Author Topic: [Resolved] DOS:\Alureon.E trojan detected and MSE cannot delete it. (Read 8559 times)

jlang999 · « **on:** December 28, 2011, 07:59:28 PM »

I have just re-fromatted and reloaded windows on my laptop. I installed Microsoft Security essentials as my A/V. In running an initial scan, it detects DOS:\Alureon.E trojan. When I try to remove it, MSE states: Security Essentials encountered the following error: Error code 0x800704ec. This program is blocked by group policy. For more information, contact your system administrator.
Below is the hijack this file. When I ran the file it stat write access to the hosts file. Not certian if this contains all it should. ALso downloaed mbam and ran a quick scan and it returned nothing.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:56:14 PM, on 12/28/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6966 bytes

Hoov · « **Reply #1 on:** December 28, 2011, 11:23:12 PM »

My name is Hoov and I will be helping you with your problem. You have been helped here before, so you know how we work.

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4

Double-click on the Rkill desktop icon to run the tool.
If using Vista, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.

Please update Malwarebytes' Anti-Malware and run a quick scan with it. If it finds anything, fix what it finds and post the log. If it does not find anything, just post the log.

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Don't undo msconfig yet. [/list]

jlang999 · « **Reply #2 on:** December 29, 2011, 09:46:01 AM »

Hoov - Thanks for your assistance. I restarted Windows per your instructions on services using msconfig. Here are the log files from the 3 apps you asked me to execute.
As a side note, when I rebooted after shutting down the services my MSE A/V did not load. Not certain if that was suppposed to happen or not.

1 - Rkill
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/29/2011 at 10:27:36.
Operating System: Windows 7 Home Premium

Processes terminated by Rkill or while it was running:

Rkill completed on 12/29/2011 at 10:27:41.

2 - MBAM - updtaed to latest version prior to executing
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.29.03

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Lang Laptop :: LANGLAPTOP-PC [administrator]

12/29/2011 10:29:07 AM
mbam-log-2011-12-29 (10-29-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 183696
Time elapsed: 1 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

3 - TDSSKiller
10:33:40.0029 2072   TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
10:33:40.0404 2072   ============================================================
10:33:40.0404 2072   Current date / time: 2011/12/29 10:33:40.0404
10:33:40.0404 2072   SystemInfo:
10:33:40.0404 2072
10:33:40.0404 2072   OS Version: 6.1.7600 ServicePack: 0.0
10:33:40.0404 2072   Product type: Workstation
10:33:40.0404 2072   ComputerName: LANGLAPTOP-PC
10:33:40.0404 2072   UserName: Lang Laptop
10:33:40.0404 2072   Windows directory: C:\Windows
10:33:40.0404 2072   System windows directory: C:\Windows
10:33:40.0404 2072   Running under WOW64
10:33:40.0404 2072   Processor architecture: Intel x64
10:33:40.0404 2072   Number of processors: 4
10:33:40.0404 2072   Page size: 0x1000
10:33:40.0404 2072   Boot type: Normal boot
10:33:40.0404 2072   ============================================================
10:33:40.0856 2072   Initialize success
10:33:53.0789 2040   ============================================================
10:33:53.0789 2040   Scan started
10:33:53.0789 2040   Mode: Manual;
10:33:53.0789 2040   ============================================================
10:33:54.0054 2040   1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys
10:33:54.0069 2040   1394ohci - ok
10:33:54.0163 2040   ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
10:33:54.0179 2040   ACPI - ok
10:33:54.0257 2040   AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
10:33:54.0272 2040   AcpiPmi - ok
10:33:54.0366 2040   adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:33:54.0381 2040   adp94xx - ok
10:33:54.0475 2040   adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:33:54.0491 2040   adpahci - ok
10:33:54.0584 2040   adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:33:54.0584 2040   adpu320 - ok
10:33:54.0709 2040   AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
10:33:54.0725 2040   AFD - ok
10:33:54.0818 2040   agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
10:33:54.0834 2040   agp440 - ok
10:33:54.0943 2040   aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
10:33:54.0943 2040   aliide - ok
10:33:55.0177 2040   amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
10:33:55.0177 2040   amdide - ok
10:33:55.0255 2040   AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:33:55.0271 2040   AmdK8 - ok
10:33:55.0364 2040   AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:33:55.0364 2040   AmdPPM - ok
10:33:55.0458 2040   amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
10:33:55.0458 2040   amdsata - ok
10:33:55.0551 2040   amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:33:55.0551 2040   amdsbs - ok
10:33:55.0645 2040   amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
10:33:55.0645 2040   amdxata - ok
10:33:55.0723 2040   AMPPAL (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\AMPPAL.sys
10:33:55.0739 2040   AMPPAL - ok
10:33:55.0832 2040   AMPPALP (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\amppal.sys
10:33:55.0832 2040   AMPPALP - ok
10:33:55.0973 2040   AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:33:55.0973 2040   AppID - ok
10:33:56.0066 2040   arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:33:56.0082 2040   arc - ok
10:33:56.0175 2040   arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:33:56.0175 2040   arcsas - ok
10:33:56.0253 2040   AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:33:56.0253 2040   AsyncMac - ok
10:33:56.0347 2040   atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
10:33:56.0347 2040   atapi - ok
10:33:56.0472 2040   b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:33:56.0487 2040   b06bdrv - ok
10:33:56.0597 2040   b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:33:56.0597 2040   b57nd60a - ok
10:33:56.0690 2040   Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:33:56.0690 2040   Beep - ok
10:33:56.0831 2040   blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:33:56.0846 2040   blbdrive - ok
10:33:57.0002 2040   bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:33:57.0018 2040   bowser - ok
10:33:57.0111 2040   BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:33:57.0111 2040   BrFiltLo - ok
10:33:57.0221 2040   BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:33:57.0221 2040   BrFiltUp - ok
10:33:57.0330 2040   Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:33:57.0330 2040   Brserid - ok
10:33:57.0439 2040   BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:33:57.0439 2040   BrSerWdm - ok
10:33:57.0548 2040   BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:33:57.0548 2040   BrUsbMdm - ok
10:33:57.0657 2040   BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:33:57.0657 2040   BrUsbSer - ok
10:33:57.0767 2040   BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
10:33:57.0782 2040   BthEnum - ok
10:33:57.0876 2040   BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:33:57.0891 2040   BTHMODEM - ok
10:33:58.0001 2040   BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:33:58.0001 2040   BthPan - ok
10:33:58.0125 2040   BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
10:33:58.0125 2040   BTHPORT - ok
10:33:58.0266 2040   BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
10:33:58.0266 2040   BTHUSB - ok
10:33:58.0359 2040   btmaux (ab0a33001fe7ebb209d9d52ced11be1a) C:\Windows\system32\DRIVERS\btmaux.sys
10:33:58.0359 2040   btmaux - ok
10:33:58.0500 2040   btmhsf (5ba4c6f82a5ca3307c0579d9f7b36e28) C:\Windows\system32\DRIVERS\btmhsf.sys
10:33:58.0515 2040   btmhsf - ok
10:33:58.0625 2040   cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:33:58.0625 2040   cdfs - ok
10:33:58.0749 2040   cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:33:58.0749 2040   cdrom - ok
10:33:58.0890 2040   circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:33:58.0890 2040   circlass - ok
10:33:58.0999 2040   CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:33:59.0015 2040   CLFS - ok
10:33:59.0171 2040   CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:33:59.0171 2040   CmBatt - ok
10:33:59.0280 2040   cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
10:33:59.0280 2040   cmdide - ok
10:33:59.0389 2040   CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
10:33:59.0405 2040   CNG - ok
10:33:59.0654 2040   Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:33:59.0654 2040   Compbatt - ok
10:33:59.0779 2040   CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:33:59.0779 2040   CompositeBus - ok
10:33:59.0888 2040   crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:33:59.0904 2040   crcdisk - ok
10:34:00.0044 2040   DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:34:00.0044 2040   DfsC - ok
10:34:00.0153 2040   discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:34:00.0153 2040   discache - ok
10:34:00.0278 2040   Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:34:00.0278 2040   Disk - ok
10:34:00.0419 2040   drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:34:00.0419 2040   drmkaud - ok
10:34:00.0543 2040   DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:34:00.0559 2040   DXGKrnl - ok
10:34:00.0731 2040   ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:34:00.0824 2040   ebdrv - ok
10:34:00.0965 2040   elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:34:00.0980 2040   elxstor - ok
10:34:01.0027 2040   ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
10:34:01.0027 2040   ErrDev - ok
10:34:01.0105 2040   exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:34:01.0105 2040   exfat - ok
10:34:01.0136 2040   fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:34:01.0136 2040   fastfat - ok
10:34:01.0261 2040   fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:34:01.0261 2040   fdc - ok
10:34:01.0323 2040   FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:34:01.0323 2040   FileInfo - ok
10:34:01.0370 2040   Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:34:01.0370 2040   Filetrace - ok
10:34:01.0448 2040   flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:34:01.0448 2040   flpydisk - ok
10:34:01.0511 2040   FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:34:01.0511 2040   FltMgr - ok
10:34:01.0620 2040   FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:34:01.0620 2040   FsDepends - ok
10:34:01.0682 2040   Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:34:01.0698 2040   Fs_Rec - ok
10:34:01.0791 2040   fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:34:01.0791 2040   fvevol - ok
10:34:01.0901 2040   gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:34:01.0901 2040   gagp30kx - ok
10:34:02.0025 2040   hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:34:02.0025 2040   hcw85cir - ok
10:34:02.0166 2040   HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:34:02.0166 2040   HdAudAddService - ok
10:34:02.0291 2040   HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:34:02.0291 2040   HDAudBus - ok
10:34:02.0384 2040   HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:34:02.0384 2040   HidBatt - ok
10:34:02.0431 2040   HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:34:02.0431 2040   HidBth - ok
10:34:02.0509 2040   HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:34:02.0509 2040   HidIr - ok
10:34:02.0665 2040   HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:34:02.0665 2040   HidUsb - ok
10:34:02.0805 2040   HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
10:34:02.0805 2040   HpSAMD - ok
10:34:02.0899 2040   HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:34:02.0899 2040   HTTP - ok
10:34:02.0946 2040   hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:34:02.0961 2040   hwpolicy - ok
10:34:03.0039 2040   i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:34:03.0055 2040   i8042prt - ok
10:34:03.0195 2040   iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
10:34:03.0195 2040   iaStor - ok
10:34:03.0336 2040   iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
10:34:03.0351 2040   iaStorV - ok
10:34:03.0476 2040   iBtFltCoex (806422f30df9ce8307457485779c77b7) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:34:03.0476 2040   iBtFltCoex - ok
10:34:03.0804 2040   igfx (0ac9e321d604be48a0d72b69ba484bdc) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:34:04.0100 2040   igfx - ok
10:34:04.0365 2040   iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:34:04.0365 2040   iirsp - ok
10:34:04.0506 2040   IntcAzAudAddService (a9853214cc97796579d75b1f59c51dcd) C:\Windows\system32\drivers\RTKVHD64.sys
10:34:04.0521 2040   IntcAzAudAddService - ok
10:34:04.0693 2040   intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
10:34:04.0693 2040   intelide - ok
10:34:04.0849 2040   intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:34:04.0849 2040   intelppm - ok
10:34:04.0880 2040   IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:34:04.0896 2040   IpFilterDriver - ok
10:34:04.0911 2040   IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:34:04.0911 2040   IPMIDRV - ok
10:34:04.0927 2040   IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:34:04.0927 2040   IPNAT - ok
10:34:05.0036 2040   IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:34:05.0036 2040   IRENUM - ok
10:34:05.0161 2040   isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
10:34:05.0161 2040   isapnp - ok
10:34:05.0239 2040   iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
10:34:05.0255 2040   iScsiPrt - ok
10:34:05.0364 2040   kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:34:05.0364 2040   kbdclass - ok
10:34:05.0489 2040   kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
10:34:05.0489 2040   kbdhid - ok
10:34:05.0598 2040   KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
10:34:05.0598 2040   KSecDD - ok
10:34:05.0707 2040   KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
10:34:05.0723 2040   KSecPkg - ok
10:34:05.0832 2040   ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:34:05.0832 2040   ksthunk - ok
10:34:05.0988 2040   lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:34:05.0988 2040   lltdio - ok
10:34:06.0128 2040   LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:34:06.0144 2040   LSI_FC - ok
10:34:06.0253 2040   LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:34:06.0269 2040   LSI_SAS - ok
10:34:06.0378 2040   LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:34:06.0378 2040   LSI_SAS2 - ok
10:34:06.0456 2040   LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:34:06.0456 2040   LSI_SCSI - ok
10:34:06.0518 2040   luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:34:06.0518 2040   luafv - ok
10:34:06.0643 2040   megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:34:06.0643 2040   megasas - ok
10:34:06.0752 2040   MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:34:06.0752 2040   MegaSR - ok
10:34:06.0877 2040   MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
10:34:06.0877 2040   MEIx64 - ok
10:34:06.0955 2040   Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:34:06.0955 2040   Modem - ok
10:34:07.0080 2040   monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:34:07.0080 2040   monitor - ok
10:34:07.0205 2040   mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:34:07.0205 2040   mouclass - ok
10:34:07.0361 2040   mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:34:07.0361 2040   mouhid - ok
10:34:07.0439 2040   mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
10:34:07.0454 2040   mountmgr - ok
10:34:07.0548 2040   MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
10:34:07.0563 2040   MpFilter - ok
10:34:07.0610 2040   mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
10:34:07.0610 2040   mpio - ok
10:34:07.0719 2040   MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:34:07.0719 2040   MpNWMon - ok
10:34:07.0797 2040   mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:34:07.0797 2040   mpsdrv - ok
10:34:07.0907 2040   MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
10:34:07.0907 2040   MRxDAV - ok
10:34:08.0016 2040   mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:34:08.0016 2040   mrxsmb - ok
10:34:08.0063 2040   mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:34:08.0078 2040   mrxsmb10 - ok
10:34:08.0156 2040   mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:34:08.0156 2040   mrxsmb20 - ok
10:34:08.0203 2040   msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
10:34:08.0203 2040   msahci - ok
10:34:08.0265 2040   msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
10:34:08.0265 2040   msdsm - ok
10:34:08.0297 2040   Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:34:08.0297 2040   Msfs - ok
10:34:08.0328 2040   mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:34:08.0328 2040   mshidkmdf - ok
10:34:08.0343 2040   msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
10:34:08.0343 2040   msisadrv - ok
10:34:08.0484 2040   MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:34:08.0484 2040   MSKSSRV - ok
10:34:08.0624 2040   MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:34:08.0624 2040   MSPCLOCK - ok
10:34:08.0765 2040   MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:34:08.0765 2040   MSPQM - ok
10:34:08.0921 2040   MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
10:34:08.0921 2040   MsRPC - ok
10:34:09.0077 2040   mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:34:09.0077 2040   mssmbios - ok
10:34:09.0233 2040   MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:34:09.0233 2040   MSTEE - ok
10:34:09.0373 2040   MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:34:09.0373 2040   MTConfig - ok
10:34:09.0513 2040   Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:34:09.0529 2040   Mup - ok
10:34:09.0701 2040   NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:34:09.0716 2040   NativeWifiP - ok
10:34:09.0919 2040   NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
10:34:09.0950 2040   NDIS - ok
10:34:10.0106 2040   NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:34:10.0106 2040   NdisCap - ok
10:34:10.0340 2040   NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:34:10.0340 2040   NdisTapi - ok
10:34:10.0512 2040   Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
10:34:10.0512 2040   Ndisuio - ok
10:34:10.0668 2040   NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:34:10.0668 2040   NdisWan - ok
10:34:10.0902 2040   NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
10:34:10.0902 2040   NDProxy - ok
10:34:11.0058 2040   NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:34:11.0058 2040   NetBIOS - ok
10:34:11.0198 2040   NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
10:34:11.0214 2040   NetBT - ok
10:34:11.0573 2040   NETwNs64 (774c9eccef83ab8a3d1466f19809c95f) C:\Windows\system32\DRIVERS\NETwNs64.sys
10:34:11.0791 2040   NETwNs64 - ok
10:34:11.0994 2040   nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:34:11.0994 2040   nfrd960 - ok
10:34:12.0134 2040   NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:34:12.0134 2040   NisDrv - ok
10:34:12.0290 2040   Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:34:12.0306 2040   Npfs - ok
10:34:12.0446 2040   nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:34:12.0446 2040   nsiproxy - ok
10:34:12.0633 2040   Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
10:34:12.0727 2040   Ntfs - ok
10:34:12.0867 2040   Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:34:12.0883 2040   Null - ok
10:34:13.0039 2040   nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
10:34:13.0039 2040   nusb3hub - ok
10:34:13.0211 2040   nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:34:13.0226 2040   nusb3xhc - ok
10:34:13.0679 2040   nvlddmkm (24aa5e3ed7a2b48b8e798a1059a2b323) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:34:13.0757 2040   nvlddmkm - ok
10:34:13.0913 2040   nvpciflt (58aa797b41410daea6a6eb33e77f9b7a) C:\Windows\system32\DRIVERS\nvpciflt.sys
10:34:13.0913 2040   nvpciflt - ok
10:34:14.0053 2040   nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
10:34:14.0053 2040   nvraid - ok
10:34:14.0209 2040   nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
10:34:14.0225 2040   nvstor - ok
10:34:14.0427 2040   nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
10:34:14.0427 2040   nv_agp - ok
10:34:14.0599 2040   ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
10:34:14.0599 2040   ohci1394 - ok
10:34:14.0771 2040   Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:34:14.0771 2040   Parport - ok
10:34:14.0927 2040   partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
10:34:14.0927 2040   partmgr - ok
10:34:15.0083 2040   pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
10:34:15.0098 2040   pci - ok
10:34:15.0239 2040   pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
10:34:15.0239 2040   pciide - ok
10:34:15.0395 2040   pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:34:15.0395 2040   pcmcia - ok
10:34:15.0535 2040   pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:34:15.0535 2040   pcw - ok
10:34:15.0691 2040   PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:34:15.0707 2040   PEAUTH - ok
10:34:15.0909 2040   PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
10:34:15.0925 2040   PptpMiniport - ok
10:34:16.0065 2040   Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:34:16.0065 2040   Processor - ok
10:34:16.0362 2040   Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
10:34:16.0362 2040   Psched - ok
10:34:16.0565 2040   ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:34:16.0596 2040   ql2300 - ok
10:34:16.0752 2040   ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:34:16.0767 2040   ql40xx - ok
10:34:16.0986 2040   QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:34:16.0986 2040   QWAVEdrv - ok
10:34:17.0142 2040   RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:34:17.0142 2040   RasAcd - ok
10:34:17.0298 2040   RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:34:17.0298 2040   RasAgileVpn - ok
10:34:17.0454 2040   Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:34:17.0454 2040   Rasl2tp - ok
10:34:17.0625 2040   RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:34:17.0625 2040   RasPppoe - ok
10:34:17.0781 2040   RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:34:17.0781 2040   RasSstp - ok
10:34:17.0937 2040   rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
10:34:17.0937 2040   rdbss - ok
10:34:18.0093 2040   rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:34:18.0093 2040   rdpbus - ok
10:34:18.0218 2040   RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:34:18.0218 2040   RDPCDD - ok
10:34:18.0359 2040   RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:34:18.0374 2040   RDPENCDD - ok
10:34:18.0515 2040   RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:34:18.0515 2040   RDPREFMP - ok
10:34:18.0655 2040   RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
10:34:18.0671 2040   RDPWD - ok
10:34:18.0827 2040   rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
10:34:18.0827 2040   rdyboost - ok
10:34:19.0045 2040   RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:34:19.0061 2040   RFCOMM - ok
10:34:19.0217 2040   rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:34:19.0217 2040   rspndr - ok
10:34:19.0388 2040   RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\system32\Drivers\RtsUStor.sys
10:34:19.0388 2040   RSUSBSTOR - ok
10:34:19.0560 2040   RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:34:19.0575 2040   RTL8167 - ok
10:34:19.0716 2040   sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
10:34:19.0731 2040   sbp2port - ok
10:34:19.0872 2040   scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
10:34:19.0872 2040   scfilter - ok
10:34:20.0028 2040   secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:34:20.0028 2040   secdrv - ok
10:34:20.0199 2040   Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:34:20.0215 2040   Serenum - ok
10:34:20.0371 2040   Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:34:20.0371 2040   Serial - ok
10:34:20.0527 2040   sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:34:20.0527 2040   sermouse - ok
10:34:20.0699 2040   sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
10:34:20.0699 2040   sffdisk - ok
10:34:20.0839 2040   sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:34:20.0839 2040   sffp_mmc - ok
10:34:20.0979 2040   sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:34:20.0979 2040   sffp_sd - ok
10:34:21.0135 2040   sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:34:21.0135 2040   sfloppy - ok
10:34:21.0291 2040   SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:34:21.0307 2040   SiSRaid2 - ok
10:34:21.0447 2040   SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:34:21.0447 2040   SiSRaid4 - ok
10:34:21.0603 2040   Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:34:21.0603 2040   Smb - ok
10:34:21.0791 2040   spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:34:21.0791 2040   spldr - ok
10:34:21.0962 2040   srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
10:34:21.0962 2040   srv - ok
10:34:22.0103 2040   srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
10:34:22.0118 2040   srv2 - ok
10:34:22.0259 2040   srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
10:34:22.0259 2040   srvnet - ok
10:34:22.0446 2040   stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:34:22.0446 2040   stexstor - ok
10:34:22.0602 2040   swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:34:22.0602 2040   swenum - ok
10:34:22.0836 2040   Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
10:34:22.0929 2040   Tcpip - ok
10:34:23.0117 2040   TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
10:34:23.0132 2040   TCPIP6 - ok
10:34:23.0273 2040   tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
10:34:23.0273 2040   tcpipreg - ok
10:34:23.0429 2040   TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:34:23.0429 2040   TDPIPE - ok
10:34:23.0569 2040   TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:34:23.0569 2040   TDTCP - ok
10:34:23.0725 2040   tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
10:34:23.0725 2040   tdx - ok
10:34:23.0881 2040   TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
10:34:23.0881 2040   TermDD - ok
10:34:24.0053 2040   tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:34:24.0053 2040   tssecsrv - ok
10:34:24.0209 2040   tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
10:34:24.0209 2040   tunnel - ok
10:34:24.0365 2040   uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:34:24.0365 2040   uagp35 - ok
10:34:24.0521 2040   udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
10:34:24.0521 2040   udfs - ok
10:34:24.0708 2040   uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
10:34:24.0708 2040   uliagpkx - ok
10:34:24.0864 2040   umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
10:34:24.0864 2040   umbus - ok
10:34:25.0004 2040   UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:34:25.0020 2040   UmPass - ok
10:34:25.0160 2040   usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
10:34:25.0160 2040   usbccgp - ok
10:34:25.0316 2040   usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
10:34:25.0316 2040   usbcir - ok
10:34:25.0457 2040   usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
10:34:25.0457 2040   usbehci - ok
10:34:25.0628 2040   usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
10:34:25.0628 2040   usbhub - ok
10:34:25.0784 2040   usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
10:34:25.0784 2040   usbohci - ok
10:34:25.0940 2040   usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:34:25.0940 2040   usbprint - ok
10:34:26.0081 2040   USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:34:26.0081 2040   USBSTOR - ok
10:34:26.0221 2040   usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
10:34:26.0221 2040   usbuhci - ok
10:34:26.0408 2040   vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
10:34:26.0408 2040   vdrvroot - ok
10:34:26.0564 2040   vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:34:26.0564 2040   vga - ok
10:34:26.0720 2040   VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:34:26.0720 2040   VgaSave - ok
10:34:26.0876 2040   vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
10:34:26.0876 2040   vhdmp - ok
10:34:27.0032 2040   viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
10:34:27.0032 2040   viaide - ok
10:34:27.0188 2040   volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
10:34:27.0188 2040   volmgr - ok
10:34:27.0360 2040   volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
10:34:27.0360 2040   volmgrx - ok
10:34:27.0547 2040   volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
10:34:27.0547 2040   volsnap - ok
10:34:27.0719 2040   vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:34:27.0734 2040   vsmraid - ok
10:34:27.0890 2040   vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:34:27.0890 2040   vwifibus - ok
10:34:28.0062 2040   vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:34:28.0062 2040   vwififlt - ok
10:34:28.0218 2040   vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:34:28.0218 2040   vwifimp - ok
10:34:28.0374 2040   WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:34:28.0374 2040   WacomPen - ok
10:34:28.0545 2040   WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:34:28.0545 2040   WANARP - ok
10:34:28.0561 2040   Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:34:28.0577 2040   Wanarpv6 - ok
10:34:28.0764 2040   Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:34:28.0779 2040   Wd - ok
10:34:28.0935 2040   Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:34:28.0951 2040   Wdf01000 - ok
10:34:29.0138 2040   WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:34:29.0154 2040   WfpLwf - ok
10:34:29.0294 2040   WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:34:29.0294 2040   WIMMount - ok
10:34:29.0481 2040   WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:34:29.0481 2040   WmiAcpi - ok
10:34:29.0669 2040   ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:34:29.0669 2040   ws2ifsl - ok
10:34:29.0825 2040   WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
10:34:29.0840 2040   WudfPf - ok
10:34:29.0981 2040   WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:34:29.0981 2040   WUDFRd - ok
10:34:30.0043 2040   MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:34:30.0121 2040   \Device\Harddisk0\DR0 - ok
10:34:30.0137 2040   Boot (0x1200) (c6e92685f316e6625f78bbd04599b9d0) \Device\Harddisk0\DR0\Partition0
10:34:30.0137 2040   \Device\Harddisk0\DR0\Partition0 - ok
10:34:30.0137 2040   Boot (0x1200) (c1fd0d7f461f9c4656c3c45daf2989a8) \Device\Harddisk0\DR0\Partition1
10:34:30.0137 2040   \Device\Harddisk0\DR0\Partition1 - ok
10:34:30.0137 2040   ============================================================
10:34:30.0137 2040   Scan finished
10:34:30.0137 2040   ============================================================
10:34:30.0152 3676   Detected object count: 0
10:34:30.0152 3676   Actual detected object count: 0

Hoov · « **Reply #3 on:** December 29, 2011, 10:07:49 AM »

I need you to go into the control panel and then the admin tools and then to Computer management. On the left side of that window is a selection for Disk Management, click on that. Now in the upper main window is a display with each of your partitions listed. Is there a partition with no volume label listed? If there is, how big is it?

jlang999 · « **Reply #4 on:** December 29, 2011, 10:27:46 AM »

There are 2 partitions with no volume label. One has 109 MB allocated and the status section states "Healthy OEM Partition" This a Dell laptop and I am "guessing" they allocated some space for their own stuff?
The second partiion with no name only has 1 MB allocated and the status section indicates "Healthy (Primary Partition)".

There is then the standard c: partition (Volume name "C:") with 450 GB allocated and a partitioned named Recovery (D:).

Also, some quick background on the original issue. This is my daughter's laptop and she started receiving pop ups for Win 7 Security 2012. She attempted to "fix" the problem herself by going out to some websire and downloading a fix (lesson learned for her). This attempted fix caused her computer to not be able to boot up at all in any mode. I had to reinstall win 7 from an installation dvd in order to get up and running again.

Hoov · « **Reply #5 on:** December 29, 2011, 11:23:35 AM »

The 109 MB partition is probably the recovery partition, but the 1 MB partition is the problem. You say you have reinstalled the OS, is it still a new install or has your daughter started putting her personal stuff on it again?

jlang999 · « **Reply #6 on:** December 29, 2011, 11:25:03 AM »

It is a new install. Have not yet started to the personal stuff back on it.

jlang999 · « **Reply #7 on:** December 29, 2011, 11:27:57 AM »

Hit the send button too fast. It is a new Win 7 install. I have not yet started to any of the personal stuff back on the computer. Just loaded up the drivers, added A/V and updated windows.

Hoov · « **Reply #8 on:** December 29, 2011, 11:58:59 AM »

I think your best bet is to start again. But this time when you reinstall windows 7, when you get to the screen where it asks you what partition to install it on, delete the main partition (the one that is GB's in size) and then delete the smallest partition (The 1 MB partition) then recreate a single partition will all the available space. Then continue with the install. Leave the 109MB partition alone. That should get rid of the problem. Your infection is actually living on the 1MB partition, but as it is not accessible to windows (no drive designation) this is the best way to get rid of it.

Did you have any problems with the last reinstall? Any questions about the process?

jlang999 · « **Reply #9 on:** December 29, 2011, 12:13:16 PM »

Last install went fine. Just confirming 2 items:
1 - I should leave the Recovery and the OEM partitionl?
2 - Load everyting back to where I am right now?

Also, this will take some time and given my schedule today and tomorrow, I may not be able to complete until somtime Fri.

Hoov · « **Reply #10 on:** December 29, 2011, 01:44:17 PM »

As for the OEM and recovery partitions, they are up to you really. If you have all the CD's and DVD's for the software that came with the computer (at least the software you want to keep), and the space could be used, then by all means get rid of them. But if at some point in the future you need to do a restore to the factory conditions, then leave them alone.

As for Friday, no worries. But just in case you have gotten your days confused, Today is Thursday.

jlang999 · « **Reply #11 on:** December 30, 2011, 09:58:39 AM »

I have deleted the 2 partitions as you described below and have re-installed windows on the laptop. I have verified through Disk management there is not a un-named volume partition. I have loaded MSE A/V and am running a quick scan and the A/V has not detected anything (previously it had detected the alureon trojan). Are there any next steps?

Hoov · « **Reply #12 on:** December 30, 2011, 03:43:40 PM »

That is it. The problem is gone. Below is some information that you and your daughter may find useful. If she is old enough to understand it, you may want to have her go thru the reading and ask any questions. I will leave this thread open until you tell me that all questions have been answered.

Cleaning out Temporary Files etc. There are several different products that you can use for this. You can go thru the Internet Options in the windows Control Panel. There are several programs that also do the job better than windows does it, in my opinion. There is System Security Suite, EasyCleaner, Ccleaner. Also sometimes other program sometimes do it as well as what you originally got it for like ZoneAlarm Security Suite. Just make sure to keep them updated and use them regularly.

Make your Internet Explorer more secure - This can be done by following these simple instructions: (unless you are using ZoneAlarm Security Suite or something similar, then you would secure the browser thru the firewall). There are some good basic instructions for that here.

Use a different browser other than IE (most exploits are pointed towards IE). One of them is
Firefox.
It is also worth trying Thunderbird for controlling spam in your e-mail.

Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often. This is one thing that may save you more than anything else.

Run malware scanners. Three free ones are Spybot Search and Destroy, and AdAware and Malwarebytes' Anti-Malware

Always use a firewall.
Any firewall is better than none, and you should pick a firewall that you will use, as even the best firewall is worthless if you turn it off.

Learn how to use your firewall Only programs that need it should have access to the net. But these are specific to the firewall you use, so you will need to learn how. Several firewalls have support forums here. My page will help you with ZoneAlarm if that is what you choose.

Never run two Antivirus programs or two Firewalls at the same time. They can interfere with each other and cause problems. Some people swear that more protection is provided, but the reverse is true. They tend to argue amongst themselves and end up leaving holes. Now I have more than 1 AV installed on my computer, and I keep them up to date. I only run one at a time, but each program has weakness's, so I keep a backup in case my computer starts acting up.

MOST IMPORTANT : Windows and IE, and whatever other software that you have that connects to the net, needs to be kept updated. The reason is, these programs connect to the net, and if there is an internal security problem, you have already told your firewall to allow the communication, and thus you will have allowed a hole. UPDATES are important. I suggest that you make sure that Windows Updates and the updates for your antivirus and antimalware programs are set for automatic updates. I also suggest running Secunia PSI. It will monitor the software you have installed and let you know when something needs to be updated.

Don't ever use P2P or filesharing software Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

Before using any malware detection / removal software Check with Rogue/Suspect Spyware List That way you will know if the program you are looking at is on the up and up. If you want to know how it stacks up against other programs check out SpywareWarrior

We have a good guide here at Spyware Hammer on how to prevent Malware in the Future. You might want to peruse this and follow the recommendations in there.
PLEASE READ IT AND FOLLOW THE RECOMMENDATIONS TO PROTECT YOURSELF.

Let us know if you have any more problems, either new or old.
Have a good time surfing the net, but stay safe.
If you have no more problems, let me know and I will mark this as resolved. Or if you have more questions, ask away, that is why I am here.

jlang999 · « **Reply #13 on:** January 02, 2012, 07:12:05 PM »

Hoov -

Thanks for your assistance. I have discussed with my daughter about not using a website unless you are certain it is legitimate. We do use MBAM, spybot and ccleaner in addition to firewall and A/V. I just switched to MSE after this incident because I am not impressed with McAfee. I really appreciate you and the others here who helps us get rid of these problems. Thanks again!!

Jeff

Hoov · « **Reply #14 on:** January 02, 2012, 07:19:20 PM »

You are welcome! Let your Daughter know that if she has questions, to come and ask. We have boards for just about every question. We would rather answer questions than fix computers.

News:

Author Topic: [Resolved] DOS:\Alureon.E trojan detected and MSE cannot delete it. (Read 8559 times)

jlang999

[Resolved] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

jlang999

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.

Hoov

Re: [In Progress] DOS:\Alureon.E trojan detected and MSE cannot delete it.