Jump to content

sgeorge

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I am all set with the above information. Daniel, thank you sooooooo much. I really appreciate all your help!
  2. Thanks. I now have Java 6 Update 31 installed and Adobe Reader X (10.1.2) installed. I had no issues installing either. DDS Log . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Roo at 20:01:33 on 2012-02-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4463 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe C:\Windows\system32\atieclxx.exe C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe C:\Program Files (x86)\AOL 9.5\waol.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\AOL 9.5\shellmon.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files (x86)\internet explorer\iexplore.exe C:\Program Files (x86)\internet explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Windows\system32\msiexec.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchIndexer.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.5\AOL.EXE" -b mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" StartupFolder: C:\Users\Roo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6} : DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\378616B65637 : DhcpNameServer = 68.237.161.12 71.243.0.12 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\B4566796E67456F6277656 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\C696E6B6379737 : DhcpNameServer = 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-8 8551272] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-2-20 652360] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-13 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-13 208536] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-13 161168] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-2 705856] R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-2-25 909152] R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [?] S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);C:\Windows\system32\DRIVERS\dlcdbus.sys --> C:\Windows\system32\DRIVERS\dlcdbus.sys [?] S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys --> C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-2-1 25072] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] . =============== Created Last 30 ================ . 2012-02-29 00:22:42 -------- d-----w- C:\Windows\System32\appmgmt 2012-02-28 11:27:37 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63BDA4D9-6A27-463F-8CA5-9960F2542DBE}\mpengine.dll 2012-02-27 18:45:11 -------- d-----w- C:\Program Files (x86)\ESET 2012-02-25 15:45:56 -------- d-sh--w- C:\$RECYCLE.BIN 2012-02-24 00:00:34 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-23 21:45:09 98816 ----a-w- C:\Windows\sed.exe 2012-02-23 21:45:09 518144 ----a-w- C:\Windows\SWREG.exe 2012-02-23 21:45:09 256000 ----a-w- C:\Windows\PEV.exe 2012-02-23 21:45:09 208896 ----a-w- C:\Windows\MBR.exe 2012-02-23 12:34:29 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-02-23 12:34:23 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-02-23 12:34:21 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-02-23 12:34:10 -------- d--h--w- C:\ProgramData\Common Files 2012-02-22 11:04:31 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-02-21 03:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\Simple Adblock 2012-02-21 02:32:01 -------- d-----w- C:\Users\Roo\AppData\Roaming\Malwarebytes 2012-02-21 02:31:46 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-21 02:31:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-21 02:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2012-02-19 18:25:47 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-16 02:16:36 -------- d-----w- C:\63146ec7b3a033f4356ca48e 2012-02-16 02:08:20 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-16 02:08:19 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-16 02:08:07 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-16 02:08:06 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-16 02:08:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-16 02:07:54 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-16 02:07:45 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-16 02:07:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-06 00:08:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-05 23:30:37 -------- d-----w- C:\Users\Roo\AppData\Roaming\Macrovision . ==================== Find3M ==================== . 2012-02-29 00:33:40 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-06-02 21:26:20 23384 ----a-w- C:\Program Files (x86)\QuickenOLBackupLauncher.exe 2010-06-02 21:25:34 48472 ----a-w- C:\Program Files (x86)\InetTools.dll 2010-06-02 21:24:32 537944 ----a-w- C:\Program Files (x86)\UpdateContent.dll 2010-06-02 21:24:28 57176 ----a-w- C:\Program Files (x86)\RestartExe.exe 2010-06-02 21:24:28 46424 ----a-w- C:\Program Files (x86)\BindContent.exe 2010-06-02 21:24:24 312664 ----a-w- C:\Program Files (x86)\SendError.dll 2010-06-02 21:24:22 32088 ----a-w- C:\Program Files (x86)\qwutilnet.dll 2010-06-02 21:24:12 359768 ----a-w- C:\Program Files (x86)\qwplan.dll 2010-06-02 21:24:10 129880 ----a-w- C:\Program Files (x86)\qwonlineFeatures.dll 2010-06-02 21:24:04 76120 ----a-w- C:\Program Files (x86)\qwipa.dll 2010-06-02 21:22:58 28504 ----a-w- C:\Program Files (x86)\lbt.dll 2010-06-02 21:22:58 129880 ----a-w- C:\Program Files (x86)\QCustomAction.dll 2010-06-02 21:22:46 39768 ----a-w- C:\Program Files (x86)\convert_stub.dll 2010-06-02 21:22:46 155992 ----a-w- C:\Program Files (x86)\cashgen.dll 2010-06-02 21:22:44 34136 ----a-w- C:\Program Files (x86)\CalendarSync.dll 2010-06-02 21:22:42 116568 ----a-w- C:\Program Files (x86)\billmind_qwrmnd.dll 2010-06-02 21:22:40 47448 ----a-w- C:\Program Files (x86)\billmind_alrtpkg.dll 2010-06-02 21:22:40 26456 ----a-w- C:\Program Files (x86)\billmind.exe 2010-06-02 21:22:38 77656 ----a-w- C:\Program Files (x86)\bagent.exe 2010-06-02 21:22:34 354136 ----a-w- C:\Program Files (x86)\alert.dll 2010-06-02 21:22:30 38744 ----a-w- C:\Program Files (x86)\printenv.exe 2010-06-02 21:22:20 1035608 ----a-w- C:\Program Files (x86)\dbghelp.dll 2010-06-02 21:22:18 71000 ----a-w- C:\Program Files (x86)\techhelp.exe 2010-01-04 23:40:10 433976 ----a-w- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe 2010-01-04 23:40:08 861432 ----a-w- C:\Program Files (x86)\QuickenHomeInventory.exe 2009-09-08 17:43:28 15720 ----a-w- C:\Program Files (x86)\mvut14n.dll 2009-09-08 17:42:26 223584 ----a-w- C:\Program Files (x86)\patchw32.dll 2009-09-08 17:40:54 41320 ----a-w- C:\Program Files (x86)\lbt_excite.dll 2009-09-08 17:40:38 23912 ----a-w- C:\Program Files (x86)\dellid.dll 2009-09-08 17:40:28 78184 ----a-w- C:\Program Files (x86)\bgt.dll 2009-09-08 17:40:26 34152 ----a-w- C:\Program Files (x86)\atwork.dll . ============= FINISH: 20:02:50.30 =============== Attach Log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 12/11/2009 7:29:39 PM System Uptime: 2/28/2012 7:25:55 PM (1 hours ago) . Motherboard: Dell Inc. | | 0C234M Processor: Intel® Core2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 323.609 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP171: 2/18/2012 11:11:51 PM - Restore Operation RP172: 2/19/2012 1:25:15 PM - Windows Update RP174: 2/19/2012 1:50:58 PM - Windows Defender Checkpoint RP175: 2/20/2012 11:42:58 PM - Windows Update RP176: 2/23/2012 4:45:25 PM - ComboFix created restore point RP177: 2/25/2012 7:28:40 AM - Windows Update RP178: 2/27/2012 10:01:59 PM - Installed TurboTax 2011 wrapper RP179: 2/28/2012 7:21:36 PM - Removed Java 6 Update 14 (64-bit) RP180: 2/28/2012 7:23:29 PM - Removed Java 6 Update 26 RP181: 2/28/2012 7:31:05 PM - Installed Java 6 Update 31 RP182: 2/28/2012 7:55:54 PM - Installed Adobe Reader X (10.1.0). . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) Absolute Notifier Adobe AIR Adobe Flash Player 10 Plugin Adobe Reader X (10.1.2) Advanced Audio FX Engine AnswerWorks 5.0 English Runtime AnyDVD AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Software Update ATI Catalyst Control Center AVG Security Toolbar Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Citrix Presentation Server Client - Web Only CloneDVDmobile Compatibility Pack for the 2007 Office system Consumer In-Home Service Agreement Coupon Printer for Windows Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Getting Started Guide Dell Webcam Central ESET Online Scanner v3 Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 HTC BMP USB Driver HTC Driver Installer HTC Sync Internet TV for Windows Media Center iSEEK AnswerWorks English Runtime Java Auto Updater Java 6 Update 31 Junk Mail filter update LeapFrog Connect LeapFrog Tag Plugin Live! Cam Avatar Creator Malwarebytes Anti-Malware version 1.60.1.1000 McAfee SecurityCenter McAfee Virtual Technician Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) PowerDVD DX Quicken 2010 QuickTime Roxio Burn Roxio Update Manager Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Simple Adblock Skins Skype Toolbars Skype™ 4.2 TurboTax 2009 TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper TurboTax 2011 TurboTax 2011 WinPerFedFormset TurboTax 2011 WinPerReleaseEngine TurboTax 2011 WinPerTaxSupport TurboTax 2011 wrapper Uninstall AOL Emergency Connect Utility 1.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) Viewpoint Media Player Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 2/28/2012 7:49:50 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. 2/28/2012 7:33:40 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/28/2012 5:41:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. 2/25/2012 7:55:32 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 2/25/2012 7:38:02 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning. 2/25/2012 11:00:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/25/2012 10:46:44 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 2/25/2012 10:36:37 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 2/25/2012 10:34:44 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 2/25/2012 10:33:57 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. . ==== End Of File ===========================
  3. Thanks. I ran the ESET tool. It didn't find any threats and so I had no option to save a file to my PC. It has this.... Scan Results No Threats found. Scanned Files: 265031 Infected Files: 0 Cleaned Files: 0 Total Scan Time: 01:12:31 Scan Status: Finished DDS Log . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Roo at 15:13:58 on 2012-02-27 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.3939 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files (x86)\AOL 9.5\waol.exe C:\Program Files (x86)\AOL 9.5\shellmon.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.5\AOL.EXE" -b mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" StartupFolder: C:\Users\Roo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6} : DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\378616B65637 : DhcpNameServer = 68.237.161.12 71.243.0.12 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\B4566796E67456F6277656 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\C696E6B6379737 : DhcpNameServer = 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-8 8551272] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-2-20 652360] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-13 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-13 208536] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-13 161168] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-2 705856] R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-2-25 909152] R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-2-1 25072] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [?] S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);C:\Windows\system32\DRIVERS\dlcdbus.sys --> C:\Windows\system32\DRIVERS\dlcdbus.sys [?] S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys --> C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] . =============== Created Last 30 ================ . 2012-02-27 18:45:11 -------- d-----w- C:\Program Files (x86)\ESET 2012-02-25 18:07:26 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\offreg.dll 2012-02-25 15:45:56 -------- d-sh--w- C:\$RECYCLE.BIN 2012-02-25 12:30:22 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\mpengine.dll 2012-02-24 00:00:34 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-23 21:45:09 98816 ----a-w- C:\Windows\sed.exe 2012-02-23 21:45:09 518144 ----a-w- C:\Windows\SWREG.exe 2012-02-23 21:45:09 256000 ----a-w- C:\Windows\PEV.exe 2012-02-23 21:45:09 208896 ----a-w- C:\Windows\MBR.exe 2012-02-23 12:34:29 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-02-23 12:34:23 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-02-23 12:34:21 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-02-23 12:34:10 -------- d--h--w- C:\ProgramData\Common Files 2012-02-22 11:04:31 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-02-21 03:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\Simple Adblock 2012-02-21 02:32:01 -------- d-----w- C:\Users\Roo\AppData\Roaming\Malwarebytes 2012-02-21 02:31:46 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-21 02:31:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-21 02:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2012-02-19 18:25:47 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-16 02:16:36 -------- d-----w- C:\63146ec7b3a033f4356ca48e 2012-02-16 02:08:20 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-16 02:08:19 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-16 02:08:07 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-16 02:08:06 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-16 02:08:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-16 02:07:54 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-16 02:07:45 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-16 02:07:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-06 00:08:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-05 23:30:37 -------- d-----w- C:\Users\Roo\AppData\Roaming\Macrovision . ==================== Find3M ==================== . 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-06-02 21:26:20 23384 ----a-w- C:\Program Files (x86)\QuickenOLBackupLauncher.exe 2010-06-02 21:25:34 48472 ----a-w- C:\Program Files (x86)\InetTools.dll 2010-06-02 21:24:32 537944 ----a-w- C:\Program Files (x86)\UpdateContent.dll 2010-06-02 21:24:28 57176 ----a-w- C:\Program Files (x86)\RestartExe.exe 2010-06-02 21:24:28 46424 ----a-w- C:\Program Files (x86)\BindContent.exe 2010-06-02 21:24:24 312664 ----a-w- C:\Program Files (x86)\SendError.dll 2010-06-02 21:24:22 32088 ----a-w- C:\Program Files (x86)\qwutilnet.dll 2010-06-02 21:24:12 359768 ----a-w- C:\Program Files (x86)\qwplan.dll 2010-06-02 21:24:10 129880 ----a-w- C:\Program Files (x86)\qwonlineFeatures.dll 2010-06-02 21:24:04 76120 ----a-w- C:\Program Files (x86)\qwipa.dll 2010-06-02 21:22:58 28504 ----a-w- C:\Program Files (x86)\lbt.dll 2010-06-02 21:22:58 129880 ----a-w- C:\Program Files (x86)\QCustomAction.dll 2010-06-02 21:22:46 39768 ----a-w- C:\Program Files (x86)\convert_stub.dll 2010-06-02 21:22:46 155992 ----a-w- C:\Program Files (x86)\cashgen.dll 2010-06-02 21:22:44 34136 ----a-w- C:\Program Files (x86)\CalendarSync.dll 2010-06-02 21:22:42 116568 ----a-w- C:\Program Files (x86)\billmind_qwrmnd.dll 2010-06-02 21:22:40 47448 ----a-w- C:\Program Files (x86)\billmind_alrtpkg.dll 2010-06-02 21:22:40 26456 ----a-w- C:\Program Files (x86)\billmind.exe 2010-06-02 21:22:38 77656 ----a-w- C:\Program Files (x86)\bagent.exe 2010-06-02 21:22:34 354136 ----a-w- C:\Program Files (x86)\alert.dll 2010-06-02 21:22:30 38744 ----a-w- C:\Program Files (x86)\printenv.exe 2010-06-02 21:22:20 1035608 ----a-w- C:\Program Files (x86)\dbghelp.dll 2010-06-02 21:22:18 71000 ----a-w- C:\Program Files (x86)\techhelp.exe 2010-01-04 23:40:10 433976 ----a-w- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe 2010-01-04 23:40:08 861432 ----a-w- C:\Program Files (x86)\QuickenHomeInventory.exe 2009-09-08 17:43:28 15720 ----a-w- C:\Program Files (x86)\mvut14n.dll 2009-09-08 17:42:26 223584 ----a-w- C:\Program Files (x86)\patchw32.dll 2009-09-08 17:40:54 41320 ----a-w- C:\Program Files (x86)\lbt_excite.dll 2009-09-08 17:40:38 23912 ----a-w- C:\Program Files (x86)\dellid.dll 2009-09-08 17:40:28 78184 ----a-w- C:\Program Files (x86)\bgt.dll 2009-09-08 17:40:26 34152 ----a-w- C:\Program Files (x86)\atwork.dll . ============= FINISH: 15:14:27.04 =============== Attach Log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 12/11/2009 7:29:39 PM System Uptime: 2/26/2012 1:41:24 PM (26 hours ago) . Motherboard: Dell Inc. | | 0C234M Processor: Intel® Core2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 323.304 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP169: 2/16/2012 3:00:23 AM - Windows Update RP170: 2/16/2012 10:30:07 AM - Windows Update RP171: 2/18/2012 11:11:51 PM - Restore Operation RP172: 2/19/2012 1:25:15 PM - Windows Update RP174: 2/19/2012 1:50:58 PM - Windows Defender Checkpoint RP175: 2/20/2012 11:42:58 PM - Windows Update RP176: 2/23/2012 4:45:25 PM - ComboFix created restore point RP177: 2/25/2012 7:28:40 AM - Windows Update . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) Absolute Notifier Adobe AIR Adobe Flash Player 10 Plugin Adobe Reader 9.1.2 Advanced Audio FX Engine AnswerWorks 5.0 English Runtime AnyDVD AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Software Update ATI Catalyst Control Center AVG Security Toolbar Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Citrix Presentation Server Client - Web Only CloneDVDmobile Compatibility Pack for the 2007 Office system Consumer In-Home Service Agreement Coupon Printer for Windows Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Getting Started Guide Dell Webcam Central ESET Online Scanner v3 Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 HTC BMP USB Driver HTC Driver Installer HTC Sync Internet TV for Windows Media Center iSEEK AnswerWorks English Runtime Java Auto Updater Java 6 Update 26 Junk Mail filter update LeapFrog Connect LeapFrog Tag Plugin Live! Cam Avatar Creator Malwarebytes Anti-Malware version 1.60.1.1000 McAfee SecurityCenter McAfee Virtual Technician Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) PowerDVD DX Quicken 2010 QuickTime Roxio Burn Roxio Update Manager Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Simple Adblock Skins Skype Toolbars Skype™ 4.2 TurboTax 2009 TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper Uninstall AOL Emergency Connect Utility 1.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) Viewpoint Media Player Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 2/25/2012 7:55:32 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 2/25/2012 7:38:02 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning. 2/25/2012 11:00:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/25/2012 10:56:10 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/25/2012 10:46:44 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 2/25/2012 10:36:37 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 2/25/2012 10:34:44 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 2/25/2012 10:33:57 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 2/22/2012 9:51:46 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. . ==== End Of File ===========================
  4. Thanks. ComboFix Log ComboFix 12-02-23.01 - Roo 02/25/2012 10:27:03.3.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4093 [GMT -5:00] Running from: c:\users\Roo\Software\ComboFix\ComboFix.exe Command switches used :: c:\users\Roo\Software\ComboFix\CFScript.txt AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Roo\AppData\Roaming\57168 c:\users\Roo\AppData\Roaming\B8457 c:\users\Roo\AppData\Roaming\B8457\7168.845 . . ((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 ))))))))))))))))))))))))))))))) . . 2012-02-25 15:34 . 2012-02-25 15:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-25 12:30 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\mpengine.dll 2012-02-24 00:00 . 2012-02-24 02:06 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\programdata\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\program files (x86)\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d--h--w- c:\programdata\Common Files 2012-02-21 03:20 . 2012-02-21 03:28 -------- d-----w- c:\program files (x86)\Common Files\Simple Adblock 2012-02-21 02:32 . 2012-02-21 02:32 -------- d-----w- c:\users\Roo\AppData\Roaming\Malwarebytes 2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\programdata\Malwarebytes 2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2012-02-21 02:31 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-19 18:25 . 2012-01-29 10:10 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-02-16 02:16 . 2012-02-16 02:16 -------- d-----w- C:\63146ec7b3a033f4356ca48e 2012-02-16 02:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-16 02:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-16 02:08 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-16 02:08 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-16 02:08 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-16 02:07 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-16 02:07 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-16 02:07 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\program files\Google 2012-02-06 00:08 . 2012-02-06 00:08 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\windows\system32\Macromed 2012-02-05 23:30 . 2012-02-05 23:30 -------- d-----w- c:\users\Roo\AppData\Roaming\Macrovision . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\xsell.dll 2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\xmlparse_tok.dll 2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\xmlparse.dll 2010-06-02 21:27 . 2009-09-08 17:43 946520 ----a-w- c:\program files (x86)\ttaximp.dll 2010-06-02 21:27 . 2009-09-08 17:43 91992 ----a-w- c:\program files (x86)\qwsnap.dll 2010-06-02 21:27 . 2009-09-08 17:43 810328 ----a-w- c:\program files (x86)\qwwin.dll 2010-06-02 21:27 . 2009-09-08 17:43 78680 ----a-w- c:\program files (x86)\qwinver.dll 2010-06-02 21:27 . 2009-09-08 17:43 70488 ----a-w- c:\program files (x86)\qwcntr.dll 2010-06-02 21:27 . 2009-09-08 17:43 48984 ----a-w- c:\program files (x86)\QWVER.DLL 2010-06-02 21:27 . 2009-09-08 17:43 321368 ----a-w- c:\program files (x86)\qwpr.dll 2010-06-02 21:27 . 2009-09-08 17:43 2832728 ----a-w- c:\program files (x86)\qwutil.dll 2010-06-02 21:27 . 2009-09-08 17:43 2603352 ----a-w- c:\program files (x86)\qwonline.dll 2010-06-02 21:27 . 2009-09-08 17:43 229208 ----a-w- c:\program files (x86)\qwapp.dll 2010-06-02 21:27 . 2009-09-08 17:43 13656 ----a-w- c:\program files (x86)\qwsync.dll 2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\qwxmlparse_tok.dll 2010-06-02 21:27 . 2009-09-08 17:43 111960 ----a-w- c:\program files (x86)\qwinet.dll 2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\qwxmlparse.dll 2010-06-02 21:27 . 2009-09-08 17:43 879448 ----a-w- c:\program files (x86)\qvault.dll 2010-06-02 21:27 . 2009-09-08 17:43 82264 ----a-w- c:\program files (x86)\QShowHelp.dll 2010-06-02 21:27 . 2009-09-08 17:43 330072 ----a-w- c:\program files (x86)\qtax.dll 2010-06-02 21:27 . 2009-09-08 17:43 27480 ----a-w- c:\program files (x86)\qsapi_eng.dll 2010-06-02 21:27 . 2009-09-08 17:43 25432 ----a-w- c:\program files (x86)\qsapi.dll 2010-06-02 21:27 . 2009-09-08 17:43 136024 ----a-w- c:\program files (x86)\qrep.dll 2010-06-02 21:27 . 2009-09-08 17:43 132952 ----a-w- c:\program files (x86)\qsac.dll 2010-06-02 21:27 . 2009-09-08 17:43 127832 ----a-w- c:\program files (x86)\Qsetup.dll 2010-06-02 21:27 . 2009-09-08 17:43 1163096 ----a-w- c:\program files (x86)\qreports.dll 2010-06-02 21:27 . 2009-09-08 17:43 89432 ----a-w- c:\program files (x86)\qindex.dll 2010-06-02 21:27 . 2009-09-08 17:43 79192 ----a-w- c:\program files (x86)\mvmc14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 74072 ----a-w- c:\program files (x86)\mvix14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 71512 ----a-w- c:\program files (x86)\qdapp.dll 2010-06-02 21:27 . 2009-09-08 17:43 631640 ----a-w- c:\program files (x86)\qdb.dll 2010-06-02 21:27 . 2009-09-08 17:43 61784 ----a-w- c:\program files (x86)\mvfs14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 56664 ----a-w- c:\program files (x86)\mvsr14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 56152 ----a-w- c:\program files (x86)\mvtl14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 42840 ----a-w- c:\program files (x86)\onlncall.dll 2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\mvmg14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 380248 ----a-w- c:\program files (x86)\qcomutil.dll 2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\mvbk14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 2778968 ----a-w- c:\program files (x86)\ofxsdk_qw.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\qdappui.dll 2010-06-02 21:27 . 2009-09-08 17:43 1492312 ----a-w- c:\program files (x86)\online.dll 2010-06-02 21:27 . 2009-09-08 17:43 148824 ----a-w- c:\program files (x86)\olbservice.dll 2010-06-02 21:27 . 2009-09-08 17:43 1262424 ----a-w- c:\program files (x86)\qaccess.dll 2010-06-02 21:27 . 2009-09-08 17:43 117592 ----a-w- c:\program files (x86)\mvcl14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 114008 ----a-w- c:\program files (x86)\QCONNECT.DLL 2010-06-02 21:27 . 2009-09-08 17:43 77144 ----a-w- c:\program files (x86)\graphs.dll 2010-06-02 21:27 . 2009-09-08 17:43 66904 ----a-w- c:\program files (x86)\atwork_xprint.dll 2010-06-02 21:27 . 2009-09-08 17:43 63320 ----a-w- c:\program files (x86)\dllapps_dedfnd.dll 2010-06-02 21:27 . 2009-09-08 17:43 53592 ----a-w- c:\program files (x86)\dllapps_savgol.dll 2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\bgt_pnf.dll 2010-06-02 21:27 . 2009-09-08 17:43 275288 ----a-w- c:\program files (x86)\lbtmngr.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\gdipapi.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\calnote.dll 2010-06-02 21:27 . 2009-09-08 17:43 16728 ----a-w- c:\program files (x86)\custprof.dll 2010-06-02 21:27 . 2009-09-08 17:43 166232 ----a-w- c:\program files (x86)\cashflow.dll 2010-06-02 21:27 . 2009-09-08 17:43 115032 ----a-w- c:\program files (x86)\dllapps_frcast.dll 2010-06-02 21:27 . 2009-09-08 17:43 107352 ----a-w- c:\program files (x86)\dllapps_dbtred.dll 2010-06-02 21:27 . 2009-09-08 17:43 105816 ----a-w- c:\program files (x86)\dllapps_plan.dll 2010-06-02 21:26 . 2009-09-08 17:42 23384 ----a-w- c:\program files (x86)\QuickenOLBackupLauncher.exe 2010-06-02 21:25 . 2009-09-08 17:42 48472 ----a-w- c:\program files (x86)\InetTools.dll 2010-06-02 21:24 . 2009-09-08 17:41 537944 ----a-w- c:\program files (x86)\UpdateContent.dll 2010-06-02 21:24 . 2009-09-08 17:41 46424 ----a-w- c:\program files (x86)\BindContent.exe 2010-06-02 21:24 . 2009-09-08 17:41 57176 ----a-w- c:\program files (x86)\RestartExe.exe 2010-06-02 21:24 . 2009-09-08 17:41 312664 ----a-w- c:\program files (x86)\SendError.dll 2010-06-02 21:24 . 2009-11-13 05:39 32088 ----a-w- c:\program files (x86)\qwutilnet.dll 2010-06-02 21:24 . 2009-09-08 17:41 359768 ----a-w- c:\program files (x86)\qwplan.dll 2010-06-02 21:24 . 2009-09-08 17:41 129880 ----a-w- c:\program files (x86)\qwonlineFeatures.dll 2010-06-02 21:24 . 2009-09-08 17:41 76120 ----a-w- c:\program files (x86)\qwipa.dll 2010-06-02 21:23 . 2009-09-08 17:41 10163032 ----a-w- c:\program files (x86)\qwmain.dll 2010-06-02 21:23 . 2009-09-08 17:41 103256 ----a-w- c:\program files (x86)\qnet.dll 2010-06-02 21:23 . 2009-09-08 17:41 114008 ----a-w- c:\program files (x86)\qcon32.dll 2010-06-02 21:23 . 2009-09-08 17:41 680792 ----a-w- c:\program files (x86)\decapi.dll 2010-06-02 21:23 . 2009-09-08 17:41 173400 ----a-w- c:\program files (x86)\xport.dll 2010-06-02 21:23 . 2009-09-08 17:41 185176 ----a-w- c:\program files (x86)\sport.dll 2010-06-02 21:23 . 2009-09-08 17:41 155992 ----a-w- c:\program files (x86)\MoneyFileReader.dll 2010-06-02 21:23 . 2009-09-08 17:41 142680 ----a-w- c:\program files (x86)\MoneyFileConverter.dll 2010-06-02 21:23 . 2009-09-08 17:41 63320 ----a-w- c:\program files (x86)\lbt_ux.dll 2010-06-02 21:23 . 2009-09-08 17:41 60248 ----a-w- c:\program files (x86)\txstuff.dll 2010-06-02 21:23 . 2009-09-08 17:41 315736 ----a-w- c:\program files (x86)\lbt_webrequest.dll 2010-06-02 21:23 . 2009-09-08 17:40 66904 ----a-w- c:\program files (x86)\lbt_rte.dll 2010-06-02 21:23 . 2009-09-08 17:40 71512 ----a-w- c:\program files (x86)\lbt_qupddir.dll 2010-06-02 21:23 . 2009-09-08 17:40 80728 ----a-w- c:\program files (x86)\lbt_qplus.dll 2010-06-02 21:23 . 2009-09-08 17:40 68440 ----a-w- c:\program files (x86)\lbt_pvsync.dll 2010-06-02 21:23 . 2009-09-08 17:40 63832 ----a-w- c:\program files (x86)\lbt_decompression.dll 2010-06-02 21:23 . 2009-09-08 17:40 357720 ----a-w- c:\program files (x86)\lbt_customerCentral.dll 2010-06-02 21:23 . 2009-09-08 17:40 64344 ----a-w- c:\program files (x86)\lbt_bullseye.dll 2010-06-02 21:23 . 2009-09-08 17:40 61784 ----a-w- c:\program files (x86)\lbt_Auto1Way.dll 2010-06-02 21:22 . 2009-09-08 17:40 28504 ----a-w- c:\program files (x86)\lbt.dll 2010-06-02 21:22 . 2009-09-08 17:40 129880 ----a-w- c:\program files (x86)\QCustomAction.dll 2010-06-02 21:22 . 2009-09-08 17:40 39768 ----a-w- c:\program files (x86)\convert_stub.dll 2010-06-02 21:22 . 2009-09-08 17:40 155992 ----a-w- c:\program files (x86)\cashgen.dll 2010-06-02 21:22 . 2009-09-08 17:40 34136 ----a-w- c:\program files (x86)\CalendarSync.dll 2010-06-02 21:22 . 2009-09-08 17:40 116568 ----a-w- c:\program files (x86)\billmind_qwrmnd.dll 2010-06-02 21:22 . 2009-09-08 17:40 47448 ----a-w- c:\program files (x86)\billmind_alrtpkg.dll 2010-06-02 21:22 . 2009-09-08 17:40 26456 ----a-w- c:\program files (x86)\billmind.exe 2010-06-02 21:22 . 2009-09-08 17:40 77656 ----a-w- c:\program files (x86)\bagent.exe 2010-06-02 21:22 . 2009-09-08 17:40 354136 ----a-w- c:\program files (x86)\alert.dll 2010-06-02 21:22 . 2009-09-08 17:40 38744 ----a-w- c:\program files (x86)\printenv.exe 2010-06-02 21:22 . 2009-09-08 17:40 1035608 ----a-w- c:\program files (x86)\dbghelp.dll 2010-06-02 21:22 . 2009-09-08 17:40 71000 ----a-w- c:\program files (x86)\techhelp.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-02-24_02.32.54 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-02 15:37 . 2012-02-25 15:38 60108 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-02-25 15:38 43878 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-12-12 01:40 . 2012-02-25 15:38 16070 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3099364093-3267457688-942095451-1001_UserData.bin - 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-12-12 00:21 . 2012-02-25 15:32 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-12 00:21 . 2012-02-25 15:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-02-25 15:32 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-02-24 02:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-02-25 15:36 . 2012-02-25 15:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-02-25 15:36 . 2012-02-25 15:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 04:54 . 2012-02-24 00:18 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-02-25 12:24 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 05:01 . 2012-02-24 02:31 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-02-25 15:35 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 04:54 . 2012-02-24 00:18 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-02-25 12:24 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-09-21 07:18 . 2012-02-25 15:35 9834984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3099364093-3267457688-942095451-1001-8192.dat - 2009-07-14 04:54 . 2012-02-24 00:18 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-02-25 12:24 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-02-25 12:24 1811296 ----a-w- c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-25 1811296] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600] "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744] "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "HostManager"="c:\program files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe" [2009-07-20 41264] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160] "Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" [2012-01-13 460872] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-02-25 939872] "ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-02-25 928096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616] . c:\users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488] WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [x] R3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\DRIVERS\dlcdbus.sys [x] R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\DRIVERS\lan9500-x64-n51f.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-08 8551272] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856] S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-25 909152] S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048] S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59] . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59] . 2012-02-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32] . 2012-02-25 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://isearch.avg.com/?cid={646EDEB7-C6E6-46C2-A086-E04BC1D1462E}&mid=e59cecda502947d18dced14acce4e9e6-49b99d1abb4251dc0f4c8caac757d6570d3d621e〈=en&ds=ft011&pr=sa&d=2012-02-23 07:34&v=9.0.0.23&sap=hp mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe . ************************************************************************** . Completion time: 2012-02-25 10:41:42 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-25 15:41 ComboFix2.txt 2012-02-25 12:52 ComboFix3.txt 2012-02-24 02:37 . Pre-Run: 347,814,957,056 bytes free Post-Run: 347,760,558,080 bytes free . - - End Of File - - D086C03146B7452B8E7EF3E219566F47
  5. ComboFix log ComboFix 12-02-23.01 - Roo 02/25/2012 7:35.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4118 [GMT -5:00] Running from: c:\users\Roo\Software\ComboFix\ComboFix.exe Command switches used :: c:\users\Roo\Software\ComboFix\CFScript.txt AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\programdata\Microsoft\Windows\DRM\52A0.tmp" "c:\programdata\Microsoft\Windows\DRM\52A1.tmp" . . ((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 ))))))))))))))))))))))))))))))) . . 2012-02-25 12:45 . 2012-02-25 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-25 12:30 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\mpengine.dll 2012-02-24 00:00 . 2012-02-24 02:06 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\programdata\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\program files (x86)\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d--h--w- c:\programdata\Common Files 2012-02-21 03:20 . 2012-02-21 03:28 -------- d-----w- c:\program files (x86)\Common Files\Simple Adblock 2012-02-21 02:32 . 2012-02-21 02:32 -------- d-----w- c:\users\Roo\AppData\Roaming\Malwarebytes 2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\programdata\Malwarebytes 2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2012-02-21 02:31 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-19 18:25 . 2012-01-29 10:10 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-02-17 15:08 . 2012-02-19 02:13 -------- d-----w- c:\users\Roo\AppData\Roaming\57168 2012-02-17 15:07 . 2012-02-19 02:12 -------- d-----w- c:\users\Roo\AppData\Roaming\B8457 2012-02-16 02:16 . 2012-02-16 02:16 -------- d-----w- C:\63146ec7b3a033f4356ca48e 2012-02-16 02:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-16 02:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-16 02:08 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-16 02:08 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-16 02:08 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-16 02:07 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-16 02:07 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-16 02:07 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A1.tmp 2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A0.tmp 2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\program files\Google 2012-02-06 00:08 . 2012-02-06 00:08 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\windows\system32\Macromed 2012-02-05 23:30 . 2012-02-05 23:30 -------- d-----w- c:\users\Roo\AppData\Roaming\Macrovision . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\xsell.dll 2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\xmlparse_tok.dll 2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\xmlparse.dll 2010-06-02 21:27 . 2009-09-08 17:43 946520 ----a-w- c:\program files (x86)\ttaximp.dll 2010-06-02 21:27 . 2009-09-08 17:43 91992 ----a-w- c:\program files (x86)\qwsnap.dll 2010-06-02 21:27 . 2009-09-08 17:43 810328 ----a-w- c:\program files (x86)\qwwin.dll 2010-06-02 21:27 . 2009-09-08 17:43 78680 ----a-w- c:\program files (x86)\qwinver.dll 2010-06-02 21:27 . 2009-09-08 17:43 70488 ----a-w- c:\program files (x86)\qwcntr.dll 2010-06-02 21:27 . 2009-09-08 17:43 48984 ----a-w- c:\program files (x86)\QWVER.DLL 2010-06-02 21:27 . 2009-09-08 17:43 321368 ----a-w- c:\program files (x86)\qwpr.dll 2010-06-02 21:27 . 2009-09-08 17:43 2832728 ----a-w- c:\program files (x86)\qwutil.dll 2010-06-02 21:27 . 2009-09-08 17:43 2603352 ----a-w- c:\program files (x86)\qwonline.dll 2010-06-02 21:27 . 2009-09-08 17:43 229208 ----a-w- c:\program files (x86)\qwapp.dll 2010-06-02 21:27 . 2009-09-08 17:43 13656 ----a-w- c:\program files (x86)\qwsync.dll 2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\qwxmlparse_tok.dll 2010-06-02 21:27 . 2009-09-08 17:43 111960 ----a-w- c:\program files (x86)\qwinet.dll 2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\qwxmlparse.dll 2010-06-02 21:27 . 2009-09-08 17:43 879448 ----a-w- c:\program files (x86)\qvault.dll 2010-06-02 21:27 . 2009-09-08 17:43 82264 ----a-w- c:\program files (x86)\QShowHelp.dll 2010-06-02 21:27 . 2009-09-08 17:43 330072 ----a-w- c:\program files (x86)\qtax.dll 2010-06-02 21:27 . 2009-09-08 17:43 27480 ----a-w- c:\program files (x86)\qsapi_eng.dll 2010-06-02 21:27 . 2009-09-08 17:43 25432 ----a-w- c:\program files (x86)\qsapi.dll 2010-06-02 21:27 . 2009-09-08 17:43 136024 ----a-w- c:\program files (x86)\qrep.dll 2010-06-02 21:27 . 2009-09-08 17:43 132952 ----a-w- c:\program files (x86)\qsac.dll 2010-06-02 21:27 . 2009-09-08 17:43 127832 ----a-w- c:\program files (x86)\Qsetup.dll 2010-06-02 21:27 . 2009-09-08 17:43 1163096 ----a-w- c:\program files (x86)\qreports.dll 2010-06-02 21:27 . 2009-09-08 17:43 89432 ----a-w- c:\program files (x86)\qindex.dll 2010-06-02 21:27 . 2009-09-08 17:43 79192 ----a-w- c:\program files (x86)\mvmc14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 74072 ----a-w- c:\program files (x86)\mvix14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 71512 ----a-w- c:\program files (x86)\qdapp.dll 2010-06-02 21:27 . 2009-09-08 17:43 631640 ----a-w- c:\program files (x86)\qdb.dll 2010-06-02 21:27 . 2009-09-08 17:43 61784 ----a-w- c:\program files (x86)\mvfs14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 56664 ----a-w- c:\program files (x86)\mvsr14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 56152 ----a-w- c:\program files (x86)\mvtl14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 42840 ----a-w- c:\program files (x86)\onlncall.dll 2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\mvmg14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 380248 ----a-w- c:\program files (x86)\qcomutil.dll 2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\mvbk14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 2778968 ----a-w- c:\program files (x86)\ofxsdk_qw.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\qdappui.dll 2010-06-02 21:27 . 2009-09-08 17:43 1492312 ----a-w- c:\program files (x86)\online.dll 2010-06-02 21:27 . 2009-09-08 17:43 148824 ----a-w- c:\program files (x86)\olbservice.dll 2010-06-02 21:27 . 2009-09-08 17:43 1262424 ----a-w- c:\program files (x86)\qaccess.dll 2010-06-02 21:27 . 2009-09-08 17:43 117592 ----a-w- c:\program files (x86)\mvcl14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 114008 ----a-w- c:\program files (x86)\QCONNECT.DLL 2010-06-02 21:27 . 2009-09-08 17:43 77144 ----a-w- c:\program files (x86)\graphs.dll 2010-06-02 21:27 . 2009-09-08 17:43 66904 ----a-w- c:\program files (x86)\atwork_xprint.dll 2010-06-02 21:27 . 2009-09-08 17:43 63320 ----a-w- c:\program files (x86)\dllapps_dedfnd.dll 2010-06-02 21:27 . 2009-09-08 17:43 53592 ----a-w- c:\program files (x86)\dllapps_savgol.dll 2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\bgt_pnf.dll 2010-06-02 21:27 . 2009-09-08 17:43 275288 ----a-w- c:\program files (x86)\lbtmngr.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\gdipapi.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\calnote.dll 2010-06-02 21:27 . 2009-09-08 17:43 16728 ----a-w- c:\program files (x86)\custprof.dll 2010-06-02 21:27 . 2009-09-08 17:43 166232 ----a-w- c:\program files (x86)\cashflow.dll 2010-06-02 21:27 . 2009-09-08 17:43 115032 ----a-w- c:\program files (x86)\dllapps_frcast.dll 2010-06-02 21:27 . 2009-09-08 17:43 107352 ----a-w- c:\program files (x86)\dllapps_dbtred.dll 2010-06-02 21:27 . 2009-09-08 17:43 105816 ----a-w- c:\program files (x86)\dllapps_plan.dll 2010-06-02 21:26 . 2009-09-08 17:42 23384 ----a-w- c:\program files (x86)\QuickenOLBackupLauncher.exe 2010-06-02 21:25 . 2009-09-08 17:42 48472 ----a-w- c:\program files (x86)\InetTools.dll 2010-06-02 21:24 . 2009-09-08 17:41 537944 ----a-w- c:\program files (x86)\UpdateContent.dll 2010-06-02 21:24 . 2009-09-08 17:41 46424 ----a-w- c:\program files (x86)\BindContent.exe 2010-06-02 21:24 . 2009-09-08 17:41 57176 ----a-w- c:\program files (x86)\RestartExe.exe 2010-06-02 21:24 . 2009-09-08 17:41 312664 ----a-w- c:\program files (x86)\SendError.dll 2010-06-02 21:24 . 2009-11-13 05:39 32088 ----a-w- c:\program files (x86)\qwutilnet.dll 2010-06-02 21:24 . 2009-09-08 17:41 359768 ----a-w- c:\program files (x86)\qwplan.dll 2010-06-02 21:24 . 2009-09-08 17:41 129880 ----a-w- c:\program files (x86)\qwonlineFeatures.dll 2010-06-02 21:24 . 2009-09-08 17:41 76120 ----a-w- c:\program files (x86)\qwipa.dll 2010-06-02 21:23 . 2009-09-08 17:41 10163032 ----a-w- c:\program files (x86)\qwmain.dll 2010-06-02 21:23 . 2009-09-08 17:41 103256 ----a-w- c:\program files (x86)\qnet.dll 2010-06-02 21:23 . 2009-09-08 17:41 114008 ----a-w- c:\program files (x86)\qcon32.dll 2010-06-02 21:23 . 2009-09-08 17:41 680792 ----a-w- c:\program files (x86)\decapi.dll 2010-06-02 21:23 . 2009-09-08 17:41 173400 ----a-w- c:\program files (x86)\xport.dll 2010-06-02 21:23 . 2009-09-08 17:41 185176 ----a-w- c:\program files (x86)\sport.dll 2010-06-02 21:23 . 2009-09-08 17:41 155992 ----a-w- c:\program files (x86)\MoneyFileReader.dll 2010-06-02 21:23 . 2009-09-08 17:41 142680 ----a-w- c:\program files (x86)\MoneyFileConverter.dll 2010-06-02 21:23 . 2009-09-08 17:41 63320 ----a-w- c:\program files (x86)\lbt_ux.dll 2010-06-02 21:23 . 2009-09-08 17:41 60248 ----a-w- c:\program files (x86)\txstuff.dll 2010-06-02 21:23 . 2009-09-08 17:41 315736 ----a-w- c:\program files (x86)\lbt_webrequest.dll 2010-06-02 21:23 . 2009-09-08 17:40 66904 ----a-w- c:\program files (x86)\lbt_rte.dll 2010-06-02 21:23 . 2009-09-08 17:40 71512 ----a-w- c:\program files (x86)\lbt_qupddir.dll 2010-06-02 21:23 . 2009-09-08 17:40 80728 ----a-w- c:\program files (x86)\lbt_qplus.dll 2010-06-02 21:23 . 2009-09-08 17:40 68440 ----a-w- c:\program files (x86)\lbt_pvsync.dll 2010-06-02 21:23 . 2009-09-08 17:40 63832 ----a-w- c:\program files (x86)\lbt_decompression.dll 2010-06-02 21:23 . 2009-09-08 17:40 357720 ----a-w- c:\program files (x86)\lbt_customerCentral.dll 2010-06-02 21:23 . 2009-09-08 17:40 64344 ----a-w- c:\program files (x86)\lbt_bullseye.dll 2010-06-02 21:23 . 2009-09-08 17:40 61784 ----a-w- c:\program files (x86)\lbt_Auto1Way.dll 2010-06-02 21:22 . 2009-09-08 17:40 28504 ----a-w- c:\program files (x86)\lbt.dll 2010-06-02 21:22 . 2009-09-08 17:40 129880 ----a-w- c:\program files (x86)\QCustomAction.dll 2010-06-02 21:22 . 2009-09-08 17:40 39768 ----a-w- c:\program files (x86)\convert_stub.dll 2010-06-02 21:22 . 2009-09-08 17:40 155992 ----a-w- c:\program files (x86)\cashgen.dll 2010-06-02 21:22 . 2009-09-08 17:40 34136 ----a-w- c:\program files (x86)\CalendarSync.dll 2010-06-02 21:22 . 2009-09-08 17:40 116568 ----a-w- c:\program files (x86)\billmind_qwrmnd.dll 2010-06-02 21:22 . 2009-09-08 17:40 47448 ----a-w- c:\program files (x86)\billmind_alrtpkg.dll 2010-06-02 21:22 . 2009-09-08 17:40 26456 ----a-w- c:\program files (x86)\billmind.exe 2010-06-02 21:22 . 2009-09-08 17:40 77656 ----a-w- c:\program files (x86)\bagent.exe 2010-06-02 21:22 . 2009-09-08 17:40 354136 ----a-w- c:\program files (x86)\alert.dll 2010-06-02 21:22 . 2009-09-08 17:40 38744 ----a-w- c:\program files (x86)\printenv.exe 2010-06-02 21:22 . 2009-09-08 17:40 1035608 ----a-w- c:\program files (x86)\dbghelp.dll 2010-06-02 21:22 . 2009-09-08 17:40 71000 ----a-w- c:\program files (x86)\techhelp.exe . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\63146ec7b3a033f4356ca48e ---- . 2012-02-16 02:16 . 2012-02-16 02:16 788 ---ha-w- c:\63146ec7b3a033f4356ca48e\$shtdwn$.req 2011-10-26 21:39 . 2011-10-26 21:39 36530 ----a-w- c:\63146ec7b3a033f4356ca48e\1046\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37394 ----a-w- c:\63146ec7b3a033f4356ca48e\1049\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36014 ----a-w- c:\63146ec7b3a033f4356ca48e\1053\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36274 ----a-w- c:\63146ec7b3a033f4356ca48e\1055\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 28414 ----a-w- c:\63146ec7b3a033f4356ca48e\2052\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37332 ----a-w- c:\63146ec7b3a033f4356ca48e\2070\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37096 ----a-w- c:\63146ec7b3a033f4356ca48e\3082\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 33028 ----a-w- c:\63146ec7b3a033f4356ca48e\1037\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37692 ----a-w- c:\63146ec7b3a033f4356ca48e\1038\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37048 ----a-w- c:\63146ec7b3a033f4356ca48e\1040\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 31424 ----a-w- c:\63146ec7b3a033f4356ca48e\1041\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 30504 ----a-w- c:\63146ec7b3a033f4356ca48e\1042\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36850 ----a-w- c:\63146ec7b3a033f4356ca48e\1043\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36546 ----a-w- c:\63146ec7b3a033f4356ca48e\1044\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37132 ----a-w- c:\63146ec7b3a033f4356ca48e\1045\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 28422 ----a-w- c:\63146ec7b3a033f4356ca48e\1028\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36716 ----a-w- c:\63146ec7b3a033f4356ca48e\1029\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36020 ----a-w- c:\63146ec7b3a033f4356ca48e\1030\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37858 ----a-w- c:\63146ec7b3a033f4356ca48e\1031\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 38668 ----a-w- c:\63146ec7b3a033f4356ca48e\1032\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 36066 ----a-w- c:\63146ec7b3a033f4356ca48e\1035\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 37676 ----a-w- c:\63146ec7b3a033f4356ca48e\1036\LocalizedData.xml 2011-10-26 21:39 . 2011-10-26 21:39 28422 ----a-w- c:\63146ec7b3a033f4356ca48e\3076\LocalizedData.xml 2011-10-26 21:38 . 2011-10-26 21:38 34118 ----a-w- c:\63146ec7b3a033f4356ca48e\1025\LocalizedData.xml 2011-10-26 21:38 . 2011-10-26 21:38 24926 ----a-w- c:\63146ec7b3a033f4356ca48e\ParameterInfo.xml 2011-10-26 21:38 . 2011-10-26 21:38 35802 ----a-w- c:\63146ec7b3a033f4356ca48e\1033\LocalizedData.xml 2011-10-26 21:36 . 2011-10-26 21:36 2829312 ----a-w- c:\63146ec7b3a033f4356ca48e\NDP40-KB2633870.msp 2011-10-26 20:41 . 2011-10-26 20:41 3628 ----a-w- c:\63146ec7b3a033f4356ca48e\header.bmp 2011-10-26 20:41 . 2011-10-26 20:41 196662 ----a-w- c:\63146ec7b3a033f4356ca48e\SplashScreen.bmp 2011-10-26 20:41 . 2011-10-26 20:41 13606 ----a-w- c:\63146ec7b3a033f4356ca48e\Strings.xml 2011-10-26 20:41 . 2011-10-26 20:41 36180 ----a-w- c:\63146ec7b3a033f4356ca48e\UiInfo.xml 2011-10-26 20:41 . 2011-10-26 20:41 104072 ----a-w- c:\63146ec7b3a033f4356ca48e\watermark.bmp 2011-10-26 20:41 . 2011-10-26 20:41 123035 ----a-w- c:\63146ec7b3a033f4356ca48e\1025\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 128333 ----a-w- c:\63146ec7b3a033f4356ca48e\1028\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 101146 ----a-w- c:\63146ec7b3a033f4356ca48e\1029\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 109464 ----a-w- c:\63146ec7b3a033f4356ca48e\1030\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 91719 ----a-w- c:\63146ec7b3a033f4356ca48e\1031\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 102048 ----a-w- c:\63146ec7b3a033f4356ca48e\1032\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 138595 ----a-w- c:\63146ec7b3a033f4356ca48e\1033\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 111176 ----a-w- c:\63146ec7b3a033f4356ca48e\1035\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 133172 ----a-w- c:\63146ec7b3a033f4356ca48e\1036\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 125351 ----a-w- c:\63146ec7b3a033f4356ca48e\1037\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 110879 ----a-w- c:\63146ec7b3a033f4356ca48e\1038\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 124974 ----a-w- c:\63146ec7b3a033f4356ca48e\1040\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 111958 ----a-w- c:\63146ec7b3a033f4356ca48e\1041\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 149503 ----a-w- c:\63146ec7b3a033f4356ca48e\1042\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 35285 ----a-w- c:\63146ec7b3a033f4356ca48e\1043\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 36083 ----a-w- c:\63146ec7b3a033f4356ca48e\1044\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 126541 ----a-w- c:\63146ec7b3a033f4356ca48e\1045\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 109574 ----a-w- c:\63146ec7b3a033f4356ca48e\1046\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 49319 ----a-w- c:\63146ec7b3a033f4356ca48e\1049\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 125073 ----a-w- c:\63146ec7b3a033f4356ca48e\1053\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 112947 ----a-w- c:\63146ec7b3a033f4356ca48e\1055\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 110754 ----a-w- c:\63146ec7b3a033f4356ca48e\2052\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 125196 ----a-w- c:\63146ec7b3a033f4356ca48e\2070\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 2060 ----a-w- c:\63146ec7b3a033f4356ca48e\3076\eula.rtf 2011-10-26 20:41 . 2011-10-26 20:41 108174 ----a-w- c:\63146ec7b3a033f4356ca48e\3082\eula.rtf 2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\3082\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 14424 ----a-w- c:\63146ec7b3a033f4356ca48e\2052\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\2070\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 18008 ----a-w- c:\63146ec7b3a033f4356ca48e\1053\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 18008 ----a-w- c:\63146ec7b3a033f4356ca48e\1055\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1045\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1046\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1049\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 18008 ----a-w- c:\63146ec7b3a033f4356ca48e\1044\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 15448 ----a-w- c:\63146ec7b3a033f4356ca48e\1042\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 19544 ----a-w- c:\63146ec7b3a033f4356ca48e\1043\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1040\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 15960 ----a-w- c:\63146ec7b3a033f4356ca48e\1041\SetupResources.dll 2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1038\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 16984 ----a-w- c:\63146ec7b3a033f4356ca48e\1037\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1035\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1036\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 19544 ----a-w- c:\63146ec7b3a033f4356ca48e\1032\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 17496 ----a-w- c:\63146ec7b3a033f4356ca48e\1033\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1031\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1030\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1029\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 14424 ----a-w- c:\63146ec7b3a033f4356ca48e\1028\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 14424 ----a-w- c:\63146ec7b3a033f4356ca48e\3076\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 296520 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupUi.dll 2011-10-26 19:41 . 2011-10-26 19:41 17496 ----a-w- c:\63146ec7b3a033f4356ca48e\1025\SetupResources.dll 2011-10-26 19:41 . 2011-10-26 19:41 810064 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupEngine.dll 2011-10-26 19:41 . 2011-10-26 19:41 78912 ----a-w- c:\63146ec7b3a033f4356ca48e\Setup.exe 2011-10-26 19:24 . 2011-10-26 19:24 16118 ----a-w- c:\63146ec7b3a033f4356ca48e\DHtmlHeader.html 2011-10-26 19:24 . 2011-10-26 19:24 30120 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupUi.xsd 2011-10-26 19:24 . 2011-10-26 19:24 144416 ----a-w- c:\63146ec7b3a033f4356ca48e\sqmapi.dll 2011-10-26 19:24 . 2011-10-26 19:24 96848 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupUtility.exe 2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Print.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate1.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate2.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate3.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate4.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate5.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate6.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate7.ico 2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate8.ico 2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Save.ico 2011-10-26 19:20 . 2011-10-26 19:20 36710 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Setup.ico 2011-10-26 19:20 . 2011-10-26 19:20 10134 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\stop.ico 2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\SysReqMet.ico 2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\SysReqNotMet.ico 2011-10-26 19:20 . 2011-10-26 19:20 10134 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\warn.ico . ---- Directory of c:\users\Roo\AppData\Roaming\57168 ---- . . ---- Directory of c:\users\Roo\AppData\Roaming\B8457 ---- . 2012-02-17 15:07 . 2012-02-18 16:14 9011 ----a-w- c:\users\Roo\AppData\Roaming\B8457\7168.845 . . ((((((((((((((((((((((((((((( SnapShot@2012-02-24_02.32.54 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-02 15:37 . 2012-02-25 12:48 59854 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-02-25 12:25 43822 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-12-12 01:40 . 2012-02-25 12:25 15986 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3099364093-3267457688-942095451-1001_UserData.bin - 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-12-12 00:21 . 2012-02-25 12:23 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-12 00:21 . 2012-02-25 12:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-02-25 12:23 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-02-24 02:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-02-25 12:46 . 2012-02-25 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-02-25 12:46 . 2012-02-25 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 04:54 . 2012-02-24 00:18 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-02-25 12:24 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 05:01 . 2012-02-24 02:31 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-02-25 12:45 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 04:54 . 2012-02-24 00:18 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-02-25 12:24 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-09-21 07:18 . 2012-02-25 12:45 9811865 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3099364093-3267457688-942095451-1001-8192.dat - 2009-07-14 04:54 . 2012-02-24 00:18 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-02-25 12:24 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-02-25 12:24 1811296 ----a-w- c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-25 1811296] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600] "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744] "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "HostManager"="c:\program files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe" [2009-07-20 41264] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160] "Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" [2012-01-13 460872] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-02-25 939872] "ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-02-25 928096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616] . c:\users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488] WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [x] R3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\DRIVERS\dlcdbus.sys [x] R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\DRIVERS\lan9500-x64-n51f.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-08 8551272] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856] S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-25 909152] S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048] S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59] . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59] . 2012-02-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32] . 2012-02-25 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://isearch.avg.com/?cid={646EDEB7-C6E6-46C2-A086-E04BC1D1462E}&mid=e59cecda502947d18dced14acce4e9e6-49b99d1abb4251dc0f4c8caac757d6570d3d621e〈=en&ds=ft011&pr=sa&d=2012-02-23 07:34&v=9.0.0.23&sap=hp mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe . ************************************************************************** . Completion time: 2012-02-25 07:52:01 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-25 12:52 ComboFix2.txt 2012-02-24 02:37 . Pre-Run: 348,107,100,160 bytes free Post-Run: 347,640,123,392 bytes free . - - End Of File - - 02F40E42BCBF93276C38436032106538
  6. Hi Daniel, Thanks so much for your help. I think the virus is gone. I've run a scan in McAfee that came back clean. I've also run a scan in Malwarebytes that came back clean. I'm not sure how my PC became infected with this horrid thing. Can you recommend any other/different software besides the McAfee virus software and the Malwarebytes? I'm trying to do my best to avoid this in the future. Thanks so much Sheila
  7. Now the combofix works. Here is the log. ComboFix 12-02-23.01 - Roo 02/23/2012 21:19:41.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4279 [GMT -5:00] Running from: c:\users\Roo\Software\ComboFix\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\LP c:\program files (x86)\LP\015B\4BEF.tmp c:\program files (x86)\LP\015B\54F2.tmp c:\program files (x86)\LP\015B\607A.tmp c:\program files (x86)\LP\015B\67A8.tmp c:\program files (x86)\LP\015B\A4F8.tmp c:\program files (x86)\LP\015B\BBFE.tmp c:\program files (x86)\LP\015B\FAA5.tmp c:\programdata\PCDr\5907\Downloads\f8338de4-40cb-4494-bc70-93db3ab9e32d.dll c:\programdata\PCDr\5907\Downloads\fa2ff61b-2c58-4071-916b-f881289a3959.dll c:\users\Roo\AppData\Roaming\Install.dat c:\windows\svchost.exe . . ((((((((((((((((((((((((( Files Created from 2012-01-24 to 2012-02-24 ))))))))))))))))))))))))))))))) . . 2012-02-24 02:30 . 2012-02-24 02:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-24 00:00 . 2012-02-24 02:06 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\programdata\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\AVG Secure Search 2012-02-23 12:34 . 2012-02-23 12:34 -------- d--h--w- c:\programdata\Common Files 2012-02-22 11:04 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BF13FF4-C811-473C-BD31-349C3E0EA235}\mpengine.dll 2012-02-21 03:20 . 2012-02-21 03:28 -------- d-----w- c:\program files (x86)\Common Files\Simple Adblock 2012-02-21 02:32 . 2012-02-21 02:32 -------- d-----w- c:\users\Roo\AppData\Roaming\Malwarebytes 2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\programdata\Malwarebytes 2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2012-02-21 02:31 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-02-19 18:25 . 2012-01-29 10:10 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-02-17 15:08 . 2012-02-19 02:13 -------- d-----w- c:\users\Roo\AppData\Roaming\57168 2012-02-17 15:07 . 2012-02-19 02:12 -------- d-----w- c:\users\Roo\AppData\Roaming\B8457 2012-02-16 02:16 . 2012-02-16 02:16 -------- d-----w- C:\63146ec7b3a033f4356ca48e 2012-02-16 02:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl 2012-02-16 02:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl 2012-02-16 02:08 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2012-02-16 02:08 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2012-02-16 02:08 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys 2012-02-16 02:07 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys 2012-02-16 02:07 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll 2012-02-16 02:07 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll 2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A1.tmp 2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A0.tmp 2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\program files\Google 2012-02-06 00:08 . 2012-02-06 00:08 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\windows\system32\Macromed 2012-02-05 23:30 . 2012-02-05 23:30 -------- d-----w- c:\users\Roo\AppData\Roaming\Macrovision 2012-01-25 20:25 . 2012-01-25 20:25 -------- d-----w- c:\program files\iPod 2012-01-25 20:25 . 2012-01-25 20:26 -------- d-----w- c:\program files\iTunes 2012-01-25 20:25 . 2012-01-25 20:26 -------- d-----w- c:\program files (x86)\iTunes . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\xsell.dll 2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\xmlparse_tok.dll 2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\xmlparse.dll 2010-06-02 21:27 . 2009-09-08 17:43 946520 ----a-w- c:\program files (x86)\ttaximp.dll 2010-06-02 21:27 . 2009-09-08 17:43 91992 ----a-w- c:\program files (x86)\qwsnap.dll 2010-06-02 21:27 . 2009-09-08 17:43 810328 ----a-w- c:\program files (x86)\qwwin.dll 2010-06-02 21:27 . 2009-09-08 17:43 78680 ----a-w- c:\program files (x86)\qwinver.dll 2010-06-02 21:27 . 2009-09-08 17:43 70488 ----a-w- c:\program files (x86)\qwcntr.dll 2010-06-02 21:27 . 2009-09-08 17:43 48984 ----a-w- c:\program files (x86)\QWVER.DLL 2010-06-02 21:27 . 2009-09-08 17:43 321368 ----a-w- c:\program files (x86)\qwpr.dll 2010-06-02 21:27 . 2009-09-08 17:43 2832728 ----a-w- c:\program files (x86)\qwutil.dll 2010-06-02 21:27 . 2009-09-08 17:43 2603352 ----a-w- c:\program files (x86)\qwonline.dll 2010-06-02 21:27 . 2009-09-08 17:43 229208 ----a-w- c:\program files (x86)\qwapp.dll 2010-06-02 21:27 . 2009-09-08 17:43 13656 ----a-w- c:\program files (x86)\qwsync.dll 2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\qwxmlparse_tok.dll 2010-06-02 21:27 . 2009-09-08 17:43 111960 ----a-w- c:\program files (x86)\qwinet.dll 2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\qwxmlparse.dll 2010-06-02 21:27 . 2009-09-08 17:43 879448 ----a-w- c:\program files (x86)\qvault.dll 2010-06-02 21:27 . 2009-09-08 17:43 82264 ----a-w- c:\program files (x86)\QShowHelp.dll 2010-06-02 21:27 . 2009-09-08 17:43 330072 ----a-w- c:\program files (x86)\qtax.dll 2010-06-02 21:27 . 2009-09-08 17:43 27480 ----a-w- c:\program files (x86)\qsapi_eng.dll 2010-06-02 21:27 . 2009-09-08 17:43 25432 ----a-w- c:\program files (x86)\qsapi.dll 2010-06-02 21:27 . 2009-09-08 17:43 136024 ----a-w- c:\program files (x86)\qrep.dll 2010-06-02 21:27 . 2009-09-08 17:43 132952 ----a-w- c:\program files (x86)\qsac.dll 2010-06-02 21:27 . 2009-09-08 17:43 127832 ----a-w- c:\program files (x86)\Qsetup.dll 2010-06-02 21:27 . 2009-09-08 17:43 1163096 ----a-w- c:\program files (x86)\qreports.dll 2010-06-02 21:27 . 2009-09-08 17:43 89432 ----a-w- c:\program files (x86)\qindex.dll 2010-06-02 21:27 . 2009-09-08 17:43 79192 ----a-w- c:\program files (x86)\mvmc14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 74072 ----a-w- c:\program files (x86)\mvix14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 71512 ----a-w- c:\program files (x86)\qdapp.dll 2010-06-02 21:27 . 2009-09-08 17:43 631640 ----a-w- c:\program files (x86)\qdb.dll 2010-06-02 21:27 . 2009-09-08 17:43 61784 ----a-w- c:\program files (x86)\mvfs14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 56664 ----a-w- c:\program files (x86)\mvsr14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 56152 ----a-w- c:\program files (x86)\mvtl14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 42840 ----a-w- c:\program files (x86)\onlncall.dll 2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\mvmg14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 380248 ----a-w- c:\program files (x86)\qcomutil.dll 2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\mvbk14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 2778968 ----a-w- c:\program files (x86)\ofxsdk_qw.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\qdappui.dll 2010-06-02 21:27 . 2009-09-08 17:43 1492312 ----a-w- c:\program files (x86)\online.dll 2010-06-02 21:27 . 2009-09-08 17:43 148824 ----a-w- c:\program files (x86)\olbservice.dll 2010-06-02 21:27 . 2009-09-08 17:43 1262424 ----a-w- c:\program files (x86)\qaccess.dll 2010-06-02 21:27 . 2009-09-08 17:43 117592 ----a-w- c:\program files (x86)\mvcl14n.dll 2010-06-02 21:27 . 2009-09-08 17:43 114008 ----a-w- c:\program files (x86)\QCONNECT.DLL 2010-06-02 21:27 . 2009-09-08 17:43 77144 ----a-w- c:\program files (x86)\graphs.dll 2010-06-02 21:27 . 2009-09-08 17:43 66904 ----a-w- c:\program files (x86)\atwork_xprint.dll 2010-06-02 21:27 . 2009-09-08 17:43 63320 ----a-w- c:\program files (x86)\dllapps_dedfnd.dll 2010-06-02 21:27 . 2009-09-08 17:43 53592 ----a-w- c:\program files (x86)\dllapps_savgol.dll 2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\bgt_pnf.dll 2010-06-02 21:27 . 2009-09-08 17:43 275288 ----a-w- c:\program files (x86)\lbtmngr.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\gdipapi.dll 2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\calnote.dll 2010-06-02 21:27 . 2009-09-08 17:43 16728 ----a-w- c:\program files (x86)\custprof.dll 2010-06-02 21:27 . 2009-09-08 17:43 166232 ----a-w- c:\program files (x86)\cashflow.dll 2010-06-02 21:27 . 2009-09-08 17:43 115032 ----a-w- c:\program files (x86)\dllapps_frcast.dll 2010-06-02 21:27 . 2009-09-08 17:43 107352 ----a-w- c:\program files (x86)\dllapps_dbtred.dll 2010-06-02 21:27 . 2009-09-08 17:43 105816 ----a-w- c:\program files (x86)\dllapps_plan.dll 2010-06-02 21:26 . 2009-09-08 17:42 23384 ----a-w- c:\program files (x86)\QuickenOLBackupLauncher.exe 2010-06-02 21:25 . 2009-09-08 17:42 48472 ----a-w- c:\program files (x86)\InetTools.dll 2010-06-02 21:24 . 2009-09-08 17:41 537944 ----a-w- c:\program files (x86)\UpdateContent.dll 2010-06-02 21:24 . 2009-09-08 17:41 46424 ----a-w- c:\program files (x86)\BindContent.exe 2010-06-02 21:24 . 2009-09-08 17:41 57176 ----a-w- c:\program files (x86)\RestartExe.exe 2010-06-02 21:24 . 2009-09-08 17:41 312664 ----a-w- c:\program files (x86)\SendError.dll 2010-06-02 21:24 . 2009-11-13 05:39 32088 ----a-w- c:\program files (x86)\qwutilnet.dll 2010-06-02 21:24 . 2009-09-08 17:41 359768 ----a-w- c:\program files (x86)\qwplan.dll 2010-06-02 21:24 . 2009-09-08 17:41 129880 ----a-w- c:\program files (x86)\qwonlineFeatures.dll 2010-06-02 21:24 . 2009-09-08 17:41 76120 ----a-w- c:\program files (x86)\qwipa.dll 2010-06-02 21:23 . 2009-09-08 17:41 10163032 ----a-w- c:\program files (x86)\qwmain.dll 2010-06-02 21:23 . 2009-09-08 17:41 103256 ----a-w- c:\program files (x86)\qnet.dll 2010-06-02 21:23 . 2009-09-08 17:41 114008 ----a-w- c:\program files (x86)\qcon32.dll 2010-06-02 21:23 . 2009-09-08 17:41 680792 ----a-w- c:\program files (x86)\decapi.dll 2010-06-02 21:23 . 2009-09-08 17:41 173400 ----a-w- c:\program files (x86)\xport.dll 2010-06-02 21:23 . 2009-09-08 17:41 185176 ----a-w- c:\program files (x86)\sport.dll 2010-06-02 21:23 . 2009-09-08 17:41 155992 ----a-w- c:\program files (x86)\MoneyFileReader.dll 2010-06-02 21:23 . 2009-09-08 17:41 142680 ----a-w- c:\program files (x86)\MoneyFileConverter.dll 2010-06-02 21:23 . 2009-09-08 17:41 63320 ----a-w- c:\program files (x86)\lbt_ux.dll 2010-06-02 21:23 . 2009-09-08 17:41 60248 ----a-w- c:\program files (x86)\txstuff.dll 2010-06-02 21:23 . 2009-09-08 17:41 315736 ----a-w- c:\program files (x86)\lbt_webrequest.dll 2010-06-02 21:23 . 2009-09-08 17:40 66904 ----a-w- c:\program files (x86)\lbt_rte.dll 2010-06-02 21:23 . 2009-09-08 17:40 71512 ----a-w- c:\program files (x86)\lbt_qupddir.dll 2010-06-02 21:23 . 2009-09-08 17:40 80728 ----a-w- c:\program files (x86)\lbt_qplus.dll 2010-06-02 21:23 . 2009-09-08 17:40 68440 ----a-w- c:\program files (x86)\lbt_pvsync.dll 2010-06-02 21:23 . 2009-09-08 17:40 63832 ----a-w- c:\program files (x86)\lbt_decompression.dll 2010-06-02 21:23 . 2009-09-08 17:40 357720 ----a-w- c:\program files (x86)\lbt_customerCentral.dll 2010-06-02 21:23 . 2009-09-08 17:40 64344 ----a-w- c:\program files (x86)\lbt_bullseye.dll 2010-06-02 21:23 . 2009-09-08 17:40 61784 ----a-w- c:\program files (x86)\lbt_Auto1Way.dll 2010-06-02 21:22 . 2009-09-08 17:40 28504 ----a-w- c:\program files (x86)\lbt.dll 2010-06-02 21:22 . 2009-09-08 17:40 129880 ----a-w- c:\program files (x86)\QCustomAction.dll 2010-06-02 21:22 . 2009-09-08 17:40 39768 ----a-w- c:\program files (x86)\convert_stub.dll 2010-06-02 21:22 . 2009-09-08 17:40 155992 ----a-w- c:\program files (x86)\cashgen.dll 2010-06-02 21:22 . 2009-09-08 17:40 34136 ----a-w- c:\program files (x86)\CalendarSync.dll 2010-06-02 21:22 . 2009-09-08 17:40 116568 ----a-w- c:\program files (x86)\billmind_qwrmnd.dll 2010-06-02 21:22 . 2009-09-08 17:40 47448 ----a-w- c:\program files (x86)\billmind_alrtpkg.dll 2010-06-02 21:22 . 2009-09-08 17:40 26456 ----a-w- c:\program files (x86)\billmind.exe 2010-06-02 21:22 . 2009-09-08 17:40 77656 ----a-w- c:\program files (x86)\bagent.exe 2010-06-02 21:22 . 2009-09-08 17:40 354136 ----a-w- c:\program files (x86)\alert.dll 2010-06-02 21:22 . 2009-09-08 17:40 38744 ----a-w- c:\program files (x86)\printenv.exe 2010-06-02 21:22 . 2009-09-08 17:40 1035608 ----a-w- c:\program files (x86)\dbghelp.dll 2010-06-02 21:22 . 2009-09-08 17:40 71000 ----a-w- c:\program files (x86)\techhelp.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-02-23 12:34 1574240 ----a-w- c:\program files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll" [2012-02-23 1574240] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600] "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744] "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "HostManager"="c:\program files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe" [2009-07-20 41264] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160] "Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736] "HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" [2012-01-13 460872] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-02-23 892768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616] . c:\users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488] WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [x] R3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\DRIVERS\dlcdbus.sys [x] R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x] R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\DRIVERS\lan9500-x64-n51f.sys [x] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [x] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-08 8551272] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-01-13 652360] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168] S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856] S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2012-02-23 869216] S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048] S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59] . 2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59] . 2012-02-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32] . 2012-02-23 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://isearch.avg.com/?cid={646EDEB7-C6E6-46C2-A086-E04BC1D1462E}&mid=e59cecda502947d18dced14acce4e9e6-49b99d1abb4251dc0f4c8caac757d6570d3d621e〈=en&ds=ft011&pr=sa&d=2012-02-23 07:34&v=9.0.0.23&sap=hp mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe Wow6432Node-HKLM-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-TurboTax 2009 - f:\program files\Turbo Tax 09\Installer\TurboTax 2009 Installer.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe . ************************************************************************** . Completion time: 2012-02-23 21:37:34 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-24 02:37 . Pre-Run: 346,189,152,256 bytes free Post-Run: 347,227,086,848 bytes free . - - End Of File - - E99B284C1C36575D5CA27A833B10ED39
  8. I did not have the latest version of TDSSKiller. I upgraded to the latest version and I now have the Cure option. Here is the log with the Cure option picked. 21:05:28.0665 7556 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14 21:05:29.0515 7556 ============================================================ 21:05:29.0515 7556 Current date / time: 2012/02/23 21:05:29.0515 21:05:29.0515 7556 SystemInfo: 21:05:29.0515 7556 21:05:29.0515 7556 OS Version: 6.1.7601 ServicePack: 1.0 21:05:29.0515 7556 Product type: Workstation 21:05:29.0515 7556 ComputerName: ROO-SOXLAPTOP 21:05:29.0515 7556 UserName: Roo 21:05:29.0515 7556 Windows directory: C:\Windows 21:05:29.0515 7556 System windows directory: C:\Windows 21:05:29.0515 7556 Running under WOW64 21:05:29.0515 7556 Processor architecture: Intel x64 21:05:29.0515 7556 Number of processors: 2 21:05:29.0515 7556 Page size: 0x1000 21:05:29.0515 7556 Boot type: Normal boot 21:05:29.0515 7556 ============================================================ 21:05:30.0855 7556 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:05:30.0865 7556 \Device\Harddisk0\DR0: 21:05:30.0865 7556 MBR used 21:05:30.0865 7556 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000 21:05:30.0865 7556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B 21:05:30.0885 7556 Initialize success 21:05:30.0885 7556 ============================================================ 21:05:33.0656 0400 ============================================================ 21:05:33.0656 0400 Scan started 21:05:33.0656 0400 Mode: Manual; 21:05:33.0656 0400 ============================================================ 21:05:35.0236 0400 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 21:05:35.0306 0400 1394ohci - ok 21:05:35.0366 0400 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 21:05:35.0426 0400 ACPI - ok 21:05:35.0456 0400 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 21:05:35.0496 0400 AcpiPmi - ok 21:05:35.0556 0400 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 21:05:35.0576 0400 adp94xx - ok 21:05:35.0606 0400 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 21:05:35.0616 0400 adpahci - ok 21:05:35.0676 0400 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 21:05:35.0696 0400 adpu320 - ok 21:05:35.0766 0400 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 21:05:35.0826 0400 AFD - ok 21:05:35.0856 0400 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 21:05:35.0856 0400 agp440 - ok 21:05:35.0896 0400 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 21:05:35.0916 0400 aliide - ok 21:05:35.0946 0400 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 21:05:35.0946 0400 amdide - ok 21:05:36.0006 0400 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 21:05:36.0006 0400 AmdK8 - ok 21:05:36.0026 0400 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 21:05:36.0036 0400 AmdPPM - ok 21:05:36.0086 0400 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 21:05:36.0146 0400 amdsata - ok 21:05:36.0176 0400 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 21:05:36.0186 0400 amdsbs - ok 21:05:36.0206 0400 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 21:05:36.0246 0400 amdxata - ok 21:05:36.0306 0400 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys 21:05:36.0366 0400 AnyDVD - ok 21:05:36.0446 0400 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 21:05:36.0496 0400 AppID - ok 21:05:36.0566 0400 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 21:05:36.0576 0400 arc - ok 21:05:36.0596 0400 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 21:05:36.0616 0400 arcsas - ok 21:05:36.0656 0400 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 21:05:36.0666 0400 AsyncMac - ok 21:05:36.0706 0400 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 21:05:36.0706 0400 atapi - ok 21:05:36.0766 0400 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys 21:05:36.0836 0400 AtiHdmiService - ok 21:05:36.0996 0400 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys 21:05:37.0096 0400 atikmdag - ok 21:05:37.0186 0400 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 21:05:37.0196 0400 b06bdrv - ok 21:05:37.0246 0400 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 21:05:37.0256 0400 b57nd60a - ok 21:05:37.0306 0400 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys 21:05:37.0366 0400 BCM42RLY - ok 21:05:37.0466 0400 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys 21:05:37.0526 0400 BCM43XX - ok 21:05:37.0596 0400 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 21:05:37.0606 0400 Beep - ok 21:05:37.0666 0400 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 21:05:37.0686 0400 blbdrive - ok 21:05:37.0766 0400 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 21:05:37.0826 0400 bowser - ok 21:05:37.0866 0400 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:05:37.0866 0400 BrFiltLo - ok 21:05:37.0886 0400 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:05:37.0896 0400 BrFiltUp - ok 21:05:37.0936 0400 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 21:05:37.0946 0400 BridgeMP - ok 21:05:37.0986 0400 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 21:05:37.0996 0400 Brserid - ok 21:05:38.0036 0400 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 21:05:38.0046 0400 BrSerWdm - ok 21:05:38.0066 0400 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:05:38.0066 0400 BrUsbMdm - ok 21:05:38.0126 0400 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 21:05:38.0136 0400 BrUsbSer - ok 21:05:38.0166 0400 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 21:05:38.0166 0400 BTHMODEM - ok 21:05:38.0206 0400 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 21:05:38.0216 0400 cdfs - ok 21:05:38.0266 0400 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 21:05:38.0306 0400 cdrom - ok 21:05:38.0366 0400 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys 21:05:38.0426 0400 cfwids - ok 21:05:38.0446 0400 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 21:05:38.0446 0400 circlass - ok 21:05:38.0486 0400 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 21:05:38.0506 0400 CLFS - ok 21:05:38.0546 0400 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 21:05:38.0546 0400 CmBatt - ok 21:05:38.0566 0400 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 21:05:38.0566 0400 cmdide - ok 21:05:38.0616 0400 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 21:05:38.0686 0400 CNG - ok 21:05:38.0716 0400 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 21:05:38.0716 0400 Compbatt - ok 21:05:38.0776 0400 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 21:05:38.0846 0400 CompositeBus - ok 21:05:38.0896 0400 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 21:05:38.0906 0400 crcdisk - ok 21:05:38.0976 0400 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 21:05:39.0046 0400 CSC - ok 21:05:39.0096 0400 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 21:05:39.0146 0400 CtClsFlt - ok 21:05:39.0206 0400 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys 21:05:39.0266 0400 dc3d - ok 21:05:39.0306 0400 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 21:05:39.0346 0400 DfsC - ok 21:05:39.0386 0400 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 21:05:39.0396 0400 discache - ok 21:05:39.0446 0400 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 21:05:39.0456 0400 Disk - ok 21:05:39.0517 0400 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys 21:05:39.0567 0400 DisplayLinkUsbPort - ok 21:05:39.0607 0400 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys 21:05:39.0657 0400 dlcdbus - ok 21:05:39.0707 0400 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys 21:05:39.0757 0400 dlkmd - ok 21:05:39.0787 0400 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys 21:05:39.0837 0400 dlkmdldr - ok 21:05:39.0917 0400 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 21:05:39.0917 0400 drmkaud - ok 21:05:39.0977 0400 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 21:05:40.0037 0400 DXGKrnl - ok 21:05:40.0307 0400 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 21:05:40.0347 0400 ebdrv - ok 21:05:40.0417 0400 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 21:05:40.0487 0400 ElbyCDIO - ok 21:05:40.0517 0400 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 21:05:40.0527 0400 elxstor - ok 21:05:40.0567 0400 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 21:05:40.0577 0400 ErrDev - ok 21:05:40.0617 0400 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 21:05:40.0627 0400 exfat - ok 21:05:40.0687 0400 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 21:05:40.0697 0400 fastfat - ok 21:05:40.0737 0400 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 21:05:40.0747 0400 fdc - ok 21:05:40.0797 0400 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 21:05:40.0797 0400 FileInfo - ok 21:05:40.0827 0400 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 21:05:40.0827 0400 Filetrace - ok 21:05:40.0847 0400 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 21:05:40.0847 0400 flpydisk - ok 21:05:40.0897 0400 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 21:05:40.0937 0400 FltMgr - ok 21:05:40.0987 0400 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys 21:05:41.0037 0400 FlyUsb - ok 21:05:41.0057 0400 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 21:05:41.0067 0400 FsDepends - ok 21:05:41.0117 0400 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 21:05:41.0177 0400 fssfltr - ok 21:05:41.0197 0400 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 21:05:41.0197 0400 Fs_Rec - ok 21:05:41.0257 0400 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 21:05:41.0307 0400 fvevol - ok 21:05:41.0327 0400 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 21:05:41.0327 0400 gagp30kx - ok 21:05:41.0367 0400 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:05:41.0427 0400 GEARAspiWDM - ok 21:05:41.0567 0400 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 21:05:41.0567 0400 hcw85cir - ok 21:05:41.0647 0400 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 21:05:41.0697 0400 HDAudBus - ok 21:05:41.0727 0400 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 21:05:41.0727 0400 HidBatt - ok 21:05:41.0767 0400 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 21:05:41.0767 0400 HidBth - ok 21:05:41.0807 0400 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 21:05:41.0817 0400 HidIr - ok 21:05:41.0867 0400 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 21:05:41.0917 0400 HidUsb - ok 21:05:41.0957 0400 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 21:05:42.0007 0400 HpSAMD - ok 21:05:42.0047 0400 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 21:05:42.0117 0400 HTCAND64 - ok 21:05:42.0197 0400 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 21:05:42.0247 0400 htcnprot - ok 21:05:42.0287 0400 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 21:05:42.0397 0400 HTTP - ok 21:05:42.0437 0400 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 21:05:42.0467 0400 hwpolicy - ok 21:05:42.0507 0400 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 21:05:42.0528 0400 i8042prt - ok 21:05:42.0568 0400 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 21:05:42.0638 0400 iaStorV - ok 21:05:42.0718 0400 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 21:05:42.0728 0400 iirsp - ok 21:05:42.0778 0400 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 21:05:42.0778 0400 intelide - ok 21:05:42.0808 0400 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 21:05:42.0828 0400 intelppm - ok 21:05:42.0898 0400 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:05:42.0938 0400 IpFilterDriver - ok 21:05:42.0958 0400 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 21:05:43.0008 0400 IPMIDRV - ok 21:05:43.0038 0400 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 21:05:43.0048 0400 IPNAT - ok 21:05:43.0108 0400 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 21:05:43.0108 0400 IRENUM - ok 21:05:43.0128 0400 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 21:05:43.0138 0400 isapnp - ok 21:05:43.0158 0400 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 21:05:43.0208 0400 iScsiPrt - ok 21:05:43.0268 0400 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys 21:05:43.0288 0400 k57nd60a - ok 21:05:43.0308 0400 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 21:05:43.0318 0400 kbdclass - ok 21:05:43.0328 0400 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 21:05:43.0388 0400 kbdhid - ok 21:05:43.0418 0400 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 21:05:43.0468 0400 KSecDD - ok 21:05:43.0508 0400 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 21:05:43.0548 0400 KSecPkg - ok 21:05:43.0578 0400 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 21:05:43.0588 0400 ksthunk - ok 21:05:43.0658 0400 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys 21:05:43.0708 0400 LAN9500 - ok 21:05:43.0778 0400 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 21:05:43.0788 0400 lltdio - ok 21:05:43.0838 0400 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 21:05:43.0838 0400 LSI_FC - ok 21:05:43.0858 0400 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 21:05:43.0858 0400 LSI_SAS - ok 21:05:43.0888 0400 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:05:43.0888 0400 LSI_SAS2 - ok 21:05:43.0928 0400 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:05:43.0938 0400 LSI_SCSI - ok 21:05:43.0968 0400 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 21:05:43.0968 0400 luafv - ok 21:05:44.0028 0400 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 21:05:44.0098 0400 MBAMProtector - ok 21:05:44.0198 0400 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 21:05:44.0208 0400 megasas - ok 21:05:44.0238 0400 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 21:05:44.0248 0400 MegaSR - ok 21:05:44.0288 0400 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys 21:05:44.0328 0400 mfeapfk - ok 21:05:44.0368 0400 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys 21:05:44.0418 0400 mfeavfk - ok 21:05:44.0438 0400 mfeavfk01 - ok 21:05:44.0488 0400 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys 21:05:44.0558 0400 mfefirek - ok 21:05:44.0578 0400 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys 21:05:44.0628 0400 mfehidk - ok 21:05:44.0688 0400 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys 21:05:44.0758 0400 mfenlfk - ok 21:05:44.0808 0400 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys 21:05:44.0858 0400 mferkdet - ok 21:05:44.0888 0400 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys 21:05:44.0938 0400 mfewfpk - ok 21:05:45.0008 0400 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 21:05:45.0008 0400 Modem - ok 21:05:45.0068 0400 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 21:05:45.0078 0400 monitor - ok 21:05:45.0148 0400 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 21:05:45.0148 0400 mouclass - ok 21:05:45.0198 0400 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 21:05:45.0208 0400 mouhid - ok 21:05:45.0278 0400 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 21:05:45.0358 0400 mountmgr - ok 21:05:45.0388 0400 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 21:05:45.0448 0400 mpio - ok 21:05:45.0478 0400 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 21:05:45.0478 0400 mpsdrv - ok 21:05:45.0528 0400 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 21:05:45.0598 0400 MRxDAV - ok 21:05:45.0628 0400 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:05:45.0688 0400 mrxsmb - ok 21:05:45.0738 0400 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:05:45.0808 0400 mrxsmb10 - ok 21:05:45.0828 0400 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:05:45.0868 0400 mrxsmb20 - ok 21:05:45.0908 0400 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 21:05:45.0968 0400 msahci - ok 21:05:45.0988 0400 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 21:05:46.0048 0400 msdsm - ok 21:05:46.0088 0400 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 21:05:46.0098 0400 Msfs - ok 21:05:46.0118 0400 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 21:05:46.0128 0400 mshidkmdf - ok 21:05:46.0138 0400 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 21:05:46.0138 0400 msisadrv - ok 21:05:46.0198 0400 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 21:05:46.0208 0400 MSKSSRV - ok 21:05:46.0248 0400 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 21:05:46.0258 0400 MSPCLOCK - ok 21:05:46.0288 0400 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 21:05:46.0298 0400 MSPQM - ok 21:05:46.0338 0400 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 21:05:46.0398 0400 MsRPC - ok 21:05:46.0418 0400 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 21:05:46.0418 0400 mssmbios - ok 21:05:46.0438 0400 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 21:05:46.0438 0400 MSTEE - ok 21:05:46.0458 0400 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 21:05:46.0468 0400 MTConfig - ok 21:05:46.0488 0400 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 21:05:46.0498 0400 Mup - ok 21:05:46.0569 0400 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 21:05:46.0589 0400 NativeWifiP - ok 21:05:46.0719 0400 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 21:05:46.0789 0400 NDIS - ok 21:05:46.0819 0400 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 21:05:46.0829 0400 NdisCap - ok 21:05:46.0869 0400 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 21:05:46.0869 0400 NdisTapi - ok 21:05:46.0919 0400 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 21:05:46.0979 0400 Ndisuio - ok 21:05:47.0019 0400 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 21:05:47.0089 0400 NdisWan - ok 21:05:47.0129 0400 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 21:05:47.0189 0400 NDProxy - ok 21:05:47.0209 0400 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 21:05:47.0209 0400 NetBIOS - ok 21:05:47.0239 0400 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 21:05:47.0309 0400 NetBT - ok 21:05:47.0349 0400 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 21:05:47.0349 0400 nfrd960 - ok 21:05:47.0379 0400 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 21:05:47.0389 0400 Npfs - ok 21:05:47.0409 0400 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 21:05:47.0419 0400 nsiproxy - ok 21:05:47.0479 0400 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 21:05:47.0659 0400 Ntfs - ok 21:05:47.0739 0400 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys 21:05:47.0819 0400 NuidFltr - ok 21:05:47.0839 0400 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 21:05:47.0849 0400 Null - ok 21:05:47.0889 0400 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 21:05:47.0939 0400 nvraid - ok 21:05:47.0979 0400 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 21:05:48.0019 0400 nvstor - ok 21:05:48.0059 0400 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 21:05:48.0069 0400 nv_agp - ok 21:05:48.0089 0400 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 21:05:48.0099 0400 ohci1394 - ok 21:05:48.0149 0400 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 21:05:48.0179 0400 Parport - ok 21:05:48.0219 0400 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 21:05:48.0309 0400 partmgr - ok 21:05:48.0449 0400 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 21:05:48.0499 0400 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 21:05:48.0539 0400 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 21:05:48.0589 0400 pci - ok 21:05:48.0619 0400 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 21:05:48.0619 0400 pciide - ok 21:05:48.0689 0400 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 21:05:48.0709 0400 pcmcia - ok 21:05:48.0729 0400 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 21:05:48.0729 0400 pcw - ok 21:05:48.0759 0400 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 21:05:48.0769 0400 PEAUTH - ok 21:05:48.0849 0400 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys 21:05:48.0899 0400 Point64 - ok 21:05:48.0959 0400 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 21:05:49.0039 0400 PptpMiniport - ok 21:05:49.0059 0400 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 21:05:49.0059 0400 Processor - ok 21:05:49.0109 0400 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 21:05:49.0169 0400 Psched - ok 21:05:49.0219 0400 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 21:05:49.0259 0400 PxHlpa64 - ok 21:05:49.0299 0400 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 21:05:49.0359 0400 ql2300 - ok 21:05:49.0379 0400 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 21:05:49.0379 0400 ql40xx - ok 21:05:49.0399 0400 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 21:05:49.0409 0400 QWAVEdrv - ok 21:05:49.0429 0400 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 21:05:49.0429 0400 RasAcd - ok 21:05:49.0479 0400 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:05:49.0489 0400 RasAgileVpn - ok 21:05:49.0539 0400 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:05:49.0590 0400 Rasl2tp - ok 21:05:49.0610 0400 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 21:05:49.0620 0400 RasPppoe - ok 21:05:49.0660 0400 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 21:05:49.0670 0400 RasSstp - ok 21:05:49.0740 0400 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 21:05:49.0800 0400 rdbss - ok 21:05:49.0820 0400 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 21:05:49.0820 0400 rdpbus - ok 21:05:49.0850 0400 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:05:49.0850 0400 RDPCDD - ok 21:05:49.0900 0400 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 21:05:49.0950 0400 RDPDR - ok 21:05:49.0970 0400 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 21:05:49.0970 0400 RDPENCDD - ok 21:05:50.0010 0400 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 21:05:50.0020 0400 RDPREFMP - ok 21:05:50.0070 0400 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 21:05:50.0130 0400 RdpVideoMiniport - ok 21:05:50.0160 0400 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 21:05:50.0220 0400 RDPWD - ok 21:05:50.0280 0400 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 21:05:50.0340 0400 rdyboost - ok 21:05:50.0400 0400 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys 21:05:50.0460 0400 rimmptsk - ok 21:05:50.0480 0400 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys 21:05:50.0520 0400 rimsptsk - ok 21:05:50.0570 0400 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 21:05:50.0630 0400 RimUsb - ok 21:05:50.0690 0400 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys 21:05:50.0760 0400 rismxdp - ok 21:05:50.0830 0400 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 21:05:50.0830 0400 rspndr - ok 21:05:50.0880 0400 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 21:05:50.0940 0400 s3cap - ok 21:05:50.0970 0400 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 21:05:51.0020 0400 sbp2port - ok 21:05:51.0060 0400 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 21:05:51.0120 0400 scfilter - ok 21:05:51.0150 0400 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 21:05:51.0200 0400 sdbus - ok 21:05:51.0240 0400 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 21:05:51.0250 0400 secdrv - ok 21:05:51.0290 0400 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 21:05:51.0300 0400 Serenum - ok 21:05:51.0320 0400 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 21:05:51.0320 0400 Serial - ok 21:05:51.0350 0400 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 21:05:51.0360 0400 sermouse - ok 21:05:51.0410 0400 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 21:05:51.0410 0400 sffdisk - ok 21:05:51.0430 0400 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 21:05:51.0430 0400 sffp_mmc - ok 21:05:51.0460 0400 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 21:05:51.0510 0400 sffp_sd - ok 21:05:51.0530 0400 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 21:05:51.0540 0400 sfloppy - ok 21:05:51.0580 0400 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:05:51.0590 0400 SiSRaid2 - ok 21:05:51.0610 0400 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 21:05:51.0620 0400 SiSRaid4 - ok 21:05:51.0700 0400 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 21:05:51.0710 0400 Smb - ok 21:05:51.0760 0400 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 21:05:51.0770 0400 spldr - ok 21:05:51.0820 0400 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 21:05:51.0890 0400 srv - ok 21:05:51.0940 0400 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 21:05:51.0990 0400 srv2 - ok 21:05:52.0020 0400 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 21:05:52.0080 0400 srvnet - ok 21:05:52.0130 0400 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 21:05:52.0130 0400 stexstor - ok 21:05:52.0190 0400 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys 21:05:52.0260 0400 STHDA - ok 21:05:52.0300 0400 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 21:05:52.0350 0400 storflt - ok 21:05:52.0380 0400 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 21:05:52.0420 0400 storvsc - ok 21:05:52.0460 0400 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 21:05:52.0460 0400 swenum - ok 21:05:52.0520 0400 Synth3dVsc - ok 21:05:52.0570 0400 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys 21:05:52.0650 0400 SynTP - ok 21:05:52.0740 0400 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 21:05:52.0880 0400 Tcpip - ok 21:05:52.0960 0400 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 21:05:52.0980 0400 TCPIP6 - ok 21:05:53.0030 0400 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 21:05:53.0090 0400 tcpipreg - ok 21:05:53.0130 0400 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 21:05:53.0150 0400 TDPIPE - ok 21:05:53.0170 0400 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 21:05:53.0170 0400 TDTCP - ok 21:05:53.0210 0400 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 21:05:53.0260 0400 tdx - ok 21:05:53.0300 0400 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 21:05:53.0330 0400 TermDD - ok 21:05:53.0390 0400 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:05:53.0430 0400 tssecsrv - ok 21:05:53.0470 0400 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 21:05:53.0510 0400 TsUsbFlt - ok 21:05:53.0520 0400 tsusbhub - ok 21:05:53.0590 0400 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 21:05:53.0660 0400 tunnel - ok 21:05:53.0690 0400 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 21:05:53.0690 0400 uagp35 - ok 21:05:53.0740 0400 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 21:05:53.0810 0400 udfs - ok 21:05:53.0870 0400 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 21:05:53.0880 0400 uliagpkx - ok 21:05:53.0950 0400 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 21:05:54.0020 0400 umbus - ok 21:05:54.0050 0400 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 21:05:54.0050 0400 UmPass - ok 21:05:54.0130 0400 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 21:05:54.0190 0400 USBAAPL64 - ok 21:05:54.0230 0400 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 21:05:54.0300 0400 usbccgp - ok 21:05:54.0330 0400 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 21:05:54.0340 0400 usbcir - ok 21:05:54.0360 0400 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 21:05:54.0420 0400 usbehci - ok 21:05:54.0440 0400 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 21:05:54.0510 0400 usbhub - ok 21:05:54.0530 0400 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 21:05:54.0590 0400 usbohci - ok 21:05:54.0610 0400 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 21:05:54.0620 0400 usbprint - ok 21:05:54.0680 0400 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:05:54.0740 0400 USBSTOR - ok 21:05:54.0760 0400 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 21:05:54.0810 0400 usbuhci - ok 21:05:54.0850 0400 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 21:05:54.0920 0400 usbvideo - ok 21:05:54.0950 0400 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 21:05:54.0950 0400 vdrvroot - ok 21:05:55.0000 0400 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 21:05:55.0010 0400 vga - ok 21:05:55.0040 0400 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 21:05:55.0050 0400 VgaSave - ok 21:05:55.0070 0400 VGPU - ok 21:05:55.0090 0400 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 21:05:55.0140 0400 vhdmp - ok 21:05:55.0170 0400 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 21:05:55.0180 0400 viaide - ok 21:05:55.0230 0400 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 21:05:55.0300 0400 vmbus - ok 21:05:55.0320 0400 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 21:05:55.0370 0400 VMBusHID - ok 21:05:55.0390 0400 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 21:05:55.0440 0400 volmgr - ok 21:05:55.0490 0400 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 21:05:55.0570 0400 volmgrx - ok 21:05:55.0590 0400 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 21:05:55.0640 0400 volsnap - ok 21:05:55.0680 0400 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 21:05:55.0710 0400 vsmraid - ok 21:05:55.0760 0400 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 21:05:55.0760 0400 vwifibus - ok 21:05:55.0790 0400 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 21:05:55.0810 0400 vwififlt - ok 21:05:55.0850 0400 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 21:05:55.0860 0400 vwifimp - ok 21:05:55.0910 0400 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 21:05:55.0910 0400 WacomPen - ok 21:05:55.0970 0400 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:05:56.0030 0400 WANARP - ok 21:05:56.0050 0400 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:05:56.0050 0400 Wanarpv6 - ok 21:05:56.0110 0400 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys 21:05:56.0170 0400 wanatw - ok 21:05:56.0230 0400 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 21:05:56.0230 0400 Wd - ok 21:05:56.0270 0400 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 21:05:56.0330 0400 WDC_SAM - ok 21:05:56.0370 0400 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 21:05:56.0390 0400 Wdf01000 - ok 21:05:56.0450 0400 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 21:05:56.0450 0400 WfpLwf - ok 21:05:56.0490 0400 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 21:05:56.0550 0400 WimFltr - ok 21:05:56.0571 0400 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 21:05:56.0571 0400 WIMMount - ok 21:05:56.0661 0400 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 21:05:56.0731 0400 WinUsb - ok 21:05:56.0771 0400 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 21:05:56.0781 0400 WmiAcpi - ok 21:05:56.0811 0400 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 21:05:56.0811 0400 ws2ifsl - ok 21:05:56.0871 0400 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 21:05:56.0931 0400 WudfPf - ok 21:05:56.0971 0400 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:05:57.0031 0400 WUDFRd - ok 21:05:57.0061 0400 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0 21:05:57.0091 0400 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 21:05:57.0091 0400 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 21:05:57.0131 0400 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0 21:05:57.0141 0400 \Device\Harddisk0\DR0\Partition0 - ok 21:05:57.0161 0400 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1 21:05:57.0161 0400 \Device\Harddisk0\DR0\Partition1 - ok 21:05:57.0161 0400 ============================================================ 21:05:57.0161 0400 Scan finished 21:05:57.0161 0400 ============================================================ 21:05:57.0201 6892 Detected object count: 1 21:05:57.0201 6892 Actual detected object count: 1 21:06:18.0525 6892 \Device\Harddisk0\DR0\# - copied to quarantine 21:06:18.0525 6892 \Device\Harddisk0\DR0 - copied to quarantine 21:06:18.0725 6892 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 21:06:24.0346 6892 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 21:06:30.0049 6892 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine 21:06:30.0129 6892 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine 21:06:30.0189 6892 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 21:06:35.0769 6892 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 21:06:41.0391 6892 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 21:06:41.0391 6892 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 21:06:41.0401 6892 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 21:06:41.0411 6892 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 21:06:47.0103 6892 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 21:06:52.0683 6892 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 21:06:52.0713 6892 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 21:06:52.0713 6892 \Device\Harddisk0\DR0 - ok 21:06:52.0963 6892 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 21:07:35.0597 3984 Deinitialize success
  9. Hi, Cure and Delete are not options for me. My options were skip, copy to quarantine, and restore. I chose copy to quarantine. 18:55:43.0746 8072 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06 18:55:45.0752 8072 ============================================================ 18:55:45.0752 8072 Current date / time: 2012/02/23 18:55:45.0752 18:55:45.0752 8072 SystemInfo: 18:55:45.0752 8072 18:55:45.0752 8072 OS Version: 6.1.7601 ServicePack: 1.0 18:55:45.0752 8072 Product type: Workstation 18:55:45.0752 8072 ComputerName: ROO-SOXLAPTOP 18:55:45.0753 8072 UserName: Roo 18:55:45.0753 8072 Windows directory: C:\Windows 18:55:45.0753 8072 System windows directory: C:\Windows 18:55:45.0753 8072 Running under WOW64 18:55:45.0753 8072 Processor architecture: Intel x64 18:55:45.0753 8072 Number of processors: 2 18:55:45.0753 8072 Page size: 0x1000 18:55:45.0753 8072 Boot type: Normal boot 18:55:45.0753 8072 ============================================================ 18:55:49.0619 8072 Initialize success 18:56:04.0295 4736 ============================================================ 18:56:04.0295 4736 Scan started 18:56:04.0295 4736 Mode: Manual; 18:56:04.0295 4736 ============================================================ 18:56:14.0034 4736 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:56:14.0037 4736 1394ohci - ok 18:56:14.0200 4736 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:56:14.0206 4736 ACPI - ok 18:56:14.0325 4736 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:56:14.0327 4736 AcpiPmi - ok 18:56:14.0462 4736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 18:56:14.0480 4736 adp94xx - ok 18:56:14.0541 4736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 18:56:14.0547 4736 adpahci - ok 18:56:14.0599 4736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 18:56:14.0608 4736 adpu320 - ok 18:56:14.0690 4736 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 18:56:14.0697 4736 AFD - ok 18:56:14.0722 4736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:56:14.0725 4736 agp440 - ok 18:56:14.0768 4736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:56:14.0770 4736 aliide - ok 18:56:14.0808 4736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:56:14.0810 4736 amdide - ok 18:56:14.0834 4736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 18:56:14.0837 4736 AmdK8 - ok 18:56:14.0857 4736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 18:56:14.0859 4736 AmdPPM - ok 18:56:14.0877 4736 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:56:14.0880 4736 amdsata - ok 18:56:14.0898 4736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 18:56:14.0904 4736 amdsbs - ok 18:56:14.0922 4736 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:56:14.0922 4736 amdxata - ok 18:56:14.0986 4736 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys 18:56:14.0987 4736 AnyDVD - ok 18:56:15.0070 4736 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:56:15.0073 4736 AppID - ok 18:56:15.0152 4736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 18:56:15.0156 4736 arc - ok 18:56:15.0194 4736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 18:56:15.0197 4736 arcsas - ok 18:56:15.0275 4736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:56:15.0280 4736 AsyncMac - ok 18:56:15.0332 4736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:56:15.0333 4736 atapi - ok 18:56:15.0381 4736 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys 18:56:15.0382 4736 AtiHdmiService - ok 18:56:15.0561 4736 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys 18:56:15.0689 4736 atikmdag - ok 18:56:16.0286 4736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 18:56:16.0302 4736 b06bdrv - ok 18:56:16.0384 4736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:56:16.0389 4736 b57nd60a - ok 18:56:16.0474 4736 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys 18:56:16.0475 4736 BCM42RLY - ok 18:56:16.0611 4736 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys 18:56:16.0627 4736 BCM43XX - ok 18:56:16.0772 4736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:56:16.0775 4736 Beep - ok 18:56:16.0832 4736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 18:56:16.0834 4736 blbdrive - ok 18:56:16.0901 4736 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:56:16.0903 4736 bowser - ok 18:56:16.0985 4736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 18:56:16.0987 4736 BrFiltLo - ok 18:56:17.0003 4736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 18:56:17.0004 4736 BrFiltUp - ok 18:56:17.0055 4736 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 18:56:17.0059 4736 BridgeMP - ok 18:56:17.0087 4736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:56:17.0093 4736 Brserid - ok 18:56:17.0113 4736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:56:17.0116 4736 BrSerWdm - ok 18:56:17.0132 4736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:56:17.0134 4736 BrUsbMdm - ok 18:56:17.0158 4736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:56:17.0166 4736 BrUsbSer - ok 18:56:17.0200 4736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 18:56:17.0202 4736 BTHMODEM - ok 18:56:17.0232 4736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:56:17.0235 4736 cdfs - ok 18:56:17.0287 4736 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 18:56:17.0291 4736 cdrom - ok 18:56:17.0368 4736 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys 18:56:17.0369 4736 cfwids - ok 18:56:17.0411 4736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 18:56:17.0414 4736 circlass - ok 18:56:17.0490 4736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:56:17.0504 4736 CLFS - ok 18:56:17.0593 4736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 18:56:17.0597 4736 CmBatt - ok 18:56:17.0632 4736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:56:17.0641 4736 cmdide - ok 18:56:17.0731 4736 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 18:56:17.0746 4736 CNG - ok 18:56:17.0796 4736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 18:56:17.0797 4736 Compbatt - ok 18:56:17.0843 4736 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:56:17.0849 4736 CompositeBus - ok 18:56:17.0913 4736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 18:56:17.0915 4736 crcdisk - ok 18:56:18.0010 4736 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 18:56:18.0041 4736 CSC - ok 18:56:18.0200 4736 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 18:56:18.0211 4736 CtClsFlt - ok 18:56:18.0327 4736 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys 18:56:18.0328 4736 dc3d - ok 18:56:18.0545 4736 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:56:18.0553 4736 DfsC - ok 18:56:18.0631 4736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:56:18.0632 4736 discache - ok 18:56:18.0706 4736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 18:56:18.0709 4736 Disk - ok 18:56:18.0844 4736 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys 18:56:18.0846 4736 DisplayLinkUsbPort - ok 18:56:18.0892 4736 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys 18:56:18.0896 4736 dlcdbus - ok 18:56:18.0945 4736 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys 18:56:18.0946 4736 dlkmd - ok 18:56:18.0970 4736 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys 18:56:18.0971 4736 dlkmdldr - ok 18:56:19.0123 4736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:56:19.0131 4736 drmkaud - ok 18:56:19.0263 4736 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:56:19.0270 4736 DXGKrnl - ok 18:56:19.0621 4736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 18:56:19.0880 4736 ebdrv - ok 18:56:20.0248 4736 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 18:56:20.0249 4736 ElbyCDIO - ok 18:56:20.0349 4736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 18:56:20.0363 4736 elxstor - ok 18:56:20.0549 4736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:56:20.0558 4736 ErrDev - ok 18:56:20.0641 4736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:56:20.0646 4736 exfat - ok 18:56:20.0681 4736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:56:20.0688 4736 fastfat - ok 18:56:20.0753 4736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 18:56:20.0756 4736 fdc - ok 18:56:20.0815 4736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:56:20.0818 4736 FileInfo - ok 18:56:20.0888 4736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:56:20.0891 4736 Filetrace - ok 18:56:20.0984 4736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 18:56:20.0991 4736 flpydisk - ok 18:56:21.0056 4736 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:56:21.0061 4736 FltMgr - ok 18:56:21.0117 4736 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys 18:56:21.0120 4736 FlyUsb - ok 18:56:21.0183 4736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:56:21.0189 4736 FsDepends - ok 18:56:21.0244 4736 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 18:56:21.0247 4736 fssfltr - ok 18:56:21.0312 4736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 18:56:21.0313 4736 Fs_Rec - ok 18:56:21.0378 4736 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:56:21.0382 4736 fvevol - ok 18:56:21.0405 4736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 18:56:21.0409 4736 gagp30kx - ok 18:56:21.0480 4736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 18:56:21.0481 4736 GEARAspiWDM - ok 18:56:21.0734 4736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:56:21.0738 4736 hcw85cir - ok 18:56:21.0800 4736 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:56:21.0804 4736 HDAudBus - ok 18:56:21.0856 4736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 18:56:21.0861 4736 HidBatt - ok 18:56:21.0887 4736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 18:56:21.0895 4736 HidBth - ok 18:56:21.0990 4736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 18:56:21.0994 4736 HidIr - ok 18:56:22.0158 4736 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:56:22.0164 4736 HidUsb - ok 18:56:22.0316 4736 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:56:22.0322 4736 HpSAMD - ok 18:56:22.0545 4736 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 18:56:22.0549 4736 HTCAND64 - ok 18:56:22.0786 4736 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 18:56:22.0789 4736 htcnprot - ok 18:56:23.0634 4736 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:56:23.0680 4736 HTTP - ok 18:56:25.0081 4736 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:56:25.0082 4736 hwpolicy - ok 18:56:25.0211 4736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:56:25.0214 4736 i8042prt - ok 18:56:25.0473 4736 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:56:25.0518 4736 iaStorV - ok 18:56:25.0812 4736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 18:56:25.0818 4736 iirsp - ok 18:56:25.0856 4736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:56:25.0863 4736 intelide - ok 18:56:25.0910 4736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:56:25.0912 4736 intelppm - ok 18:56:26.0459 4736 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:56:26.0493 4736 IpFilterDriver - ok 18:56:26.0584 4736 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:56:26.0587 4736 IPMIDRV - ok 18:56:26.0668 4736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:56:26.0773 4736 IPNAT - ok 18:56:27.0243 4736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:56:27.0245 4736 IRENUM - ok 18:56:27.0296 4736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:56:27.0298 4736 isapnp - ok 18:56:27.0334 4736 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:56:27.0343 4736 iScsiPrt - ok 18:56:27.0635 4736 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys 18:56:27.0649 4736 k57nd60a - ok 18:56:27.0916 4736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 18:56:27.0917 4736 kbdclass - ok 18:56:28.0160 4736 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 18:56:28.0167 4736 kbdhid - ok 18:56:28.0259 4736 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 18:56:28.0263 4736 KSecDD - ok 18:56:28.0321 4736 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 18:56:28.0324 4736 KSecPkg - ok 18:56:28.0380 4736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:56:28.0387 4736 ksthunk - ok 18:56:28.0497 4736 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys 18:56:28.0526 4736 LAN9500 - ok 18:56:28.0634 4736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:56:28.0637 4736 lltdio - ok 18:56:28.0725 4736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 18:56:28.0731 4736 LSI_FC - ok 18:56:28.0755 4736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 18:56:28.0759 4736 LSI_SAS - ok 18:56:28.0786 4736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 18:56:28.0793 4736 LSI_SAS2 - ok 18:56:28.0839 4736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 18:56:28.0842 4736 LSI_SCSI - ok 18:56:28.0880 4736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:56:28.0885 4736 luafv - ok 18:56:29.0042 4736 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 18:56:29.0043 4736 MBAMProtector - ok 18:56:29.0199 4736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 18:56:29.0207 4736 megasas - ok 18:56:29.0283 4736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 18:56:29.0289 4736 MegaSR - ok 18:56:29.0355 4736 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys 18:56:29.0356 4736 mfeapfk - ok 18:56:29.0433 4736 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys 18:56:29.0436 4736 mfeavfk - ok 18:56:29.0556 4736 mfeavfk01 - ok 18:56:29.0908 4736 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys 18:56:29.0912 4736 mfefirek - ok 18:56:30.0024 4736 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys 18:56:30.0040 4736 mfehidk - ok 18:56:30.0125 4736 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys 18:56:30.0126 4736 mfenlfk - ok 18:56:30.0199 4736 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys 18:56:30.0206 4736 mferkdet - ok 18:56:30.0260 4736 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys 18:56:30.0265 4736 mfewfpk - ok 18:56:30.0330 4736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:56:30.0335 4736 Modem - ok 18:56:30.0388 4736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:56:30.0389 4736 monitor - ok 18:56:30.0447 4736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 18:56:30.0448 4736 mouclass - ok 18:56:30.0503 4736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:56:30.0505 4736 mouhid - ok 18:56:30.0542 4736 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:56:30.0546 4736 mountmgr - ok 18:56:30.0669 4736 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:56:30.0701 4736 mpio - ok 18:56:30.0726 4736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:56:30.0728 4736 mpsdrv - ok 18:56:30.0769 4736 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:56:30.0772 4736 MRxDAV - ok 18:56:30.0815 4736 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:56:30.0820 4736 mrxsmb - ok 18:56:30.0864 4736 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:56:30.0872 4736 mrxsmb10 - ok 18:56:30.0945 4736 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:56:30.0949 4736 mrxsmb20 - ok 18:56:31.0002 4736 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:56:31.0003 4736 msahci - ok 18:56:31.0045 4736 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:56:31.0049 4736 msdsm - ok 18:56:31.0118 4736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:56:31.0121 4736 Msfs - ok 18:56:31.0148 4736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:56:31.0150 4736 mshidkmdf - ok 18:56:31.0203 4736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:56:31.0204 4736 msisadrv - ok 18:56:31.0253 4736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:56:31.0256 4736 MSKSSRV - ok 18:56:31.0294 4736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:56:31.0297 4736 MSPCLOCK - ok 18:56:31.0328 4736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:56:31.0330 4736 MSPQM - ok 18:56:31.0398 4736 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:56:31.0414 4736 MsRPC - ok 18:56:31.0472 4736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:56:31.0472 4736 mssmbios - ok 18:56:31.0909 4736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:56:31.0915 4736 MSTEE - ok 18:56:32.0044 4736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 18:56:32.0047 4736 MTConfig - ok 18:56:32.0149 4736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:56:32.0150 4736 Mup - ok 18:56:32.0242 4736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:56:32.0259 4736 NativeWifiP - ok 18:56:32.0360 4736 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:56:32.0392 4736 NDIS - ok 18:56:32.0453 4736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:56:32.0462 4736 NdisCap - ok 18:56:32.0530 4736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:56:32.0534 4736 NdisTapi - ok 18:56:32.0614 4736 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:56:32.0618 4736 Ndisuio - ok 18:56:32.0715 4736 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:56:32.0721 4736 NdisWan - ok 18:56:32.0785 4736 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:56:32.0788 4736 NDProxy - ok 18:56:32.0886 4736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:56:32.0890 4736 NetBIOS - ok 18:56:32.0989 4736 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:56:33.0002 4736 NetBT - ok 18:56:33.0174 4736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 18:56:33.0176 4736 nfrd960 - ok 18:56:33.0249 4736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:56:33.0252 4736 Npfs - ok 18:56:33.0368 4736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:56:33.0369 4736 nsiproxy - ok 18:56:34.0550 4736 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:56:34.0603 4736 Ntfs - ok 18:56:34.0769 4736 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys 18:56:34.0778 4736 NuidFltr - ok 18:56:34.0852 4736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:56:34.0861 4736 Null - ok 18:56:35.0001 4736 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:56:35.0011 4736 nvraid - ok 18:56:35.0091 4736 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:56:35.0101 4736 nvstor - ok 18:56:35.0141 4736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:56:35.0151 4736 nv_agp - ok 18:56:35.0211 4736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:56:35.0221 4736 ohci1394 - ok 18:56:35.0321 4736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 18:56:35.0321 4736 Parport - ok 18:56:35.0431 4736 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 18:56:35.0431 4736 partmgr - ok 18:56:36.0081 4736 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 18:56:36.0291 4736 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 18:56:36.0451 4736 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:56:36.0461 4736 pci - ok 18:56:36.0511 4736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:56:36.0521 4736 pciide - ok 18:56:36.0601 4736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 18:56:36.0621 4736 pcmcia - ok 18:56:36.0901 4736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:56:36.0901 4736 pcw - ok 18:56:37.0252 4736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:56:37.0277 4736 PEAUTH - ok 18:56:38.0160 4736 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys 18:56:38.0170 4736 Point64 - ok 18:56:38.0620 4736 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:56:38.0630 4736 PptpMiniport - ok 18:56:38.0800 4736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 18:56:38.0810 4736 Processor - ok 18:56:38.0920 4736 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:56:38.0930 4736 Psched - ok 18:56:39.0040 4736 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 18:56:39.0050 4736 PxHlpa64 - ok 18:56:39.0260 4736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 18:56:39.0330 4736 ql2300 - ok 18:56:39.0400 4736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 18:56:39.0420 4736 ql40xx - ok 18:56:39.0470 4736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:56:39.0480 4736 QWAVEdrv - ok 18:56:39.0610 4736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:56:39.0610 4736 RasAcd - ok 18:56:39.0790 4736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:56:39.0800 4736 RasAgileVpn - ok 18:56:39.0910 4736 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:56:39.0920 4736 Rasl2tp - ok 18:56:40.0000 4736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:56:40.0010 4736 RasPppoe - ok 18:56:40.0040 4736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:56:40.0050 4736 RasSstp - ok 18:56:40.0130 4736 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:56:40.0160 4736 rdbss - ok 18:56:40.0210 4736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:56:40.0210 4736 rdpbus - ok 18:56:40.0270 4736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:56:40.0280 4736 RDPCDD - ok 18:56:40.0350 4736 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 18:56:40.0360 4736 RDPDR - ok 18:56:40.0400 4736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:56:40.0400 4736 RDPENCDD - ok 18:56:40.0470 4736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:56:40.0480 4736 RDPREFMP - ok 18:56:40.0590 4736 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 18:56:40.0600 4736 RdpVideoMiniport - ok 18:56:40.0670 4736 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 18:56:40.0680 4736 RDPWD - ok 18:56:40.0810 4736 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:56:40.0830 4736 rdyboost - ok 18:56:41.0100 4736 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys 18:56:41.0100 4736 rimmptsk - ok 18:56:41.0140 4736 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys 18:56:41.0150 4736 rimsptsk - ok 18:56:41.0200 4736 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 18:56:41.0210 4736 RimUsb - ok 18:56:41.0280 4736 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys 18:56:41.0290 4736 rismxdp - ok 18:56:41.0410 4736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:56:41.0420 4736 rspndr - ok 18:56:41.0510 4736 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 18:56:41.0510 4736 s3cap - ok 18:56:41.0680 4736 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:56:41.0690 4736 sbp2port - ok 18:56:41.0840 4736 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:56:41.0840 4736 scfilter - ok 18:56:41.0940 4736 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 18:56:41.0950 4736 sdbus - ok 18:56:42.0060 4736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:56:42.0070 4736 secdrv - ok 18:56:42.0190 4736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 18:56:42.0190 4736 Serenum - ok 18:56:42.0250 4736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 18:56:42.0260 4736 Serial - ok 18:56:42.0450 4736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 18:56:42.0460 4736 sermouse - ok 18:56:42.0590 4736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:56:42.0590 4736 sffdisk - ok 18:56:42.0660 4736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:56:42.0670 4736 sffp_mmc - ok 18:56:42.0750 4736 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:56:42.0750 4736 sffp_sd - ok 18:56:42.0930 4736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 18:56:42.0930 4736 sfloppy - ok 18:56:43.0020 4736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 18:56:43.0030 4736 SiSRaid2 - ok 18:56:43.0080 4736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 18:56:43.0090 4736 SiSRaid4 - ok 18:56:43.0170 4736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:56:43.0170 4736 Smb - ok 18:56:43.0320 4736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:56:43.0330 4736 spldr - ok 18:56:43.0470 4736 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:56:43.0530 4736 srv - ok 18:56:43.0620 4736 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:56:43.0650 4736 srv2 - ok 18:56:43.0830 4736 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:56:43.0840 4736 srvnet - ok 18:56:44.0010 4736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 18:56:44.0020 4736 stexstor - ok 18:56:44.0110 4736 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys 18:56:44.0150 4736 STHDA - ok 18:56:44.0250 4736 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 18:56:44.0250 4736 storflt - ok 18:56:44.0340 4736 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 18:56:44.0350 4736 storvsc - ok 18:56:44.0420 4736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:56:44.0420 4736 swenum - ok 18:56:44.0560 4736 Synth3dVsc - ok 18:56:44.0660 4736 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys 18:56:44.0670 4736 SynTP - ok 18:56:44.0890 4736 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 18:56:44.0970 4736 Tcpip - ok 18:56:45.0140 4736 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 18:56:45.0260 4736 TCPIP6 - ok 18:56:45.0380 4736 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:56:45.0380 4736 tcpipreg - ok 18:56:45.0450 4736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:56:45.0460 4736 TDPIPE - ok 18:56:45.0520 4736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 18:56:45.0530 4736 TDTCP - ok 18:56:45.0700 4736 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:56:45.0720 4736 tdx - ok 18:56:45.0810 4736 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:56:45.0810 4736 TermDD - ok 18:56:45.0950 4736 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:56:45.0950 4736 tssecsrv - ok 18:56:46.0020 4736 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:56:46.0030 4736 TsUsbFlt - ok 18:56:46.0060 4736 tsusbhub - ok 18:56:46.0150 4736 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:56:46.0150 4736 tunnel - ok 18:56:46.0290 4736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 18:56:46.0290 4736 uagp35 - ok 18:56:46.0370 4736 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:56:46.0390 4736 udfs - ok 18:56:46.0510 4736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:56:46.0510 4736 uliagpkx - ok 18:56:46.0590 4736 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 18:56:46.0590 4736 umbus - ok 18:56:46.0630 4736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 18:56:46.0640 4736 UmPass - ok 18:56:46.0760 4736 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 18:56:46.0770 4736 USBAAPL64 - ok 18:56:46.0840 4736 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:56:46.0850 4736 usbccgp - ok 18:56:46.0880 4736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:56:46.0890 4736 usbcir - ok 18:56:46.0920 4736 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 18:56:46.0930 4736 usbehci - ok 18:56:46.0990 4736 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:56:47.0010 4736 usbhub - ok 18:56:47.0050 4736 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 18:56:47.0050 4736 usbohci - ok 18:56:47.0110 4736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:56:47.0110 4736 usbprint - ok 18:56:47.0150 4736 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:56:47.0150 4736 USBSTOR - ok 18:56:47.0180 4736 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 18:56:47.0180 4736 usbuhci - ok 18:56:47.0240 4736 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 18:56:47.0250 4736 usbvideo - ok 18:56:47.0330 4736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:56:47.0330 4736 vdrvroot - ok 18:56:47.0460 4736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:56:47.0460 4736 vga - ok 18:56:47.0490 4736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:56:47.0500 4736 VgaSave - ok 18:56:47.0560 4736 VGPU - ok 18:56:47.0710 4736 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:56:47.0720 4736 vhdmp - ok 18:56:47.0780 4736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:56:47.0790 4736 viaide - ok 18:56:47.0910 4736 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 18:56:47.0920 4736 vmbus - ok 18:56:47.0950 4736 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 18:56:47.0960 4736 VMBusHID - ok 18:56:48.0010 4736 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:56:48.0020 4736 volmgr - ok 18:56:48.0100 4736 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:56:48.0110 4736 volmgrx - ok 18:56:48.0270 4736 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:56:48.0280 4736 volsnap - ok 18:56:48.0360 4736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 18:56:48.0370 4736 vsmraid - ok 18:56:48.0460 4736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:56:48.0460 4736 vwifibus - ok 18:56:48.0540 4736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:56:48.0540 4736 vwififlt - ok 18:56:48.0610 4736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:56:48.0610 4736 vwifimp - ok 18:56:48.0680 4736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 18:56:48.0690 4736 WacomPen - ok 18:56:48.0760 4736 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:56:48.0760 4736 WANARP - ok 18:56:48.0790 4736 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:56:48.0790 4736 Wanarpv6 - ok 18:56:48.0860 4736 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys 18:56:48.0860 4736 wanatw - ok 18:56:49.0020 4736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 18:56:49.0020 4736 Wd - ok 18:56:49.0090 4736 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 18:56:49.0090 4736 WDC_SAM - ok 18:56:49.0190 4736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:56:49.0220 4736 Wdf01000 - ok 18:56:49.0340 4736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:56:49.0350 4736 WfpLwf - ok 18:56:49.0400 4736 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 18:56:49.0400 4736 WimFltr - ok 18:56:49.0440 4736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:56:49.0450 4736 WIMMount - ok 18:56:49.0640 4736 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 18:56:49.0650 4736 WinUsb - ok 18:56:49.0750 4736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:56:49.0760 4736 WmiAcpi - ok 18:56:49.0910 4736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:56:49.0910 4736 ws2ifsl - ok 18:56:50.0010 4736 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:56:50.0010 4736 WudfPf - ok 18:56:50.0080 4736 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:56:50.0090 4736 WUDFRd - ok 18:56:50.0210 4736 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0 18:56:50.0300 4736 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning 18:56:50.0300 4736 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1) 18:56:50.0320 4736 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0 18:56:50.0320 4736 \Device\Harddisk0\DR0\Partition0 - ok 18:56:50.0340 4736 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1 18:56:50.0350 4736 \Device\Harddisk0\DR0\Partition1 - ok 18:56:50.0350 4736 ============================================================ 18:56:50.0350 4736 Scan finished 18:56:50.0350 4736 ============================================================ 18:56:50.0390 6592 Detected object count: 1 18:56:50.0390 6592 Actual detected object count: 1 19:00:34.0706 6592 \Device\Harddisk0\DR0 - copied to quarantine 19:00:34.0706 6592 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine 19:00:42.0328 8060 Deinitialize success
  10. The combofix has been sitting in the blue dos like window for about an hour. It says... Please wait. ComboFix is preparing to run. Is it normal for it to take a long time? Thanks
  11. TDSSKiller Log is below. I'm getting the other next. 16:28:11.0234 4404 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06 16:28:14.0755 4404 ============================================================ 16:28:14.0755 4404 Current date / time: 2012/02/23 16:28:14.0755 16:28:14.0755 4404 SystemInfo: 16:28:14.0755 4404 16:28:14.0755 4404 OS Version: 6.1.7601 ServicePack: 1.0 16:28:14.0755 4404 Product type: Workstation 16:28:14.0755 4404 ComputerName: ROO-SOXLAPTOP 16:28:14.0755 4404 UserName: Roo 16:28:14.0755 4404 Windows directory: C:\Windows 16:28:14.0755 4404 System windows directory: C:\Windows 16:28:14.0755 4404 Running under WOW64 16:28:14.0755 4404 Processor architecture: Intel x64 16:28:14.0755 4404 Number of processors: 2 16:28:14.0755 4404 Page size: 0x1000 16:28:14.0755 4404 Boot type: Normal boot 16:28:14.0755 4404 ============================================================ 16:28:17.0145 4404 Initialize success 16:28:30.0968 5620 ============================================================ 16:28:30.0968 5620 Scan started 16:28:30.0968 5620 Mode: Manual; 16:28:30.0968 5620 ============================================================ 16:28:32.0348 5620 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 16:28:32.0398 5620 1394ohci - ok 16:28:32.0458 5620 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 16:28:32.0508 5620 ACPI - ok 16:28:32.0548 5620 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 16:28:32.0588 5620 AcpiPmi - ok 16:28:32.0648 5620 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 16:28:32.0658 5620 adp94xx - ok 16:28:32.0678 5620 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 16:28:32.0688 5620 adpahci - ok 16:28:32.0718 5620 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 16:28:32.0718 5620 adpu320 - ok 16:28:32.0798 5620 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 16:28:32.0848 5620 AFD - ok 16:28:32.0878 5620 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 16:28:32.0878 5620 agp440 - ok 16:28:32.0928 5620 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 16:28:32.0928 5620 aliide - ok 16:28:32.0968 5620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 16:28:32.0978 5620 amdide - ok 16:28:33.0018 5620 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 16:28:33.0018 5620 AmdK8 - ok 16:28:33.0048 5620 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 16:28:33.0048 5620 AmdPPM - ok 16:28:33.0088 5620 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 16:28:33.0138 5620 amdsata - ok 16:28:33.0168 5620 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 16:28:33.0178 5620 amdsbs - ok 16:28:33.0188 5620 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 16:28:33.0238 5620 amdxata - ok 16:28:33.0308 5620 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys 16:28:33.0358 5620 AnyDVD - ok 16:28:33.0438 5620 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 16:28:33.0488 5620 AppID - ok 16:28:33.0568 5620 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 16:28:33.0578 5620 arc - ok 16:28:33.0588 5620 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 16:28:33.0598 5620 arcsas - ok 16:28:33.0628 5620 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 16:28:33.0638 5620 AsyncMac - ok 16:28:33.0668 5620 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 16:28:33.0668 5620 atapi - ok 16:28:33.0718 5620 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys 16:28:33.0768 5620 AtiHdmiService - ok 16:28:33.0908 5620 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys 16:28:34.0008 5620 atikmdag - ok 16:28:34.0068 5620 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 16:28:34.0078 5620 b06bdrv - ok 16:28:34.0118 5620 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 16:28:34.0128 5620 b57nd60a - ok 16:28:34.0158 5620 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys 16:28:34.0208 5620 BCM42RLY - ok 16:28:34.0308 5620 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys 16:28:34.0378 5620 BCM43XX - ok 16:28:34.0438 5620 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 16:28:34.0448 5620 Beep - ok 16:28:34.0518 5620 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 16:28:34.0528 5620 blbdrive - ok 16:28:34.0618 5620 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 16:28:34.0658 5620 bowser - ok 16:28:34.0698 5620 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 16:28:34.0698 5620 BrFiltLo - ok 16:28:34.0718 5620 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 16:28:34.0728 5620 BrFiltUp - ok 16:28:34.0768 5620 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 16:28:34.0788 5620 Brserid - ok 16:28:34.0808 5620 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 16:28:34.0808 5620 BrSerWdm - ok 16:28:34.0838 5620 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 16:28:34.0838 5620 BrUsbMdm - ok 16:28:34.0858 5620 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 16:28:34.0858 5620 BrUsbSer - ok 16:28:34.0888 5620 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 16:28:34.0888 5620 BTHMODEM - ok 16:28:34.0928 5620 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 16:28:34.0928 5620 cdfs - ok 16:28:34.0988 5620 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 16:28:35.0038 5620 cdrom - ok 16:28:35.0098 5620 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys 16:28:35.0148 5620 cfwids - ok 16:28:35.0188 5620 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 16:28:35.0188 5620 circlass - ok 16:28:35.0238 5620 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 16:28:35.0238 5620 CLFS - ok 16:28:35.0298 5620 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 16:28:35.0308 5620 CmBatt - ok 16:28:35.0348 5620 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 16:28:35.0358 5620 cmdide - ok 16:28:35.0388 5620 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 16:28:35.0428 5620 CNG - ok 16:28:35.0468 5620 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 16:28:35.0468 5620 Compbatt - ok 16:28:35.0508 5620 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 16:28:35.0558 5620 CompositeBus - ok 16:28:35.0598 5620 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 16:28:35.0598 5620 crcdisk - ok 16:28:35.0728 5620 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 16:28:35.0778 5620 CSC - ok 16:28:35.0858 5620 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 16:28:35.0908 5620 CtClsFlt - ok 16:28:35.0978 5620 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys 16:28:36.0038 5620 dc3d - ok 16:28:36.0098 5620 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 16:28:36.0148 5620 DfsC - ok 16:28:36.0178 5620 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 16:28:36.0178 5620 discache - ok 16:28:36.0208 5620 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 16:28:36.0218 5620 Disk - ok 16:28:36.0278 5620 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys 16:28:36.0328 5620 DisplayLinkUsbPort - ok 16:28:36.0358 5620 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys 16:28:36.0408 5620 dlcdbus - ok 16:28:36.0468 5620 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys 16:28:36.0518 5620 dlkmd - ok 16:28:36.0528 5620 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys 16:28:36.0578 5620 dlkmdldr - ok 16:28:36.0648 5620 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 16:28:36.0658 5620 drmkaud - ok 16:28:36.0718 5620 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 16:28:36.0778 5620 DXGKrnl - ok 16:28:36.0868 5620 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 16:28:36.0908 5620 ebdrv - ok 16:28:36.0978 5620 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 16:28:37.0028 5620 ElbyCDIO - ok 16:28:37.0078 5620 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 16:28:37.0088 5620 elxstor - ok 16:28:37.0118 5620 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 16:28:37.0128 5620 ErrDev - ok 16:28:37.0178 5620 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 16:28:37.0188 5620 exfat - ok 16:28:37.0218 5620 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 16:28:37.0228 5620 fastfat - ok 16:28:37.0268 5620 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 16:28:37.0268 5620 fdc - ok 16:28:37.0298 5620 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 16:28:37.0298 5620 FileInfo - ok 16:28:37.0318 5620 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 16:28:37.0328 5620 Filetrace - ok 16:28:37.0338 5620 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 16:28:37.0348 5620 flpydisk - ok 16:28:37.0388 5620 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 16:28:37.0428 5620 FltMgr - ok 16:28:37.0478 5620 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys 16:28:37.0528 5620 FlyUsb - ok 16:28:37.0558 5620 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 16:28:37.0558 5620 FsDepends - ok 16:28:37.0588 5620 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 16:28:37.0638 5620 fssfltr - ok 16:28:37.0658 5620 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 16:28:37.0658 5620 Fs_Rec - ok 16:28:37.0718 5620 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 16:28:37.0758 5620 fvevol - ok 16:28:37.0788 5620 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 16:28:37.0798 5620 gagp30kx - ok 16:28:37.0838 5620 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 16:28:37.0888 5620 GEARAspiWDM - ok 16:28:37.0958 5620 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 16:28:37.0958 5620 hcw85cir - ok 16:28:38.0018 5620 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 16:28:38.0058 5620 HDAudBus - ok 16:28:38.0078 5620 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 16:28:38.0088 5620 HidBatt - ok 16:28:38.0118 5620 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 16:28:38.0128 5620 HidBth - ok 16:28:38.0138 5620 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 16:28:38.0148 5620 HidIr - ok 16:28:38.0188 5620 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 16:28:38.0238 5620 HidUsb - ok 16:28:38.0278 5620 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 16:28:38.0328 5620 HpSAMD - ok 16:28:38.0368 5620 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 16:28:38.0408 5620 HTCAND64 - ok 16:28:38.0478 5620 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 16:28:38.0518 5620 htcnprot - ok 16:28:38.0578 5620 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 16:28:38.0578 5620 HTTP - ok 16:28:38.0618 5620 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 16:28:38.0658 5620 hwpolicy - ok 16:28:38.0718 5620 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 16:28:38.0718 5620 i8042prt - ok 16:28:38.0798 5620 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 16:28:38.0858 5620 iaStorV - ok 16:28:38.0918 5620 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 16:28:38.0918 5620 iirsp - ok 16:28:38.0948 5620 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 16:28:38.0948 5620 intelide - ok 16:28:38.0978 5620 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 16:28:38.0988 5620 intelppm - ok 16:28:39.0048 5620 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:28:39.0088 5620 IpFilterDriver - ok 16:28:39.0118 5620 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 16:28:39.0168 5620 IPMIDRV - ok 16:28:39.0188 5620 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 16:28:39.0198 5620 IPNAT - ok 16:28:39.0248 5620 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 16:28:39.0258 5620 IRENUM - ok 16:28:39.0278 5620 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 16:28:39.0288 5620 isapnp - ok 16:28:39.0308 5620 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 16:28:39.0358 5620 iScsiPrt - ok 16:28:39.0408 5620 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys 16:28:39.0418 5620 k57nd60a - ok 16:28:39.0458 5620 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 16:28:39.0468 5620 kbdclass - ok 16:28:39.0488 5620 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 16:28:39.0538 5620 kbdhid - ok 16:28:39.0578 5620 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 16:28:39.0608 5620 KSecDD - ok 16:28:39.0648 5620 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 16:28:39.0707 5620 KSecPkg - ok 16:28:39.0739 5620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 16:28:39.0739 5620 ksthunk - ok 16:28:39.0809 5620 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys 16:28:39.0859 5620 LAN9500 - ok 16:28:39.0919 5620 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 16:28:39.0929 5620 lltdio - ok 16:28:39.0959 5620 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 16:28:39.0969 5620 LSI_FC - ok 16:28:39.0979 5620 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 16:28:39.0989 5620 LSI_SAS - ok 16:28:40.0009 5620 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 16:28:40.0009 5620 LSI_SAS2 - ok 16:28:40.0059 5620 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 16:28:40.0059 5620 LSI_SCSI - ok 16:28:40.0099 5620 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 16:28:40.0099 5620 luafv - ok 16:28:40.0169 5620 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 16:28:40.0219 5620 MBAMProtector - ok 16:28:40.0319 5620 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 16:28:40.0319 5620 megasas - ok 16:28:40.0349 5620 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 16:28:40.0359 5620 MegaSR - ok 16:28:40.0399 5620 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys 16:28:40.0449 5620 mfeapfk - ok 16:28:40.0499 5620 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys 16:28:40.0559 5620 mfeavfk - ok 16:28:40.0589 5620 mfeavfk01 - ok 16:28:40.0659 5620 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys 16:28:40.0719 5620 mfefirek - ok 16:28:40.0769 5620 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys 16:28:40.0849 5620 mfehidk - ok 16:28:40.0889 5620 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys 16:28:40.0939 5620 mfenlfk - ok 16:28:40.0979 5620 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys 16:28:41.0029 5620 mferkdet - ok 16:28:41.0059 5620 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys 16:28:41.0109 5620 mfewfpk - ok 16:28:41.0169 5620 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 16:28:41.0169 5620 Modem - ok 16:28:41.0219 5620 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 16:28:41.0219 5620 monitor - ok 16:28:41.0269 5620 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 16:28:41.0279 5620 mouclass - ok 16:28:41.0319 5620 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 16:28:41.0329 5620 mouhid - ok 16:28:41.0379 5620 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 16:28:41.0429 5620 mountmgr - ok 16:28:41.0469 5620 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 16:28:41.0529 5620 mpio - ok 16:28:41.0559 5620 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 16:28:41.0559 5620 mpsdrv - ok 16:28:41.0609 5620 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 16:28:41.0669 5620 MRxDAV - ok 16:28:41.0709 5620 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:28:41.0759 5620 mrxsmb - ok 16:28:41.0789 5620 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:28:41.0849 5620 mrxsmb10 - ok 16:28:41.0869 5620 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:28:41.0909 5620 mrxsmb20 - ok 16:28:41.0929 5620 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 16:28:41.0979 5620 msahci - ok 16:28:42.0009 5620 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 16:28:42.0059 5620 msdsm - ok 16:28:42.0109 5620 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 16:28:42.0109 5620 Msfs - ok 16:28:42.0149 5620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 16:28:42.0159 5620 mshidkmdf - ok 16:28:42.0169 5620 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 16:28:42.0179 5620 msisadrv - ok 16:28:42.0229 5620 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 16:28:42.0239 5620 MSKSSRV - ok 16:28:42.0269 5620 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 16:28:42.0279 5620 MSPCLOCK - ok 16:28:42.0299 5620 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 16:28:42.0299 5620 MSPQM - ok 16:28:42.0339 5620 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 16:28:42.0389 5620 MsRPC - ok 16:28:42.0409 5620 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 16:28:42.0409 5620 mssmbios - ok 16:28:42.0450 5620 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 16:28:42.0460 5620 MSTEE - ok 16:28:42.0480 5620 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 16:28:42.0480 5620 MTConfig - ok 16:28:42.0520 5620 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 16:28:42.0520 5620 Mup - ok 16:28:42.0570 5620 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 16:28:42.0580 5620 NativeWifiP - ok 16:28:42.0650 5620 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 16:28:42.0650 5620 NDIS - ok 16:28:42.0680 5620 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 16:28:42.0690 5620 NdisCap - ok 16:28:42.0720 5620 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 16:28:42.0720 5620 NdisTapi - ok 16:28:42.0750 5620 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 16:28:42.0800 5620 Ndisuio - ok 16:28:42.0851 5620 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 16:28:42.0901 5620 NdisWan - ok 16:28:42.0941 5620 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 16:28:42.0981 5620 NDProxy - ok 16:28:43.0001 5620 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 16:28:43.0001 5620 NetBIOS - ok 16:28:43.0041 5620 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 16:28:43.0081 5620 NetBT - ok 16:28:43.0141 5620 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 16:28:43.0141 5620 nfrd960 - ok 16:28:43.0181 5620 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 16:28:43.0181 5620 Npfs - ok 16:28:43.0201 5620 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 16:28:43.0201 5620 nsiproxy - ok 16:28:43.0271 5620 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 16:28:43.0381 5620 Ntfs - ok 16:28:43.0441 5620 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys 16:28:43.0491 5620 NuidFltr - ok 16:28:43.0511 5620 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 16:28:43.0521 5620 Null - ok 16:28:43.0561 5620 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 16:28:43.0611 5620 nvraid - ok 16:28:43.0631 5620 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 16:28:43.0681 5620 nvstor - ok 16:28:43.0721 5620 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 16:28:43.0721 5620 nv_agp - ok 16:28:43.0791 5620 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 16:28:43.0801 5620 ohci1394 - ok 16:28:43.0891 5620 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 16:28:43.0901 5620 Parport - ok 16:28:43.0941 5620 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 16:28:43.0991 5620 partmgr - ok 16:28:44.0111 5620 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 16:28:44.0111 5620 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 16:28:44.0141 5620 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 16:28:44.0141 5620 pci - ok 16:28:44.0181 5620 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 16:28:44.0191 5620 pciide - ok 16:28:44.0211 5620 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 16:28:44.0221 5620 pcmcia - ok 16:28:44.0241 5620 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 16:28:44.0251 5620 pcw - ok 16:28:44.0271 5620 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 16:28:44.0291 5620 PEAUTH - ok 16:28:44.0371 5620 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys 16:28:44.0421 5620 Point64 - ok 16:28:44.0471 5620 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 16:28:44.0521 5620 PptpMiniport - ok 16:28:44.0541 5620 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 16:28:44.0541 5620 Processor - ok 16:28:44.0601 5620 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 16:28:44.0601 5620 Psched - ok 16:28:44.0651 5620 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 16:28:44.0711 5620 PxHlpa64 - ok 16:28:44.0751 5620 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 16:28:44.0791 5620 ql2300 - ok 16:28:44.0821 5620 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 16:28:44.0821 5620 ql40xx - ok 16:28:44.0842 5620 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 16:28:44.0842 5620 QWAVEdrv - ok 16:28:44.0862 5620 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 16:28:44.0872 5620 RasAcd - ok 16:28:44.0922 5620 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 16:28:44.0922 5620 RasAgileVpn - ok 16:28:44.0962 5620 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:28:45.0012 5620 Rasl2tp - ok 16:28:45.0032 5620 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 16:28:45.0032 5620 RasPppoe - ok 16:28:45.0062 5620 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 16:28:45.0062 5620 RasSstp - ok 16:28:45.0102 5620 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 16:28:45.0152 5620 rdbss - ok 16:28:45.0172 5620 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 16:28:45.0182 5620 rdpbus - ok 16:28:45.0202 5620 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:28:45.0202 5620 RDPCDD - ok 16:28:45.0252 5620 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 16:28:45.0292 5620 RDPDR - ok 16:28:45.0332 5620 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 16:28:45.0342 5620 RDPENCDD - ok 16:28:45.0362 5620 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 16:28:45.0362 5620 RDPREFMP - ok 16:28:45.0422 5620 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 16:28:45.0472 5620 RdpVideoMiniport - ok 16:28:45.0512 5620 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 16:28:45.0562 5620 RDPWD - ok 16:28:45.0602 5620 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 16:28:45.0652 5620 rdyboost - ok 16:28:45.0692 5620 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys 16:28:45.0742 5620 rimmptsk - ok 16:28:45.0762 5620 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys 16:28:45.0802 5620 rimsptsk - ok 16:28:45.0852 5620 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 16:28:45.0892 5620 RimUsb - ok 16:28:45.0932 5620 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys 16:28:45.0982 5620 rismxdp - ok 16:28:46.0052 5620 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 16:28:46.0052 5620 rspndr - ok 16:28:46.0092 5620 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 16:28:46.0132 5620 s3cap - ok 16:28:46.0162 5620 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 16:28:46.0212 5620 sbp2port - ok 16:28:46.0252 5620 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 16:28:46.0302 5620 scfilter - ok 16:28:46.0332 5620 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 16:28:46.0372 5620 sdbus - ok 16:28:46.0422 5620 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 16:28:46.0422 5620 secdrv - ok 16:28:46.0452 5620 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 16:28:46.0452 5620 Serenum - ok 16:28:46.0482 5620 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 16:28:46.0482 5620 Serial - ok 16:28:46.0522 5620 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 16:28:46.0522 5620 sermouse - ok 16:28:46.0562 5620 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 16:28:46.0562 5620 sffdisk - ok 16:28:46.0582 5620 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 16:28:46.0582 5620 sffp_mmc - ok 16:28:46.0602 5620 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 16:28:46.0652 5620 sffp_sd - ok 16:28:46.0662 5620 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 16:28:46.0672 5620 sfloppy - ok 16:28:46.0712 5620 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 16:28:46.0732 5620 SiSRaid2 - ok 16:28:46.0752 5620 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 16:28:46.0762 5620 SiSRaid4 - ok 16:28:46.0802 5620 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 16:28:46.0802 5620 Smb - ok 16:28:46.0832 5620 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 16:28:46.0832 5620 spldr - ok 16:28:46.0913 5620 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 16:28:46.0963 5620 srv - ok 16:28:47.0013 5620 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 16:28:47.0063 5620 srv2 - ok 16:28:47.0113 5620 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 16:28:47.0163 5620 srvnet - ok 16:28:47.0223 5620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 16:28:47.0223 5620 stexstor - ok 16:28:47.0283 5620 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys 16:28:47.0333 5620 STHDA - ok 16:28:47.0363 5620 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 16:28:47.0413 5620 storflt - ok 16:28:47.0433 5620 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 16:28:47.0483 5620 storvsc - ok 16:28:47.0523 5620 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 16:28:47.0523 5620 swenum - ok 16:28:47.0583 5620 Synth3dVsc - ok 16:28:47.0633 5620 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys 16:28:47.0773 5620 SynTP - ok 16:28:47.0963 5620 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 16:28:48.0153 5620 Tcpip - ok 16:28:48.0263 5620 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 16:28:48.0283 5620 TCPIP6 - ok 16:28:48.0343 5620 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 16:28:48.0463 5620 tcpipreg - ok 16:28:48.0503 5620 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 16:28:48.0523 5620 TDPIPE - ok 16:28:48.0553 5620 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 16:28:48.0563 5620 TDTCP - ok 16:28:48.0623 5620 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 16:28:48.0743 5620 tdx - ok 16:28:48.0783 5620 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 16:28:48.0883 5620 TermDD - ok 16:28:48.0973 5620 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:28:49.0093 5620 tssecsrv - ok 16:28:49.0143 5620 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 16:28:49.0273 5620 TsUsbFlt - ok 16:28:49.0293 5620 tsusbhub - ok 16:28:49.0353 5620 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 16:28:49.0473 5620 tunnel - ok 16:28:49.0503 5620 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 16:28:49.0523 5620 uagp35 - ok 16:28:49.0573 5620 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 16:28:49.0693 5620 udfs - ok 16:28:49.0743 5620 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 16:28:49.0763 5620 uliagpkx - ok 16:28:49.0813 5620 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 16:28:49.0933 5620 umbus - ok 16:28:49.0963 5620 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 16:28:49.0963 5620 UmPass - ok 16:28:50.0033 5620 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 16:28:50.0153 5620 USBAAPL64 - ok 16:28:50.0183 5620 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 16:28:50.0313 5620 usbccgp - ok 16:28:50.0363 5620 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 16:28:50.0383 5620 usbcir - ok 16:28:50.0413 5620 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 16:28:50.0533 5620 usbehci - ok 16:28:50.0583 5620 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 16:28:50.0753 5620 usbhub - ok 16:28:50.0783 5620 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 16:28:50.0913 5620 usbohci - ok 16:28:50.0933 5620 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 16:28:50.0943 5620 usbprint - ok 16:28:50.0973 5620 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:28:51.0103 5620 USBSTOR - ok 16:28:51.0133 5620 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 16:28:51.0253 5620 usbuhci - ok 16:28:51.0303 5620 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 16:28:51.0433 5620 usbvideo - ok 16:28:51.0513 5620 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 16:28:51.0523 5620 vdrvroot - ok 16:28:51.0583 5620 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 16:28:51.0593 5620 vga - ok 16:28:51.0623 5620 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 16:28:51.0633 5620 VgaSave - ok 16:28:51.0683 5620 VGPU - ok 16:28:51.0733 5620 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 16:28:52.0003 5620 vhdmp - ok 16:28:52.0053 5620 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 16:28:52.0073 5620 viaide - ok 16:28:52.0143 5620 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 16:28:52.0403 5620 vmbus - ok 16:28:52.0443 5620 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 16:28:52.0703 5620 VMBusHID - ok 16:28:52.0793 5620 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 16:28:53.0053 5620 volmgr - ok 16:28:53.0133 5620 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 16:28:53.0423 5620 volmgrx - ok 16:28:53.0473 5620 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 16:28:53.0743 5620 volsnap - ok 16:28:53.0843 5620 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 16:28:53.0883 5620 vsmraid - ok 16:28:54.0013 5620 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 16:28:54.0033 5620 vwifibus - ok 16:28:54.0093 5620 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 16:28:54.0123 5620 vwififlt - ok 16:28:54.0183 5620 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 16:28:54.0243 5620 vwifimp - ok 16:28:54.0313 5620 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 16:28:54.0353 5620 WacomPen - ok 16:28:54.0423 5620 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:28:54.0663 5620 WANARP - ok 16:28:54.0703 5620 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:28:54.0703 5620 Wanarpv6 - ok 16:28:54.0793 5620 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys 16:28:55.0003 5620 wanatw - ok 16:28:55.0173 5620 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 16:28:55.0213 5620 Wd - ok 16:28:55.0283 5620 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 16:28:55.0523 5620 WDC_SAM - ok 16:28:55.0633 5620 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 16:28:55.0703 5620 Wdf01000 - ok 16:28:55.0933 5620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 16:28:55.0953 5620 WfpLwf - ok 16:28:56.0003 5620 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 16:28:56.0213 5620 WimFltr - ok 16:28:56.0243 5620 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 16:28:56.0263 5620 WIMMount - ok 16:28:56.0483 5620 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 16:28:56.0653 5620 WinUsb - ok 16:28:56.0763 5620 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 16:28:56.0783 5620 WmiAcpi - ok 16:28:56.0873 5620 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 16:28:56.0893 5620 ws2ifsl - ok 16:28:56.0993 5620 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 16:28:57.0173 5620 WudfPf - ok 16:28:57.0233 5620 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:28:57.0413 5620 WUDFRd - ok 16:28:57.0603 5620 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0 16:28:57.0693 5620 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning 16:28:57.0693 5620 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1) 16:28:57.0703 5620 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0 16:28:57.0713 5620 \Device\Harddisk0\DR0\Partition0 - ok 16:28:57.0733 5620 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1 16:28:57.0733 5620 \Device\Harddisk0\DR0\Partition1 - ok 16:28:57.0733 5620 ============================================================ 16:28:57.0733 5620 Scan finished 16:28:57.0733 5620 ============================================================ 16:28:57.0783 3544 Detected object count: 1 16:28:57.0783 3544 Actual detected object count: 1 16:29:28.0129 3544 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user 16:29:28.0129 3544 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip 16:29:47.0843 7248 Deinitialize success
  12. TDSS Killer Log 07:36:49.0721 9032 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06 07:36:52.0252 9032 ============================================================ 07:36:52.0252 9032 Current date / time: 2012/02/23 07:36:52.0252 07:36:52.0252 9032 SystemInfo: 07:36:52.0252 9032 07:36:52.0252 9032 OS Version: 6.1.7601 ServicePack: 1.0 07:36:52.0252 9032 Product type: Workstation 07:36:52.0262 9032 ComputerName: ROO-SOXLAPTOP 07:36:52.0262 9032 UserName: Roo 07:36:52.0262 9032 Windows directory: C:\Windows 07:36:52.0262 9032 System windows directory: C:\Windows 07:36:52.0262 9032 Running under WOW64 07:36:52.0262 9032 Processor architecture: Intel x64 07:36:52.0262 9032 Number of processors: 2 07:36:52.0262 9032 Page size: 0x1000 07:36:52.0262 9032 Boot type: Normal boot 07:36:52.0262 9032 ============================================================ 07:36:54.0113 9032 Initialize success 07:36:56.0883 6232 ============================================================ 07:36:56.0883 6232 Scan started 07:36:56.0883 6232 Mode: Manual; 07:36:56.0883 6232 ============================================================ 07:37:01.0073 6232 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 07:37:01.0093 6232 1394ohci - ok 07:37:01.0233 6232 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 07:37:01.0253 6232 ACPI - ok 07:37:01.0373 6232 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 07:37:01.0373 6232 AcpiPmi - ok 07:37:01.0523 6232 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 07:37:01.0553 6232 adp94xx - ok 07:37:02.0923 6232 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 07:37:02.0943 6232 adpahci - ok 07:37:03.0503 6232 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 07:37:03.0513 6232 adpu320 - ok 07:37:03.0713 6232 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 07:37:03.0743 6232 AFD - ok 07:37:03.0833 6232 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 07:37:03.0843 6232 agp440 - ok 07:37:03.0923 6232 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 07:37:03.0923 6232 aliide - ok 07:37:04.0023 6232 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 07:37:04.0033 6232 amdide - ok 07:37:04.0263 6232 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 07:37:04.0263 6232 AmdK8 - ok 07:37:04.0373 6232 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 07:37:04.0383 6232 AmdPPM - ok 07:37:04.0463 6232 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 07:37:04.0473 6232 amdsata - ok 07:37:04.0513 6232 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 07:37:04.0523 6232 amdsbs - ok 07:37:04.0553 6232 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 07:37:04.0553 6232 amdxata - ok 07:37:04.0643 6232 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys 07:37:04.0653 6232 AnyDVD - ok 07:37:04.0733 6232 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 07:37:04.0743 6232 AppID - ok 07:37:04.0903 6232 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 07:37:04.0923 6232 arc - ok 07:37:04.0953 6232 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 07:37:04.0963 6232 arcsas - ok 07:37:05.0043 6232 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 07:37:05.0053 6232 AsyncMac - ok 07:37:05.0103 6232 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 07:37:05.0103 6232 atapi - ok 07:37:05.0183 6232 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys 07:37:05.0183 6232 AtiHdmiService - ok 07:37:05.0493 6232 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys 07:37:05.0753 6232 atikmdag - ok 07:37:05.0903 6232 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 07:37:05.0933 6232 b06bdrv - ok 07:37:05.0973 6232 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 07:37:05.0983 6232 b57nd60a - ok 07:37:06.0053 6232 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys 07:37:06.0063 6232 BCM42RLY - ok 07:37:06.0363 6232 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys 07:37:06.0553 6232 BCM43XX - ok 07:37:06.0643 6232 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 07:37:06.0643 6232 Beep - ok 07:37:06.0733 6232 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 07:37:06.0743 6232 blbdrive - ok 07:37:06.0833 6232 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 07:37:06.0843 6232 bowser - ok 07:37:06.0873 6232 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 07:37:06.0873 6232 BrFiltLo - ok 07:37:06.0973 6232 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 07:37:06.0973 6232 BrFiltUp - ok 07:37:07.0013 6232 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 07:37:07.0033 6232 Brserid - ok 07:37:07.0073 6232 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 07:37:07.0083 6232 BrSerWdm - ok 07:37:07.0103 6232 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 07:37:07.0103 6232 BrUsbMdm - ok 07:37:07.0143 6232 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 07:37:07.0143 6232 BrUsbSer - ok 07:37:07.0163 6232 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 07:37:07.0173 6232 BTHMODEM - ok 07:37:07.0223 6232 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 07:37:07.0233 6232 cdfs - ok 07:37:07.0403 6232 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 07:37:07.0413 6232 cdrom - ok 07:37:07.0503 6232 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys 07:37:07.0503 6232 cfwids - ok 07:37:07.0543 6232 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 07:37:07.0553 6232 circlass - ok 07:37:07.0613 6232 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 07:37:07.0633 6232 CLFS - ok 07:37:07.0723 6232 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 07:37:07.0733 6232 CmBatt - ok 07:37:07.0803 6232 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 07:37:07.0803 6232 cmdide - ok 07:37:07.0873 6232 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 07:37:07.0903 6232 CNG - ok 07:37:07.0963 6232 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 07:37:07.0973 6232 Compbatt - ok 07:37:08.0043 6232 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 07:37:08.0043 6232 CompositeBus - ok 07:37:08.0203 6232 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 07:37:08.0213 6232 crcdisk - ok 07:37:08.0293 6232 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 07:37:08.0333 6232 CSC - ok 07:37:08.0413 6232 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 07:37:08.0413 6232 CtClsFlt - ok 07:37:08.0573 6232 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys 07:37:08.0583 6232 dc3d - ok 07:37:08.0703 6232 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 07:37:08.0713 6232 DfsC - ok 07:37:08.0803 6232 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 07:37:08.0803 6232 discache - ok 07:37:08.0843 6232 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 07:37:08.0843 6232 Disk - ok 07:37:08.0943 6232 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys 07:37:08.0953 6232 DisplayLinkUsbPort - ok 07:37:09.0013 6232 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys 07:37:09.0013 6232 dlcdbus - ok 07:37:09.0063 6232 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys 07:37:09.0063 6232 dlkmd - ok 07:37:09.0103 6232 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys 07:37:09.0103 6232 dlkmdldr - ok 07:37:09.0203 6232 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 07:37:09.0203 6232 drmkaud - ok 07:37:09.0263 6232 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 07:37:09.0293 6232 DXGKrnl - ok 07:37:09.0463 6232 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 07:37:09.0593 6232 ebdrv - ok 07:37:09.0693 6232 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 07:37:09.0703 6232 ElbyCDIO - ok 07:37:09.0743 6232 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 07:37:09.0763 6232 elxstor - ok 07:37:09.0843 6232 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 07:37:09.0843 6232 ErrDev - ok 07:37:09.0913 6232 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 07:37:09.0923 6232 exfat - ok 07:37:10.0013 6232 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 07:37:10.0023 6232 fastfat - ok 07:37:10.0113 6232 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 07:37:10.0113 6232 fdc - ok 07:37:10.0153 6232 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 07:37:10.0163 6232 FileInfo - ok 07:37:10.0193 6232 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 07:37:10.0193 6232 Filetrace - ok 07:37:10.0223 6232 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 07:37:10.0223 6232 flpydisk - ok 07:37:10.0323 6232 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 07:37:10.0343 6232 FltMgr - ok 07:37:10.0403 6232 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys 07:37:10.0403 6232 FlyUsb - ok 07:37:10.0443 6232 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 07:37:10.0443 6232 FsDepends - ok 07:37:10.0493 6232 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 07:37:10.0503 6232 fssfltr - ok 07:37:10.0533 6232 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 07:37:10.0563 6232 Fs_Rec - ok 07:37:10.0623 6232 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 07:37:10.0633 6232 fvevol - ok 07:37:10.0663 6232 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 07:37:10.0673 6232 gagp30kx - ok 07:37:10.0733 6232 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 07:37:10.0733 6232 GEARAspiWDM - ok 07:37:10.0853 6232 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 07:37:10.0873 6232 hcw85cir - ok 07:37:11.0023 6232 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 07:37:11.0033 6232 HDAudBus - ok 07:37:11.0063 6232 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 07:37:11.0073 6232 HidBatt - ok 07:37:11.0093 6232 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 07:37:11.0103 6232 HidBth - ok 07:37:11.0133 6232 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 07:37:11.0133 6232 HidIr - ok 07:37:11.0193 6232 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 07:37:11.0203 6232 HidUsb - ok 07:37:11.0253 6232 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 07:37:11.0263 6232 HpSAMD - ok 07:37:11.0323 6232 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys 07:37:11.0333 6232 HTCAND64 - ok 07:37:11.0423 6232 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys 07:37:11.0423 6232 htcnprot - ok 07:37:11.0543 6232 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 07:37:11.0563 6232 HTTP - ok 07:37:11.0623 6232 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 07:37:11.0623 6232 hwpolicy - ok 07:37:11.0703 6232 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 07:37:11.0703 6232 i8042prt - ok 07:37:11.0783 6232 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 07:37:11.0813 6232 iaStorV - ok 07:37:11.0883 6232 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 07:37:11.0893 6232 iirsp - ok 07:37:11.0943 6232 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 07:37:11.0953 6232 intelide - ok 07:37:12.0083 6232 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 07:37:12.0093 6232 intelppm - ok 07:37:12.0183 6232 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 07:37:12.0183 6232 IpFilterDriver - ok 07:37:12.0253 6232 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 07:37:12.0253 6232 IPMIDRV - ok 07:37:12.0293 6232 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 07:37:12.0293 6232 IPNAT - ok 07:37:12.0353 6232 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 07:37:12.0353 6232 IRENUM - ok 07:37:12.0393 6232 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 07:37:12.0403 6232 isapnp - ok 07:37:12.0453 6232 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 07:37:12.0463 6232 iScsiPrt - ok 07:37:12.0523 6232 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys 07:37:12.0523 6232 k57nd60a - ok 07:37:12.0563 6232 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 07:37:12.0563 6232 kbdclass - ok 07:37:12.0593 6232 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 07:37:12.0593 6232 kbdhid - ok 07:37:12.0653 6232 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 07:37:12.0653 6232 KSecDD - ok 07:37:12.0693 6232 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 07:37:12.0703 6232 KSecPkg - ok 07:37:12.0743 6232 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 07:37:12.0743 6232 ksthunk - ok 07:37:12.0803 6232 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys 07:37:12.0803 6232 LAN9500 - ok 07:37:12.0878 6232 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 07:37:12.0878 6232 lltdio - ok 07:37:12.0908 6232 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 07:37:12.0918 6232 LSI_FC - ok 07:37:12.0928 6232 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 07:37:12.0938 6232 LSI_SAS - ok 07:37:12.0958 6232 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 07:37:12.0968 6232 LSI_SAS2 - ok 07:37:13.0008 6232 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 07:37:13.0008 6232 LSI_SCSI - ok 07:37:13.0068 6232 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 07:37:13.0068 6232 luafv - ok 07:37:13.0148 6232 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 07:37:13.0158 6232 MBAMProtector - ok 07:37:13.0258 6232 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 07:37:13.0268 6232 megasas - ok 07:37:13.0288 6232 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 07:37:13.0288 6232 MegaSR - ok 07:37:13.0338 6232 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys 07:37:13.0338 6232 mfeapfk - ok 07:37:13.0398 6232 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys 07:37:13.0398 6232 mfeavfk - ok 07:37:13.0428 6232 mfeavfk01 - ok 07:37:13.0478 6232 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys 07:37:13.0488 6232 mfefirek - ok 07:37:13.0538 6232 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys 07:37:13.0558 6232 mfehidk - ok 07:37:13.0598 6232 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys 07:37:13.0608 6232 mfenlfk - ok 07:37:13.0658 6232 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys 07:37:13.0658 6232 mferkdet - ok 07:37:13.0698 6232 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys 07:37:13.0698 6232 mfewfpk - ok 07:37:13.0758 6232 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 07:37:13.0758 6232 Modem - ok 07:37:13.0808 6232 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 07:37:13.0808 6232 monitor - ok 07:37:13.0868 6232 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 07:37:13.0868 6232 mouclass - ok 07:37:13.0908 6232 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 07:37:13.0918 6232 mouhid - ok 07:37:13.0968 6232 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 07:37:13.0968 6232 mountmgr - ok 07:37:14.0018 6232 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 07:37:14.0028 6232 mpio - ok 07:37:14.0048 6232 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 07:37:14.0048 6232 mpsdrv - ok 07:37:14.0088 6232 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 07:37:14.0088 6232 MRxDAV - ok 07:37:14.0138 6232 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 07:37:14.0138 6232 mrxsmb - ok 07:37:14.0178 6232 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 07:37:14.0178 6232 mrxsmb10 - ok 07:37:14.0198 6232 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 07:37:14.0198 6232 mrxsmb20 - ok 07:37:14.0218 6232 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 07:37:14.0228 6232 msahci - ok 07:37:14.0248 6232 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 07:37:14.0248 6232 msdsm - ok 07:37:14.0298 6232 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 07:37:14.0298 6232 Msfs - ok 07:37:14.0318 6232 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 07:37:14.0318 6232 mshidkmdf - ok 07:37:14.0358 6232 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 07:37:14.0358 6232 msisadrv - ok 07:37:14.0408 6232 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 07:37:14.0408 6232 MSKSSRV - ok 07:37:14.0458 6232 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 07:37:14.0458 6232 MSPCLOCK - ok 07:37:14.0478 6232 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 07:37:14.0488 6232 MSPQM - ok 07:37:14.0558 6232 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 07:37:14.0558 6232 MsRPC - ok 07:37:14.0578 6232 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 07:37:14.0588 6232 mssmbios - ok 07:37:14.0608 6232 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 07:37:14.0608 6232 MSTEE - ok 07:37:14.0628 6232 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 07:37:14.0628 6232 MTConfig - ok 07:37:14.0648 6232 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 07:37:14.0658 6232 Mup - ok 07:37:14.0698 6232 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 07:37:14.0708 6232 NativeWifiP - ok 07:37:14.0788 6232 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 07:37:14.0808 6232 NDIS - ok 07:37:14.0828 6232 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 07:37:14.0838 6232 NdisCap - ok 07:37:14.0878 6232 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 07:37:14.0878 6232 NdisTapi - ok 07:37:14.0908 6232 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 07:37:14.0918 6232 Ndisuio - ok 07:37:14.0948 6232 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 07:37:14.0958 6232 NdisWan - ok 07:37:14.0998 6232 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 07:37:14.0998 6232 NDProxy - ok 07:37:15.0018 6232 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 07:37:15.0018 6232 NetBIOS - ok 07:37:15.0068 6232 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 07:37:15.0068 6232 NetBT - ok 07:37:15.0118 6232 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 07:37:15.0128 6232 nfrd960 - ok 07:37:15.0168 6232 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 07:37:15.0178 6232 Npfs - ok 07:37:15.0198 6232 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 07:37:15.0198 6232 nsiproxy - ok 07:37:15.0278 6232 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 07:37:15.0318 6232 Ntfs - ok 07:37:15.0378 6232 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys 07:37:15.0388 6232 NuidFltr - ok 07:37:15.0408 6232 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 07:37:15.0408 6232 Null - ok 07:37:15.0448 6232 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 07:37:15.0448 6232 nvraid - ok 07:37:15.0478 6232 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 07:37:15.0478 6232 nvstor - ok 07:37:15.0518 6232 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 07:37:15.0528 6232 nv_agp - ok 07:37:15.0558 6232 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 07:37:15.0558 6232 ohci1394 - ok 07:37:15.0618 6232 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 07:37:15.0618 6232 Parport - ok 07:37:15.0648 6232 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 07:37:15.0648 6232 partmgr - ok 07:37:15.0758 6232 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 07:37:15.0798 6232 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 07:37:15.0828 6232 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 07:37:15.0838 6232 pci - ok 07:37:15.0868 6232 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 07:37:15.0879 6232 pciide - ok 07:37:15.0919 6232 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 07:37:15.0919 6232 pcmcia - ok 07:37:15.0949 6232 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 07:37:15.0949 6232 pcw - ok 07:37:15.0979 6232 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 07:37:15.0999 6232 PEAUTH - ok 07:37:16.0079 6232 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys 07:37:16.0079 6232 Point64 - ok 07:37:16.0139 6232 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 07:37:16.0139 6232 PptpMiniport - ok 07:37:16.0159 6232 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 07:37:16.0169 6232 Processor - ok 07:37:16.0229 6232 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 07:37:16.0229 6232 Psched - ok 07:37:16.0279 6232 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 07:37:16.0279 6232 PxHlpa64 - ok 07:37:16.0329 6232 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 07:37:16.0359 6232 ql2300 - ok 07:37:16.0379 6232 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 07:37:16.0389 6232 ql40xx - ok 07:37:16.0399 6232 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 07:37:16.0399 6232 QWAVEdrv - ok 07:37:16.0419 6232 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 07:37:16.0429 6232 RasAcd - ok 07:37:16.0459 6232 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 07:37:16.0459 6232 RasAgileVpn - ok 07:37:16.0499 6232 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 07:37:16.0509 6232 Rasl2tp - ok 07:37:16.0529 6232 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 07:37:16.0529 6232 RasPppoe - ok 07:37:16.0559 6232 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 07:37:16.0559 6232 RasSstp - ok 07:37:16.0599 6232 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 07:37:16.0609 6232 rdbss - ok 07:37:16.0629 6232 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 07:37:16.0629 6232 rdpbus - ok 07:37:16.0639 6232 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 07:37:16.0639 6232 RDPCDD - ok 07:37:16.0689 6232 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 07:37:16.0699 6232 RDPDR - ok 07:37:16.0739 6232 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 07:37:16.0739 6232 RDPENCDD - ok 07:37:16.0759 6232 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 07:37:16.0759 6232 RDPREFMP - ok 07:37:16.0829 6232 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 07:37:16.0829 6232 RdpVideoMiniport - ok 07:37:16.0899 6232 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 07:37:16.0909 6232 RDPWD - ok 07:37:16.0979 6232 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 07:37:16.0989 6232 rdyboost - ok 07:37:17.0029 6232 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys 07:37:17.0029 6232 rimmptsk - ok 07:37:17.0049 6232 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys 07:37:17.0059 6232 rimsptsk - ok 07:37:17.0099 6232 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 07:37:17.0099 6232 RimUsb - ok 07:37:17.0139 6232 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys 07:37:17.0149 6232 rismxdp - ok 07:37:17.0209 6232 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 07:37:17.0209 6232 rspndr - ok 07:37:17.0249 6232 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 07:37:17.0249 6232 s3cap - ok 07:37:17.0279 6232 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 07:37:17.0279 6232 sbp2port - ok 07:37:17.0329 6232 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 07:37:17.0329 6232 scfilter - ok 07:37:17.0359 6232 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 07:37:17.0359 6232 sdbus - ok 07:37:17.0399 6232 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 07:37:17.0399 6232 secdrv - ok 07:37:17.0439 6232 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 07:37:17.0439 6232 Serenum - ok 07:37:17.0469 6232 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 07:37:17.0469 6232 Serial - ok 07:37:17.0509 6232 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 07:37:17.0509 6232 sermouse - ok 07:37:17.0539 6232 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 07:37:17.0539 6232 sffdisk - ok 07:37:17.0559 6232 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 07:37:17.0559 6232 sffp_mmc - ok 07:37:17.0579 6232 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 07:37:17.0589 6232 sffp_sd - ok 07:37:17.0609 6232 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 07:37:17.0609 6232 sfloppy - ok 07:37:17.0699 6232 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 07:37:17.0699 6232 SiSRaid2 - ok 07:37:17.0739 6232 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 07:37:17.0739 6232 SiSRaid4 - ok 07:37:17.0789 6232 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 07:37:17.0799 6232 Smb - ok 07:37:17.0849 6232 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 07:37:17.0859 6232 spldr - ok 07:37:17.0909 6232 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 07:37:17.0919 6232 srv - ok 07:37:17.0959 6232 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 07:37:17.0969 6232 srv2 - ok 07:37:18.0009 6232 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 07:37:18.0009 6232 srvnet - ok 07:37:18.0069 6232 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 07:37:18.0069 6232 stexstor - ok 07:37:18.0109 6232 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys 07:37:18.0119 6232 STHDA - ok 07:37:18.0169 6232 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 07:37:18.0179 6232 storflt - ok 07:37:18.0189 6232 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 07:37:18.0199 6232 storvsc - ok 07:37:18.0239 6232 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 07:37:18.0239 6232 swenum - ok 07:37:18.0279 6232 Synth3dVsc - ok 07:37:18.0319 6232 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys 07:37:18.0329 6232 SynTP - ok 07:37:18.0419 6232 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 07:37:18.0449 6232 Tcpip - ok 07:37:18.0519 6232 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 07:37:18.0529 6232 TCPIP6 - ok 07:37:18.0569 6232 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 07:37:18.0569 6232 tcpipreg - ok 07:37:18.0609 6232 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 07:37:18.0609 6232 TDPIPE - ok 07:37:18.0639 6232 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 07:37:18.0639 6232 TDTCP - ok 07:37:18.0689 6232 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 07:37:18.0689 6232 tdx - ok 07:37:18.0729 6232 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 07:37:18.0729 6232 TermDD - ok 07:37:18.0789 6232 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 07:37:18.0789 6232 tssecsrv - ok 07:37:18.0829 6232 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 07:37:18.0839 6232 TsUsbFlt - ok 07:37:18.0849 6232 tsusbhub - ok 07:37:18.0910 6232 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 07:37:18.0910 6232 tunnel - ok 07:37:18.0930 6232 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 07:37:18.0940 6232 uagp35 - ok 07:37:18.0980 6232 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 07:37:18.0990 6232 udfs - ok 07:37:19.0020 6232 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 07:37:19.0020 6232 uliagpkx - ok 07:37:19.0060 6232 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 07:37:19.0060 6232 umbus - ok 07:37:19.0080 6232 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 07:37:19.0080 6232 UmPass - ok 07:37:19.0140 6232 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 07:37:19.0140 6232 USBAAPL64 - ok 07:37:19.0170 6232 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 07:37:19.0170 6232 usbccgp - ok 07:37:19.0210 6232 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 07:37:19.0210 6232 usbcir - ok 07:37:19.0230 6232 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 07:37:19.0240 6232 usbehci - ok 07:37:19.0260 6232 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 07:37:19.0260 6232 usbhub - ok 07:37:19.0280 6232 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 07:37:19.0290 6232 usbohci - ok 07:37:19.0310 6232 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 07:37:19.0310 6232 usbprint - ok 07:37:19.0330 6232 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 07:37:19.0330 6232 USBSTOR - ok 07:37:19.0460 6232 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 07:37:19.0460 6232 usbuhci - ok 07:37:19.0520 6232 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 07:37:19.0520 6232 usbvideo - ok 07:37:19.0550 6232 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 07:37:19.0550 6232 vdrvroot - ok 07:37:19.0590 6232 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 07:37:19.0590 6232 vga - ok 07:37:19.0610 6232 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 07:37:19.0620 6232 VgaSave - ok 07:37:19.0640 6232 VGPU - ok 07:37:19.0670 6232 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 07:37:19.0680 6232 vhdmp - ok 07:37:19.0720 6232 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 07:37:19.0720 6232 viaide - ok 07:37:19.0760 6232 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 07:37:19.0770 6232 vmbus - ok 07:37:19.0780 6232 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 07:37:19.0790 6232 VMBusHID - ok 07:37:19.0810 6232 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 07:37:19.0810 6232 volmgr - ok 07:37:19.0870 6232 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 07:37:19.0870 6232 volmgrx - ok 07:37:19.0890 6232 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 07:37:19.0900 6232 volsnap - ok 07:37:19.0920 6232 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 07:37:19.0920 6232 vsmraid - ok 07:37:19.0970 6232 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 07:37:19.0970 6232 vwifibus - ok 07:37:19.0990 6232 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 07:37:20.0000 6232 vwififlt - ok 07:37:20.0040 6232 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 07:37:20.0040 6232 vwifimp - ok 07:37:20.0080 6232 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 07:37:20.0080 6232 WacomPen - ok 07:37:20.0120 6232 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 07:37:20.0130 6232 WANARP - ok 07:37:20.0150 6232 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 07:37:20.0150 6232 Wanarpv6 - ok 07:37:20.0190 6232 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys 07:37:20.0190 6232 wanatw - ok 07:37:20.0280 6232 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 07:37:20.0280 6232 Wd - ok 07:37:20.0320 6232 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 07:37:20.0320 6232 WDC_SAM - ok 07:37:20.0370 6232 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 07:37:20.0380 6232 Wdf01000 - ok 07:37:20.0440 6232 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 07:37:20.0440 6232 WfpLwf - ok 07:37:20.0480 6232 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 07:37:20.0490 6232 WimFltr - ok 07:37:20.0510 6232 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 07:37:20.0510 6232 WIMMount - ok 07:37:20.0590 6232 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 07:37:20.0590 6232 WinUsb - ok 07:37:20.0640 6232 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 07:37:20.0650 6232 WmiAcpi - ok 07:37:20.0680 6232 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 07:37:20.0690 6232 ws2ifsl - ok 07:37:20.0740 6232 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 07:37:20.0740 6232 WudfPf - ok 07:37:20.0790 6232 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 07:37:20.0800 6232 WUDFRd - ok 07:37:20.0860 6232 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0 07:37:20.0921 6232 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning 07:37:20.0921 6232 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1) 07:37:20.0931 6232 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0 07:37:20.0931 6232 \Device\Harddisk0\DR0\Partition0 - ok 07:37:20.0941 6232 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1 07:37:20.0951 6232 \Device\Harddisk0\DR0\Partition1 - ok 07:37:20.0951 6232 ============================================================ 07:37:20.0951 6232 Scan finished 07:37:20.0951 6232 ============================================================ 07:37:20.0961 8560 Detected object count: 1 07:37:20.0961 8560 Actual detected object count: 1 07:37:31.0192 8560 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user 07:37:31.0192 8560 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
  13. Thank you Daniel. I am adding my log files. DDS.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Roo at 7:15:34 on 2012-02-23 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4112 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files (x86)\AOL 9.5\waol.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe C:\Windows\system32\SearchIndexer.exe -netsvcs C:\Windows\system32\conhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files (x86)\AOL 9.5\shellmon.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskeng.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\internet explorer\iexplore.exe C:\Program Files (x86)\internet explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.5\AOL.EXE" -b mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe StartupFolder: C:\Users\Roo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL Trusted Zone: internet Trusted Zone: intuit.com\ttlc Trusted Zone: mcafee.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6} : DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\378616B65637 : DhcpNameServer = 68.237.161.12 71.243.0.12 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\B4566796E67456F6277656 : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\C696E6B6379737 : DhcpNameServer = 192.168.1.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll BHO-X64: McAfee Phishing Filter - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll Hosts: 94.63.240.133 www.google.com Hosts: 94.63.240.134 www.bing.com . ============= SERVICES / DRIVERS =============== . R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-8 8551272] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-2-20 652360] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-13 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-13 208536] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-13 161168] R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-2 705856] R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [?] S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);C:\Windows\system32\DRIVERS\dlcdbus.sys --> C:\Windows\system32\DRIVERS\dlcdbus.sys [?] S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176] S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?] S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?] S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys --> C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] . =============== Created Last 30 ================ . 2012-02-23 02:43:07 20480 ----a-w- C:\Windows\svchost.exe 2012-02-22 11:04:31 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-02-22 11:04:28 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BF13FF4-C811-473C-BD31-349C3E0EA235}\mpengine.dll 2012-02-21 03:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\Simple Adblock 2012-02-21 02:32:01 -------- d-----w- C:\Users\Roo\AppData\Roaming\Malwarebytes 2012-02-21 02:31:46 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-21 02:31:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-21 02:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2012-02-19 18:25:47 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-17 15:08:41 -------- d-----w- C:\Users\Roo\AppData\Roaming\57168 2012-02-17 15:07:55 -------- d-----w- C:\Users\Roo\AppData\Roaming\B8457 2012-02-16 02:16:36 -------- d-----w- C:\63146ec7b3a033f4356ca48e 2012-02-16 02:08:20 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-16 02:08:19 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-16 02:08:07 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-16 02:08:06 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-16 02:08:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-16 02:07:54 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-16 02:07:45 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-16 02:07:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-14 03:14:29 -------- d-----w- C:\Program Files (x86)\LP 2012-02-14 03:00:27 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\52A1.tmp 2012-02-14 03:00:27 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\52A0.tmp 2012-02-06 00:08:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-05 23:30:37 -------- d-----w- C:\Users\Roo\AppData\Roaming\Macrovision 2012-01-25 20:25:19 -------- d-----w- C:\Program Files\iPod 2012-01-25 20:25:18 -------- d-----w- C:\Program Files\iTunes 2012-01-25 20:25:18 -------- d-----w- C:\Program Files (x86)\iTunes . ==================== Find3M ==================== . 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-06-02 21:26:20 23384 ----a-w- C:\Program Files (x86)\QuickenOLBackupLauncher.exe 2010-06-02 21:25:34 48472 ----a-w- C:\Program Files (x86)\InetTools.dll 2010-06-02 21:24:32 537944 ----a-w- C:\Program Files (x86)\UpdateContent.dll 2010-06-02 21:24:28 57176 ----a-w- C:\Program Files (x86)\RestartExe.exe 2010-06-02 21:24:28 46424 ----a-w- C:\Program Files (x86)\BindContent.exe 2010-06-02 21:24:24 312664 ----a-w- C:\Program Files (x86)\SendError.dll 2010-06-02 21:24:22 32088 ----a-w- C:\Program Files (x86)\qwutilnet.dll 2010-06-02 21:24:12 359768 ----a-w- C:\Program Files (x86)\qwplan.dll 2010-06-02 21:24:10 129880 ----a-w- C:\Program Files (x86)\qwonlineFeatures.dll 2010-06-02 21:24:04 76120 ----a-w- C:\Program Files (x86)\qwipa.dll 2010-06-02 21:22:58 28504 ----a-w- C:\Program Files (x86)\lbt.dll 2010-06-02 21:22:58 129880 ----a-w- C:\Program Files (x86)\QCustomAction.dll 2010-06-02 21:22:46 39768 ----a-w- C:\Program Files (x86)\convert_stub.dll 2010-06-02 21:22:46 155992 ----a-w- C:\Program Files (x86)\cashgen.dll 2010-06-02 21:22:44 34136 ----a-w- C:\Program Files (x86)\CalendarSync.dll 2010-06-02 21:22:42 116568 ----a-w- C:\Program Files (x86)\billmind_qwrmnd.dll 2010-06-02 21:22:40 47448 ----a-w- C:\Program Files (x86)\billmind_alrtpkg.dll 2010-06-02 21:22:40 26456 ----a-w- C:\Program Files (x86)\billmind.exe 2010-06-02 21:22:38 77656 ----a-w- C:\Program Files (x86)\bagent.exe 2010-06-02 21:22:34 354136 ----a-w- C:\Program Files (x86)\alert.dll 2010-06-02 21:22:30 38744 ----a-w- C:\Program Files (x86)\printenv.exe 2010-06-02 21:22:20 1035608 ----a-w- C:\Program Files (x86)\dbghelp.dll 2010-06-02 21:22:18 71000 ----a-w- C:\Program Files (x86)\techhelp.exe 2010-01-04 23:40:10 433976 ----a-w- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe 2010-01-04 23:40:08 861432 ----a-w- C:\Program Files (x86)\QuickenHomeInventory.exe 2009-09-08 17:43:28 15720 ----a-w- C:\Program Files (x86)\mvut14n.dll 2009-09-08 17:42:26 223584 ----a-w- C:\Program Files (x86)\patchw32.dll 2009-09-08 17:40:54 41320 ----a-w- C:\Program Files (x86)\lbt_excite.dll 2009-09-08 17:40:38 23912 ----a-w- C:\Program Files (x86)\dellid.dll 2009-09-08 17:40:28 78184 ----a-w- C:\Program Files (x86)\bgt.dll 2009-09-08 17:40:26 34152 ----a-w- C:\Program Files (x86)\atwork.dll . ============= FINISH: 7:17:06.35 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 12/11/2009 7:29:39 PM System Uptime: 2/23/2012 7:02:22 AM (0 hours ago) . Motherboard: Dell Inc. | | 0C234M Processor: Intel® Core2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/1066mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 323.966 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP167: 2/13/2012 8:29:09 AM - Scheduled Checkpoint RP168: 2/15/2012 9:08:31 PM - Windows Update RP169: 2/16/2012 3:00:23 AM - Windows Update RP170: 2/16/2012 10:30:07 AM - Windows Update RP171: 2/18/2012 11:11:51 PM - Restore Operation RP172: 2/19/2012 1:25:15 PM - Windows Update RP174: 2/19/2012 1:50:58 PM - Windows Defender Checkpoint RP175: 2/20/2012 11:42:58 PM - Windows Update . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) Absolute Notifier Adobe AIR Adobe Flash Player 10 Plugin Adobe Reader 9.1.2 Advanced Audio FX Engine AnswerWorks 5.0 English Runtime AnyDVD AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Software Update ATI Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Citrix Presentation Server Client - Web Only CloneDVDmobile Compatibility Pack for the 2007 Office system Consumer In-Home Service Agreement Coupon Printer for Windows Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Getting Started Guide Dell Webcam Central Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 HTC BMP USB Driver HTC Driver Installer HTC Sync Internet TV for Windows Media Center iSEEK AnswerWorks English Runtime Java Auto Updater Java 6 Update 26 Junk Mail filter update LeapFrog Connect LeapFrog Tag Plugin Live! Cam Avatar Creator Malwarebytes Anti-Malware version 1.60.1.1000 McAfee SecurityCenter McAfee Virtual Technician Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) PowerDVD DX Quicken 2010 QuickTime Roxio Burn Roxio Update Manager Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Simple Adblock Skins Skype Toolbars Skype™ 4.2 TurboTax 2009 TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wrapper TurboTax 2010 TurboTax 2010 WinPerFedFormset TurboTax 2010 WinPerReleaseEngine TurboTax 2010 WinPerTaxSupport TurboTax 2010 wrapper Uninstall AOL Emergency Connect Utility 1.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) Viewpoint Media Player Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 2/22/2012 9:51:46 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. 2/19/2012 10:33:59 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s). 2/19/2012 1:55:55 PM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 7 time(s). 2/19/2012 1:37:34 PM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s). 2/19/2012 1:34:54 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/19/2012 1:32:55 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/19/2012 1:30:47 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/19/2012 1:28:47 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/19/2012 1:22:19 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/18/2012 11:28:05 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 2/18/2012 11:25:08 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 2/18/2012 11:11:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff800032c0b5a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021812-25864-01. . ==== End Of File ===========================
  14. Hi, I have the google re-direct virus. Anytime I try to search in a search engine, it re-directs me to a spam page (usually askthecrew.com or gimmeanswers.com). I've run the Malwarebytes anti-malware scan (below). The anti-malware traps the c:\windows\svchost.exe trojan.agent. I can quarantine it. I can click the "remove" on the trojan viruses and it forces me to reboot. When I reboot, the viruses are back. Can anyone suggest any other tools? Thanks Sheila Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.21.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Roo :: ROO-SOXLAPTOP [administrator] 2/20/2012 9:54:49 PM mbam-log-2012-02-20 (21-54-49).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 193615 Time elapsed: 7 minute(s), 55 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 4876 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.