613 1252   Mode: Manual;
10:27:49.0613 1252   ============================================================
10:27:50.0499 1252   ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:27:50.0507 1252   ACPI - ok
10:27:50.0772 1252   adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:27:50.0790 1252   adp94xx - ok
10:27:51.0051 1252   adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:27:51.0077 1252   adpahci - ok
10:27:51.0376 1252   adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:27:51.0384 1252   adpu160m - ok
10:27:51.0813 1252   adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:27:51.0890 1252   adpu320 - ok
10:27:52.0143 1252   AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:27:52.0171 1252   AFD - ok
10:27:52.0408 1252   agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:27:52.0420 1252   agp440 - ok
10:27:52.0635 1252   ahcix86s        (03081e98c515cb838434d252f407f6e8) C:\Windows\system32\DRIVERS\ahcix86s.sys
10:27:52.0644 1252   ahcix86s - ok
10:27:52.0837 1252   aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:27:52.0849 1252   aic78xx - ok
10:27:53.0006 1252   aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:27:53.0046 1252   aliide - ok
10:27:53.0357 1252   amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:27:53.0368 1252   amdagp - ok
10:27:53.0583 1252   amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:27:53.0588 1252   amdide - ok
10:27:53.0947 1252   AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:27:53.0959 1252   AmdK7 - ok
10:27:54.0259 1252   AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
10:27:54.0261 1252   AmdK8 - ok
10:27:54.0654 1252   arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:27:54.0661 1252   arc - ok
10:27:54.0996 1252   arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:27:55.0019 1252   arcsas - ok
10:27:55.0214 1252   AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:27:55.0324 1252   AsyncMac - ok
10:27:55.0491 1252   atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:27:55.0498 1252   atapi - ok
10:27:55.0675 1252   athr            (99d78248bfd454bfa9b5bec37350fade) C:\Windows\system32\DRIVERS\athr.sys
10:27:55.0715 1252   athr - ok
10:27:56.0139 1252   atikmdag        (7526ad10925d1aa9e4e6b0fb393b701f) C:\Windows\system32\DRIVERS\atikmdag.sys
10:27:56.0323 1252   atikmdag - ok
10:27:56.0606 1252   AtiPcie         (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
10:27:56.0608 1252   AtiPcie - ok
10:27:57.0005 1252   AvgLdx86        (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
10:27:57.0014 1252   AvgLdx86 - ok
10:27:57.0240 1252   AvgMfx86        (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
10:27:57.0244 1252   AvgMfx86 - ok
10:27:57.0467 1252   AvgTdiX         (9a7a93388f503a34e7339ae7f9997449) C:\Windows\System32\Drivers\avgtdix.sys
10:27:57.0476 1252   AvgTdiX - ok
10:27:57.0886 1252   Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:27:57.0891 1252   Beep - ok
10:27:58.0189 1252   blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:27:58.0198 1252   blbdrive - ok
10:27:58.0473 1252   bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:27:58.0476 1252   bowser - ok
10:27:58.0799 1252   BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:27:58.0805 1252   BrFiltLo - ok
10:27:58.0942 1252   BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:27:58.0949 1252   BrFiltUp - ok
10:27:59.0155 1252   Bridge          (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
10:27:59.0164 1252   Bridge - ok
10:27:59.0238 1252   BridgeMP        (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
10:27:59.0241 1252   BridgeMP - ok
10:27:59.0501 1252   Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:27:59.0509 1252   Brserid - ok
10:27:59.0702 1252   BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:27:59.0862 1252   BrSerWdm - ok
10:28:00.0133 1252   BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:28:00.0144 1252   BrUsbMdm - ok
10:28:00.0525 1252   BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:28:00.0539 1252   BrUsbSer - ok
10:28:01.0240 1252   BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:28:01.0279 1252   BTHMODEM - ok
10:28:02.0040 1252   cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:28:02.0075 1252   cdfs - ok
10:28:02.0730 1252   cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:28:02.0761 1252   cdrom - ok
10:28:03.0073 1252   circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:28:03.0105 1252   circlass - ok
10:28:03.0572 1252   CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:28:03.0583 1252   CLFS - ok
10:28:04.0125 1252   CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:28:04.0130 1252   CmBatt - ok
10:28:04.0511 1252   cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:28:04.0613 1252   cmdide - ok
10:28:05.0119 1252   Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:28:05.0121 1252   Compbatt - ok
10:28:05.0620 1252   crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:28:05.0622 1252   crcdisk - ok
10:28:06.0125 1252   Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:28:06.0132 1252   Crusoe - ok
10:28:06.0577 1252   DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:28:06.0585 1252   DfsC - ok
10:28:06.0925 1252   disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:28:06.0928 1252   disk - ok
10:28:07.0149 1252   DKbFltr         (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
10:28:07.0158 1252   DKbFltr - ok
10:28:07.0336 1252   DritekPortIO    (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
10:28:07.0377 1252   DritekPortIO - ok
10:28:07.0578 1252   drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:28:07.0620 1252   drmkaud - ok
10:28:07.0820 1252   DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:28:07.0833 1252   DXGKrnl - ok
10:28:08.0030 1252   E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:28:08.0051 1252   E1G60 - ok
10:28:08.0275 1252   Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:28:08.0280 1252   Ecache - ok
10:28:08.0508 1252   elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:28:08.0527 1252   elxstor - ok
10:28:08.0790 1252   ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:28:08.0806 1252   ErrDev - ok
10:28:09.0020 1252   exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:28:09.0051 1252   exfat - ok
10:28:09.0179 1252   fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:28:09.0262 1252   fastfat - ok
10:28:09.0724 1252   fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:28:09.0731 1252   fdc - ok
10:28:10.0142 1252   FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:28:10.0147 1252   FileInfo - ok
10:28:10.0454 1252   Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:28:10.0461 1252   Filetrace - ok
10:28:11.0030 1252   flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:28:11.0081 1252   flpydisk - ok
10:28:11.0520 1252   FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:28:11.0526 1252   FltMgr - ok
10:28:12.0000 1252   Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:28:12.0129 1252   Fs_Rec - ok
10:28:12.0478 1252   gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:28:12.0486 1252   gagp30kx - ok
10:28:12.0931 1252   GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:28:12.0959 1252   GEARAspiWDM - ok
10:28:13.0469 1252   HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:28:13.0499 1252   HdAudAddService - ok
10:28:13.0890 1252   HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:28:13.0933 1252   HDAudBus - ok
10:28:14.0633 1252   HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:28:14.0640 1252   HidBth - ok
10:28:15.0014 1252   HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:28:15.0057 1252   HidIr - ok
10:28:15.0332 1252   HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:28:15.0368 1252   HidUsb - ok
10:28:15.0459 1252   HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:28:15.0486 1252   HpCISSs - ok
10:28:15.0908 1252   HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:28:15.0921 1252   HTTP - ok
10:28:16.0183 1252   i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:28:16.0189 1252   i2omp - ok
10:28:16.0503 1252   i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:28:16.0512 1252   i8042prt - ok
10:28:17.0077 1252   iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:28:17.0088 1252   iaStorV - ok
10:28:17.0364 1252   iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:28:17.0371 1252   iirsp - ok
10:28:17.0962 1252   IntcAzAudAddService (33a8c13c71698218be432020cc668d5c) C:\Windows\system32\drivers\RTKVHDA.sys
10:28:18.0064 1252   IntcAzAudAddService - ok
10:28:18.0429 1252   intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:28:18.0436 1252   intelide - ok
10:28:18.0743 1252   intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:28:18.0750 1252   intelppm - ok
10:28:19.0170 1252   IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:28:19.0178 1252   IpFilterDriver - ok
10:28:19.0781 1252   IpInIp - ok
10:28:19.0978 1252   IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:28:20.0018 1252   IPMIDRV - ok
10:28:20.0474 1252   IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:28:20.0571 1252   IPNAT - ok
10:28:20.0853 1252   IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:28:20.0860 1252   IRENUM - ok
10:28:21.0181 1252   isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:28:21.0188 1252   isapnp - ok
10:28:21.0585 1252   iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:28:21.0590 1252   iScsiPrt - ok
10:28:21.0901 1252   iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:28:21.0955 1252   iteatapi - ok
10:28:22.0139 1252   iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:28:22.0187 1252   iteraid - ok
10:28:22.0395 1252   kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:28:22.0445 1252   kbdclass - ok
10:28:22.0662 1252   kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:28:22.0669 1252   kbdhid - ok
10:28:22.0877 1252   KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:28:22.0890 1252   KSecDD - ok
10:28:23.0115 1252   L1C             (e7ec4dc9192166e7adb76c9fe3f10709) C:\Windows\system32\DRIVERS\L1C60x86.sys
10:28:23.0146 1252   L1C - ok
10:28:23.0376 1252   lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:28:23.0379 1252   lltdio - ok
10:28:23.0596 1252   LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:28:23.0623 1252   LSI_FC - ok
10:28:23.0864 1252   LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:28:23.0967 1252   LSI_SAS - ok
10:28:24.0199 1252   LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:28:24.0218 1252   LSI_SCSI - ok
10:28:24.0404 1252   luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:28:24.0407 1252   luafv - ok
10:28:24.0709 1252   lvpopflt        (9fb982de1c8dd769f8ed681dd878b12f) C:\Windows\system32\DRIVERS\lvpopflt.sys
10:28:24.0728 1252   lvpopflt - ok
10:28:25.0049 1252   LVPr2Mon        (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\Drivers\LVPr2Mon.sys
10:28:25.0051 1252   LVPr2Mon - ok
10:28:25.0672 1252   LVRS            (37072ec9299e825f4335cc554b6fac6a) C:\Windows\system32\DRIVERS\lvrs.sys
10:28:25.0684 1252   LVRS - ok
10:28:26.0488 1252   LVUVC           (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
10:28:27.0271 1252   LVUVC - ok
10:28:27.0798 1252   megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:28:27.0804 1252   megasas - ok
10:28:28.0183 1252   MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:28:28.0229 1252   MegaSR - ok
10:28:28.0547 1252   Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:28:28.0554 1252   Modem - ok
10:28:29.0181 1252   monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:28:29.0185 1252   monitor - ok
10:28:29.0510 1252   mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:28:29.0525 1252   mouclass - ok
10:28:29.0855 1252   mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:28:29.0861 1252   mouhid - ok
10:28:30.0453 1252   MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:28:30.0466 1252   MountMgr - ok
10:28:30.0885 1252   mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:28:30.0893 1252   mpio - ok
10:28:31.0320 1252   mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:28:31.0323 1252   mpsdrv - ok
10:28:31.0802 1252   Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:28:31.0808 1252   Mraid35x - ok
10:28:32.0188 1252   MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:28:32.0193 1252   MRxDAV - ok
10:28:32.0785 1252   mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:28:32.0790 1252   mrxsmb - ok
10:28:32.0989 1252   mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:28:32.0996 1252   mrxsmb10 - ok
10:28:33.0320 1252   mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:28:33.0324 1252   mrxsmb20 - ok
10:28:33.0644 1252   msahci          (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:28:33.0649 1252   msahci - ok
10:28:33.0852 1252   msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:28:33.0870 1252   msdsm - ok
10:28:34.0100 1252   Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:28:34.0123 1252   Msfs - ok
10:28:34.0343 1252   msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:28:34.0350 1252   msisadrv - ok
10:28:34.0642 1252   MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:28:34.0649 1252   MSKSSRV - ok
10:28:35.0034 1252   MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:28:35.0040 1252   MSPCLOCK - ok
10:28:35.0405 1252   MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:28:35.0413 1252   MSPQM - ok
10:28:35.0785 1252   MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:28:35.0791 1252   MsRPC - ok
10:28:36.0407 1252   mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:28:36.0409 1252   mssmbios - ok
10:28:36.0793 1252   MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:28:36.0811 1252   MSTEE - ok
10:28:37.0003 1252   Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:28:37.0026 1252   Mup - ok
10:28:37.0181 1252   NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:28:37.0186 1252   NativeWifiP - ok
10:28:37.0471 1252   NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:28:37.0485 1252   NDIS - ok
10:28:37.0773 1252   NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:28:37.0779 1252   NdisTapi - ok
10:28:38.0014 1252   Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:28:38.0017 1252   Ndisuio - ok
10:28:38.0224 1252   NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:28:38.0232 1252   NdisWan - ok
10:28:38.0958 1252   NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:28:38.0965 1252   NDProxy - ok
10:28:39.0472 1252   NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:28:39.0511 1252   NetBIOS - ok
10:28:39.0677 1252   netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:28:39.0751 1252   netbt - ok
10:28:40.0030 1252   nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:28:40.0037 1252   nfrd960 - ok
10:28:40.0185 1252   Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:28:40.0311 1252   Npfs - ok
10:28:40.0479 1252   nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:28:40.0537 1252   nsiproxy - ok
10:28:40.0867 1252   Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:28:40.0895 1252   Ntfs - ok
10:28:41.0186 1252   NTIDrvr         (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
10:28:41.0231 1252   NTIDrvr - ok
10:28:41.0293 1252   ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:28:41.0325 1252   ntrigdigi - ok
10:28:41.0508 1252   Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:28:41.0557 1252   Null - ok
10:28:41.0770 1252   nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:28:41.0837 1252   nvraid - ok
10:28:41.0865 1252   nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:28:41.0884 1252   nvstor - ok
10:28:42.0100 1252   nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:28:42.0107 1252   nv_agp - ok
10:28:42.0377 1252   NwlnkFlt - ok
10:28:42.0826 1252   NwlnkFwd - ok
10:28:43.0194 1252   ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:28:43.0202 1252   ohci1394 - ok
10:28:43.0777 1252   Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:28:43.0781 1252   Parport - ok
10:28:44.0302 1252   partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:28:44.0306 1252   partmgr - ok
10:28:44.0625 1252   Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:28:44.0635 1252   Parvdm - ok
10:28:45.0331 1252   pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:28:45.0342 1252   pci - ok
10:28:45.0633 1252   pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:28:45.0637 1252   pciide - ok
10:28:46.0107 1252   pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:28:46.0122 1252   pcmcia - ok
10:28:46.0358 1252   PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:28:46.0382 1252   PEAUTH - ok
10:28:46.0673 1252   PID_0928        (d2d2fa02b722336960eeae0ae7107891) C:\Windows\system32\DRIVERS\LV561AV.SYS
10:28:46.0714 1252   PID_0928 - ok
10:28:47.0048 1252   PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:28:47.0082 1252   PptpMiniport - ok
10:28:47.0628 1252   Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:28:47.0636 1252   Processor - ok
10:28:48.0132 1252   PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:28:48.0140 1252   PSched - ok
10:28:48.0620 1252   ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:28:48.0679 1252   ql2300 - ok
10:28:49.0096 1252   ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:28:49.0225 1252   ql40xx - ok
10:28:49.0603 1252   QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:28:49.0662 1252   QWAVEdrv - ok
10:28:49.0969 1252   RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:28:49.0975 1252   RasAcd - ok
10:28:50.0587 1252   Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:28:50.0615 1252   Rasl2tp - ok
10:28:50.0822 1252   RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:28:50.0884 1252   RasPppoe - ok
10:28:50.0942 1252   RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:28:50.0996 1252   RasSstp - ok
10:28:51.0183 1252   rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:28:51.0198 1252   rdbss - ok
10:28:51.0369 1252   RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:28:51.0385 1252   RDPCDD - ok
10:28:51.0602 1252   rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:28:51.0634 1252   rdpdr - ok
10:28:51.0812 1252   RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:28:51.0839 1252   RDPENCDD - ok
10:28:51.0916 1252   RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
10:28:51.0950 1252   RDPWD - ok
10:28:52.0207 1252   regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
10:28:52.0213 1252   regi - ok
10:28:52.0558 1252   rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:28:52.0562 1252   rspndr - ok
10:28:52.0795 1252   RTSTOR          (6ffd4476cd7ba3b402458fda3fb62e87) C:\Windows\system32\drivers\RTSTOR.SYS
10:28:52.0934 1252   RTSTOR - ok
10:28:53.0017 1252   SASDIFSV        (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:28:53.0109 1252   SASDIFSV - ok
10:28:53.0164 1252   SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:28:53.0174 1252   SASKUTIL - ok
10:28:53.0364 1252   sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:28:53.0458 1252   sbp2port - ok
10:28:53.0717 1252   secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:28:53.0723 1252   secdrv - ok
10:28:53.0783 1252   Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:28:53.0870 1252   Serenum - ok
10:28:53.0999 1252   Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:28:54.0018 1252   Serial - ok
10:28:54.0326 1252   sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:28:54.0333 1252   sermouse - ok
10:28:54.0912 1252   sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:28:54.0920 1252   sffdisk - ok
10:28:55.0260 1252   sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:28:55.0373 1252   sffp_mmc - ok
10:28:55.0791 1252   sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:28:55.0798 1252   sffp_sd - ok
10:28:56.0260 1252   sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:28:56.0267 1252   sfloppy - ok
10:28:56.0744 1252   sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:28:56.0751 1252   sisagp - ok
10:28:57.0078 1252   SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:28:57.0084 1252   SiSRaid2 - ok
10:28:57.0324 1252   SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:28:57.0335 1252   SiSRaid4 - ok
10:28:58.0032 1252   Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:28:58.0076 1252   Smb - ok
10:28:58.0500 1252   spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:28:58.0506 1252   spldr - ok
10:28:58.0851 1252   srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:28:58.0907 1252   srv - ok
10:28:59.0506 1252   srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:28:59.0512 1252   srv2 - ok
10:28:59.0873 1252   srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:28:59.0878 1252   srvnet - ok
10:29:00.0663 1252   swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:29:00.0669 1252   swenum - ok
10:29:01.0139 1252   Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:29:01.0147 1252   Symc8xx - ok
10:29:01.0576 1252   Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:29:01.0583 1252   Sym_hi - ok
10:29:02.0092 1252   Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:29:02.0098 1252   Sym_u3 - ok
10:29:02.0455 1252   SynTP           (32c0296ae115906679d94957f501e8db) C:\Windows\system32\DRIVERS\SynTP.sys
10:29:02.0526 1252   SynTP - ok
10:29:03.0185 1252   Tcpip           (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
10:29:03.0208 1252   Tcpip - ok
10:29:03.0679 1252   Tcpip6          (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
10:29:03.0698 1252   Tcpip6 - ok
10:29:03.0901 1252   tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:29:03.0908 1252   tcpipreg - ok
10:29:04.0092 1252   TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:29:04.0174 1252   TDPIPE - ok
10:29:04.0514 1252   TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:29:04.0549 1252   TDTCP - ok
10:29:04.0737 1252   tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:29:04.0770 1252   tdx - ok
10:29:04.0840 1252   TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:29:04.0846 1252   TermDD - ok
10:29:05.0361 1252   tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:29:05.0368 1252   tssecsrv - ok
10:29:05.0656 1252   tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:29:05.0662 1252   tunmp - ok
10:29:06.0045 1252   tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:29:06.0056 1252   tunnel - ok
10:29:06.0739 1252   uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:29:06.0747 1252   uagp35 - ok
10:29:07.0153 1252   UBHelper        (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
10:29:07.0155 1252   UBHelper - ok
10:29:07.0452 1252   udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:29:07.0464 1252   udfs - ok
10:29:08.0178 1252   uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:29:08.0192 1252   uliagpkx - ok
10:29:08.0530 1252   uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:29:08.0542 1252   uliahci - ok
10:29:08.0996 1252   UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:29:09.0005 1252   UlSata - ok
10:29:09.0293 1252   ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:29:09.0301 1252   ulsata2 - ok
10:29:09.0649 1252   umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:29:09.0654 1252   umbus - ok
10:29:10.0274 1252   USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
10:29:10.0289 1252   USBAAPL - ok
10:29:10.0550 1252   usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
10:29:10.0559 1252   usbaudio - ok
10:29:10.0860 1252   usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:29:10.0869 1252   usbccgp - ok
10:29:11.0455 1252   usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:29:11.0465 1252   usbcir - ok
10:29:11.0739 1252   usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:29:11.0746 1252   usbehci - ok
10:29:12.0133 1252   usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:29:12.0144 1252   usbhub - ok
10:29:12.0388 1252   usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
10:29:12.0490 1252   usbohci - ok
10:29:12.0654 1252   usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:29:12.0672 1252   usbprint - ok
10:29:12.0850 1252   usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:29:12.0873 1252   usbscan - ok
10:29:12.0933 1252   USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:29:13.0029 1252   USBSTOR - ok
10:29:13.0216 1252   usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:29:13.0286 1252   usbuhci - ok
10:29:13.0761 1252   usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:29:13.0771 1252   usbvideo - ok
10:29:14.0205 1252   vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:29:14.0253 1252   vga - ok
10:29:14.0528 1252   VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:29:14.0534 1252   VgaSave - ok
10:29:14.0912 1252   viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:29:14.0965 1252   viaagp - ok
10:29:15.0212 1252   ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:29:15.0220 1252   ViaC7 - ok
10:29:15.0515 1252   viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:29:15.0521 1252   viaide - ok
10:29:16.0082 1252   volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:29:16.0085 1252   volmgr - ok
10:29:16.0414 1252   volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:29:16.0430 1252   volmgrx - ok
10:29:16.0678 1252   volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:29:16.0699 1252   volsnap - ok
10:29:17.0000 1252   vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:29:17.0012 1252   vsmraid - ok
10:29:17.0667 1252   WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:29:17.0674 1252   WacomPen - ok
10:29:18.0214 1252   Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:29:18.0223 1252   Wanarp - ok
10:29:18.0288 1252   Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:29:18.0291 1252   Wanarpv6 - ok
10:29:18.0965 1252   Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:29:18.0972 1252   Wd - ok
10:29:19.0328 1252   Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:29:19.0368 1252   Wdf01000 - ok
10:29:20.0521 1252   WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:29:20.0523 1252   WmiAcpi - ok
10:29:21.0538 1252   WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:29:21.0546 1252   WpdUsb - ok
10:29:21.0916 1252   WPRO_40_1340 - ok
10:29:22.0158 1252   ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:29:22.0165 1252   ws2ifsl - ok
10:29:22.0766 1252   WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:29:22.0774 1252   WUDFRd - ok
10:29:22.0933 1252   MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:29:22.0969 1252   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
10:29:22.0969 1252   \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
10:29:23.0176 1252   Boot (0x1200)   (b4e7356e26a66b41892e9d35f13edbc0) \Device\Harddisk0\DR0\Partition0
10:29:23.0178 1252   \Device\Harddisk0\DR0\Partition0 - ok
10:29:23.0189 1252   ============================================================
10:29:23.0189 1252   Scan finished
10:29:23.0189 1252   ============================================================
10:29:23.0243 0812   Detected object count: 1
10:29:23.0243 0812   Actual detected object count: 1
10:29:31.0098 0812   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
10:29:31.0099 0812   \Device\Harddisk0\DR0 - ok
10:29:31.0099 0812   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
10:29:59.0559 3952   Deinitialize success



I have attached a screenshot of my desktop. It is hard to see, but you can tell especially on the second row of icons from the right that most of the icons are grey.

Also, regarding what I have done to fix the problem before i posted here. I had tried running rkill and malwarebytes in safemode. as well as rkill and superantispyware in safemode. both programs said they found and fixed the problem, but i am still having trouble

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #3 on: November 08, 2011, 01:12:09 PM »
Please run TDSSKiller again and post the new log. I want to make sure the rootkit got removed during the reboot.


After TDSSKiller has run (and rebooted if necessary) download the following program to your desktop:

Unhide tool

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Please be patient as this may take several minutes to run, it will scan and fix all Hard drives on your system. You will see a new window with the drive being processed, typically C:\  as below:



Changing as the next drive is processed as below:



You will get a success alert at the end. Re-boot and see if your files on your desktop are normal again.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #4 on: November 08, 2011, 07:05:52 PM »
tdsskiller ran and found no threats

i ran unhide tool. my icons are back to normal. a few old documents appeared on my desktop. all of their names start with ~$ so i think they are temporary files.

also, netflix is working again. and, as far as i can tell my browser is not randomly being redirected

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #5 on: November 08, 2011, 07:17:19 PM »
Good. Go ahead and run your computer for 24 hrs. Reboot it a couple times in there. If you see anything wrong, come back and let me know. If not, then we can do some cleanup and call it done.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #6 on: November 11, 2011, 02:48:54 PM »
everything seems to be running fine. what's next?

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Multiple Issues: IE notifications, grey icons, netflix
« Reply #7 on: November 11, 2011, 07:47:17 PM »
Now  there are a few thing's you need to do to fully clean your system and keep it secure.

Run OTC
Download OTC to your desktop and run it
Click Yes to beginning the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Cleaning out Temporary Files etc. There are several different products that you can use for this. You can go thru the Internet Options in the windows Control Panel. There are several programs that also do the job better than windows does it, in my opinion. There is System Security Suite, EasyCleaner, Ccleaner. Also sometimes other program sometimes do it as well as what you originally got it for like ZoneAlarm Security Suite. Just make sure to keep them updated and use them regularly.

Disable and Enable System Restore.
I recommend you turn off System restore, and then turn it back on so that you will not be able to restore your problems to a clean computer.
For Vista use these instructions, Windows Vista Restore Guide
For XP use these instructions, Windows XP System Restore Guide
Reboot
Re-enable system restore with instructions from tutorial above
Create a System Restore Point
Go to all programs, then to accessories, then to system tools, then to system restore. Check the box for create restore point (not select a restore point), then click next and follow the instructions.

Make your Internet Explorer more secure - This can be done by following these simple instructions: (unless you are using ZoneAlarm Security Suite or something similar, then you would secure the browser thru the firewall). There are some good basic instructions for that here.

Use a different browser other than  IE (most exploits are pointed towards IE). One of them is
Firefox.
It is also worth trying Thunderbird for controlling spam in your e-mail.

Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often. This is one thing that may save you more than anything else.

Run malware scanners. Three free ones are Spybot Search and Destroy, and AdAware and Malwarebytes' Anti-Malware

Always use a firewall.
Any firewall is better than none, and you should pick a firewall that you will use, as even the best firewall is worthless if you turn it off.
 
Learn how to use your firewall Only programs that need it should have access to the net. But these are specific to the firewall you use, so you will need to learn how. Several firewalls have support forums here. My page will help you with ZoneAlarm if that is what you choose. 


Never run two Antivirus programs or two Firewalls  at the same time. They can interfere with each other and cause problems. Some people swear that more protection is provided, but the reverse is true. They tend to argue amongst themselves and end up leaving holes. Now I have more than 1 AV installed on my computer, and I keep them up to date. I only run one at a time, but each program has weakness's, so I keep a backup in case my computer starts acting up.


 MOST IMPORTANT : Windows and IE, and whatever other software that you have that connects to the net, needs to be kept updated. The reason is, these programs connect to the net, and if there is an internal security problem, you have already told your firewall to allow the communication, and thus you will have allowed a hole. UPDATES are important. I suggest that you make sure that Windows Updates and the updates for your antivirus and antimalware programs are set for automatic updates. I also suggest running Secunia PSI. It will monitor the software you have installed and let you know when something needs to be updated.

Don't ever use P2P or filesharing software Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

Before using any malware detection / removal software Check with Rogue/Suspect Spyware List That way you will know if the program you are looking at is on the up and up. If you want to know how it stacks up against other programs check out SpywareWarrior

We have a good guide here at Spyware Hammer on how to prevent Malware in the Future. You might want to peruse this and follow the recommendations in there.
PLEASE READ IT AND FOLLOW THE RECOMMENDATIONS TO PROTECT YOURSELF.

Let us know if you have any more problems, either new or old.
Have a good time surfing the net, but stay safe.
If you have no more problems, let me know and I will mark this as resolved. Or if you have more questions, ask away, that is why I am here.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!