Weird things showed up in my downloads folder - DDS logs posted

[drunknmunkys]

I had the following 3 installers show up in my downloads folder, and I'm not sure how they got there (WhiteSmoke, Neilson Netgear and iMesh). All from the same day a few weeks ago. I tried looking them up without much luck, but white smoke seemed like a common virus, so I figured better to see if I caught anything.

DDS.txt

Attach.txt

[drunknmunkys]

Can anybody help?

[Elise]

Hello, and

Sorry for the delay!

Whitesmoke is indeed an undesirable program, and comes sometimes bundled with a rootkit, so lets check for that first.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  Vista/Windows 7 users right-click and select Run As Administrator.
  
• If TDSSKiller does not run, try renaming it.
  
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  
• Click the Start Scan button.
  
• Do not use the computer during the scan
  
• If the scan completes with nothing found, click Close to exit.
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  
• Copy and paste the contents of that file in your next reply.

[drunknmunkys]

20:21:46.0912 4248 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

20:21:47.0325 4248 ============================================================

20:21:47.0325 4248 Current date / time: 2012/02/21 20:21:47.0325

20:21:47.0325 4248 SystemInfo:

20:21:47.0325 4248

20:21:47.0325 4248 OS Version: 6.1.7601 ServicePack: 1.0

20:21:47.0325 4248 Product type: Workstation

20:21:47.0325 4248 ComputerName: WILL-PC

20:21:47.0325 4248 UserName: Will

20:21:47.0325 4248 Windows directory: C:\Windows

20:21:47.0325 4248 System windows directory: C:\Windows

20:21:47.0325 4248 Running under WOW64

20:21:47.0325 4248 Processor architecture: Intel x64

20:21:47.0325 4248 Number of processors: 3

20:21:47.0325 4248 Page size: 0x1000

20:21:47.0325 4248 Boot type: Normal boot

20:21:47.0325 4248 ============================================================

20:21:49.0546 4248 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:49.0546 4248 Drive \Device\Harddisk3\DR3 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:49.0555 4248 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:49.0555 4248 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:49.0576 4248 Drive \Device\Harddisk4\DR5 - Size: 0x3C0100000 (15.00 Gb), SectorSize: 0x200, Cylinders: 0x7A6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:21:49.0578 4248 \Device\Harddisk0\DR0:

20:21:49.0578 4248 MBR used

20:21:49.0578 4248 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1

20:21:49.0578 4248 \Device\Harddisk3\DR3:

20:21:49.0598 4248 MBR used

20:21:49.0598 4248 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1749E000

20:21:49.0598 4248 \Device\Harddisk1\DR1:

20:21:49.0598 4248 MBR used

20:21:49.0598 4248 \Device\Harddisk2\DR2:

20:21:49.0598 4248 MBR used

20:21:49.0598 4248 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800

20:21:49.0598 4248 \Device\Harddisk4\DR5:

20:21:49.0600 4248 MBR used

20:21:49.0628 4248 Initialize success

20:21:49.0628 4248 ============================================================

20:22:43.0012 3152 ============================================================

20:22:43.0012 3152 Scan started

20:22:43.0012 3152 Mode: Manual;

20:22:43.0012 3152 ============================================================

20:22:43.0332 3152 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

20:22:43.0335 3152 1394ohci - ok

20:22:43.0388 3152 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

20:22:43.0392 3152 ACPI - ok

20:22:43.0434 3152 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

20:22:43.0435 3152 AcpiPmi - ok

20:22:43.0463 3152 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

20:22:43.0464 3152 adfs - ok

20:22:43.0506 3152 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

20:22:43.0511 3152 adp94xx - ok

20:22:43.0531 3152 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

20:22:43.0535 3152 adpahci - ok

20:22:43.0551 3152 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

20:22:43.0554 3152 adpu320 - ok

20:22:43.0599 3152 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

20:22:43.0604 3152 AFD - ok

20:22:43.0638 3152 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

20:22:43.0639 3152 agp440 - ok

20:22:43.0656 3152 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

20:22:43.0657 3152 aliide - ok

20:22:43.0715 3152 ALSysIO - ok

20:22:43.0749 3152 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

20:22:43.0750 3152 amdide - ok

20:22:43.0777 3152 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

20:22:43.0778 3152 amdiox64 - ok

20:22:43.0798 3152 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

20:22:43.0800 3152 AmdK8 - ok

20:22:43.0952 3152 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys

20:22:43.0998 3152 amdkmdag - ok

20:22:44.0021 3152 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys

20:22:44.0025 3152 amdkmdap - ok

20:22:44.0038 3152 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

20:22:44.0039 3152 AmdPPM - ok

20:22:44.0092 3152 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

20:22:44.0094 3152 amdsata - ok

20:22:44.0114 3152 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

20:22:44.0116 3152 amdsbs - ok

20:22:44.0127 3152 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

20:22:44.0129 3152 amdxata - ok

20:22:44.0184 3152 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

20:22:44.0185 3152 AppID - ok

20:22:44.0219 3152 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

20:22:44.0221 3152 arc - ok

20:22:44.0231 3152 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

20:22:44.0233 3152 arcsas - ok

20:22:44.0283 3152 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys

20:22:44.0284 3152 aswFsBlk - ok

20:22:44.0352 3152 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys

20:22:44.0353 3152 aswMonFlt - ok

20:22:44.0369 3152 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys

20:22:44.0370 3152 aswRdr - ok

20:22:44.0395 3152 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys

20:22:44.0400 3152 aswSnx - ok

20:22:44.0425 3152 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys

20:22:44.0428 3152 aswSP - ok

20:22:44.0450 3152 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys

20:22:44.0451 3152 aswTdi - ok

20:22:44.0467 3152 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

20:22:44.0468 3152 AsyncMac - ok

20:22:44.0513 3152 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

20:22:44.0513 3152 atapi - ok

20:22:44.0549 3152 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys

20:22:44.0551 3152 AtiHDAudioService - ok

20:22:44.0576 3152 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys

20:22:44.0578 3152 AtiHdmiService - ok

20:22:44.0728 3152 atikmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys

20:22:44.0773 3152 atikmdag - ok

20:22:44.0812 3152 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

20:22:44.0817 3152 b06bdrv - ok

20:22:44.0834 3152 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

20:22:44.0837 3152 b57nd60a - ok

20:22:44.0852 3152 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

20:22:44.0854 3152 Beep - ok

20:22:44.0889 3152 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

20:22:44.0891 3152 blbdrive - ok

20:22:44.0947 3152 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

20:22:44.0949 3152 bowser - ok

20:22:44.0967 3152 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:22:44.0968 3152 BrFiltLo - ok

20:22:44.0975 3152 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:22:44.0976 3152 BrFiltUp - ok

20:22:44.0993 3152 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

20:22:44.0996 3152 Brserid - ok

20:22:45.0003 3152 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

20:22:45.0004 3152 BrSerWdm - ok

20:22:45.0011 3152 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

20:22:45.0012 3152 BrUsbMdm - ok

20:22:45.0019 3152 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

20:22:45.0020 3152 BrUsbSer - ok

20:22:45.0029 3152 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

20:22:45.0030 3152 BTHMODEM - ok

20:22:45.0092 3152 busenum (fc278504bfa3ac7e9ed92359d0ee7282) C:\Windows\system32\DRIVERS\busenum.sys

20:22:45.0101 3152 busenum - ok

20:22:45.0113 3152 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

20:22:45.0115 3152 cdfs - ok

20:22:45.0162 3152 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

20:22:45.0165 3152 cdrom - ok

20:22:45.0186 3152 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

20:22:45.0187 3152 circlass - ok

20:22:45.0214 3152 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

20:22:45.0218 3152 CLFS - ok

20:22:45.0250 3152 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

20:22:45.0251 3152 CmBatt - ok

20:22:45.0290 3152 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

20:22:45.0291 3152 cmdide - ok

20:22:45.0321 3152 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

20:22:45.0326 3152 CNG - ok

20:22:45.0344 3152 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

20:22:45.0345 3152 Compbatt - ok

20:22:45.0374 3152 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

20:22:45.0376 3152 CompositeBus - ok

20:22:45.0440 3152 cpuz132 - ok

20:22:45.0452 3152 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

20:22:45.0453 3152 crcdisk - ok

20:22:45.0539 3152 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

20:22:45.0541 3152 DfsC - ok

20:22:45.0578 3152 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

20:22:45.0579 3152 discache - ok

20:22:45.0595 3152 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

20:22:45.0597 3152 Disk - ok

20:22:45.0626 3152 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

20:22:45.0627 3152 drmkaud - ok

20:22:45.0681 3152 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

20:22:45.0690 3152 DXGKrnl - ok

20:22:45.0745 3152 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

20:22:45.0787 3152 ebdrv - ok

20:22:45.0816 3152 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys

20:22:45.0817 3152 ElbyCDIO - ok

20:22:45.0837 3152 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

20:22:45.0842 3152 elxstor - ok

20:22:45.0886 3152 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

20:22:45.0887 3152 ErrDev - ok

20:22:45.0901 3152 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

20:22:45.0903 3152 exfat - ok

20:22:45.0920 3152 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

20:22:45.0923 3152 fastfat - ok

20:22:45.0943 3152 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

20:22:45.0944 3152 fdc - ok

20:22:45.0960 3152 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

20:22:45.0961 3152 FileInfo - ok

20:22:45.0977 3152 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

20:22:45.0978 3152 Filetrace - ok

20:22:46.0001 3152 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

20:22:46.0002 3152 flpydisk - ok

20:22:46.0047 3152 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

20:22:46.0051 3152 FltMgr - ok

20:22:46.0067 3152 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

20:22:46.0069 3152 FsDepends - ok

20:22:46.0126 3152 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

20:22:46.0127 3152 fssfltr - ok

20:22:46.0148 3152 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

20:22:46.0149 3152 Fs_Rec - ok

20:22:46.0193 3152 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

20:22:46.0195 3152 fvevol - ok

20:22:46.0207 3152 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

20:22:46.0209 3152 gagp30kx - ok

20:22:46.0234 3152 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:22:46.0235 3152 GEARAspiWDM - ok

20:22:46.0268 3152 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

20:22:46.0270 3152 hcw85cir - ok

20:22:46.0391 3152 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

20:22:46.0445 3152 HdAudAddService - ok

20:22:46.0523 3152 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

20:22:46.0552 3152 HDAudBus - ok

20:22:46.0559 3152 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

20:22:46.0560 3152 HidBatt - ok

20:22:46.0568 3152 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

20:22:46.0570 3152 HidBth - ok

20:22:46.0577 3152 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

20:22:46.0578 3152 HidIr - ok

20:22:46.0610 3152 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

20:22:46.0611 3152 HidUsb - ok

20:22:46.0640 3152 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

20:22:46.0642 3152 HpSAMD - ok

20:22:46.0709 3152 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

20:22:46.0716 3152 HTTP - ok

20:22:46.0765 3152 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

20:22:46.0767 3152 hwpolicy - ok

20:22:46.0819 3152 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

20:22:46.0821 3152 i8042prt - ok

20:22:46.0867 3152 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

20:22:46.0872 3152 iaStorV - ok

20:22:46.0894 3152 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

20:22:46.0896 3152 iirsp - ok

20:22:46.0950 3152 IntcAzAudAddService (0adf714079ae174a39d69036143e4c50) C:\Windows\system32\drivers\RTKVHD64.sys

20:22:46.0983 3152 IntcAzAudAddService - ok

20:22:47.0002 3152 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

20:22:47.0003 3152 intelide - ok

20:22:47.0020 3152 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

20:22:47.0021 3152 intelppm - ok

20:22:47.0102 3152 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:22:47.0103 3152 IpFilterDriver - ok

20:22:47.0125 3152 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

20:22:47.0126 3152 IPMIDRV - ok

20:22:47.0148 3152 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

20:22:47.0150 3152 IPNAT - ok

20:22:47.0171 3152 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

20:22:47.0172 3152 IRENUM - ok

20:22:47.0194 3152 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

20:22:47.0195 3152 isapnp - ok

20:22:47.0217 3152 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

20:22:47.0220 3152 iScsiPrt - ok

20:22:47.0244 3152 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

20:22:47.0245 3152 kbdclass - ok

20:22:47.0259 3152 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

20:22:47.0260 3152 kbdhid - ok

20:22:47.0289 3152 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

20:22:47.0291 3152 KSecDD - ok

20:22:47.0313 3152 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

20:22:47.0316 3152 KSecPkg - ok

20:22:47.0325 3152 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

20:22:47.0326 3152 ksthunk - ok

20:22:47.0360 3152 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

20:22:47.0361 3152 lltdio - ok

20:22:47.0392 3152 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

20:22:47.0394 3152 LSI_FC - ok

20:22:47.0407 3152 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

20:22:47.0409 3152 LSI_SAS - ok

20:22:47.0422 3152 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:22:47.0423 3152 LSI_SAS2 - ok

20:22:47.0436 3152 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:22:47.0438 3152 LSI_SCSI - ok

20:22:47.0453 3152 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

20:22:47.0454 3152 luafv - ok

20:22:47.0471 3152 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

20:22:47.0473 3152 megasas - ok

20:22:47.0494 3152 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

20:22:47.0497 3152 MegaSR - ok

20:22:47.0516 3152 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

20:22:47.0517 3152 Modem - ok

20:22:47.0559 3152 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

20:22:47.0561 3152 monitor - ok

20:22:47.0602 3152 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

20:22:47.0603 3152 mouclass - ok

20:22:47.0623 3152 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

20:22:47.0624 3152 mouhid - ok

20:22:47.0671 3152 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

20:22:47.0673 3152 mountmgr - ok

20:22:47.0698 3152 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

20:22:47.0701 3152 MpFilter - ok

20:22:47.0742 3152 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

20:22:47.0745 3152 mpio - ok

20:22:47.0765 3152 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

20:22:47.0766 3152 MpNWMon - ok

20:22:47.0785 3152 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

20:22:47.0787 3152 mpsdrv - ok

20:22:47.0842 3152 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

20:22:47.0844 3152 MRxDAV - ok

20:22:47.0895 3152 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

20:22:47.0897 3152 mrxsmb - ok

20:22:47.0922 3152 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:22:47.0925 3152 mrxsmb10 - ok

20:22:47.0947 3152 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:22:47.0949 3152 mrxsmb20 - ok

20:22:47.0959 3152 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

20:22:47.0960 3152 msahci - ok

20:22:48.0000 3152 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

20:22:48.0002 3152 msdsm - ok

20:22:48.0030 3152 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

20:22:48.0031 3152 Msfs - ok

20:22:48.0051 3152 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

20:22:48.0052 3152 mshidkmdf - ok

20:22:48.0097 3152 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

20:22:48.0099 3152 msisadrv - ok

20:22:48.0122 3152 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

20:22:48.0123 3152 MSKSSRV - ok

20:22:48.0148 3152 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

20:22:48.0149 3152 MSPCLOCK - ok

20:22:48.0158 3152 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

20:22:48.0159 3152 MSPQM - ok

20:22:48.0208 3152 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

20:22:48.0212 3152 MsRPC - ok

20:22:48.0223 3152 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

20:22:48.0225 3152 mssmbios - ok

20:22:48.0237 3152 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

20:22:48.0238 3152 MSTEE - ok

20:22:48.0246 3152 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

20:22:48.0247 3152 MTConfig - ok

20:22:48.0269 3152 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

20:22:48.0271 3152 Mup - ok

20:22:48.0302 3152 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

20:22:48.0306 3152 NativeWifiP - ok

20:22:48.0361 3152 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

20:22:48.0370 3152 NDIS - ok

20:22:48.0383 3152 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

20:22:48.0385 3152 NdisCap - ok

20:22:48.0404 3152 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

20:22:48.0405 3152 NdisTapi - ok

20:22:48.0452 3152 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

20:22:48.0454 3152 Ndisuio - ok

20:22:48.0507 3152 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

20:22:48.0509 3152 NdisWan - ok

20:22:48.0550 3152 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

20:22:48.0552 3152 NDProxy - ok

20:22:48.0565 3152 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

20:22:48.0566 3152 NetBIOS - ok

20:22:48.0616 3152 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

20:22:48.0619 3152 NetBT - ok

20:22:48.0664 3152 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

20:22:48.0666 3152 nfrd960 - ok

20:22:48.0702 3152 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

20:22:48.0704 3152 NisDrv - ok

20:22:48.0737 3152 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

20:22:48.0738 3152 Npfs - ok

20:22:48.0750 3152 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

20:22:48.0751 3152 nsiproxy - ok

20:22:48.0817 3152 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

20:22:48.0838 3152 Ntfs - ok

20:22:48.0845 3152 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

20:22:48.0846 3152 Null - ok

20:22:48.0906 3152 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

20:22:48.0908 3152 nvraid - ok

20:22:48.0923 3152 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

20:22:48.0925 3152 nvstor - ok

20:22:48.0940 3152 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

20:22:48.0942 3152 nv_agp - ok

20:22:48.0985 3152 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

20:22:48.0986 3152 ohci1394 - ok

20:22:49.0006 3152 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

20:22:49.0008 3152 Parport - ok

20:22:49.0054 3152 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

20:22:49.0055 3152 partmgr - ok

20:22:49.0077 3152 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

20:22:49.0078 3152 pci - ok

20:22:49.0094 3152 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

20:22:49.0095 3152 pciide - ok

20:22:49.0116 3152 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

20:22:49.0118 3152 pcmcia - ok

20:22:49.0132 3152 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

20:22:49.0134 3152 pcw - ok

20:22:49.0156 3152 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

20:22:49.0163 3152 PEAUTH - ok

20:22:49.0260 3152 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

20:22:49.0263 3152 PptpMiniport - ok

20:22:49.0270 3152 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

20:22:49.0272 3152 Processor - ok

20:22:49.0324 3152 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

20:22:49.0327 3152 Psched - ok

20:22:49.0366 3152 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

20:22:49.0380 3152 ql2300 - ok

20:22:49.0398 3152 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

20:22:49.0401 3152 ql40xx - ok

20:22:49.0416 3152 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

20:22:49.0417 3152 QWAVEdrv - ok

20:22:49.0433 3152 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

20:22:49.0435 3152 RasAcd - ok

20:22:49.0463 3152 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

20:22:49.0464 3152 RasAgileVpn - ok

20:22:49.0510 3152 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

20:22:49.0512 3152 Rasl2tp - ok

20:22:49.0533 3152 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

20:22:49.0534 3152 RasPppoe - ok

20:22:49.0552 3152 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

20:22:49.0554 3152 RasSstp - ok

20:22:49.0603 3152 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

20:22:49.0606 3152 rdbss - ok

20:22:49.0620 3152 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

20:22:49.0621 3152 rdpbus - ok

20:22:49.0635 3152 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

20:22:49.0636 3152 RDPCDD - ok

20:22:49.0645 3152 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

20:22:49.0646 3152 RDPENCDD - ok

20:22:49.0655 3152 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

20:22:49.0656 3152 RDPREFMP - ok

20:22:49.0697 3152 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

20:22:49.0700 3152 RDPWD - ok

20:22:49.0755 3152 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

20:22:49.0759 3152 rdyboost - ok

20:22:49.0783 3152 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

20:22:49.0786 3152 rspndr - ok

20:22:49.0815 3152 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys

20:22:49.0818 3152 RTL8167 - ok

20:22:49.0883 3152 SbieDrv (c7e399dbc7b70fda979013389b1a8dab) C:\Program Files\Sandboxie\SbieDrv.sys

20:22:49.0885 3152 SbieDrv - ok

20:22:49.0929 3152 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

20:22:49.0931 3152 sbp2port - ok

20:22:49.0975 3152 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

20:22:49.0977 3152 scfilter - ok

20:22:49.0996 3152 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

20:22:49.0998 3152 secdrv - ok

20:22:50.0019 3152 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

20:22:50.0020 3152 Serenum - ok

20:22:50.0035 3152 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

20:22:50.0037 3152 Serial - ok

20:22:50.0074 3152 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

20:22:50.0076 3152 sermouse - ok

20:22:50.0127 3152 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

20:22:50.0129 3152 sffdisk - ok

20:22:50.0143 3152 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

20:22:50.0144 3152 sffp_mmc - ok

20:22:50.0152 3152 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

20:22:50.0153 3152 sffp_sd - ok

20:22:50.0170 3152 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

20:22:50.0171 3152 sfloppy - ok

20:22:50.0196 3152 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:22:50.0197 3152 SiSRaid2 - ok

20:22:50.0209 3152 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

20:22:50.0210 3152 SiSRaid4 - ok

20:22:50.0219 3152 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

20:22:50.0221 3152 Smb - ok

20:22:50.0254 3152 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

20:22:50.0256 3152 spldr - ok

20:22:50.0311 3152 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

20:22:50.0316 3152 srv - ok

20:22:50.0367 3152 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

20:22:50.0372 3152 srv2 - ok

20:22:50.0390 3152 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

20:22:50.0392 3152 srvnet - ok

20:22:50.0428 3152 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

20:22:50.0429 3152 stexstor - ok

20:22:50.0480 3152 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

20:22:50.0481 3152 swenum - ok

20:22:50.0571 3152 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

20:22:50.0604 3152 Tcpip - ok

20:22:50.0629 3152 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

20:22:50.0639 3152 TCPIP6 - ok

20:22:50.0690 3152 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

20:22:50.0692 3152 tcpipreg - ok

20:22:50.0718 3152 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

20:22:50.0719 3152 TDPIPE - ok

20:22:50.0738 3152 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

20:22:50.0739 3152 TDTCP - ok

20:22:50.0780 3152 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

20:22:50.0782 3152 tdx - ok

20:22:50.0794 3152 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

20:22:50.0795 3152 TermDD - ok

20:22:50.0846 3152 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

20:22:50.0847 3152 tssecsrv - ok

20:22:50.0914 3152 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

20:22:50.0916 3152 TsUsbFlt - ok

20:22:50.0958 3152 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

20:22:50.0960 3152 tunnel - ok

20:22:50.0971 3152 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

20:22:50.0973 3152 uagp35 - ok

20:22:51.0021 3152 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

20:22:51.0025 3152 udfs - ok

20:22:51.0081 3152 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

20:22:51.0083 3152 uliagpkx - ok

20:22:51.0130 3152 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

20:22:51.0132 3152 umbus - ok

20:22:51.0149 3152 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

20:22:51.0150 3152 UmPass - ok

20:22:51.0179 3152 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

20:22:51.0180 3152 USBAAPL64 - ok

20:22:51.0195 3152 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

20:22:51.0197 3152 usbccgp - ok

20:22:51.0243 3152 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

20:22:51.0245 3152 usbcir - ok

20:22:51.0283 3152 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

20:22:51.0285 3152 usbehci - ok

20:22:51.0306 3152 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

20:22:51.0310 3152 usbhub - ok

20:22:51.0318 3152 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

20:22:51.0319 3152 usbohci - ok

20:22:51.0338 3152 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

20:22:51.0339 3152 usbprint - ok

20:22:51.0354 3152 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:22:51.0355 3152 USBSTOR - ok

20:22:51.0372 3152 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

20:22:51.0374 3152 usbuhci - ok

20:22:51.0408 3152 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

20:22:51.0409 3152 VClone - ok

20:22:51.0453 3152 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

20:22:51.0455 3152 vdrvroot - ok

20:22:51.0472 3152 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

20:22:51.0473 3152 vga - ok

20:22:51.0492 3152 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

20:22:51.0493 3152 VgaSave - ok

20:22:51.0519 3152 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

20:22:51.0522 3152 vhdmp - ok

20:22:51.0558 3152 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

20:22:51.0635 3152 viaide - ok

20:22:51.0746 3152 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

20:22:51.0747 3152 volmgr - ok

20:22:51.0800 3152 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

20:22:51.0804 3152 volmgrx - ok

20:22:51.0834 3152 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

20:22:51.0837 3152 volsnap - ok

20:22:51.0889 3152 vpnva (0e4df91e83da5739ffb18535d4db10aa) C:\Windows\system32\DRIVERS\vpnva64.sys

20:22:51.0891 3152 vpnva - ok

20:22:51.0916 3152 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

20:22:51.0919 3152 vsmraid - ok

20:22:51.0940 3152 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

20:22:51.0942 3152 vwifibus - ok

20:22:51.0963 3152 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

20:22:51.0964 3152 WacomPen - ok

20:22:51.0985 3152 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

20:22:51.0987 3152 WANARP - ok

20:22:51.0990 3152 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

20:22:51.0991 3152 Wanarpv6 - ok

20:22:52.0025 3152 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

20:22:52.0027 3152 Wd - ok

20:22:52.0054 3152 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

20:22:52.0061 3152 Wdf01000 - ok

20:22:52.0090 3152 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

20:22:52.0092 3152 WfpLwf - ok

20:22:52.0099 3152 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

20:22:52.0101 3152 WIMMount - ok

20:22:52.0141 3152 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

20:22:52.0142 3152 WinUsb - ok

20:22:52.0193 3152 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

20:22:52.0194 3152 WmiAcpi - ok

20:22:52.0211 3152 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

20:22:52.0212 3152 ws2ifsl - ok

20:22:52.0263 3152 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

20:22:52.0265 3152 WudfPf - ok

20:22:52.0279 3152 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

20:22:52.0282 3152 WUDFRd - ok

20:22:52.0340 3152 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys

20:22:52.0341 3152 xusb21 - ok

20:22:52.0355 3152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

20:22:52.0383 3152 \Device\Harddisk0\DR0 - ok

20:22:52.0408 3152 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3

20:22:52.0431 3152 \Device\Harddisk3\DR3 - ok

20:22:52.0440 3152 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1

20:22:52.0443 3152 \Device\Harddisk1\DR1 - ok

20:22:52.0445 3152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2

20:22:52.0447 3152 \Device\Harddisk2\DR2 - ok

20:22:52.0453 3152 MBR (0x1B8) (fb1e8015b992e0ef7d4bdfe23919216f) \Device\Harddisk4\DR5

20:22:58.0636 3152 \Device\Harddisk4\DR5 - ok

20:22:58.0655 3152 Boot (0x1200) (5ffa747c3a91323907ad7db22789ce9a) \Device\Harddisk0\DR0\Partition0

20:22:58.0656 3152 \Device\Harddisk0\DR0\Partition0 - ok

20:22:58.0674 3152 Boot (0x1200) (287a51c3873af6064a9089efcad75ff2) \Device\Harddisk3\DR3\Partition0

20:22:58.0675 3152 \Device\Harddisk3\DR3\Partition0 - ok

20:22:58.0678 3152 Boot (0x1200) (d15552d2363bd9b5dbe5c74cf9c33449) \Device\Harddisk2\DR2\Partition0

20:22:58.0678 3152 \Device\Harddisk2\DR2\Partition0 - ok

20:22:58.0679 3152 ============================================================

20:22:58.0679 3152 Scan finished

20:22:58.0679 3152 ============================================================

20:22:58.0689 5900 Detected object count: 0

20:22:58.0689 5900 Actual detected object count: 0

20:23:07.0594 5092 Deinitialize success

[drunknmunkys]

20:21:20.0601 2720 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

20:21:21.0119 2720 ============================================================

20:21:21.0119 2720 Current date / time: 2012/02/21 20:21:21.0119

20:21:21.0119 2720 SystemInfo:

20:21:21.0119 2720

20:21:21.0119 2720 OS Version: 6.1.7601 ServicePack: 1.0

20:21:21.0119 2720 Product type: Workstation

20:21:21.0120 2720 ComputerName: WILL-PC

20:21:21.0120 2720 UserName: Will

20:21:21.0120 2720 Windows directory: C:\Windows

20:21:21.0120 2720 System windows directory: C:\Windows

20:21:21.0120 2720 Running under WOW64

20:21:21.0120 2720 Processor architecture: Intel x64

20:21:21.0120 2720 Number of processors: 3

20:21:21.0120 2720 Page size: 0x1000

20:21:21.0120 2720 Boot type: Normal boot

20:21:21.0120 2720 ============================================================

20:21:22.0797 2720 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:22.0819 2720 Drive \Device\Harddisk3\DR3 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:22.0829 2720 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:22.0836 2720 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:21:22.0917 2720 Drive \Device\Harddisk4\DR5 - Size: 0x3C0100000 (15.00 Gb), SectorSize: 0x200, Cylinders: 0x7A6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:21:22.0918 2720 \Device\Harddisk0\DR0:

20:21:22.0919 2720 MBR used

20:21:22.0919 2720 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1

20:21:22.0919 2720 \Device\Harddisk3\DR3:

20:21:22.0927 2720 MBR used

20:21:22.0927 2720 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1749E000

20:21:22.0927 2720 \Device\Harddisk1\DR1:

20:21:22.0927 2720 MBR used

20:21:22.0927 2720 \Device\Harddisk2\DR2:

20:21:22.0927 2720 MBR used

20:21:22.0927 2720 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800

20:21:22.0927 2720 \Device\Harddisk4\DR5:

20:21:22.0929 2720 MBR used

20:21:23.0116 2720 Initialize success

20:21:23.0116 2720 ============================================================

20:21:33.0479 5056 Deinitialize success

[Elise]

Hello again,

COMBOFIX

---------------

Please download ComboFix from one of these locations:

• 
  

Bleepingcomputer
ForoSpyware

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  
• Double click on Combofix.exe and follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

[drunknmunkys]

I did not get the Microsoft Windows Recovery Console popups. I ran it twice. Log from 2nd run posted below:

[drunknmunkys]

ComboFix 12-02-22.01 - Will 02/22/2012 20:27:55.2.3 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4093.2719 [GMT -6:00]

Running from: c:\users\Will\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-01-23 to 2012-02-23 )))))))))))))))))))))))))))))))

.

.

2012-02-23 02:33 . 2012-02-23 02:33 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-22 02:21 . 2012-02-22 02:21 116016 ----a-w- c:\windows\system32\drivers\29026077.sys

2012-02-21 23:54 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{17DA3524-1B07-4A53-B31F-CF0368B98CB4}\mpengine.dll

2012-02-16 00:41 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-16 00:41 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2012-02-16 00:41 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

2012-02-16 00:41 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

2012-02-16 00:41 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-02-16 00:41 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

2012-02-16 00:41 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-16 00:41 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

2012-02-10 19:12 . 2012-02-10 19:12 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F36C1C96-E75B-41A6-B188-5D16F83DD3B7}\gapaengine.dll

2012-02-05 15:31 . 2012-02-05 15:31 -------- d-----w- c:\users\Will\AppData\Roaming\Intuit

2012-02-05 15:28 . 2012-02-05 15:28 -------- d-----w- c:\users\Will\AppData\Local\IsolatedStorage

2012-02-05 15:28 . 2012-02-05 15:29 -------- d-----w- c:\program files (x86)\Common Files\Intuit

2012-02-05 15:27 . 2012-02-05 15:27 -------- d-----w- c:\program files (x86)\TurboTax

2012-02-05 15:25 . 2012-02-05 15:29 -------- d-----w- c:\programdata\Intuit

2012-02-03 05:09 . 2012-02-03 05:09 -------- d-----w- c:\programdata\Blizzard Entertainment

2012-02-03 03:12 . 2012-02-19 15:57 -------- d-----w- c:\program files (x86)\Diablo III Beta

2012-02-03 03:12 . 2012-02-03 03:12 -------- d-----w- c:\programdata\Battle.net

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-08 07:13 . 2011-08-14 10:39 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-01-31 12:44 . 2010-03-26 03:45 279656 ------w- c:\windows\system32\MpSigStub.exe

2011-12-10 21:24 . 2011-08-09 05:03 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-23_00.08.17 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-02-23 00:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-02-23 02:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-02-23 02:39 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-02-23 00:08 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-02-23 00:08 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-23 02:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 05:10 . 2012-02-23 00:11 45940 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-03-26 03:28 . 2012-02-23 00:11 15500 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1324195312-1820694152-1959188700-1001_UserData.bin

- 2012-02-23 00:07 . 2012-02-23 00:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-02-23 02:37 . 2012-02-23 02:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-02-23 00:07 . 2012-02-23 00:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-02-23 02:37 . 2012-02-23 02:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-03-26 15:15 . 2012-02-23 02:25 382458 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin

+ 2009-07-14 05:01 . 2012-02-23 02:34 357080 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2012-02-23 00:03 357080 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-06-07 05:37 . 2012-02-23 02:34 27499043 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1324195312-1820694152-1959188700-1001-12288.dat

- 2010-06-07 05:37 . 2012-02-23 00:04 27499043 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1324195312-1820694152-1959188700-1001-12288.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

c:\program files (x86)\Ask.com\GenericAskToolbar.dll [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [bU]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-10-12 643856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoFileAssociate"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 ALSysIO;ALSysIO;c:\users\Will\AppData\Local\Temp\ALSysIO64.sys [x]

R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\games\steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe [2011-08-10 25832]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-28 1038088]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-25 365568]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe [2009-08-25 544768]

S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]

S2 SynoDrService;SynoDrService;c:\program files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2010-06-02 380928]

S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [2011-02-18 245760]

S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-06-17 434864]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

iissvcs REG_MULTI_SZ w3svc was

.

Contents of the 'Scheduled Tasks' folder

.

2011-05-02 c:\windows\Tasks\Launch 21141.job

- c:\program files (x86)\Audible\Bin\Manager.exe [2011-05-02 18:19]

.

2011-05-12 c:\windows\Tasks\User_Feed_Synchronization-{BA70FBE9-DB4C-4800-8D94-2B0AFD17416D}.job

- c:\windows\system32\msfeedssync.exe [2011-05-08 22:52]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 192.168.1.254

DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://sslvpn.tmhs.org/CACHE/stc/1/binaries/vpnweb.cab

FF - ProfilePath - c:\users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\atfz7fpq.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - google.com

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\PnkBstrA.exe

.

**************************************************************************

.

Completion time: 2012-02-22 20:44:12 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-23 02:44

ComboFix2.txt 2012-02-23 00:31

.

Pre-Run: 6,104,309,760 bytes free

Post-Run: 6,006,099,968 bytes free

.

- - End Of File - - 5678E3F6D42FD3E93EEB07A487648C2D

[Elise]

Hi again,

TWO ANTIVIRUS PROGRAMS

---------------------------------------

I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

• False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  
• System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
  

Therefore please go to add/remove in the control panel and remove either Avast or MSSE.

After this, please let me know what problems you are still having at this point.

[drunknmunkys]

I uninstalled MSSE. I was never having a "problem" per say, I just noticed those files I didn't download with virus names in my downloads folder so I want to make sure I'm not infected.

[Elise]

Hi again,

P2P WARNING

-------------------

Going over your logs I noticed that you have uTorrent installed.

• Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  
• They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  
• Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  
• The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.

I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:

• Download the latest version of Adobe Reader Version X. and save it to your desktop.
  
• Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  
• Click the download button at the bottom.
  
• If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  
• Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
  If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  
• Then from your desktop double-click on Adobe Reader to install the newest version.
  If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  
• When the "Adobe Setup - Welcome" window opens, click the Install > button.
  
• If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  

Your Adobe Reader is now up to date!

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

• Download the latest version of Java Runtime Environment (JRE) Version 7u3.
  
• Look for "JDK 7u3 (JDK or JRE).
  
• Click the "Download JRE" button at the right.
  
• Read the License Agreement, and then check the box that says: "Accept License Agreement".
  
  • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe
    

  [*]Save it to your desktop

  [*]Close any programs you may have running - especially your web browser.

  [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

  [*]Reboot your computer once all Java components are removed.

  [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

ESET ONLINE SCANNER

----------------------------

I'd like us to scan your machine with ESET OnlineScan

1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
   
2. Click the button.
   
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. 
      
   2. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      
   3. Double click on the
      icon on your desktop.
      
      
   4. Check "YES, I accept the Terms of Use."
      
   5. Click the Start button.
      
   6. Accept any security warnings from your browser.
      
   7. Under scan settings, check "Scan Archives" and "Remove found threats"
      
   8. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
        
      • Scan for potentially unsafe applications
        
      • Enable Anti-Stealth technology

[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

[*]When the scan completes, click List Threats

[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

[*]Click the Back button.

[*]Click the Finish button.

[drunknmunkys]

C:\Users\Will\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\2b1f6a98-6e3c7462 Java/Agent.AC trojan deleted - quarantined

C:\Users\Will\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\696d2fac-29a396e3 probably a variant of Win32/Agent.DVSSYWD trojan deleted - quarantined

[Elise]

None of that is active, so that means you're good to go!

ALL CLEAN

--------------

Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean

Please do the following to remove the remaining programs from your PC:

• Delete the tools used during the disinfection:
  • Click start > run and type combofix /uninstall, press enter. This will remove Combofix from your computer.
    

Please read these advices, in order to prevent reinfecting your PC:

1. Install and update the following programs regularly:
   • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
     A comprehensive tutorial and a list of possible firewalls can be found here.
     
   • an AntiVirus Software
     It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
     
   • an Anti-Spyware program
     Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
     SUPERAntiSpyware is another good scanner with high detection and removal rates.
     Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
     
   • Spyware Blaster
     A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
     

[*]Keep Windows (and your other Microsoft software) up to date!

I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

[*]Keep your other software up to date as well

Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

[*]Stay up to date!

The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

Some more links you might find of interest:

• Miekies' prevention suggestions
  
• So How did I get infected?
  
• Microsoft - 'Security at home'
  
• Calendar of Updates: See which updates have been released.
  
• How to backup your Data with Cobian Backup:because you never know, when your harddisk might fail :wink:
  
• Commonly Used Freeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.
  
• osalt: Find (free) open source alternatives to known commercial software.

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.

[drunknmunkys]

thanks!

[Elise]

You are welcome.

I will request this topic to be closed.

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!