Author Topic: [Resolved] Brontok; Disabling programs, Causing restarts. (Read 1521 times)

ssamson89 · « **on:** May 24, 2012, 12:14:24 PM »

Brontok was detected by microsoft security essentials a few months ago. Removed it and came back repeatedly but saw virtually no symptoms. After moving my computer when trying to start many programs the computer will either restart or open the My documents folder and never launch the program.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Srira at 11:05:34 on 2012-05-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.1999 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
J:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
j:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
J:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
J:\WINDOWS\system32\spoolsv.exe
svchost.exe
J:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
J:\Program Files\Bonjour\mDNSResponder.exe
J:\WINDOWS\system32\inetsrv\inetinfo.exe
J:\Program Files\Java\jre6\bin\jqs.exe
J:\WINDOWS\System32\nvsvc32.exe
J:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
J:\WINDOWS\System32\svchost.exe -k imgsvc
J:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\RUNDLL32.EXE
J:\WINDOWS\RTHDCPL.EXE
J:\Program Files\Winamp\winampa.exe
J:\Program Files\Microsoft Security Client\msseces.exe
J:\Program Files\Unlocker\UnlockerAssistant.exe
J:\Program Files\Everything\Everything.exe
J:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\Common Files\Java\Java Update\jusched.exe
J:\program files\steam\steam.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Documents and Settings\Srira\Local Settings\Apps\F.lux\flux.exe
J:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
J:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
J:\Program Files\Siber Systems\GoodSync\GoodSync.exe
J:\Program Files\uTorrent\uTorrent.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\Launchy\Launchy.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\winlogon.exe
J:\Program Files\Medialink\MWN-USB54G\Installer\WINXP\MWN-USB54G Wireless Client Utility .exe
J:\Documents and Settings\Srira\Application Data\Dropbox\bin\Dropbox.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\services.exe
J:\Program Files\RescueTime\RescueTime.exe
J:\WINDOWS\system32\wscntfy.exe
J:\Program Files\SpeedFan\speedfan.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\WINDOWS\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = hxxp://store.steampowered.com/screenshot/view/2656/?size=1024
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:52364
uWinlogon: Shell=explorer.exe,j:\documents and settings\srira\application data\dwm.exe
BHO: CmjBrowserHelperObject Object: {6fe6a929-59d1-4763-91ad-29b61cffb35b} - j:\program files\mindjet\mindmanager 9\Mm8InternetExplorer.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - j:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - j:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - j:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - j:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - j:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - j:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Steam] "j:\program files\steam\steam.exe" -silent
uRun: [AlcoholAutomount] "j:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [Google Update] "j:\documents and settings\srira\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] j:\windows\system32\ctfmon.exe
uRun: [F.lux] "j:\documents and settings\srira\local settings\apps\f.lux\flux.exe" /noshow
uRun: [Taskbar Shuffle] j:\program files\taskbar shuffle\taskbarshuffle.exe
uRun: [SkinClock] j:\program files\atomic alarm clock\AtomicAlarmClock.exe
uRun: [GoodSync] "j:\program files\siber systems\goodsync\GoodSync.exe" /min
uRun: [Skype] "j:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Tok-Cirrhatus] "j:\documents and settings\srira\local settings\application data\smss.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE j:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE j:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [WinampAgent] "j:\program files\winamp\winampa.exe"
mRun: [MSC] "j:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [UnlockerAssistant] "j:\program files\unlocker\UnlockerAssistant.exe"
mRun: [Everything] "j:\program files\everything\Everything.exe" -startup
mRun: [RIMBBLaunchAgent.exe] j:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [conhost] j:\documents and settings\srira\application data\microsoft\conhost.exe
mRun: [iTunesHelper] "j:\program files\itunes\iTunesHelper.exe"
mRun: [BCSSync] "j:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "j:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "j:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "j:\program files\common files\java\java update\jusched.exe"
mRun: [Bron-Spizaetus] "j:\windows\inf\norBtok.exe"
dRun: [Tok-Cirrhatus] "j:\documents and settings\networkservice\local settings\application data\smss.exe"
dRun: [DWQueuedReporting] "j:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: j:\docume~1\srira\startm~1\programs\startup\dropbox.lnk - j:\documents and settings\srira\application data\dropbox\bin\Dropbox.exe
StartupFolder: j:\documents and settings\srira\start menu\programs\startup\Empty.pif
StartupFolder: j:\docume~1\srira\startm~1\programs\startup\rescue~1.lnk - j:\program files\rescuetime\RescueTime.exe
StartupFolder: j:\docume~1\srira\startm~1\programs\startup\secuni~1.lnk - j:\program files\secunia\psi\psi.exe
StartupFolder: j:\docume~1\srira\startm~1\programs\startup\speedfan.lnk - j:\program files\speedfan\speedfan.exe
StartupFolder: j:\documents and settings\srira\start menu\programs\startup\Startup.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\launchy.lnk - j:\program files\launchy\Launchy.exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\mwn-us~1.lnk - j:\program files\medialink\mwn-usb54g\installer\winxp\MWN-USB54G Wireless Client Utility .exe
StartupFolder: j:\docume~1\alluse~1\startm~1\programs\startup\solidw~1.lnk - j:\program files\common files\solidworks installation manager\backgrounddownloading\sldBgDwld.exe
StartupFolder: j:\documents and settings\all users\start menu\programs\startup\Startup.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &Enviar para o OneNote - j:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - j:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: E&xportar para o Microsoft Excel - j:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - j:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - j:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - j:\program files\microsoft office\office14\ONBttnIE.dll
IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - j:\program files\mindjet\mindmanager 9\Mm8InternetExplorer.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - j:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - j:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - j:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - j:\progra~1\micros~3\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - j:\documents and settings\srira\application data\mozilla\firefox\profiles\onnu1xxg.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 52364
FF - prefs.js: network.proxy.type - 1
FF - plugin: j:\documents and settings\srira\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: j:\documents and settings\srira\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: j:\documents and settings\srira\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: j:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: j:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: j:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: j:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: j:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: j:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: j:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: j:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: j:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: j:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: j:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: j:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: j:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: j:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: j:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: j:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: j:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: j:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: j:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: j:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: j:\program files\mozilla firefox\plugins\npEModelPlugin.dll
FF - plugin: j:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: j:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: j:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;j:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsl11a09d2f;MpKsl11a09d2f;j:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3cf55a4f-6a5b-4b1f-8cff-4bd97ae9f8c9}\MpKsl11a09d2f.sys [2012-5-24 29904]
R2 StarWindServiceAE;StarWind AE Service;j:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;j:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c99ac056567ada;Google Update Service (gupdate1c99ac056567ada);j:\program files\google\update\GoogleUpdate.exe [2009-3-1 133104]
S2 SkypeUpdate;Skype Updater;j:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;j:\program files\solidworks corp\solidworks\swscheduler\DTSCoordinatorService.exe [2010-10-5 87336]
S3 cpuz130;cpuz130;\\??\\j:\\docume~1\\srira\\locals~1\\temp\\cpuz130\\cpuz_x32.sys --> \\j:\\docume~1\\srira\\locals~1\\temp\\cpuz130\\cpuz_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);j:\program files\google\update\GoogleUpdate.exe [2009-3-1 133104]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;j:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;j:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 PSI;PSI;j:\windows\system32\drivers\psi_mf.sys [2010-5-28 14896]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"j:\\program files\\roxio creator 2009\\digital home 11\\roxioupnprenderer11.exe" --> j:\\program files\\roxio creator 2009\\digital home 11\\RoxioUPnPRenderer11.exe [?]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;j:\program files\sisoftware\sisoftware sandra lite 2009.sp2\RpcAgentSrv.exe [2008-12-20 98488]
S3 WinRM;Windows Remote Management (WS-Management);j:\windows\system32\svchost.exe -k WINRM [2003-3-31 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;j:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;j:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2012-05-24 18:02:48   --------   d-----w-   j:\documents and settings\srira\local settings\application data\Loc.Mail.Bron.Tok
2012-05-24 17:53:45   29904   ----a-w-   j:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3cf55a4f-6a5b-4b1f-8cff-4bd97ae9f8c9}\MpKsl11a09d2f.sys
2012-05-24 17:48:04   12393   ----a-w-   j:\documents and settings\srira\local settings\application data\Update.3.Bron.Tok.bin
2012-05-24 17:47:15   --------   d-----w-   j:\documents and settings\srira\local settings\application data\Bron.tok-3-24
2012-05-23 21:10:42   --------   d-----w-   J:\testing3
2012-05-23 21:10:10   --------   d-----w-   J:\testing2
2012-05-23 21:09:44   --------   d-----w-   J:\testing1
2012-05-23 21:07:32   --------   d-----w-   J:\testing
2012-05-23 18:39:30   --------   d-----w-   J:\test3
2012-05-23 18:37:29   --------   d-----w-   J:\test2
2012-05-23 18:35:36   --------   d-----w-   J:\test1
2012-05-23 03:54:19   --------   d-----w-   j:\windows\system32\winrm
2012-05-23 03:54:00   --------   dc-h--w-   j:\windows\$968930Uinstall_KB968930$
2012-05-21 13:44:52   --------   d-----w-   j:\documents and settings\srira\.swt
2012-05-21 13:40:23   --------   d-----w-   j:\program files\thinkorswim
2012-05-20 08:27:30   6737808   ----a-w-   j:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{3cf55a4f-6a5b-4b1f-8cff-4bd97ae9f8c9}\mpengine.dll
.
==================== Find3M ====================
.
2012-03-29 03:10:14   73728   ----a-w-   j:\windows\system32\javacpl.cpl
2012-03-29 03:10:13   472808   ----a-w-   j:\windows\system32\deployJava1.dll
.
============= FINISH: 11:05:42.65 ===============

ATTACH.TXT

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 12/19/2008 8:32:42 PM
System Uptime: 5/24/2012 10:46:00 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5K-VM
Processor: Intel Pentium III Xeon processor | LGA775 | 2533/266mhz
.
==== Disk Partitions =========================
.
F: is FIXED (NTFS) - 37 GiB total, 7.31 GiB free.
G: is CDROM ()
H: is CDROM ()
I: is FIXED (NTFS) - 234 GiB total, 0.416 GiB free.
J: is FIXED (NTFS) - 298 GiB total, 39.432 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_054C&PID_021F\000000109B2A
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_054C&PID_021F\000000109B2A
Service: USBSTOR
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_82771043&REV_02\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_82771043&REV_02\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
RP538: 5/22/2012 8:54:14 PM - Installed %1 %2.
RP539: 5/23/2012 10:10:27 PM - System Checkpoint
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Any Video Converter 2.7.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atomic Alarm Clock 5.8
Audacity 1.2.6
Audiosurf Beta
Aurora
AutoCAD 2010 - English
AutoCAD 2010 Language Pack - English
Autodesk Design Review 2010
AutoHotkey 1.0.92.02
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 6.1
Blocks 3
Boilosft AVI to VCD SVCD DVD Converter 3.81
Bonjour
calibre
CamStudio
Catan Online World
CCleaner
Circuit Construction Kit (DC and AC)
Circuit Construction Kit (DC Only)
Cisco WebEx Meetings
Crysis WARHEAD(R)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dexpot
Dropbox
Everything 1.2.1.371
F.lux
Foxit Creator
Foxit PDF Editor
Foxit Reader
FreeMind
GoodSync
Google Chrome
Google Earth
Google SketchUp 8
Google Talk Plugin
Google Update Helper
Google Updater
GoToMeeting 4.8.0.723
Graphical Analysis 3.4
Graphing Calculator Viewer
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hott notes 4
HQuote
iriver Music Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 31
Launchy 2.1.2
Marvell Miniport Driver
MediaLink MWN-USB54G Wireless Client Utility
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Help Viewer 1.0
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft MSN MoneyCentral Stock Quotes Add-In for Excel
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access MUI (Portuguese (Brazil)) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office O MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office X MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 Express - ENU
Microsoft Visual Studio 2005 Tools for Applications - ENU
Microsoft XNA Framework Redistributable 4.0
Microsoft® Stock Actions for the Research Task Pane
Mindjet MindManager 9
ML-1200 Series
Motion in 2D
Mozilla Firefox 7.0.1 (x86 en-GB)
Mp3tag v2.48
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Network Recording Player
NinjaTrader 7
Notepad++
NVIDIA Drivers
OCCT Perestroika 2.0.1
OGA Notifier 2.0.0048.0
OpenOffice.org 3.2
oZone3D.Net FurMark v1.8.0
PDF Settings
PFGAPI
PokerStars
Portal
PowerISO
Python 2.7.1
QuickTime
Quintessential Media Player
Realtek High Definition Audio Driver
RescueTime 2.1.0
Secunia PSI
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Excel 2010 (KB2553070)
Security Update for Microsoft InfoPath 2010 (KB2510065)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft PowerPoint 2010 (KB2519975)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visual C++ 2010 Express - ENU (KB2251489)
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2345000)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SiSoftware Sandra Lite 2009.SP2
Skype™ 5.8
SmartSound Quicktracks Plugin
SolidWorks 2011 SP0
SolidWorks eDrawings 2011 SP0
SolidWorks Explorer 2011 SP0
SpeedFan (remove only)
Spotify
Steam
Taskbar Shuffle version 2.5
Team Fortress 2
thinkorswim
thinkorswim from TD AMERITRADE
TI Connect 1.6
TWS Demo
Uniblue RegistryBooster 2010
Unlocker 1.9.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
VLC media player 1.1.11
WebEx Recorder and Player
WebFldrs XP
Winamp
Winamp Application Detect
WinDirStat 1.1.2
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
5/24/2012 8:00:43 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/24/2012 10:42:56 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x8007043c    Error description: This service cannot be started in Safe Mode
5/24/2012 10:37:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
5/24/2012 10:34:16 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm MpFilter SCDEmu
5/24/2012 10:34:16 AM, error: Service Control Manager [7001] - The World Wide Web Publishing service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2012 10:34:16 AM, error: Service Control Manager [7001] - The Simple Mail Transfer Protocol (SMTP) service depends on the IIS Admin service which failed to start because of the following error: The dependency service or group failed to start.
5/24/2012 10:33:07 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/24/2012 10:11:36 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/23/2012 9:42:14 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/22/2012 8:01:37 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer DADSCOMPUTER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A2016F32-F060-4. The master browser is stopping or an election is being forced.
5/22/2012 7:16:33 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/22/2012 5:25:29 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/22/2012 5:20:27 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/21/2012 6:31:57 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/21/2012 6:31:27 AM, error: Service Control Manager [7023] - The Automatic Updates service terminated with the following error: The specified module could not be found.
5/21/2012 5:25:22 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/21/2012 10:46:36 PM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.115. The machine with the IP address 192.168.1.136 did not allow the name to be claimed by this machine.
5/21/2012 1:28:13 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.127.309.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8403.0    Error code: 0x80080005    Error description: Server execution failed
5/20/2012 1:26:47 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.125.1749.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8304.0    Error code: 0x80080005    Error description: Server execution failed
5/20/2012 1:14:15 AM, error: Service Control Manager [7023] - The Pml Driver HPZ12 service terminated with the following error: The specified module could not be found.
5/20/2012 1:14:15 AM, error: Service Control Manager [7023] - The Net Driver HPZ12 service terminated with the following error: The specified module could not be found.
5/18/2012 12:55:41 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer FELICIA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{23D8C94D-26C7-463. The master browser is stopping or an election is being forced.
5/17/2012 10:52:25 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.125.1749.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8304.0    Error code: 0x80080005    Error description: Server execution failed
5/17/2012 10:47:23 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.    New Signature Version:     Previous Signature Version: 1.125.1749.0    Update Source: Microsoft Update Server    Update Stage: Search    Source Path: Default URL    Signature Type: AntiVirus    Update Type: Full    User: NT AUTHORITY\SYSTEM    Current Engine Version:     Previous Engine Version: 1.1.8304.0    Error code: 0x80080005    Error description: Server execution failed
.
==== End Of File ===========================

Hoov · « **Reply #1 on:** May 24, 2012, 12:34:33 PM »

My name is Hoov and I will be helping you with your problem. As you have been helped here before, you know how it goes so I am going to skip all my preamble.

How long ago has it been since Brontok was last detected?

Also could you explain this a bit more? Did you physically move your hardware, or did you move "My Computer" on the harddrive? After moving my computer when trying to start many programs the computer will either restart or open the My documents folder and never launch the program.

Can you tell me why windows is installed on the J drive? Is this a dual or multiboot system?

ssamson89 · « **Reply #2 on:** May 25, 2012, 05:19:33 PM »

The Microsoft Security Essentials doesn't detect anything, but there are brontok files on my computer that recreate themselves after being deleted. I've tried a few brontok removers online, but some files persist:

J:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-3-25
J:\Documents and Settings\NetworkService\Local Settings\Application Data\Loc.Mail.Bron.Tok

I physically moved my computer when I changed residences. I usually put it on standby overnight, instead of completely shutting down.

My computer is dual boot. There are 4 instances of Windows XP: my original I've used for years, 2 I've used to recover boot.ini files, another I made on accident, and there used to be an ubuntu linux distro.

I forget exactly why it's on the J: drive. But as I remember, after recovering my computer from a cpu failure, I bought a new faster drive and installed Windows on the new one, while keeping the old drive as multimedia even though it had an old copy of windows on it, making a C: drive. So My new OS drive was F: and my old OS drive C: and I had another drive as D. Something similar happen a second time and the drive names shifted down again.

I know it sounds weird and confusing but the drive setup has almost never been a problem.

Hoov · « **Reply #3 on:** May 25, 2012, 06:42:19 PM »

Just wanted to make sure that there was not something that had moved windows.

Download Security Check by screen317 from HERE or HERE
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4

Double-click on the Rkill desktop icon to run the tool.
If using Vista, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot''s Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes'' Anti-Malware
Launch Malwarebytes'' Anti-Malware

Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click ''Show Results'' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM''s database version and your operating system.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.[/list]

ssamson89 · « **Reply #4 on:** May 26, 2012, 03:25:37 AM »

This log file is located at J:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 05/26/2012 at 1:44:31.
Operating System: Microsoft Windows XP

Processes terminated by Rkill or while it was running:

J:\Documents and Settings\Srira\Local Settings\Apps\F.lux\flux.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\winlogon.exe
J:\Documents and Settings\Srira\Application Data\Dropbox\bin\Dropbox.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\services.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\NetworkService\Local Settings\Application Data\winlogon.exe
J:\Documents and Settings\NetworkService\Local Settings\Application Data\services.exe
J:\Documents and Settings\NetworkService\Local Settings\Application Data\lsass.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Srira\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Rkill completed on 05/26/2012 at 1:44:54.

Results of screen317's Security Check version 0.99.38
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
Secunia PSI
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 31
Java version out of date!
Adobe Flash Player 10 Flash Player out of date!
Adobe Flash Player 10.3.183.7 Flash Player out of Date!
Mozilla Firefox (7.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

ssamson89 · « **Reply #5 on:** May 26, 2012, 03:35:57 AM »

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.26.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Srira :: ARES [administrator]

5/26/2012 1:52:29 AM
mbam-log-2012-05-26 (01-52-29).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 435612
Time elapsed: 26 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Worm.Brontok) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EXCEL.EXE (Worm.Brontok) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spotify (Worm.Brontok) -> Quarantined and deleted successfully.

Registry Values Detected: 7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Bron-Spizaetus (Worm.Brontok) -> Data: "J:\WINDOWS\INF\norBtok.exe" -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Tok-Cirrhatus (Worm.Brontok) -> Data: "J:\Documents and Settings\Srira\Local Settings\Application Data\smss.exe" -> Quarantined and deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Tok-Cirrhatus (Worm.Brontok) -> Data: "J:\Documents and Settings\NetworkService\Local Settings\Application Data\smss.exe" -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Hijack.Shell.Gen) -> Data: explorer.exe,J:\Documents and Settings\Srira\Application Data\dwm.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoFolderOptions (Hijack.FolderOptions) -> Data: 1 -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:52364 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|conhost (Trojan.Agent) -> Data: J:\Documents and Settings\Srira\Application Data\Microsoft\conhost.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 6
J:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-3-24 (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-3-25 (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\Bron.tok-3-26 (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\Bron.tok-3-24 (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\Bron.tok-3-25 (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\Bron.tok-3-26 (Worm.Brontok) -> Quarantined and deleted successfully.

Files Detected: 683
J:\WINDOWS\inf\norBtok.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\smss.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\smss.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Application Data\Microsoft\IMJP8_1\IMJP8_1.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.0\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft\Media Player\Media Player.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft\User Account Pictures\User Account Pictures.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.1\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.1\Application Data\Microsoft\Media Player\Media Player.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.1\Application Data\Microsoft\User Account Pictures\User Account Pictures.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft Help\Microsoft Help.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\ashampoo\drivers\drivers.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Autodesk\Adlm\Adlm.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Autodesk\MC3\MC3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Azureus\Azureus.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Blizzard\InstallerReplacements\InstallerReplacements.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\DivX\Setup\Setup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\FLEXnet\FLEXnet.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\GoodSync\GoodSync.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Google Updater\Google Updater.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Google Updater\history\history.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Google Updater\icons\icons.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\Dr Watson.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\HTML Help\HTML Help.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\Media Index.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\Media Player.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Microsoft Antimalware.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\OFFICE.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\PlayReady\PlayReady.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\User Account Pictures.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Office Genuine Advantage\data\data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Research In Motion\BlackBerry\BlackBerry.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Roxio\Roxio.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype\{5335DADB-34BA-4AE8-A519-648D78498846}\{5335DADB-34BA-4AE8-A519-648D78498846}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype\{AA59DDE4-B672-4621-A016-4C248204957A}\{AA59DDE4-B672-4621-A016-4C248204957A}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype Extras\Skype Extras.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype Extras\Local Cache\Local Cache.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Skype Extras\MLS\MLS.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\SmartSound Software Inc\Encoding\Encoding.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\SmartSound Software Inc\Libraries\Libraries.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\SmartSound Software Inc\Sound Files\Sound Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Sonic\Sonic.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Uninstall\{7919D8D9-69FB-4E94-B330-04C4AF251867}\{7919D8D9-69FB-4E94-B330-04C4AF251867}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data\data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Application Data\Microsoft\Protect\Protect.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Application Data\Microsoft\IMJP8_1\IMJP8_1.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Application Data\Foxit Software\Foxit PDF Creator\Foxit PDF Creator.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Application Data\Apple Computer\Logs\Logs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\.minecraft\.minecraft`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Adobe\Workflow\Workflow.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Any Video Converter\Any Video Converter.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Apple Computer\iTunes\iTunes.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Apple Computer\Logs\Logs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Apple Computer\Preferences\Preferences.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Autodesk\MC3\MC3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Autodesk\WebServices\WebServices.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Azureus\Azureus.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Azureus\subs\subs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Azureus\active\active.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Azureus\dht\dht.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Azureus\net\net.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Azureus\torrents\torrents.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Blackberry Desktop\Yahoo Connector\Yahoo Connector.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\calibre\calibre.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\calibre\conversion\conversion.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\calibre\metadata_sources\metadata_sources.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\CheckPoint\ZoneAlarm Toolbar\ZoneAlarm Toolbar.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Address Book\Address Book.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Bibliography\Bibliography.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Clip Organizer\Clip Organizer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Excel\Excel.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\HTML Help\HTML Help.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Media Player\Media Player.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\MMC\MMC.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Modelos\Modelos.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Office\Office.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\PowerPoint\PowerPoint.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Protect\Protect.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Templates\Templates.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\UProof\UProof.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Microsoft\Word\Word.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\mIRC\mIRC.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\mIRC\logs\logs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\mIRC\scripts\scripts.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Mozilla\Firefox\Firefox.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Mozilla\plugins\plugins.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Mp3tag\Mp3tag.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Mp3tag\data\data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Mp3tag\export\export.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\MSNStockQuote\MSNStockQuote.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Notepad++\Notepad++.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Office Genuine Advantage\data\data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\OpenOffice.org\3\3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Research In Motion\BlackBerry Desktop\BlackBerry Desktop.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Research In Motion\BlackBerry Media Sync\BlackBerry Media Sync.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Dexpot\profile\profile.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\DivX\Player\Player.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\DivX\TransferWizard\TransferWizard.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Dropbox\Dropbox.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Dropbox\bin\bin.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Dropbox\l\l.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\dvdcss\dvdcss.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\DWGeditor\DWGeditor.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Foxit Software\Foxit PDF Creator\Foxit PDF Creator.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Foxit Software\Foxit Reader\Foxit Reader.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\GetRightToGo\GetRightToGo.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\GoodSync\GoodSync.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Google\GoogleEarth\GoogleEarth.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\hott notes 4\hott notes 4.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\hott notes 4\backup\backup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Launchy\Launchy.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Roxio\Roxio.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Roxio\Sidewinder\Sidewinder.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Skype\Skype.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Skype\shared_dynco\shared_dynco.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Skype\shared_httpfe\shared_httpfe.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Skype\ssamson89\ssamson89.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\skypePM\skypePM.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\SolidWorks\SolidWorks.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\SolidWorks\SolidWorks 2011\SolidWorks 2011.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Spotify\spotify.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Spotify\Data\Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Uniblue\RegistryBooster 2010\RegistryBooster 2010.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\uTorrent\uTorrent.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\uTorrent\dlimagecache\dlimagecache.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\uTorrent\apps\apps.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\vlc\vlc.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\webex\webex.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Winamp\Winamp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\Winamp\Plugins\Plugins.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Application Data\WinPatrol\WinPatrol.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Application Data\Foxit Software\Foxit PDF Creator\Foxit PDF Creator.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Common Files\Microsoft Shared\Web Folders\Web Folders.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Common Files\System\System.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Common Files\System\ado\ado.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Desktop\Desktop.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Desktop\Desktop.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\My Documents\Downloads\Downloads.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Internet Explorer\PLUGINS\PLUGINS.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Mozilla Firefox\Mozilla Firefox.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Mozilla Firefox\components\components.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Mozilla Firefox\plugins\plugins.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\NetMeeting\NetMeeting.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Outlook Express\Outlook Express.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Uninstall Information\Uninstall Information.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Windows Media Player\Windows Media Player.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Program Files\Windows NT\Windows NT.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\A.kotnorB.com (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Data Srira.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Data System.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\J.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj443.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj462.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\S-1-5-21-1614895754-813497703-682003330-1003.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj323\Dj323.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj441.Tok\Dj441.Tok`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj442.Tok\Dj442.Tok`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj468.Tok\Dj468.Tok`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj307\Dj307.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj385\Dj385.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-1614895754-813497703-682003330-1003\Dj392\Dj392.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\RECYCLER\S-1-5-21-507921405-926492609-839522115-1003\S-1-5-21-507921405-926492609-839522115-1003.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.1\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Start Menu\Programs\Startup\Empty.pif (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Start Menu\Programs\Startup\Empty.pif (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\Startup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\3D Animation.scr (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\system32.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\ibfs32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\Com\Com.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\config.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\systemprofile.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\drivers\drivers.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\drivers\etc\etc.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\oobe\oobe.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\spool\prtprocs\w32x86\w32x86.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\wbem\wbem.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Temp\WER6fbf.dir00\WER6fbf.dir00`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\Cookies\Cookies.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\History.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\AHQVGDWR\AHQVGDWR.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\G1Y3U1G9\G1Y3U1G9.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\KVQPEN4V\KVQPEN4V.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\SPGD41UP\SPGD41UP.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\temp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\Cookies\Cookies.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\History\History.IE5\History.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\Temporary Internet Files\Content.IE5\73IIZPI1\73IIZPI1.exe (Worm.Brontok) -> Quarantined and deleted successfully.

ssamson89 · « **Reply #6 on:** May 26, 2012, 03:36:53 AM »

J:\Documents and Settings\NetworkService\Local Settings\temp\Temporary Internet Files\Content.IE5\KOU3G655\KOU3G655.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\Temporary Internet Files\Content.IE5\Q2ZJI5T3\Q2ZJI5T3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\temp\Temporary Internet Files\Content.IE5\UJ4769AQ\UJ4769AQ.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\temp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\DesignChecker\2011\2011.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\e4j245.tmp_dir23494\e4j245.tmp_dir23494`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\svfjb.tmp\svfjb.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\CitrixLogs\CitrixLogs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\CitrixLogs\gotomeeting\723\723.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\CitrixLogs\gotomeeting\952\952.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\CRX_75DAF8CB7768\CRX_75DAF8CB7768.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\CR_FD43A.tmp\CR_FD43A.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\DA2.dir\DA2.dir`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\HP\OJ4500vG510n-z_Basic_13_en\OJ4500vG510n-z_Basic_13_en.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\HP\OJ4500vG510n-z_Basic_13_en\images\images.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\HP\OJ4500vG510n-z_Basic_13_en\setup\setup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\fontconfig\cache\cache.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\fworks\fworks.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_61CE0252-2CBC-4A25-B790-DDD1F98DC27E.0\OICE_61CE0252-2CBC-4A25-B790-DDD1F98DC27E.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\6.dir\6.dir`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\7zS1361.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\setup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\BPDhelp\BPDhelp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\BPDSoftware\BPDSoftware.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\BPD_HPSU\BPD_HPSU.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\BPD_Scan\BPD_Scan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\Fax\Fax.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\Product\Product.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\ProductContext\ProductContext.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\Scan\Scan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\Toolbox\Toolbox.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\WebReg\WebReg.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\setup\x64\x64.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\util\ccc\ccc.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1361.tmp\Images\Images.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\7zS19.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\setup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\BPDhelp\BPDhelp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\BPDSoftware\BPDSoftware.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\BPD_HPSU\BPD_HPSU.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\BPD_Scan\BPD_Scan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\Fax\Fax.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\Product\Product.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\ProductContext\ProductContext.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\Scan\Scan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\Toolbox\Toolbox.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\WebReg\WebReg.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\setup\x64\x64.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\util\ccc\ccc.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS19.tmp\Images\Images.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\7zS1BD.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\setup.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\BPDhelp\BPDhelp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\BPDSoftware\BPDSoftware.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\BPD_HPSU\BPD_HPSU.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\BPD_Scan\BPD_Scan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\Fax\Fax.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\Product\Product.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\ProductContext\ProductContext.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\Scan\Scan.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\Toolbox\Toolbox.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\WebReg\WebReg.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\setup\x64\x64.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\util\ccc\ccc.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\7zS1BD.tmp\Images\Images.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\A.dir\A.dir`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_89049957-7D3C-40C4-A051-4DDB973DD614.0\OICE_89049957-7D3C-40C4-A051-4DDB973DD614.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_89049957-7D3C-40C4-A051-4DDB973DD614.0\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_8F9C6695-213E-4722-91D4-3BEDD45E6ED9.0\OICE_8F9C6695-213E-4722-91D4-3BEDD45E6ED9.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_96E6CC00-1900-46A4-A8F5-DA4BC5F9286A.0\OICE_96E6CC00-1900-46A4-A8F5-DA4BC5F9286A.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_98B0EEBC-A4FB-48E7-B00B-25212481EAEF.0\OICE_98B0EEBC-A4FB-48E7-B00B-25212481EAEF.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_B28ADACB-76F2-42F2-AAE0-BA9D6BD29A46.0\OICE_B28ADACB-76F2-42F2-AAE0-BA9D6BD29A46.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_BE82423F-9012-4BAB-A4D5-E45A28092A49.0\OICE_BE82423F-9012-4BAB-A4D5-E45A28092A49.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_BE82423F-9012-4BAB-A4D5-E45A28092A49.0\msohtmlclip1\01\01.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_BF7C8EB5-027B-47BC-B601-0427DC19AE1A.0\OICE_BF7C8EB5-027B-47BC-B601-0427DC19AE1A.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\outlook logging\outlook logging.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\nppLocalization\nppLocalization.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\nsg31A.tmp\nsg31A.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\nsh13.tmp\nsh13.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\nso24.tmp\nso24.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_1054E667-087E-4859-BE69-8600FB992354.0\OICE_1054E667-087E-4859-BE69-8600FB992354.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\OICE_5179B2ED-5682-461F-AF15-13700F5EC4C1.0\OICE_5179B2ED-5682-461F-AF15-13700F5EC4C1.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\SWUtilities2011\SWUtilities2011.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\swx1348\swx1348.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\swx7840\swx7840.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\swxauto\swxauto.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\Excel\Excel.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\g2m3F00.tmp\g2m3F00.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\temp\g2m83.tmp\g2m83.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\temp\temp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige60\._msige60`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\temp\._msige61\._msige61`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\temp.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsa8F8.tmp\nsa8F8.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nscDEF.tmp\nscDEF.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsd3E2A.tmp\nsd3E2A.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nse2607.tmp\nse2607.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\gis1947438e.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\2.4.2432.1652`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\bg\bg.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\cs\cs.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\da\da.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\de\de.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\el\el.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\en\en.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\en-gb\en-gb.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\es\es.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\fi\fi.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\fr\fr.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\hr\hr.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\HTML\HTML.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\hu\hu.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\it\it.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\ja\ja.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\ko\ko.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\nl\nl.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\no\no.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\pl\pl.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\pt-br\pt-br.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\ro\ro.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\ru\ru.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\sk\sk.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\sv\sv.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\th\th.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\tr\tr.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\zh-cn\zh-cn.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\gis1947438e\2.4.2432.1652\zh-tw\zh-tw.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\History\History.IE5\History.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\Temporary Internet Files\Content.IE5\7E8UC3L4\7E8UC3L4.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\Temporary Internet Files\Content.IE5\8OF23WLF\8OF23WLF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\Temporary Internet Files\Content.IE5\JS4HH36H\JS4HH36H.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\Temporary Internet Files\Content.IE5\UGH61PFS\UGH61PFS.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsg1A5.tmp\nsg1A5.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsy3939.tmp\nsy3939.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsj70.tmp\nsj70.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nskD6B.tmp\nskD6B.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsl131B.tmp\nsl131B.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nso2CFC.tmp\nso2CFC.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nso416E.tmp\nso416E.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsp2DC.tmp\nsp2DC.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsr26A3.tmp\nsr26A3.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsr5E.tmp\nsr5E.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nss2B55.tmp\nss2B55.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsu32C.tmp\nsu32C.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsw34B4.tmp\nsw34B4.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\nsx97F.tmp\nsx97F.tmp`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\temp\Cookies\Cookies.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Administrator.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\ASPNET.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Default User.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Default User.WINDOWS.0`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Default User.WINDOWS.1`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\ghjk.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\LocalService.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\LocalService.NT AUTHORITY`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\LocalService.NT AUTHORITY.000`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\NetworkService.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\NetworkService.NT AUTHORITY`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\NetworkService.NT AUTHORITY.000`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Srira.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Local Settings.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\csrss.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\inetinfo.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\lsass.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\services.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\winlogon.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\Application Data.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\inetinfo.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\lsass.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\services.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\winlogon.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\csrss.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Application Data\Microsoft\Internet Explorer\Internet Explorer.exe (Worm.Brontok) -> Quarantined and deleted successfully.

ssamson89 · « **Reply #7 on:** May 26, 2012, 03:44:11 AM »

J:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2D1XHBCM\2D1XHBCM.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\R62GTYSC\R62GTYSC.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\SSG1BADJ\SSG1BADJ.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\T7ZFDBLL\T7ZFDBLL.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Temporary Internet Files\Content.IE5\05IRSXEF\05IRSXEF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Temporary Internet Files\Content.IE5\K9EZ09E3\K9EZ09E3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Temporary Internet Files\Content.IE5\O12NC9MB\O12NC9MB.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ARES\ASPNET\Local Settings\Temporary Internet Files\Content.IE5\OT6VS5Y7\OT6VS5Y7.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\05IRSXEF\05IRSXEF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\K9EZ09E3\K9EZ09E3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\O12NC9MB\O12NC9MB.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OT6VS5Y7\OT6VS5Y7.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Temporary Internet Files\Content.IE5\2D1XHBCM\2D1XHBCM.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Temporary Internet Files\Content.IE5\R62GTYSC\R62GTYSC.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Temporary Internet Files\Content.IE5\SSG1BADJ\SSG1BADJ.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.0\Local Settings\Temporary Internet Files\Content.IE5\T7ZFDBLL\T7ZFDBLL.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Temporary Internet Files\Content.IE5\52F0RH7C\52F0RH7C.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Temporary Internet Files\Content.IE5\B7ISY8D2\B7ISY8D2.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Temporary Internet Files\Content.IE5\D1HFGZX1\D1HFGZX1.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Default User.WINDOWS.1\Local Settings\Temporary Internet Files\Content.IE5\H54LJC8Y\H54LJC8Y.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Temporary Internet Files\Content.IE5\91XR85N5\91XR85N5.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Temporary Internet Files\Content.IE5\JEPLR3OZ\JEPLR3OZ.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Temporary Internet Files\Content.IE5\UD778EOA\UD778EOA.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\Local Settings\Temporary Internet Files\Content.IE5\ZQ2AT1F3\ZQ2AT1F3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\45YR0TI3\45YR0TI3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\KX6VK9Y3\KX6VK9Y3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\OL6ZGXYR\OL6ZGXYR.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\OPYZO523\OPYZO523.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\CJEFSB6D\CJEFSB6D.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\QRAB6DKR\QRAB6DKR.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\SHCD834H\SHCD834H.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\UV89SB67\UV89SB67.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2JV1RZJA\2JV1RZJA.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\6FI9G30B\6FI9G30B.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MS436OM0\MS436OM0.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U7Q12DWN\U7Q12DWN.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\2D1XHBCM\2D1XHBCM.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\R62GTYSC\R62GTYSC.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\SSG1BADJ\SSG1BADJ.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\T7ZFDBLL\T7ZFDBLL.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\91XR85N5\91XR85N5.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\JEPLR3OZ\JEPLR3OZ.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\UD778EOA\UD778EOA.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings\Temporary Internet Files\Content.IE5\ZQ2AT1F3\ZQ2AT1F3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\AntiPhishing\AntiPhishing.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\53QG6QXA\53QG6QXA.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\7MLS1RYR\7MLS1RYR.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\AA3HUXJO\AA3HUXJO.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\BA2R4T02\BA2R4T02.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\EVVWRXPK\EVVWRXPK.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\HG9TMG6Z\HG9TMG6Z.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\L39GCP9N\L39GCP9N.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\O0CRIRE8\O0CRIRE8.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\SXQMJ47L\SXQMJ47L.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.IE5\T70BOCO5\T70BOCO5.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.MSO\Content.MSO`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Local Settings\Temporary Internet Files\Content.Word\Content.Word`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Temporary Internet Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\Content.IE5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\05IRSXEF\05IRSXEF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\K9EZ09E3\K9EZ09E3.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O12NC9MB\O12NC9MB.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OT6VS5Y7\OT6VS5Y7.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\WINDOWS.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\EnvDTE\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\EnvDTE80\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\EnvDTE90\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\EnvDTE90a\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\1.0.2903.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\1.0.2904.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\1.0.2905.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\1.0.2906.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\1.0.2907.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\1.0.2908.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\1.0.2909.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\1.0.2910.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\1.0.2911.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\1.0.2902.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\10.0.4504.0__31bf3856ad364e35`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\12.0.0.0__71e9bce111e9429c`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VSLangProj2\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VSLangProj80\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VslangProj90\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VsWebSite.Interop\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VsWebSite.Interop100\10.0.0.0__b03f5f7f11d50a3a\10.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\VsWebSite.Interop90\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\12.0.0.0__71e9bce111e9429c`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.CommandBars\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Debugger.Interop\8.0.1.0__b03f5f7f11d50a3a\8.0.1.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Debugger.InteropA\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Designer.Interfaces\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\7.1.40304.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Shell.Interop\7.1.40304.0__b03f5f7f11d50a3a\7.1.40304.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Shell.Interop.8.0\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.Shell.Interop.9.0\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop\7.1.40304.0__b03f5f7f11d50a3a\7.1.40304.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop.8.0\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.TextManager.Interop.9.0\9.0.0.0__b03f5f7f11d50a3a\9.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VCCodeModel\10.0.0.0__b03f5f7f11d50a3a\10.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VCProject\10.0.0.0__b03f5f7f11d50a3a\10.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VCProjectEngine\10.0.0.0__b03f5f7f11d50a3a\10.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VSHelp\7.0.3300.0__b03f5f7f11d50a3a\7.0.3300.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.VSHelp80\8.0.0.0__b03f5f7f11d50a3a\8.0.0.0__b03f5f7f11d50a3a`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Debug\Debug.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Debug\UserMode\UserMode.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Downloaded Program Files\Downloaded Program Files.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Fonts\Fonts.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Help\Help.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\Installer.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\tsclientmsitrans\tsclientmsitrans.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\{8DC42D05-680B-41B0-8878-6C14D24602DB}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{8DD6892C-C9A8-404B-95ED-1CCE15324178}\{8DD6892C-C9A8-404B-95ED-1CCE15324178}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\{90120000-006E-0409-0000-0000000FF1CE}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{90120000-00A4-0409-0000-0000000FF1CE}\{90120000-00A4-0409-0000-0000000FF1CE}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\{90140000-0011-0000-0000-0000000FF1CE}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{90140000-006E-0409-0000-0000000FF1CE}\{90140000-006E-0409-0000-0000000FF1CE}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{90140000-006E-0416-0000-0000000FF1CE}\{90140000-006E-0416-0000-0000000FF1CE}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{51846830-E7B2-4218-8968-B77F0FF475B8}\{51846830-E7B2-4218-8968-B77F0FF475B8}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{5F590D74-AA75-410F-A778-3CDFCE12DCD4}\{5F590D74-AA75-410F-A778-3CDFCE12DCD4}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\{9074AFC0-CFDA-11DE-B484-005056806466}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}\{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{26A24AE4-039D-4CA4-87B4-2F83216031FF}\{26A24AE4-039D-4CA4-87B4-2F83216031FF}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}\{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{2EAF7E61-068E-11DF-953C-005056806466}\{2EAF7E61-068E-11DF-953C-005056806466}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{32939827-D8E5-470A-B126-870DB3C69FDF}\{32939827-D8E5-470A-B126-870DB3C69FDF}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{3499A6DB-7D6D-4F17-9AF1-CFB5CAF7BF6E}\{3499A6DB-7D6D-4F17-9AF1-CFB5CAF7BF6E}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{37389AE2-DCC5-41BE-9891-7054B187DE5C}\{37389AE2-DCC5-41BE-9891-7054B187DE5C}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{3A9FC03D-C685-4831-94CF-4EDFD3749497}\{3A9FC03D-C685-4831-94CF-4EDFD3749497}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{401DFCAB-01BF-480E-BA0F-EA2F01CADC09}\{401DFCAB-01BF-480E-BA0F-EA2F01CADC09}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{40345A8F-3B72-44DE-814F-72E8A52B1161}\{40345A8F-3B72-44DE-814F-72E8A52B1161}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{4286E640-B5FB-11DF-AC4B-005056C00008}\{4286E640-B5FB-11DF-AC4B-005056C00008}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{C084BC61-E537-11DE-8616-005056806466}\{C084BC61-E537-11DE-8616-005056806466}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}\{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{C950420B-4182-49EA-850A-A6A2ABF06C6B}\{C950420B-4182-49EA-850A-A6A2ABF06C6B}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}\{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{D0D3BFE5-5215-41BD-B82E-81D7FB6A9166}\{D0D3BFE5-5215-41BD-B82E-81D7FB6A9166}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{D690AF5F-137E-4A3D-B78F-AD1CD40C1A56}\{D690AF5F-137E-4A3D-B78F-AD1CD40C1A56}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{52A73A2E-2478-45E5-A390-8C0A6F525678}\{52A73A2E-2478-45E5-A390-8C0A6F525678}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{55D9E026-DCB0-46FF-B60A-68B972228CF6}\{55D9E026-DCB0-46FF-B60A-68B972228CF6}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{5783F2D7-8001-0409-0002-0060B0CE6BBA}\{5783F2D7-8001-0409-0002-0060B0CE6BBA}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{5783F2D7-8001-0409-1002-0060B0CE6BBA}\{5783F2D7-8001-0409-1002-0060B0CE6BBA}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{5A13987D-55F4-4271-A40E-76AC9B1B38FD}\{5A13987D-55F4-4271-A40E-76AC9B1B38FD}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{5E92F228-D057-4F97-BD86-60CC44FFD664}\{5E92F228-D057-4F97-BD86-60CC44FFD664}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}\{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{E1ACFF16-2555-48B0-8EFB-008818A42613}\{E1ACFF16-2555-48B0-8EFB-008818A42613}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{E7004147-2CCA-431C-AA05-2AB166B9785D}\{E7004147-2CCA-431C-AA05-2AB166B9785D}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{F5794D29-B9C9-4F99-9569-34CC2555B9A8}\{F5794D29-B9C9-4F99-9569-34CC2555B9A8}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\{F7B0939E-58DF-11DF-B3A6-005056806466}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}\{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{0046FA01-C5B9-4985-BACB-398DC480FC05}\{0046FA01-C5B9-4985-BACB-398DC480FC05}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\{048298C9-A4D3-490B-9FF9-AB023A9238F3}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\{08C0729E-3E50-11DF-9D81-005056806466}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{093DC023-51FD-4D04-B10E-19EE1F70F421}\{093DC023-51FD-4D04-B10E-19EE1F70F421}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{0E6B3568-2337-4429-9E14-0D9D8157D45A}\{0E6B3568-2337-4429-9E14-0D9D8157D45A}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{0FFC026D-9906-441B-9EDA-5C0668927407}\{0FFC026D-9906-441B-9EDA-5C0668927407}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{75157F34-02C6-4831-BD66-3BC49E7A8394}\{75157F34-02C6-4831-BD66-3BC49E7A8394}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{7A7B3764-7F17-4AB1-A1D3-3B01F5F07445}\{7A7B3764-7F17-4AB1-A1D3-3B01F5F07445}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{7ADB1002-9FAC-4EF0-8EC0-57A0D7CB5355}\{7ADB1002-9FAC-4EF0-8EC0-57A0D7CB5355}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\{7BE15435-2D3E-4B58-867F-9C75BED0208C}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{87DF5956-A327-4304-8338-8E2B0AAB843E}\{87DF5956-A327-4304-8338-8E2B0AAB843E}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{95655ED4-7CA5-46DF-907F-7144877A32E5}\{95655ED4-7CA5-46DF-907F-7144877A32E5}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{A83279FD-CA4B-4206-9535-90974DE76654}\{A83279FD-CA4B-4206-9535-90974DE76654}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{A8567E18-9E80-4EA3-A5C1-A6186C86F2CC}\{A8567E18-9E80-4EA3-A5C1-A6186C86F2CC}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{A8B94669-8654-4126-BD28-D0D2412CDED6}\{A8B94669-8654-4126-BD28-D0D2412CDED6}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Installer\{B700113B-24A8-4D4C-8484-0CC944F764C8}\{B700113B-24A8-4D4C-8484-0CC944F764C8}.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Media\Media.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\Framework.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\v1.0.3705`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\v1.1.4322`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\v2.0.50727`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\1033.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\ASP.NETWebAdminFiles`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\CONFIG.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SubsetList\SubsetList.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RedistList\RedistList.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild\MSBuild.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Windows Communication Foundation.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\Windows Workflow Foundation.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\WPF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.5\v3.5`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.5\1033\1033.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\Microsoft .NET Framework 3.5 SP1`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.5\MOF\MOF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.5\MSBuild\MSBuild.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\Windows Presentation Foundation.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\v4.0.30319`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\1033\1033.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ASP.NETWebAdminFiles\ASP.NETWebAdminFiles`.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Config\Config.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MOF\MOF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\MSBuild\MSBuild.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPF.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\system\system.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Tasks\Tasks.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\WINDOWS\Web\Web.exe (Worm.Brontok) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\My Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.0\Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.1\Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\My Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\My Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\My Documents\My Music\My Music.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\Administrator\My Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.0\Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users.WINDOWS.1\Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\All Users\Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\ghjk\My Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\NetworkService\My Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\My Documents\My Pictures\My Pictures.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
J:\Program Files\MSN\MSN.exe (Trojan.Agent) -> Quarantined and deleted successfully.
J:\Documents and Settings\Srira\Templates\A.kotnorB.com (Worm.Brontok.Gen) -> Quarantined and deleted successfully.

(end)

Hoov · « **Reply #8 on:** May 26, 2012, 06:19:05 AM »

WOW! I was expecting a half dozen entries tops.

Do you know that on access scanning is turned off in your virus scanner? How is your computer running now?

ssamson89 · « **Reply #9 on:** May 29, 2012, 07:22:24 PM »

Sorry about the long wait I was out of town for a few days.

I was pretty surprised at the number too, because MSE hadn't found anything for a while. I turned off access scanning for one of the brontok removers while I turned off my internet connection. After reconnecting i forgot to turn it back on, it was only down for a few hours at the most.

Some programs still seem to get disabled after I restart my computer. When I try to open them it just opens the My Documents folder. This happened to VLC player, Winamp, Foxit Reader, and WinRAR. I reinstalled the programs and they worked until I restarted the computer. Now they are repeating the previous behavior, just opening the My Documents folder everytime I try to run them.

Hoov · « **Reply #10 on:** May 29, 2012, 08:34:15 PM »

If you open windows explorer and go to the folder the program is installed in, and click on the exe file will the program start?

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on click on the change parameters option.
Once you are in there, check all four boxes and then click on the OK button.
Now click the Start Scan button.
This is what you will see during the scan,

and this is what you will see when the scan is done if any threats are found. Don't change any of the recommended actions. Click the continue button.
Once the fix is done you might see this,

or it may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

ssamson89 · « **Reply #11 on:** May 29, 2012, 09:38:21 PM »

I tried to start Foxit Reader from the program files .exe, it just opened the My Documents folder. Oddly Foxit and the other programs with similar symptoms all have Folder thumbnails for their .exe instead of their old logos.

20:31:49.0449 1648   TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
20:31:49.0949 1648   ============================================================
20:31:49.0949 1648   Current date / time: 2012/05/29 20:31:49.0949
20:31:49.0949 1648   SystemInfo:
20:31:49.0949 1648
20:31:49.0949 1648   OS Version: 5.1.2600 ServicePack: 3.0
20:31:49.0949 1648   Product type: Workstation
20:31:49.0949 1648   ComputerName: ARES
20:31:49.0949 1648   UserName: Srira
20:31:49.0949 1648   Windows directory: J:\WINDOWS
20:31:49.0949 1648   System windows directory: J:\WINDOWS
20:31:49.0949 1648   Processor architecture: Intel x86
20:31:49.0949 1648   Number of processors: 2
20:31:49.0949 1648   Page size: 0x1000
20:31:49.0949 1648   Boot type: Normal boot
20:31:49.0949 1648   ============================================================
20:31:58.0074 1648   Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:31:58.0340 1648   Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:31:58.0371 1648   Drive \Device\Harddisk2\DR2 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:31:58.0403 1648   ============================================================
20:31:58.0403 1648   \Device\Harddisk0\DR0:
20:31:58.0403 1648   MBR partitions:
20:31:58.0403 1648   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D37F873
20:31:58.0403 1648   \Device\Harddisk1\DR1:
20:31:58.0559 1648   MBR partitions:
20:31:58.0559 1648   \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
20:31:58.0559 1648   \Device\Harddisk2\DR2:
20:31:58.0559 1648   MBR partitions:
20:31:58.0559 1648   \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x4A61E37
20:31:58.0559 1648   ============================================================
20:31:58.0590 1648   F: <-> \Device\Harddisk2\DR2\Partition0
20:31:58.0778 1648   I: <-> \Device\Harddisk0\DR0\Partition0
20:31:59.0371 1648   J: <-> \Device\Harddisk1\DR1\Partition0
20:31:59.0371 1648   ============================================================
20:31:59.0371 1648   Initialize success
20:31:59.0371 1648   ============================================================
20:32:33.0871 5244   ============================================================
20:32:33.0871 5244   Scan started
20:32:33.0871 5244   Mode: Manual; SigCheck; TDLFS;
20:32:33.0871 5244   ============================================================
20:32:35.0356 5244   Abiosdsk - ok
20:32:35.0371 5244   abp480n5 - ok
20:32:35.0434 5244   ACPI (8fd99680a539792a30e97944fdaecf17) J:\WINDOWS\system32\DRIVERS\ACPI.sys
20:32:37.0856 5244   ACPI - ok
20:32:37.0903 5244   ACPIEC (9859c0f6936e723e4892d7141b1327d5) J:\WINDOWS\system32\drivers\ACPIEC.sys
20:32:38.0074 5244   ACPIEC - ok
20:32:38.0074 5244   adpu160m - ok
20:32:38.0106 5244   aec (8bed39e3c35d6a489438b8141717a557) J:\WINDOWS\system32\drivers\aec.sys
20:32:38.0215 5244   aec - ok
20:32:38.0246 5244   AegisP (2f7f3e8da380325866e566f5d5ec23d5) J:\WINDOWS\system32\DRIVERS\AegisP.sys
20:32:38.0340 5244   AegisP ( UnsignedFile.Multi.Generic ) - warning
20:32:38.0340 5244   AegisP - detected UnsignedFile.Multi.Generic (1)
20:32:38.0403 5244   AFD (1e44bc1e83d8fd2305f8d452db109cf9) J:\WINDOWS\System32\drivers\afd.sys
20:32:38.0481 5244   AFD - ok
20:32:38.0481 5244   Aha154x - ok
20:32:38.0481 5244   aic78u2 - ok
20:32:38.0481 5244   aic78xx - ok
20:32:38.0574 5244   Alerter (a9a3daa780ca6c9671a19d52456705b4) J:\WINDOWS\system32\alrsvc.dll
20:32:38.0699 5244   Alerter - ok
20:32:38.0715 5244   ALG (8c515081584a38aa007909cd02020b3d) J:\WINDOWS\System32\alg.exe
20:32:38.0918 5244   ALG - ok
20:32:38.0918 5244   AliIde - ok
20:32:38.0934 5244   amsint - ok
20:32:39.0028 5244   Apple Mobile Device (70d7be78061126dd0c3accdb7e129017) J:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:32:39.0090 5244   Apple Mobile Device - ok
20:32:39.0121 5244   AppMgmt (d8849f77c0b66226335a59d26cb4edc6) J:\WINDOWS\System32\appmgmts.dll
20:32:39.0293 5244   AppMgmt - ok
20:32:39.0340 5244   Arp1394 (b5b8a80875c1dededa8b02765642c32f) J:\WINDOWS\system32\DRIVERS\arp1394.sys
20:32:39.0590 5244   Arp1394 - ok
20:32:39.0590 5244   asc - ok
20:32:39.0590 5244   asc3350p - ok
20:32:39.0590 5244   asc3550 - ok
20:32:39.0715 5244   aspnet_state (776acefa0ca9df0faa51a5fb2f435705) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:32:39.0871 5244   aspnet_state - ok
20:32:39.0887 5244   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) J:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:32:39.0996 5244   AsyncMac - ok
20:32:40.0043 5244   atapi (9f3a2f5aa6875c72bf062c712cfa2674) J:\WINDOWS\system32\DRIVERS\atapi.sys
20:32:40.0168 5244   atapi - ok
20:32:40.0168 5244   Atdisk - ok
20:32:40.0199 5244   Atmarpc (9916c1225104ba14794209cfa8012159) J:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:32:40.0309 5244   Atmarpc - ok
20:32:40.0324 5244   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) J:\WINDOWS\System32\audiosrv.dll
20:32:40.0465 5244   AudioSrv - ok
20:32:40.0512 5244   audstub (d9f724aa26c010a217c97606b160ed68) J:\WINDOWS\system32\DRIVERS\audstub.sys
20:32:40.0621 5244   audstub - ok
20:32:40.0668 5244   Beep (da1f27d85e0d1525f6621372e7b685e9) J:\WINDOWS\system32\drivers\Beep.sys
20:32:40.0793 5244   Beep - ok
20:32:40.0856 5244   BITS (574738f61fca2935f5265dc4e5691314) J:\WINDOWS\system32\qmgr.dll
20:32:40.0996 5244   BITS - ok
20:32:41.0074 5244   Bonjour Service (673cf4f6bb1fbe09331b526802fbb892) J:\Program Files\Bonjour\mDNSResponder.exe
20:32:41.0215 5244   Bonjour Service - ok
20:32:41.0387 5244   Browser (a06ce3399d16db864f55faeb1f1927a9) J:\WINDOWS\System32\browser.dll
20:32:41.0543 5244   Browser - ok
20:32:41.0543 5244   catchme - ok
20:32:41.0574 5244   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) J:\WINDOWS\system32\drivers\cbidf2k.sys
20:32:41.0668 5244   cbidf2k - ok
20:32:41.0668 5244   cd20xrnt - ok
20:32:41.0762 5244   Cdaudio (c1b486a7658353d33a10cc15211a873b) J:\WINDOWS\system32\drivers\Cdaudio.sys
20:32:41.0887 5244   Cdaudio - ok
20:32:41.0934 5244   Cdfs (c885b02847f5d2fd45a24e219ed93b32) J:\WINDOWS\system32\drivers\Cdfs.sys
20:32:42.0043 5244   Cdfs - ok
20:32:42.0074 5244   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) J:\WINDOWS\system32\DRIVERS\cdrom.sys
20:32:42.0199 5244   Cdrom - ok
20:32:42.0278 5244   CDRPDACC (30b37c18e1725eb9f25039e9a1fb9b7e) J:\Program Files\Quintessential Media Player\cdrpdacc.sys
20:32:42.0293 5244   CDRPDACC ( UnsignedFile.Multi.Generic ) - warning
20:32:42.0293 5244   CDRPDACC - detected UnsignedFile.Multi.Generic (1)
20:32:42.0293 5244   Changer - ok
20:32:42.0324 5244   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) J:\WINDOWS\system32\cisvc.exe
20:32:42.0434 5244   CiSvc - ok
20:32:42.0465 5244   ClipSrv (34cbe729f38138217f9c80212a2a0c82) J:\WINDOWS\system32\clipsrv.exe
20:32:42.0590 5244   ClipSrv - ok
20:32:42.0699 5244   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:32:43.0106 5244   clr_optimization_v2.0.50727_32 - ok
20:32:43.0715 5244   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:32:43.0824 5244   clr_optimization_v4.0.30319_32 - ok
20:32:43.0824 5244   CmdIde - ok
20:32:43.0840 5244   COMSysApp - ok
20:32:43.0965 5244   CoordinatorServiceHost (f46ff007508c32788d8d5f32f27c25c7) J:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
20:32:44.0028 5244   CoordinatorServiceHost - ok
20:32:44.0028 5244   Cpqarray - ok
20:32:44.0043 5244   cpuz130 - ok
20:32:44.0106 5244   CryptSvc (3d4e199942e29207970e04315d02ad3b) J:\WINDOWS\System32\cryptsvc.dll
20:32:44.0246 5244   CryptSvc - ok
20:32:44.0246 5244   dac2w2k - ok
20:32:44.0246 5244   dac960nt - ok
20:32:44.0309 5244   DcomLaunch (6b27a5c03dfb94b4245739065431322c) J:\WINDOWS\system32\rpcss.dll
20:32:44.0434 5244   DcomLaunch - ok
20:32:44.0465 5244   Dhcp (5e38d7684a49cacfb752b046357e0589) J:\WINDOWS\System32\dhcpcsvc.dll
20:32:44.0590 5244   Dhcp - ok
20:32:44.0653 5244   Disk (044452051f3e02e7963599fc8f4f3e25) J:\WINDOWS\system32\DRIVERS\disk.sys
20:32:44.0746 5244   Disk - ok
20:32:44.0746 5244   dmadmin - ok
20:32:44.0934 5244   dmboot (d992fe1274bde0f84ad826acae022a41) J:\WINDOWS\system32\drivers\dmboot.sys
20:32:45.0153 5244   dmboot - ok
20:32:45.0168 5244   dmio (7c824cf7bbde77d95c08005717a95f6f) J:\WINDOWS\system32\drivers\dmio.sys
20:32:45.0262 5244   dmio - ok
20:32:45.0293 5244   dmload (e9317282a63ca4d188c0df5e09c6ac5f) J:\WINDOWS\system32\drivers\dmload.sys
20:32:45.0387 5244   dmload - ok
20:32:45.0418 5244   dmserver (57edec2e5f59f0335e92f35184bc8631) J:\WINDOWS\System32\dmserver.dll
20:32:45.0512 5244   dmserver - ok
20:32:45.0574 5244   DMusic (8a208dfcf89792a484e76c40e5f50b45) J:\WINDOWS\system32\drivers\DMusic.sys
20:32:45.0699 5244   DMusic - ok
20:32:45.0715 5244   Dnscache (5f7e24fa9eab896051ffb87f840730d2) J:\WINDOWS\System32\dnsrslvr.dll
20:32:45.0871 5244   Dnscache - ok
20:32:45.0934 5244   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) J:\WINDOWS\System32\dot3svc.dll
20:32:46.0106 5244   Dot3svc - ok
20:32:46.0106 5244   dpti2o - ok
20:32:46.0121 5244   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) J:\WINDOWS\system32\drivers\drmkaud.sys
20:32:46.0215 5244   drmkaud - ok
20:32:46.0215 5244   EapHost (2187855a7703adef0cef9ee4285182cc) J:\WINDOWS\System32\eapsvc.dll
20:32:46.0340 5244   EapHost - ok
20:32:46.0371 5244   ERSvc (bc93b4a066477954555966d77fec9ecb) J:\WINDOWS\System32\ersvc.dll
20:32:46.0449 5244   ERSvc - ok
20:32:46.0481 5244   Eventlog (65df52f5b8b6e9bbd183505225c37315) J:\WINDOWS\system32\services.exe
20:32:46.0543 5244   Eventlog - ok
20:32:46.0574 5244   EventSystem (d4991d98f2db73c60d042f1aef79efae) J:\WINDOWS\System32\es.dll
20:32:46.0653 5244   EventSystem - ok
20:32:46.0684 5244   Fastfat (38d332a6d56af32635675f132548343e) J:\WINDOWS\system32\drivers\Fastfat.sys
20:32:46.0778 5244   Fastfat - ok
20:32:46.0824 5244   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) J:\WINDOWS\System32\shsvcs.dll
20:32:46.0934 5244   FastUserSwitchingCompatibility - ok
20:32:46.0981 5244   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) J:\WINDOWS\system32\DRIVERS\fdc.sys
20:32:47.0121 5244   Fdc - ok
20:32:47.0168 5244   Fips (d45926117eb9fa946a6af572fbe1caa3) J:\WINDOWS\system32\drivers\Fips.sys
20:32:47.0403 5244   Fips - ok
20:32:47.0559 5244   FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) J:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:32:47.0934 5244   FLEXnet Licensing Service - ok
20:32:48.0043 5244   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) J:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:32:48.0168 5244   Flpydisk - ok
20:32:48.0231 5244   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) J:\WINDOWS\system32\drivers\fltmgr.sys
20:32:48.0340 5244   FltMgr - ok
20:32:48.0496 5244   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) J:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:32:48.0574 5244   FontCache3.0.0.0 - ok
20:32:48.0606 5244   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) J:\WINDOWS\system32\drivers\Fs_Rec.sys
20:32:48.0699 5244   Fs_Rec - ok
20:32:48.0715 5244   Ftdisk (6ac26732762483366c3969c9e4d2259d) J:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:32:48.0840 5244   Ftdisk - ok
20:32:48.0903 5244   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) J:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:32:48.0934 5244   GEARAspiWDM - ok
20:32:48.0981 5244   giveio (77ebf3e9386daa51551af429052d88d0) J:\WINDOWS\system32\giveio.sys
20:32:49.0012 5244   giveio ( UnsignedFile.Multi.Generic ) - warning
20:32:49.0012 5244   giveio - detected UnsignedFile.Multi.Generic (1)
20:32:49.0121 5244   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) J:\WINDOWS\system32\DRIVERS\msgpc.sys
20:32:49.0434 5244   Gpc - ok
20:32:49.0590 5244   gupdate1c99ac056567ada (626a24ed1228580b9518c01930936df9) J:\Program Files\Google\Update\GoogleUpdate.exe
20:32:49.0653 5244   gupdate1c99ac056567ada - ok
20:32:49.0653 5244   gupdatem (626a24ed1228580b9518c01930936df9) J:\Program Files\Google\Update\GoogleUpdate.exe
20:32:49.0699 5244   gupdatem - ok
20:32:49.0731 5244   gusvc (408ddd80eede47175f6844817b90213e) J:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:32:49.0809 5244   gusvc - ok
20:32:49.0871 5244   HDAudBus (3fcc124b6e08ee0e9351f717dd136939) J:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:32:49.0949 5244   HDAudBus ( UnsignedFile.Multi.Generic ) - warning
20:32:49.0949 5244   HDAudBus - detected UnsignedFile.Multi.Generic (1)
20:32:49.0996 5244   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) J:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:32:50.0106 5244   helpsvc - ok
20:32:50.0106 5244   HidServ - ok
20:32:50.0137 5244   hidusb (ccf82c5ec8a7326c3066de870c06daf1) J:\WINDOWS\system32\DRIVERS\hidusb.sys
20:32:50.0231 5244   hidusb - ok
20:32:50.0278 5244   hkmsvc (8878bd685e490239777bfe51320b88e9) J:\WINDOWS\System32\kmsvc.dll
20:32:50.0449 5244   hkmsvc - ok
20:32:50.0449 5244   hpn - ok
20:32:50.0481 5244   HTTP (f80a415ef82cd06ffaf0d971528ead38) J:\WINDOWS\system32\Drivers\HTTP.sys
20:32:50.0559 5244   HTTP - ok
20:32:50.0621 5244   HTTPFilter (6100a808600f44d999cebdef8841c7a3) J:\WINDOWS\System32\w3ssl.dll
20:32:50.0731 5244   HTTPFilter - ok
20:32:50.0731 5244   i2omgmt - ok
20:32:50.0731 5244   i2omp - ok
20:32:50.0746 5244   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) J:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:32:50.0856 5244   i8042prt - ok
20:32:50.0996 5244   idsvc (c01ac32dc5c03076cfb852cb5da5229c) J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:32:51.0106 5244   idsvc - ok
20:32:51.0153 5244   IFP700 (7d19431e613a70262e5586fa76bb29f0) J:\WINDOWS\system32\drivers\ifp700.sys
20:32:51.0215 5244   IFP700 ( UnsignedFile.Multi.Generic ) - warning
20:32:51.0215 5244   IFP700 - detected UnsignedFile.Multi.Generic (1)
20:32:51.0278 5244   IISADMIN (db3c22745c0da4666f3be31f1af36b2f) J:\WINDOWS\system32\inetsrv\inetinfo.exe
20:32:51.0371 5244   IISADMIN - ok
20:32:51.0387 5244   Imapi (083a052659f5310dd8b6a6cb05edcf8e) J:\WINDOWS\system32\DRIVERS\imapi.sys
20:32:51.0512 5244   Imapi - ok
20:32:51.0559 5244   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) J:\WINDOWS\system32\imapi.exe
20:32:51.0731 5244   ImapiService - ok
20:32:51.0731 5244   ini910u - ok
20:32:52.0153 5244   IntcAzAudAddService (b29781b9a90cd55fc5d859c0b1c243bc) J:\WINDOWS\system32\drivers\RtkHDAud.sys
20:32:52.0434 5244   IntcAzAudAddService - ok
20:32:52.0637 5244   IntelIde - ok
20:32:52.0668 5244   intelppm (8c953733d8f36eb2133f5bb58808b66b) J:\WINDOWS\system32\DRIVERS\intelppm.sys
20:32:52.0778 5244   intelppm - ok
20:32:52.0871 5244   ip6fw (3bb22519a194418d5fec05d800a19ad0) J:\WINDOWS\system32\drivers\ip6fw.sys
20:32:52.0996 5244   ip6fw - ok
20:32:53.0043 5244   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) J:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:32:53.0153 5244   IpFilterDriver - ok
20:32:53.0168 5244   IpInIp (b87ab476dcf76e72010632b5550955f5) J:\WINDOWS\system32\DRIVERS\ipinip.sys
20:32:53.0278 5244   IpInIp - ok
20:32:53.0293 5244   IpNat (cc748ea12c6effde940ee98098bf96bb) J:\WINDOWS\system32\DRIVERS\ipnat.sys
20:32:53.0403 5244   IpNat - ok
20:32:53.0465 5244   iPod Service (32cdedd15e2d1a557cd54552ae78ff86) J:\Program Files\iPod\bin\iPodService.exe
20:32:53.0606 5244   iPod Service - ok
20:32:53.0653 5244   IPSec (23c74d75e36e7158768dd63d92789a91) J:\WINDOWS\system32\DRIVERS\ipsec.sys
20:32:53.0778 5244   IPSec - ok
20:32:53.0824 5244   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) J:\WINDOWS\system32\DRIVERS\irenum.sys
20:32:53.0903 5244   IRENUM - ok
20:32:53.0949 5244   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) J:\WINDOWS\system32\DRIVERS\isapnp.sys
20:32:54.0074 5244   isapnp - ok
20:32:54.0168 5244   JavaQuickStarterService (0a5709543986843d37a92290b7838340) J:\Program Files\Java\jre6\bin\jqs.exe
20:32:54.0434 5244   JavaQuickStarterService - ok
20:32:54.0449 5244   Kbdclass (463c1ec80cd17420a542b7f36a36f128) J:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:32:54.0559 5244   Kbdclass - ok
20:32:54.0559 5244   kbdhid (9ef487a186dea361aa06913a75b3fa99) J:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:32:54.0684 5244   kbdhid - ok
20:32:54.0699 5244   kmixer (692bcf44383d056aed41b045a323d378) J:\WINDOWS\system32\drivers\kmixer.sys
20:32:54.0856 5244   kmixer - ok
20:32:54.0871 5244   KSecDD (b467646c54cc746128904e1654c750c1) J:\WINDOWS\system32\drivers\KSecDD.sys
20:32:54.0981 5244   KSecDD - ok
20:32:55.0028 5244   lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) J:\WINDOWS\System32\srvsvc.dll
20:32:55.0090 5244   lanmanserver - ok
20:32:56.0403 5244   lanmanworkstation (a8888a5327621856c0cec4e385f69309) J:\WINDOWS\System32\wkssvc.dll
20:32:56.0543 5244   lanmanworkstation - ok
20:32:56.0543 5244   lbrtfdc - ok
20:32:56.0653 5244   LmHosts (a7db739ae99a796d91580147e919cc59) J:\WINDOWS\System32\lmhsvc.dll
20:32:56.0762 5244   LmHosts - ok
20:32:56.0856 5244   MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) J:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:32:57.0106 5244   MBAMSwissArmy - ok
20:32:57.0137 5244   Messenger (986b1ff5814366d71e0ac5755c88f2d3) J:\WINDOWS\System32\msgsvc.dll
20:32:57.0246 5244   Messenger - ok
20:32:57.0293 5244   Microsoft SharePoint Workspace Audit Service - ok
20:32:57.0324 5244   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) J:\WINDOWS\system32\drivers\mnmdd.sys
20:32:57.0418 5244   mnmdd - ok
20:32:57.0449 5244   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) J:\WINDOWS\System32\mnmsrvc.exe
20:32:57.0559 5244   mnmsrvc - ok
20:32:57.0590 5244   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) J:\WINDOWS\system32\drivers\Modem.sys
20:32:57.0684 5244   Modem - ok
20:32:57.0715 5244   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) J:\WINDOWS\system32\DRIVERS\mouclass.sys
20:32:57.0824 5244   Mouclass - ok
20:32:57.0856 5244   mouhid (b1c303e17fb9d46e87a98e4ba6769685) J:\WINDOWS\system32\DRIVERS\mouhid.sys
20:32:57.0949 5244   mouhid - ok
20:32:57.0996 5244   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) J:\WINDOWS\system32\drivers\MountMgr.sys
20:32:58.0106 5244   MountMgr - ok
20:32:58.0153 5244   MpFilter (fee0baded54222e9f1dae9541212aab1) J:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:32:58.0215 5244   MpFilter - ok
20:32:58.0356 5244   MpKsl8f120cae (a69630d039c38018689190234f866d77) j:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9A3225BB-418E-45F2-8F5B-53DE3B680B86}\MpKsl8f120cae.sys
20:32:58.0371 5244   MpKsl8f120cae - ok
20:32:58.0371 5244   mraid35x - ok
20:32:58.0387 5244   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) J:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:32:58.0512 5244   MRxDAV - ok
20:32:58.0543 5244   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) J:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:32:58.0621 5244   MRxSmb - ok
20:32:58.0653 5244   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) J:\WINDOWS\System32\msdtc.exe
20:32:58.0762 5244   MSDTC - ok
20:32:58.0778 5244   Msfs (c941ea2454ba8350021d774daf0f1027) J:\WINDOWS\system32\drivers\Msfs.sys
20:32:58.0903 5244   Msfs - ok
20:32:58.0903 5244   MSIServer - ok
20:32:58.0934 5244   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) J:\WINDOWS\system32\drivers\MSKSSRV.sys
20:32:59.0043 5244   MSKSSRV - ok
20:32:59.0106 5244   MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) j:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:32:59.0137 5244   MsMpSvc - ok
20:32:59.0153 5244   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) J:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:32:59.0262 5244   MSPCLOCK - ok
20:32:59.0340 5244   MSPQM (bad59648ba099da4a17680b39730cb3d) J:\WINDOWS\system32\drivers\MSPQM.sys
20:32:59.0496 5244   MSPQM - ok
20:32:59.0715 5244   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) J:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:32:59.0809 5244   mssmbios - ok
20:33:00.0199 5244   msvsmon80 (73fa09b84b23a1897809a84f976d5d99) J:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
20:33:00.0559 5244   msvsmon80 - ok
20:33:00.0715 5244   Mup (de6a75f5c270e756c5508d94b6cf68f5) J:\WINDOWS\system32\drivers\Mup.sys
20:33:00.0793 5244   Mup - ok
20:33:00.0871 5244   napagent (0102140028fad045756796e1c685d695) J:\WINDOWS\System32\qagentrt.dll
20:33:01.0074 5244   napagent - ok
20:33:01.0106 5244   NDIS (1df7f42665c94b825322fae71721130d) J:\WINDOWS\system32\drivers\NDIS.sys
20:33:01.0246 5244   NDIS - ok
20:33:01.0293 5244   NdisTapi (0109c4f3850dfbab279542515386ae22) J:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:33:01.0887 5244   NdisTapi - ok
20:33:01.0903 5244   Ndisuio (f927a4434c5028758a842943ef1a3849) J:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:33:02.0012 5244   Ndisuio - ok
20:33:02.0153 5244   NdisWan (edc1531a49c80614b2cfda43ca8659ab) J:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:33:02.0324 5244   NdisWan - ok
20:33:02.0356 5244   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) J:\WINDOWS\system32\drivers\NDProxy.sys
20:33:02.0387 5244   NDProxy - ok
20:33:02.0387 5244   Net Driver HPZ12 - ok
20:33:02.0403 5244   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) J:\WINDOWS\system32\DRIVERS\netbios.sys
20:33:02.0528 5244   NetBIOS - ok
20:33:02.0543 5244   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) J:\WINDOWS\system32\DRIVERS\netbt.sys
20:33:02.0653 5244   NetBT - ok
20:33:02.0684 5244   NetDDE (b857ba82860d7ff85ae29b095645563b) J:\WINDOWS\system32\netdde.exe
20:33:02.0903 5244   NetDDE - ok
20:33:02.0903 5244   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) J:\WINDOWS\system32\netdde.exe
20:33:03.0028 5244   NetDDEdsdm - ok
20:33:03.0043 5244   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) J:\WINDOWS\system32\lsass.exe
20:33:03.0153 5244   Netlogon - ok
20:33:03.0184 5244   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) J:\WINDOWS\System32\netman.dll
20:33:03.0340 5244   Netman - ok
20:33:03.0481 5244   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) j:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:33:03.0574 5244   NetTcpPortSharing - ok
20:33:03.0606 5244   NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) J:\WINDOWS\system32\DRIVERS\nic1394.sys
20:33:03.0731 5244   NIC1394 - ok
20:33:03.0856 5244   Nla (943337d786a56729263071623bbb9de5) J:\WINDOWS\System32\mswsock.dll
20:33:03.0965 5244   Nla - ok
20:33:03.0981 5244   Npfs (3182d64ae053d6fb034f44b6def8034a) J:\WINDOWS\system32\drivers\Npfs.sys
20:33:04.0090 5244   Npfs - ok
20:33:04.0168 5244   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) J:\WINDOWS\system32\drivers\Ntfs.sys
20:33:04.0293 5244   Ntfs - ok
20:33:04.0293 5244   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) J:\WINDOWS\System32\lsass.exe
20:33:04.0403 5244   NtLmSsp - ok
20:33:04.0481 5244   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) J:\WINDOWS\system32\ntmssvc.dll
20:33:04.0621 5244   NtmsSvc - ok
20:33:04.0653 5244   Null (73c1e1f395918bc2c6dd67af7591a3ad) J:\WINDOWS\system32\drivers\Null.sys
20:33:04.0809 5244   Null - ok
20:33:05.0231 5244   nv (83780f3a86d2804912f22f6e37cd2254) J:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:33:05.0496 5244   nv - ok
20:33:05.0668 5244   NVSvc (42321ac5448078131903b272e6c49024) J:\WINDOWS\System32\nvsvc32.exe
20:33:05.0778 5244   NVSvc - ok
20:33:05.0824 5244   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) J:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:33:05.0918 5244   NwlnkFlt - ok
20:33:05.0949 5244   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) J:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:33:06.0090 5244   NwlnkFwd - ok
20:33:06.0262 5244   ohci1394 (ca33832df41afb202ee7aeb05145922f) J:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:33:06.0387 5244   ohci1394 - ok
20:33:06.0496 5244   ose (9d10f99a6712e28f8acd5641e3a7ea6b) J:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:33:06.0559 5244   ose - ok
20:33:06.0731 5244   osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) J:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:33:07.0153 5244   osppsvc - ok
20:33:07.0246 5244   Parport (5575faf8f97ce5e713d108c2a58d7c7c) J:\WINDOWS\system32\DRIVERS\parport.sys
20:33:07.0356 5244   Parport - ok
20:33:07.0418 5244   PartMgr (beb3ba25197665d82ec7065b724171c6) J:\WINDOWS\system32\drivers\PartMgr.sys
20:33:07.0809 5244   PartMgr - ok
20:33:07.0840 5244   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) J:\WINDOWS\system32\drivers\ParVdm.sys
20:33:07.0981 5244   ParVdm - ok
20:33:08.0059 5244   PCI (a219903ccf74233761d92bef471a07b1) J:\WINDOWS\system32\DRIVERS\pci.sys
20:33:08.0262 5244   PCI - ok
20:33:08.0278 5244   PCIDump - ok
20:33:08.0278 5244   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) J:\WINDOWS\system32\DRIVERS\pciide.sys
20:33:08.0387 5244   PCIIde - ok
20:33:08.0449 5244   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) J:\WINDOWS\system32\drivers\Pcmcia.sys
20:33:08.0590 5244   Pcmcia - ok
20:33:08.0590 5244   PDCOMP - ok
20:33:08.0590 5244   PDFRAME - ok
20:33:08.0590 5244   PDRELI - ok
20:33:08.0606 5244   PDRFRAME - ok
20:33:08.0606 5244   perc2 - ok
20:33:08.0606 5244   perc2hib - ok
20:33:08.0699 5244   PlugPlay (65df52f5b8b6e9bbd183505225c37315) J:\WINDOWS\system32\services.exe
20:33:08.0731 5244   PlugPlay - ok
20:33:08.0746 5244   Pml Driver HPZ12 - ok
20:33:08.0856 5244   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) J:\WINDOWS\system32\lsass.exe
20:33:08.0934 5244   PolicyAgent - ok
20:33:08.0965 5244   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) J:\WINDOWS\system32\DRIVERS\raspptp.sys
20:33:09.0074 5244   PptpMiniport - ok
20:33:09.0121 5244   Processor (a32bebaf723557681bfc6bd93e98bd26) J:\WINDOWS\system32\DRIVERS\processr.sys
20:33:09.0231 5244   Processor - ok
20:33:09.0246 5244   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) J:\WINDOWS\system32\lsass.exe
20:33:09.0324 5244   ProtectedStorage - ok
20:33:09.0324 5244   PSched (09298ec810b07e5d582cb3a3f9255424) J:\WINDOWS\system32\DRIVERS\psched.sys
20:33:09.0465 5244   PSched - ok
20:33:09.0512 5244   PSI (14e6fb92f1788982e2bbc81d915b1f02) J:\WINDOWS\system32\DRIVERS\psi_mf.sys
20:33:09.0590 5244   PSI - ok
20:33:09.0621 5244   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) J:\WINDOWS\system32\DRIVERS\ptilink.sys
20:33:09.0731 5244   Ptilink - ok
20:33:09.0793 5244   PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) J:\WINDOWS\system32\Drivers\PxHelp20.sys
20:33:09.0840 5244   PxHelp20 - ok
20:33:09.0840 5244   ql1080 - ok
20:33:09.0840 5244   Ql10wnt - ok
20:33:09.0856 5244   ql12160 - ok
20:33:09.0856 5244   ql1240 - ok
20:33:09.0856 5244   ql1280 - ok
20:33:09.0856 5244   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) J:\WINDOWS\system32\DRIVERS\rasacd.sys
20:33:10.0012 5244   RasAcd - ok
20:33:10.0059 5244   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) J:\WINDOWS\System32\rasauto.dll
20:33:10.0324 5244   RasAuto - ok
20:33:10.0324 5244   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) J:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:33:10.0434 5244   Rasl2tp - ok
20:33:10.0481 5244   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) J:\WINDOWS\System32\rasmans.dll
20:33:10.0574 5244   RasMan - ok
20:33:10.0574 5244   RasPppoe (5bc962f2654137c9909c3d4603587dee) J:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:33:10.0699 5244   RasPppoe - ok
20:33:10.0871 5244   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) J:\WINDOWS\system32\DRIVERS\raspti.sys
20:33:10.0996 5244   Raspti - ok
20:33:11.0028 5244   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) J:\WINDOWS\system32\DRIVERS\rdbss.sys
20:33:11.0153 5244   Rdbss - ok
20:33:11.0168 5244   RDPCDD (4912d5b403614ce99c28420f75353332) J:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:33:11.0293 5244   RDPCDD - ok
20:33:11.0340 5244   rdpdr (15cabd0f7c00c47c70124907916af3f1) J:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:33:11.0481 5244   rdpdr - ok
20:33:11.0512 5244   RDPWD (fc105dd312ed64eb66bff111e8ec6eac) J:\WINDOWS\system32\drivers\RDPWD.sys
20:33:11.0653 5244   RDPWD - ok
20:33:11.0699 5244   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) J:\WINDOWS\system32\sessmgr.exe
20:33:11.0871 5244   RDSessMgr - ok
20:33:11.0887 5244   redbook (f828dd7e1419b6653894a8f97a0094c5) J:\WINDOWS\system32\DRIVERS\redbook.sys
20:33:12.0012 5244   redbook - ok
20:33:12.0059 5244   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) J:\WINDOWS\System32\mprdim.dll
20:33:12.0199 5244   RemoteAccess - ok
20:33:12.0246 5244   RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) J:\WINDOWS\system32\regsvc.dll
20:33:12.0371 5244   RemoteRegistry - ok
20:33:12.0496 5244   RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) J:\WINDOWS\system32\Drivers\RimUsb.sys
20:33:12.0606 5244   RimUsb - ok
20:33:12.0699 5244   RimVSerPort (2c4fb2e9f039287767c384e46ee91030) J:\WINDOWS\system32\DRIVERS\RimSerial.sys
20:33:12.0778 5244   RimVSerPort - ok
20:33:12.0824 5244   ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) J:\WINDOWS\system32\Drivers\RootMdm.sys
20:33:12.0934 5244   ROOTMODEM - ok
20:33:12.0996 5244   Roxio UPnP Renderer 11 - ok
20:33:13.0028 5244   RpcLocator (aaed593f84afa419bbae8572af87cf6a) J:\WINDOWS\System32\locator.exe
20:33:13.0153 5244   RpcLocator - ok
20:33:13.0184 5244   RpcSs (6b27a5c03dfb94b4245739065431322c) J:\WINDOWS\System32\rpcss.dll
20:33:13.0231 5244   RpcSs - ok
20:33:13.0262 5244   RSVP (471b3f9741d762abe75e9deea4787e47) J:\WINDOWS\System32\rsvp.exe
20:33:13.0387 5244   RSVP - ok
20:33:13.0465 5244   RT73 (6ea04a4370609e5e1eaeee898a2ab6ac) J:\WINDOWS\system32\DRIVERS\rt73.sys
20:33:13.0903 5244   RT73 - ok
20:33:13.0949 5244   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) J:\WINDOWS\system32\lsass.exe
20:33:14.0043 5244   SamSs - ok
20:33:14.0121 5244   SANDRA (24c68978d48f41084dc00159aa07fab8) J:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x86\Sandra.sys
20:33:14.0153 5244   SANDRA - ok
20:33:14.0184 5244   SandraAgentSrv (3a4ab78a64e391ef3d75be0619eb428a) J:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
20:33:14.0278 5244   SandraAgentSrv - ok
20:33:14.0324 5244   SCardSvr (86d007e7a654b9a71d1d7d856b104353) J:\WINDOWS\System32\SCardSvr.exe
20:33:14.0449 5244   SCardSvr - ok
20:33:14.0481 5244   SCDEmu (612a3d69e603dbbe5c3c1079186a0393) J:\WINDOWS\system32\drivers\SCDEmu.sys
20:33:14.0559 5244   SCDEmu ( UnsignedFile.Multi.Generic ) - warning
20:33:14.0559 5244   SCDEmu - detected UnsignedFile.Multi.Generic (1)
20:33:14.0606 5244   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) J:\WINDOWS\system32\schedsvc.dll
20:33:14.0746 5244   Schedule - ok
20:33:14.0762 5244   Secdrv (90a3935d05b494a5a39d37e71f09a677) J:\WINDOWS\system32\DRIVERS\secdrv.sys
20:33:14.0871 5244   Secdrv - ok
20:33:14.0934 5244   seclogon (cbe612e2bb6a10e3563336191eda1250) J:\WINDOWS\System32\seclogon.dll
20:33:15.0043 5244   seclogon - ok
20:33:15.0059 5244   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) J:\WINDOWS\system32\sens.dll
20:33:15.0153 5244   SENS - ok
20:33:15.0168 5244   serenum (0f29512ccd6bead730039fb4bd2c85ce) J:\WINDOWS\system32\DRIVERS\serenum.sys
20:33:15.0262 5244   serenum - ok
20:33:15.0293 5244   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) J:\WINDOWS\system32\DRIVERS\serial.sys
20:33:15.0418 5244   Serial - ok
20:33:15.0434 5244   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) J:\WINDOWS\system32\drivers\Sfloppy.sys
20:33:15.0528 5244   Sfloppy - ok
20:33:15.0559 5244   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) J:\WINDOWS\System32\ipnathlp.dll
20:33:15.0778 5244   SharedAccess - ok
20:33:15.0809 5244   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) J:\WINDOWS\System32\shsvcs.dll
20:33:15.0871 5244   ShellHWDetection - ok
20:33:15.0934 5244   SilverLink (392834adb35deb199b03ae6a6caab23a) J:\WINDOWS\system32\Drivers\SilvrLnk.sys
20:33:16.0090 5244   SilverLink - ok
20:33:16.0137 5244   Simbad - ok
20:33:16.0168 5244   SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) J:\Program Files\Skype\Updater\Updater.exe
20:33:16.0356 5244   SkypeUpdate - ok
20:33:16.0434 5244   SMTPSVC (db3c22745c0da4666f3be31f1af36b2f) J:\WINDOWS\system32\inetsrv\inetinfo.exe
20:33:16.0528 5244   SMTPSVC - ok
20:33:16.0684 5244   SolidWorks Licensing Service (4945020bc094c322571184a6e8056b3a) J:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
20:33:23.0809 5244   SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:33:23.0809 5244   SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:33:23.0809 5244   Sparrow - ok
20:33:23.0840 5244   speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) J:\WINDOWS\system32\speedfan.sys
20:33:23.0871 5244   speedfan ( UnsignedFile.Multi.Generic ) - warning
20:33:23.0871 5244   speedfan - detected UnsignedFile.Multi.Generic (1)
20:33:23.0887 5244   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) J:\WINDOWS\system32\drivers\splitter.sys
20:33:23.0981 5244   splitter - ok
20:33:24.0012 5244   spooler (60784f891563fb1b767f70117fc2428f) J:\WINDOWS\system32\spoolsv.exe
20:33:24.0059 5244   spooler - ok
20:33:24.0184 5244   sptd (7f1b7c4d446cd3f926af45b8c48bd593) J:\WINDOWS\system32\Drivers\sptd.sys
20:33:24.0606 5244   sptd - ok
20:33:24.0637 5244   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) J:\WINDOWS\system32\DRIVERS\sr.sys
20:33:24.0778 5244   sr - ok
20:33:24.0840 5244   srservice (3805df0ac4296a34ba4bf93b346cc378) J:\WINDOWS\system32\srsvc.dll
20:33:24.0934 5244   srservice - ok
20:33:24.0981 5244   Srv (47ddfc2f003f7f9f0592c6874962a2e7) J:\WINDOWS\system32\DRIVERS\srv.sys
20:33:25.0059 5244   Srv - ok
20:33:25.0059 5244   SSDPSRV (0a5679b3714edab99e357057ee88fca6) J:\WINDOWS\System32\ssdpsrv.dll
20:33:25.0168 5244   SSDPSRV - ok
20:33:25.0231 5244   StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) J:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
20:33:25.0403 5244   StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
20:33:25.0403 5244   StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
20:33:25.0528 5244   stisvc (8bad69cbac032d4bbacfce0306174c30) J:\WINDOWS\system32\wiaservc.dll
20:33:25.0778 5244   stisvc - ok
20:33:25.0809 5244   swenum (3941d127aef12e93addf6fe6ee027e0f) J:\WINDOWS\system32\DRIVERS\swenum.sys
20:33:26.0496 5244   swenum - ok
20:33:26.0512 5244   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) J:\WINDOWS\system32\drivers\swmidi.sys
20:33:26.0637 5244   swmidi - ok
20:33:26.0637 5244   SwPrv - ok
20:33:26.0653 5244   symc810 - ok
20:33:26.0653 5244   symc8xx - ok
20:33:26.0653 5244   sym_hi - ok
20:33:26.0653 5244   sym_u3 - ok
20:33:26.0715 5244   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) J:\WINDOWS\system32\drivers\sysaudio.sys
20:33:26.0809 5244   sysaudio - ok
20:33:26.0840 5244   SysmonLog (c7abbc59b43274b1109df6b24d617051) J:\WINDOWS\system32\smlogsvc.exe
20:33:26.0981 5244   SysmonLog - ok
20:33:27.0059 5244   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) J:\WINDOWS\System32\tapisrv.dll
20:33:27.0199 5244   TapiSrv - ok
20:33:27.0246 5244   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) J:\WINDOWS\system32\DRIVERS\tcpip.sys
20:33:27.0309 5244   Tcpip - ok
20:33:27.0387 5244   TDPIPE (6471a66807f5e104e4885f5b67349397) J:\WINDOWS\system32\drivers\TDPIPE.sys
20:33:27.0481 5244   TDPIPE - ok
20:33:27.0496 5244   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) J:\WINDOWS\system32\drivers\TDTCP.sys
20:33:27.0606 5244   TDTCP - ok
20:33:27.0637 5244   TermDD (88155247177638048422893737429d9e) J:\WINDOWS\system32\DRIVERS\termdd.sys
20:33:27.0762 5244   TermDD - ok
20:33:27.0840 5244   TermService (ff3477c03be7201c294c35f684b3479f) J:\WINDOWS\System32\termsrv.dll
20:33:27.0981 5244   TermService - ok
20:33:28.0106 5244   Themes (99bc0b50f511924348be19c7c7313bbf) J:\WINDOWS\System32\shsvcs.dll
20:33:28.0153 5244   Themes - ok
20:33:28.0184 5244   TlntSvr (db7205804759ff62c34e3efd8a4cc76a) J:\WINDOWS\System32\tlntsvr.exe
20:33:28.0293 5244   TlntSvr - ok
20:33:28.0309 5244   TosIde - ok
20:33:28.0387 5244   TrkWks (55bca12f7f523d35ca3cb833c725f54e) J:\WINDOWS\system32\trkwks.dll
20:33:28.0481 5244   TrkWks - ok
20:33:28.0496 5244   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) J:\WINDOWS\system32\drivers\Udfs.sys
20:33:28.0621 5244   Udfs - ok
20:33:28.0621 5244   ultra - ok
20:33:28.0653 5244   UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) J:\WINDOWS\system32\wdfmgr.exe
20:33:28.0731 5244   UMWdf - ok
20:33:28.0824 5244   UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) J:\Program Files\Unlocker\UnlockerDriver5.sys
20:33:28.0981 5244   UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
20:33:28.0981 5244   UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
20:33:29.0028 5244   Update (402ddc88356b1bac0ee3dd1580c76a31) J:\WINDOWS\system32\DRIVERS\update.sys
20:33:29.0168 5244   Update - ok
20:33:29.0403 5244   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) J:\WINDOWS\System32\upnphost.dll
20:33:29.0528 5244   upnphost - ok
20:33:29.0606 5244   UPS (05365fb38fca1e98f7a566aaaf5d1815) J:\WINDOWS\System32\ups.exe
20:33:29.0731 5244   UPS - ok
20:33:29.0778 5244   usbccgp (173f317ce0db8e21322e71b7e60a27e8) J:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:33:29.0918 5244   usbccgp - ok
20:33:29.0934 5244   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) J:\WINDOWS\system32\DRIVERS\usbehci.sys
20:33:30.0043 5244   usbehci - ok
20:33:30.0106 5244   usbhub (1ab3cdde553b6e064d2e754efe20285c) J:\WINDOWS\system32\DRIVERS\usbhub.sys
20:33:30.0215 5244   usbhub - ok
20:33:30.0231 5244   usbprint (a717c8721046828520c9edf31288fc00) J:\WINDOWS\system32\DRIVERS\usbprint.sys
20:33:30.0356 5244   usbprint - ok
20:33:30.0434 5244   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) J:\WINDOWS\system32\DRIVERS\usbscan.sys
20:33:30.0590 5244   usbscan - ok
20:33:30.0621 5244   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) J:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:33:30.0762 5244   USBSTOR - ok
20:33:30.0778 5244   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) J:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:33:30.0871 5244   usbuhci - ok
20:33:30.0903 5244   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) J:\WINDOWS\System32\drivers\vga.sys
20:33:30.0996 5244   VgaSave - ok
20:33:30.0996 5244   ViaIde - ok
20:33:31.0012 5244   VolSnap (4c8fcb5cc53aab716d810740fe59d025) J:\WINDOWS\system32\drivers\VolSnap.sys
20:33:31.0137 5244   VolSnap - ok
20:33:31.0231 5244   VSS (7a9db3a67c333bf0bd42e42b8596854b) J:\WINDOWS\System32\vssvc.exe
20:33:31.0434 5244   VSS - ok
20:33:31.0449 5244   W32Time (54af4b1d5459500ef0937f6d33b1914f) J:\WINDOWS\system32\w32time.dll
20:33:31.0574 5244   W32Time - ok
20:33:31.0637 5244   W3SVC (db3c22745c0da4666f3be31f1af36b2f) J:\WINDOWS\system32\inetsrv\inetinfo.exe
20:33:31.0731 5244   W3SVC - ok
20:33:31.0778 5244   Wanarp (e20b95baedb550f32dd489265c1da1f6) J:\WINDOWS\system32\DRIVERS\wanarp.sys
20:33:31.0903 5244   Wanarp - ok
20:33:32.0637 5244   Wdf01000 (d918617b46457b9ac28027722e30f647) J:\WINDOWS\system32\Drivers\wdf01000.sys
20:33:32.0715 5244   Wdf01000 - ok
20:33:32.0731 5244   WDICA - ok
20:33:32.0762 5244   wdmaud (6768acf64b18196494413695f0c3a00f) J:\WINDOWS\system32\drivers\wdmaud.sys
20:33:32.0903 5244   wdmaud - ok
20:33:32.0934 5244   WebClient (77a354e28153ad2d5e120a5a8687bc06) J:\WINDOWS\System32\webclnt.dll
20:33:33.0074 5244   WebClient - ok
20:33:33.0231 5244   WinDriver6 (6cb18d5c6f952ffefca4c3d904956fe1) J:\WINDOWS\system32\drivers\windrvr6.sys
20:33:33.0403 5244   WinDriver6 - ok
20:33:33.0465 5244   winmgmt (2d0e4ed081963804ccc196a0929275b5) J:\WINDOWS\system32\wbem\WMIsvc.dll
20:33:33.0574 5244   winmgmt - ok
20:33:33.0981 5244   WinRM (18f347402da544a780949b8fdf83351b) J:\WINDOWS\system32\WsmSvc.dll
20:33:34.0215 5244   WinRM - ok
20:33:34.0262 5244   WmdmPmSN (140ef97b64f560fd78643cae2cdad838) J:\WINDOWS\system32\MsPMSNSv.dll
20:33:34.0309 5244   WmdmPmSN - ok
20:33:34.0465 5244   Wmi (e76f8807070ed04e7408a86d6d3a6137) J:\WINDOWS\System32\advapi32.dll
20:33:34.0637 5244   Wmi - ok
20:33:34.0684 5244   WmiApSrv (e0673f1106e62a68d2257e376079f821) J:\WINDOWS\System32\wbem\wmiapsrv.exe
20:33:34.0856 5244   WmiApSrv - ok
20:33:34.0887 5244   WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) J:\WINDOWS\system32\Drivers\wpdusb.sys
20:33:34.0903 5244   WpdUsb - ok
20:33:35.0074 5244   WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:33:35.0168 5244   WPFFontCache_v0400 - ok
20:33:35.0215 5244   wscsvc (7c278e6408d1dce642230c0585a854d5) J:\WINDOWS\system32\wscsvc.dll
20:33:35.0356 5244   wscsvc - ok
20:33:35.0356 5244   wuauserv - ok
20:33:35.0403 5244   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) J:\WINDOWS\System32\wzcsvc.dll
20:33:35.0543 5244   WZCSVC - ok
20:33:35.0559 5244   xmlprov (295d21f14c335b53cb8154e5b1f892b9) J:\WINDOWS\System32\xmlprov.dll
20:33:35.0684 5244   xmlprov - ok
20:33:35.0731 5244   yukonwxp (05d48e56ea2612d39a4e7f0ecc17b917) J:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:33:35.0809 5244   yukonwxp - ok
20:33:35.0840 5244   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:33:36.0278 5244   \Device\Harddisk0\DR0 - ok
20:33:36.0293 5244   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:33:36.0574 5244   \Device\Harddisk1\DR1 ( TDSS File System ) - warning
20:33:36.0574 5244   \Device\Harddisk1\DR1 - detected TDSS File System (1)
20:33:36.0574 5244   MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
20:33:36.0824 5244   \Device\Harddisk2\DR2 - ok
20:33:36.0824 5244   Boot (0x1200) (cdc9d3dab86838bd5dc694c597fc7622) \Device\Harddisk0\DR0\Partition0
20:33:36.0840 5244   \Device\Harddisk0\DR0\Partition0 - ok
20:33:36.0840 5244   Boot (0x1200) (32913ae72b16ce27063248c537e0e537) \Device\Harddisk1\DR1\Partition0
20:33:36.0840 5244   \Device\Harddisk1\DR1\Partition0 - ok
20:33:36.0840 5244   Boot (0x1200) (75025ac2ddadad10c96b78b96c73f0f2) \Device\Harddisk2\DR2\Partition0
20:33:36.0840 5244   \Device\Harddisk2\DR2\Partition0 - ok
20:33:36.0840 5244   ============================================================
20:33:36.0840 5244   Scan finished
20:33:36.0840 5244   ============================================================
20:33:36.0949 3256   Detected object count: 11
20:33:36.0949 3256   Actual detected object count: 11
20:34:34.0293 3256   AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0293 3256   AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0293 3256   CDRPDACC ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0293 3256   CDRPDACC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0293 3256   giveio ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0293 3256   giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0293 3256   HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0293 3256   HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0293 3256   IFP700 ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0293 3256   IFP700 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0309 3256   SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0309 3256   SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0309 3256   SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0309 3256   SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0309 3256   speedfan ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0309 3256   speedfan ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0309 3256   StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0309 3256   StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0309 3256   UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:34.0309 3256   UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:34.0309 3256   \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
20:34:34.0309 3256   \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip

Hoov · « **Reply #12 on:** May 29, 2012, 09:44:01 PM »

Please rerun TDSSKiller and the entries that are TDSS File System, please set them to quarentine.

About the exe problem, Download exefix_xp.com utility and save to Desktop. Double-click the file to run it. This utility fixes the exefile association in the registry automatically.

ssamson89 · « **Reply #13 on:** June 04, 2012, 11:08:38 PM »

MY computer's condition has worsened. I noticed my computer was running slowly even though few visible programs were running. I checked the running processes and saw ~370 were running, most were named ntvdm.exe .

After doing a google search for 'ntvdm.exe' my computer went through a restart unpromted by me.

Secondly I've noticed when a new folder is created there is a new file created inside it with the same name as an .exe .

A google search for 'exe. folders everywhere' caused an unprompted restart.

And I still have several programs which when executed just open the My Documents folder.

Hoov · « **Reply #14 on:** June 05, 2012, 09:12:23 AM »

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4

Double-click on the Rkill desktop icon to run the tool.
If using Vista, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix''s window while it''s running. That may cause it to stall
[/list]

News:

Author Topic: [Resolved] Brontok; Disabling programs, Causing restarts. (Read 1521 times)

ssamson89

[Resolved] Brontok; Disabling programs, Causing restarts.

Hoov

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

Hoov

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

Hoov

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

Hoov

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

Hoov

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

ssamson89

Re: [In Progress] Brontok; Disabling programs, Causing restarts.

Hoov

Re: [In Progress] Brontok; Disabling programs, Causing restarts.