Author Topic: [Resolved] Win 7 Anti Spyware Virus (Read 811 times)

lsvetka · « **on:** January 10, 2012, 08:55:37 PM »

Hello,

I had a Win 7 Antispyware on my computer. I first tried to remove it by following this http://www.pcrisk.com/removal-guides/6485-remove-win-7-antispyware-2012. But the remover that I downloaded wasn't free so I just deleted it. Then I followed the steps in one of this posts(http://spywarehammer.com/simplemachinesforum/index.php?topic=12244.0) that had the same problem and it removed the virus but I'm not sure if I cleaned up everything or not. When I run TDSKIller it finds suspicious object and skips it, maybe I should delete it instead?

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
Run by SASHAISVETA at 18:44:49 on 2012-01-10
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5943.3609 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\ooVoo\ooVoo.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2818425
uDefault_Page_URL = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office12\GR469A~1.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: Complitly: {d27fc31c-6e3d-4305-8d53-acdaefa5f862} - C:\Users\SASHAISVETA\AppData\Roaming\Complitly\Complitly.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {7AEB3EFD-E564-43F1-B658-5058A7C5743B} - No File
uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
uRun: [Google Update] "C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [PCHDPlayer] C:\Program Files (x86)\pchd\PCHDPlayer.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\SASHAI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\SASHAI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0FBD98C4-BBBC-4F6E-85E8-E1F60EC6B9AE} : DhcpNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MIF5BA~1\Office12\GRA32A~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office12\GR469A~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office12\GR469A~1.DLL
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO-X64: Complitly: {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\SASHAISVETA\AppData\Roaming\Complitly\Complitly.dll
BHO-X64: Complitly - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {7AEB3EFD-E564-43F1-B658-5058A7C5743B} - No File
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office12\GR469A~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\a1ba6sn8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2818425&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - vshare.tv Bar Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/config/login_verify2?&.src=ym
FF - prefs.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=zsharefqbho&keywords=
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\a1ba6sn8.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Kartina.TV\VLC\npvlc.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\nprjplug.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: VLC Mozilla plugin: {79AB5E93-0AE2-4759-891A-3F1B322F9F9A} - %profile%\extensions\{79AB5E93-0AE2-4759-891A-3F1B322F9F9A}
FF - Ext: Complitly - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
.
---- FIREFOX POLICIES ----
FF - user.js: keyword.URL - hxxp://zinkwink.com/?tmp=redir_bho_bing&prt=zsharefqbho&keywords=
FF - user.js: keyword.enabled - 1
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 602XML Updater;602Updater;C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-2-8 73728]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-27 821664]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-23 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-10-22 1692480]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\system32\Drivers\nx6000.sys --> C:\Windows\system32\Drivers\nx6000.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-23 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-10 17:16:55   69000   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD2D3BF2-D5F4-4EF4-8838-D7DACF736D4F}\offreg.dll
2012-01-10 06:02:47   --------   d-----w-   C:\Users\SASHAISVETA\AppData\Roaming\Malwarebytes
2012-01-10 06:02:39   --------   d-----w-   C:\ProgramData\Malwarebytes
2012-01-10 06:02:38   23152   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2012-01-10 06:02:38   --------   d-----w-   C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-10 02:57:39   917840   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF1510C7-1066-4F52-B6A9-42B884E4CF06}\gapaengine.dll
2012-01-10 02:57:35   8822856   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD2D3BF2-D5F4-4EF4-8838-D7DACF736D4F}\mpengine.dll
2012-01-10 02:54:58   --------   d-----w-   C:\Program Files (x86)\Microsoft Security Client
2012-01-10 02:54:52   --------   d-----w-   C:\Program Files\Microsoft Security Client
2012-01-06 20:11:24   --------   d-----w-   C:\Users\SASHAISVETA\Doctor Web
2011-12-28 00:31:27   --------   d-----w-   C:\Program Files\iPod
2011-12-28 00:31:26   --------   d-----w-   C:\Program Files\iTunes
2011-12-28 00:31:26   --------   d-----w-   C:\Program Files (x86)\iTunes
2011-12-16 14:47:40   8822856   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8E16D75-16DB-45ED-9F7C-B5107570734B}\mpengine.dll
.
==================== Find3M ====================
.
2011-11-15 22:29:56   270720   ------w-   C:\Windows\System32\MpSigStub.exe
2011-10-24 22:29:02   94208   ----a-w-   C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 22:29:02   69632   ----a-w-   C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 18:45:05.90 ===============

Hoov · « **Reply #1 on:** January 10, 2012, 09:49:20 PM »

Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.

Just so that you know, I moved the other post you had started to the trash. I am letting you know so you don't go looking for it.

Also can you please post the other log that was generated when you ran DDS, the one named attach.txt.

The reason you may be having problems with the instructions in the thread you said you were following, is that we custom tailor responses and procedures depending on the machine and the exact problem. Even though you and thegryphon are having similar problems, the actual process may be wildly different. Please don't be discouraged because his procedures Dod not work for you.

If you are having a problem running exe files then please run FixNCR.reg. Do this by downloading it to your desktop and then double clicking on it. If you get a popup asking if you really want to do that, select yes.

Next Please download Rkill by Grinler and save it to your desktop.

Double-click on the Rkill desktop icon to run the tool.
If using Vista, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform full Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

lsvetka · « **Reply #2 on:** January 10, 2012, 10:49:02 PM »

How do I find the other log? The one I posted was the only one that opened after I ran DDS. Should I run it again?

Hoov · « **Reply #3 on:** January 10, 2012, 11:18:19 PM »

If it did not open the attach.txt log when you ran it the first time, it is possible the malware stopped it. Go ahead and run my other instructions, then run dds again and if it creates both logs, then post them both.

lsvetka · « **Reply #4 on:** January 12, 2012, 12:06:12 AM »

Here is the report from TDSSKILLER. After it found suspicious object, I clicked continue but it stopped scanning and didn't show me that System Scan Complete and took me back to Start Scan page.
22:01:28.0306 5984   TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
22:01:28.0826 5984   ============================================================
22:01:28.0826 5984   Current date / time: 2012/01/11 22:01:28.0826
22:01:28.0826 5984   SystemInfo:
22:01:28.0826 5984
22:01:28.0826 5984   OS Version: 6.1.7600 ServicePack: 0.0
22:01:28.0826 5984   Product type: Workstation
22:01:28.0826 5984   ComputerName: SASHAISVETA-PC
22:01:28.0826 5984   UserName: SASHAISVETA
22:01:28.0826 5984   Windows directory: C:\Windows
22:01:28.0826 5984   System windows directory: C:\Windows
22:01:28.0826 5984   Running under WOW64
22:01:28.0826 5984   Processor architecture: Intel x64
22:01:28.0826 5984   Number of processors: 4
22:01:28.0826 5984   Page size: 0x1000
22:01:28.0826 5984   Boot type: Normal boot
22:01:28.0826 5984   ============================================================
22:01:29.0596 5984   Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
22:01:29.0656 5984   Initialize success
22:01:45.0057 7092   ============================================================
22:01:45.0057 7092   Scan started
22:01:45.0057 7092   Mode: Manual;
22:01:45.0057 7092   ============================================================
22:01:45.0418 7092   1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
22:01:45.0422 7092   1394ohci - ok
22:01:45.0466 7092   ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:01:45.0470 7092   ACPI - ok
22:01:45.0486 7092   AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:01:45.0487 7092   AcpiPmi - ok
22:01:45.0520 7092   adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:01:45.0527 7092   adp94xx - ok
22:01:45.0546 7092   adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:01:45.0551 7092   adpahci - ok
22:01:45.0568 7092   adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:01:45.0571 7092   adpu320 - ok
22:01:45.0613 7092   AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
22:01:45.0620 7092   AFD - ok
22:01:45.0638 7092   agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:01:45.0640 7092   agp440 - ok
22:01:45.0661 7092   aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:01:45.0661 7092   aliide - ok
22:01:45.0675 7092   amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:01:45.0675 7092   amdide - ok
22:01:45.0699 7092   AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:01:45.0701 7092   AmdK8 - ok
22:01:45.0717 7092   AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:01:45.0719 7092   AmdPPM - ok
22:01:45.0731 7092   amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
22:01:45.0733 7092   amdsata - ok
22:01:45.0745 7092   amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:01:45.0749 7092   amdsbs - ok
22:01:45.0765 7092   amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
22:01:45.0765 7092   amdxata - ok
22:01:45.0776 7092   AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:01:45.0777 7092   AppID - ok
22:01:45.0800 7092   arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:01:45.0802 7092   arc - ok
22:01:45.0812 7092   arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:01:45.0813 7092   arcsas - ok
22:01:45.0833 7092   AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:01:45.0834 7092   AsyncMac - ok
22:01:45.0866 7092   atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:01:45.0867 7092   atapi - ok
22:01:45.0921 7092   b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:01:45.0929 7092   b06bdrv - ok
22:01:45.0962 7092   b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:01:45.0966 7092   b57nd60a - ok
22:01:45.0991 7092   Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:01:45.0992 7092   Beep - ok
22:01:46.0022 7092   blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:01:46.0023 7092   blbdrive - ok
22:01:46.0058 7092   bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
22:01:46.0060 7092   bowser - ok
22:01:46.0071 7092   BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:01:46.0072 7092   BrFiltLo - ok
22:01:46.0080 7092   BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:01:46.0081 7092   BrFiltUp - ok
22:01:46.0101 7092   Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:01:46.0104 7092   Brserid - ok
22:01:46.0121 7092   BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:01:46.0122 7092   BrSerWdm - ok
22:01:46.0138 7092   BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:01:46.0139 7092   BrUsbMdm - ok
22:01:46.0151 7092   BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:01:46.0152 7092   BrUsbSer - ok
22:01:46.0168 7092   BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:01:46.0170 7092   BTHMODEM - ok
22:01:46.0191 7092   cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:01:46.0193 7092   cdfs - ok
22:01:46.0213 7092   cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:01:46.0216 7092   cdrom - ok
22:01:46.0229 7092   circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:01:46.0231 7092   circlass - ok
22:01:46.0261 7092   CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:01:46.0265 7092   CLFS - ok
22:01:46.0292 7092   CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:01:46.0294 7092   CmBatt - ok
22:01:46.0312 7092   cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:01:46.0313 7092   cmdide - ok
22:01:46.0336 7092   CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
22:01:46.0341 7092   CNG - ok
22:01:46.0350 7092   Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:01:46.0350 7092   Compbatt - ok
22:01:46.0359 7092   CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:01:46.0360 7092   CompositeBus - ok
22:01:46.0370 7092   crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:01:46.0371 7092   crcdisk - ok
22:01:46.0396 7092   DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
22:01:46.0397 7092   DfsC - ok
22:01:46.0415 7092   discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:01:46.0416 7092   discache - ok
22:01:46.0432 7092   Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:01:46.0433 7092   Disk - ok
22:01:46.0491 7092   drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:01:46.0492 7092   drmkaud - ok
22:01:46.0534 7092   DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
22:01:46.0540 7092   DXGKrnl - ok
22:01:46.0589 7092   ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:01:46.0669 7092   ebdrv - ok
22:01:46.0697 7092   elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:01:46.0702 7092   elxstor - ok
22:01:46.0710 7092   ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:01:46.0711 7092   ErrDev - ok
22:01:46.0726 7092   exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:01:46.0728 7092   exfat - ok
22:01:46.0738 7092   fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:01:46.0740 7092   fastfat - ok
22:01:46.0762 7092   fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:01:46.0763 7092   fdc - ok
22:01:46.0782 7092   FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:01:46.0783 7092   FileInfo - ok
22:01:46.0792 7092   Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:01:46.0793 7092   Filetrace - ok
22:01:46.0818 7092   flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:01:46.0819 7092   flpydisk - ok
22:01:46.0837 7092   FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:01:46.0840 7092   FltMgr - ok
22:01:46.0857 7092   FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:01:46.0859 7092   FsDepends - ok
22:01:46.0868 7092   Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:01:46.0869 7092   Fs_Rec - ok
22:01:46.0928 7092   fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:01:46.0931 7092   fvevol - ok
22:01:46.0951 7092   gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:01:46.0953 7092   gagp30kx - ok
22:01:46.0990 7092   GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:01:46.0991 7092   GEARAspiWDM - ok
22:01:47.0008 7092   hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:01:47.0013 7092   hcw85cir - ok
22:01:47.0046 7092   HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:01:47.0048 7092   HDAudBus - ok
22:01:47.0083 7092   HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:01:47.0084 7092   HECIx64 - ok
22:01:47.0093 7092   HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:01:47.0095 7092   HidBatt - ok
22:01:47.0109 7092   HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:01:47.0110 7092   HidBth - ok
22:01:47.0125 7092   HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:01:47.0126 7092   HidIr - ok
22:01:47.0137 7092   HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:01:47.0138 7092   HidUsb - ok
22:01:47.0162 7092   HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:01:47.0164 7092   HpSAMD - ok
22:01:47.0190 7092   HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:01:47.0198 7092   HTTP - ok
22:01:47.0218 7092   hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:01:47.0219 7092   hwpolicy - ok
22:01:47.0237 7092   i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:01:47.0239 7092   i8042prt - ok
22:01:47.0275 7092   iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
22:01:47.0282 7092   iaStorV - ok
22:01:47.0452 7092   igfx (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:01:47.0602 7092   igfx - ok
22:01:47.0611 7092   iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:01:47.0612 7092   iirsp - ok
22:01:47.0633 7092   Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
22:01:47.0635 7092   Impcd - ok
22:01:47.0687 7092   IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys
22:01:47.0710 7092   IntcAzAudAddService - ok
22:01:47.0730 7092   IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:01:47.0733 7092   IntcDAud - ok
22:01:47.0749 7092   intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:01:47.0750 7092   intelide - ok
22:01:47.0766 7092   intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:01:47.0767 7092   intelppm - ok
22:01:47.0780 7092   IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:01:47.0783 7092   IpFilterDriver - ok
22:01:47.0801 7092   IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:01:47.0803 7092   IPMIDRV - ok
22:01:47.0828 7092   IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:01:47.0831 7092   IPNAT - ok
22:01:47.0858 7092   IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:01:47.0859 7092   IRENUM - ok
22:01:47.0869 7092   isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:01:47.0870 7092   isapnp - ok
22:01:47.0890 7092   iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:01:47.0893 7092   iScsiPrt - ok
22:01:47.0914 7092   k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:01:47.0916 7092   k57nd60a - ok
22:01:47.0926 7092   kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:01:47.0927 7092   kbdclass - ok
22:01:47.0942 7092   kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:01:47.0944 7092   kbdhid - ok
22:01:47.0965 7092   KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
22:01:47.0967 7092   KSecDD - ok
22:01:47.0993 7092   KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
22:01:47.0995 7092   KSecPkg - ok
22:01:48.0020 7092   ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:01:48.0021 7092   ksthunk - ok
22:01:48.0058 7092   lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:01:48.0060 7092   lltdio - ok
22:01:48.0088 7092   LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:01:48.0090 7092   LSI_FC - ok
22:01:48.0109 7092   LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:01:48.0112 7092   LSI_SAS - ok
22:01:48.0124 7092   LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:01:48.0126 7092   LSI_SAS2 - ok
22:01:48.0136 7092   LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:01:48.0138 7092   LSI_SCSI - ok
22:01:48.0156 7092   luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:01:48.0157 7092   luafv - ok
22:01:48.0182 7092   LVPr2M64 - ok
22:01:48.0196 7092   LVUVC64 - ok
22:01:48.0239 7092   mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
22:01:48.0258 7092   mcdbus - ok
22:01:48.0275 7092   megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:01:48.0276 7092   megasas - ok
22:01:48.0289 7092   MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:01:48.0293 7092   MegaSR - ok
22:01:48.0323 7092   Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:01:48.0324 7092   Modem - ok
22:01:48.0346 7092   monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:01:48.0347 7092   monitor - ok
22:01:48.0364 7092   mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:01:48.0365 7092   mouclass - ok
22:01:48.0384 7092   mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:01:48.0386 7092   mouhid - ok
22:01:48.0408 7092   mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:01:48.0410 7092   mountmgr - ok
22:01:48.0457 7092   MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
22:01:48.0459 7092   MpFilter - ok
22:01:48.0471 7092   mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:01:48.0474 7092   mpio - ok
22:01:48.0510 7092   MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:01:48.0511 7092   MpNWMon - ok
22:01:48.0521 7092   mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:01:48.0523 7092   mpsdrv - ok
22:01:48.0537 7092   MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:01:48.0540 7092   MRxDAV - ok
22:01:48.0556 7092   mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:01:48.0558 7092   mrxsmb - ok
22:01:48.0577 7092   mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:01:48.0580 7092   mrxsmb10 - ok
22:01:48.0593 7092   mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:01:48.0594 7092   mrxsmb20 - ok
22:01:48.0622 7092   msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
22:01:48.0623 7092   msahci - ok
22:01:48.0635 7092   msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:01:48.0637 7092   msdsm - ok
22:01:48.0656 7092   Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:01:48.0657 7092   Msfs - ok
22:01:48.0671 7092   mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:01:48.0672 7092   mshidkmdf - ok
22:01:48.0688 7092   MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys
22:01:48.0688 7092   MSHUSBVideo - ok
22:01:48.0707 7092   msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:01:48.0707 7092   msisadrv - ok
22:01:48.0737 7092   MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:01:48.0737 7092   MSKSSRV - ok
22:01:48.0752 7092   MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:01:48.0752 7092   MSPCLOCK - ok
22:01:48.0768 7092   MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:01:48.0768 7092   MSPQM - ok
22:01:48.0794 7092   MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:01:48.0799 7092   MsRPC - ok
22:01:48.0822 7092   mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:01:48.0823 7092   mssmbios - ok
22:01:48.0831 7092   MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:01:48.0832 7092   MSTEE - ok
22:01:48.0848 7092   MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:01:48.0849 7092   MTConfig - ok
22:01:48.0883 7092   Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:01:48.0884 7092   Mup - ok
22:01:48.0909 7092   NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:01:48.0913 7092   NativeWifiP - ok
22:01:48.0946 7092   NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:01:48.0958 7092   NDIS - ok
22:01:48.0975 7092   NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:01:48.0976 7092   NdisCap - ok
22:01:49.0000 7092   NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:01:49.0001 7092   NdisTapi - ok
22:01:49.0021 7092   Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:01:49.0022 7092   Ndisuio - ok
22:01:49.0043 7092   NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:01:49.0045 7092   NdisWan - ok
22:01:49.0054 7092   NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:01:49.0055 7092   NDProxy - ok
22:01:49.0067 7092   NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:01:49.0068 7092   NetBIOS - ok
22:01:49.0086 7092   NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:01:49.0088 7092   NetBT - ok
22:01:49.0118 7092   nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:01:49.0119 7092   nfrd960 - ok
22:01:49.0141 7092   NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:01:49.0143 7092   NisDrv - ok
22:01:49.0171 7092   Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:01:49.0171 7092   Npfs - ok
22:01:49.0183 7092   nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:01:49.0183 7092   nsiproxy - ok
22:01:49.0222 7092   Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
22:01:49.0245 7092   Ntfs - ok
22:01:49.0261 7092   Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:01:49.0262 7092   Null - ok
22:01:49.0282 7092   nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
22:01:49.0285 7092   nvraid - ok
22:01:49.0299 7092   nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
22:01:49.0302 7092   nvstor - ok
22:01:49.0319 7092   nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:01:49.0321 7092   nv_agp - ok
22:01:49.0341 7092   ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:01:49.0343 7092   ohci1394 - ok
22:01:49.0376 7092   Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:01:49.0378 7092   Parport - ok
22:01:49.0390 7092   partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
22:01:49.0391 7092   partmgr - ok
22:01:49.0426 7092   pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:01:49.0428 7092   pci - ok
22:01:49.0442 7092   pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:01:49.0442 7092   pciide - ok
22:01:49.0461 7092   pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:01:49.0464 7092   pcmcia - ok
22:01:49.0479 7092   pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:01:49.0480 7092   pcw - ok
22:01:49.0502 7092   PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:01:49.0511 7092   PEAUTH - ok
22:01:49.0553 7092   PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:01:49.0555 7092   PptpMiniport - ok
22:01:49.0564 7092   Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:01:49.0565 7092   Processor - ok
22:01:49.0581 7092   Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:01:49.0582 7092   Psched - ok
22:01:49.0611 7092   PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:01:49.0612 7092   PxHlpa64 - ok
22:01:49.0654 7092   ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:01:49.0688 7092   ql2300 - ok
22:01:49.0698 7092   ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:01:49.0701 7092   ql40xx - ok
22:01:49.0722 7092   QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:01:49.0723 7092   QWAVEdrv - ok
22:01:49.0732 7092   RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:01:49.0733 7092   RasAcd - ok
22:01:49.0743 7092   RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:01:49.0744 7092   RasAgileVpn - ok
22:01:49.0763 7092   Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:01:49.0765 7092   Rasl2tp - ok
22:01:49.0779 7092   RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:01:49.0780 7092   RasPppoe - ok
22:01:49.0801 7092   RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:01:49.0802 7092   RasSstp - ok
22:01:49.0821 7092   rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:01:49.0826 7092   rdbss - ok
22:01:49.0847 7092   rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:01:49.0848 7092   rdpbus - ok
22:01:49.0866 7092   RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:01:49.0867 7092   RDPCDD - ok
22:01:49.0892 7092   RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:01:49.0893 7092   RDPENCDD - ok
22:01:49.0915 7092   RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:01:49.0916 7092   RDPREFMP - ok
22:01:49.0936 7092   RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
22:01:49.0940 7092   RDPWD - ok
22:01:49.0959 7092   rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:01:49.0962 7092   rdyboost - ok
22:01:49.0997 7092   rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:01:49.0999 7092   rspndr - ok
22:01:50.0013 7092   sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:01:50.0014 7092   sbp2port - ok
22:01:50.0028 7092   scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:01:50.0029 7092   scfilter - ok
22:01:50.0054 7092   secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:01:50.0055 7092   secdrv - ok
22:01:50.0067 7092   Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:01:50.0068 7092   Serenum - ok
22:01:50.0081 7092   Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:01:50.0082 7092   Serial - ok
22:01:50.0090 7092   sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:01:50.0091 7092   sermouse - ok
22:01:50.0104 7092   sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
22:01:50.0105 7092   sffdisk - ok
22:01:50.0117 7092   sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:01:50.0118 7092   sffp_mmc - ok
22:01:50.0127 7092   sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:01:50.0127 7092   sffp_sd - ok
22:01:50.0141 7092   sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:01:50.0142 7092   sfloppy - ok
22:01:50.0192 7092   Sftfs (72cd52403efc137290cb5a328510ebca) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:01:50.0199 7092   Sftfs - ok
22:01:50.0241 7092   Sftplay (31a36ef71af36eabcc4b4f8ab8f76465) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:01:50.0244 7092   Sftplay - ok
22:01:50.0259 7092   Sftredir (2d969194fcc8eb41ed1d52863bfe7f52) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:01:50.0260 7092   Sftredir - ok
22:01:50.0277 7092   Sftvol (08b36d2f63af3ca2248458a4280c0c50) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:01:50.0278 7092   Sftvol - ok
22:01:50.0301 7092   SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:01:50.0302 7092   SiSRaid2 - ok
22:01:50.0313 7092   SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:01:50.0314 7092   SiSRaid4 - ok
22:01:50.0329 7092   Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:01:50.0330 7092   Smb - ok
22:01:50.0340 7092   spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:01:50.0350 7092   spldr - ok
22:01:50.0390 7092   sptd (4b3f898dc1378ced2f35d04e5b0ce0df) C:\Windows\System32\Drivers\sptd.sys
22:01:50.0390 7092   Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 4b3f898dc1378ced2f35d04e5b0ce0df
22:01:50.0390 7092   sptd ( LockedFile.Multi.Generic ) - warning
22:01:50.0390 7092   sptd - detected LockedFile.Multi.Generic (1)
22:01:50.0430 7092   srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
22:01:50.0440 7092   srv - ok
22:01:50.0470 7092   srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
22:01:50.0480 7092   srv2 - ok
22:01:50.0520 7092   srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
22:01:50.0520 7092   srvnet - ok
22:01:50.0530 7092   stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:01:50.0540 7092   stexstor - ok
22:01:50.0550 7092   swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:01:50.0550 7092   swenum - ok
22:01:50.0610 7092   Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
22:01:50.0640 7092   Tcpip - ok
22:01:50.0670 7092   TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
22:01:50.0680 7092   TCPIP6 - ok
22:01:50.0690 7092   tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:01:50.0690 7092   tcpipreg - ok
22:01:50.0700 7092   TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:01:50.0710 7092   TDPIPE - ok
22:01:50.0710 7092   TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:01:50.0720 7092   TDTCP - ok
22:01:50.0730 7092   tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:01:50.0730 7092   tdx - ok
22:01:50.0740 7092   TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:01:50.0740 7092   TermDD - ok
22:01:50.0760 7092   tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:01:50.0760 7092   tssecsrv - ok
22:01:50.0790 7092   tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:01:50.0790 7092   tunnel - ok
22:01:50.0810 7092   uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:01:50.0810 7092   uagp35 - ok
22:01:50.0852 7092   udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
22:01:50.0858 7092   udfs - ok
22:01:50.0885 7092   uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:01:50.0887 7092   uliagpkx - ok
22:01:50.0902 7092   umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:01:50.0903 7092   umbus - ok
22:01:50.0918 7092   UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:01:50.0919 7092   UmPass - ok
22:01:50.0949 7092   usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
22:01:50.0951 7092   usbaudio - ok
22:01:50.0974 7092   usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
22:01:50.0977 7092   usbccgp - ok
22:01:50.0996 7092   usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:01:50.0998 7092   usbcir - ok
22:01:51.0010 7092   usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
22:01:51.0011 7092   usbehci - ok
22:01:51.0044 7092   usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
22:01:51.0048 7092   usbhub - ok
22:01:51.0073 7092   usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
22:01:51.0074 7092   usbohci - ok
22:01:51.0086 7092   usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:01:51.0087 7092   usbprint - ok
22:01:51.0114 7092   usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:01:51.0116 7092   usbscan - ok
22:01:51.0133 7092   USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:01:51.0135 7092   USBSTOR - ok
22:01:51.0156 7092   usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
22:01:51.0158 7092   usbuhci - ok
22:01:51.0210 7092   usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
22:01:51.0213 7092   usbvideo - ok
22:01:51.0232 7092   vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:01:51.0233 7092   vdrvroot - ok
22:01:51.0246 7092   vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:01:51.0247 7092   vga - ok
22:01:51.0256 7092   VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:01:51.0257 7092   VgaSave - ok
22:01:51.0269 7092   vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:01:51.0272 7092   vhdmp - ok
22:01:51.0289 7092   viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:01:51.0290 7092   viaide - ok
22:01:51.0307 7092   volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:01:51.0308 7092   volmgr - ok
22:01:51.0328 7092   volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:01:51.0334 7092   volmgrx - ok
22:01:51.0352 7092   volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:01:51.0355 7092   volsnap - ok
22:01:51.0372 7092   vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:01:51.0375 7092   vsmraid - ok
22:01:51.0396 7092   vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:01:51.0397 7092   vwifibus - ok
22:01:51.0436 7092   WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:01:51.0437 7092   WacomPen - ok
22:01:51.0448 7092   WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:01:51.0450 7092   WANARP - ok
22:01:51.0454 7092   Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:01:51.0455 7092   Wanarpv6 - ok
22:01:51.0473 7092   Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:01:51.0474 7092   Wd - ok
22:01:51.0497 7092   Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:01:51.0502 7092   Wdf01000 - ok
22:01:51.0530 7092   WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:01:51.0531 7092   WfpLwf - ok
22:01:51.0561 7092   WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
22:01:51.0564 7092   WimFltr - ok
22:01:51.0579 7092   WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:01:51.0580 7092   WIMMount - ok
22:01:51.0643 7092   WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
22:01:51.0644 7092   WinUsb - ok
22:01:51.0664 7092   WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:01:51.0665 7092   WmiAcpi - ok
22:01:51.0704 7092   ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:01:51.0705 7092   ws2ifsl - ok
22:01:51.0745 7092   WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
22:01:51.0747 7092   WudfPf - ok
22:01:51.0767 7092   WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:01:51.0770 7092   WUDFRd - ok
22:01:51.0804 7092   MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:01:51.0867 7092   \Device\Harddisk0\DR0 - ok
22:01:51.0867 7092   Boot (0x1200) (7f8913a1d98ea391e8bf662462634142) \Device\Harddisk0\DR0\Partition0
22:01:51.0867 7092   \Device\Harddisk0\DR0\Partition0 - ok
22:01:51.0887 7092   Boot (0x1200) (8b6aa982f26c2cde0ccfadff655abcc4) \Device\Harddisk0\DR0\Partition1
22:01:51.0887 7092   \Device\Harddisk0\DR0\Partition1 - ok
22:01:51.0887 7092   ============================================================
22:01:51.0887 7092   Scan finished
22:01:51.0887 7092   ============================================================
22:01:51.0906 3048   Detected object count: 1
22:01:51.0906 3048   Actual detected object count: 1
22:02:21.0327 3048   sptd ( LockedFile.Multi.Generic ) - skipped by user
22:02:21.0327 3048   sptd ( LockedFile.Multi.Generic ) - User select action: Skip

lsvetka · « **Reply #5 on:** January 12, 2012, 01:24:50 AM »

Here is MBAM log:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.12.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
SASHAISVETA :: SASHAISVETA-PC [administrator]

1/11/2012 10:10:47 PM
mbam-log-2012-01-11 (22-10-47).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 475575
Time elapsed: 1 hour(s), 10 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Hoov · « **Reply #6 on:** January 12, 2012, 12:28:40 PM »

The file that TDSSKiller found is a legitimate file, so no need to worry about it.

How is your computer running?

lsvetka · « **Reply #7 on:** January 12, 2012, 01:18:13 PM »

The computer is running pretty good. Didn't have any problems lately. So does it mean that it's clean, no viruses?

Hoov · « **Reply #8 on:** January 12, 2012, 01:32:14 PM »

It looks like you got it all before you asked for help.

Do you have any other concerns? If not we can do some cleanup and call it done.

lsvetka · « **Reply #9 on:** January 12, 2012, 02:28:07 PM »

I just had a few questions. The logs that people post here from DDS is it safe to post them up here?
And another question I have Microsoft Essentials on my comp, what other anti virus programs or scanners can work well with it in order to be better protected? Thank you.

Hoov · « **Reply #10 on:** January 12, 2012, 04:55:36 PM »

Yes it is safe. There is no information there that people can use to get into your system, or identify you unless you use your full name for your computer username.

If you have Microsoft Security Essentials installed, then you should not install any other AntiVirus scanner. The two of them will conflict each other. But if you install Malwarebytes' Anti-Malware, and purchase the pro version, it will dovetail nicely with MSE and improve your security. Also make sure to include a software firewall with your security programs. This is all covered in the material below, including some cleanup instructions.

Now there are a few thing's you need to do to fully clean your system and keep it secure.

Run OTC
Download OTC to your desktop and run it
Click Yes to beginning the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Cleaning out Temporary Files etc. There are several different products that you can use for this. You can go thru the Internet Options in the windows Control Panel. There are several programs that also do the job better than windows does it, in my opinion. There is System Security Suite, EasyCleaner, Ccleaner. Also sometimes other program sometimes do it as well as what you originally got it for like ZoneAlarm Security Suite. Just make sure to keep them updated and use them regularly.

Disable and Enable System Restore.
I recommend you turn off System restore, and then turn it back on so that you will not be able to restore your problems to a clean computer.
For Vista use these instructions, Windows Vista Restore Guide
For XP use these instructions, Windows XP System Restore Guide
Reboot
Re-enable system restore with instructions from tutorial above
Create a System Restore Point
Go to all programs, then to accessories, then to system tools, then to system restore. Check the box for create restore point (not select a restore point), then click next and follow the instructions.

Make your Internet Explorer more secure - This can be done by following these simple instructions: (unless you are using ZoneAlarm Security Suite or something similar, then you would secure the browser thru the firewall). There are some good basic instructions for that here.

Use a different browser other than IE (most exploits are pointed towards IE). One of them is
Firefox.
It is also worth trying Thunderbird for controlling spam in your e-mail.

Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often. This is one thing that may save you more than anything else.

Run malware scanners. Three free ones are Spybot Search and Destroy, and AdAware and Malwarebytes' Anti-Malware

Always use a firewall.
Any firewall is better than none, and you should pick a firewall that you will use, as even the best firewall is worthless if you turn it off.

Learn how to use your firewall Only programs that need it should have access to the net. But these are specific to the firewall you use, so you will need to learn how. Several firewalls have support forums here. My page will help you with ZoneAlarm if that is what you choose.

Never run two Antivirus programs or two Firewalls at the same time. They can interfere with each other and cause problems. Some people swear that more protection is provided, but the reverse is true. They tend to argue amongst themselves and end up leaving holes. Now I have more than 1 AV installed on my computer, and I keep them up to date. I only run one at a time, but each program has weakness's, so I keep a backup in case my computer starts acting up.

MOST IMPORTANT : Windows and IE, and whatever other software that you have that connects to the net, needs to be kept updated. The reason is, these programs connect to the net, and if there is an internal security problem, you have already told your firewall to allow the communication, and thus you will have allowed a hole. UPDATES are important. I suggest that you make sure that Windows Updates and the updates for your antivirus and antimalware programs are set for automatic updates. I also suggest running Secunia PSI. It will monitor the software you have installed and let you know when something needs to be updated.

Don't ever use P2P or filesharing software Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

Before using any malware detection / removal software Check with Rogue/Suspect Spyware List That way you will know if the program you are looking at is on the up and up. If you want to know how it stacks up against other programs check out SpywareWarrior

We have a good guide here at Spyware Hammer on how to prevent Malware in the Future. You might want to peruse this and follow the recommendations in there.
PLEASE READ IT AND FOLLOW THE RECOMMENDATIONS TO PROTECT YOURSELF.

Let us know if you have any more problems, either new or old.
Have a good time surfing the net, but stay safe.
If you have no more problems, let me know and I will mark this as resolved. Or if you have more questions, ask away, that is why I am here.

lsvetka · « **Reply #11 on:** January 12, 2012, 10:54:02 PM »

I have Windows 7. Do you have instructions how to disable System Restore for Windows 7? I tried to do it following instructions for Vista, but it's a little different and I don't want to do something wrong and mess it up.

Hoov · « **Reply #12 on:** January 12, 2012, 11:11:50 PM »

There are some good instructions here.

lsvetka · « **Reply #13 on:** January 12, 2012, 11:48:04 PM »

Thanks. That worked out. I tried to create a restore point, but when I click on system restore in System Tools, the box pop-ups up saying that no restore points have been created and it won't let me choose anything other than Cancel. And can you tell me a little bit more about System Restore, I've never done it before. Thank you.

Hoov · « **Reply #14 on:** January 13, 2012, 10:06:26 AM »

Open System by clicking the Start button, right-clicking Computer, and then clicking Properties.

In the left pane, click System protection. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Click the System Protection tab, and then click Create.

In the System Protection dialog box, type a description, and then click Create.

News:

Author Topic: [Resolved] Win 7 Anti Spyware Virus (Read 811 times)

lsvetka

[Resolved] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus

lsvetka

Re: [In Progress] Win 7 Anti Spyware Virus

Hoov

Re: [In Progress] Win 7 Anti Spyware Virus