Jump to content

Help - google redirect virus


sgeorge

Recommended Posts

Hi,

I have the google re-direct virus. Anytime I try to search in a search engine, it re-directs me to a spam page (usually askthecrew.com or gimmeanswers.com).

I've run the Malwarebytes anti-malware scan (below).

The anti-malware traps the c:\windows\svchost.exe trojan.agent. I can quarantine it. I can click the "remove" on the trojan viruses and it forces me to reboot. When I reboot, the viruses are back.

Can anyone suggest any other tools?

Thanks

Sheila

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.21.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Roo :: ROO-SOXLAPTOP [administrator]

2/20/2012 9:54:49 PM

mbam-log-2012-02-20 (21-54-49).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 193615

Time elapsed: 7 minute(s), 55 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 4876 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Link to post
Share on other sites

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

dds_scr.gif

Download DDS and save it to your desktop from here or here

Double click dds to run the tool.

  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt

    [*]Save both reports to your desktop and post them in your next reply

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Please post in your next reply

dds.txt

attach.txt

TDSSKiller Log

Link to post
Share on other sites

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

dds_scr.gif

Download DDS and save it to your desktop from here or here

Double click dds to run the tool.

  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt

  • Save both reports to your desktop and post them in your next reply
    Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.
    Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Please post in your next reply

dds.txt

attach.txt

TDSSKiller Log

Thank you Daniel. I am adding my log files.

DDS.txt

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Roo at 7:15:34 on 2012-02-23

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4112 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files (x86)\AOL 9.5\waol.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe

C:\Windows\system32\SearchIndexer.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\AOL 9.5\shellmon.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\taskeng.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\internet explorer\iexplore.exe

C:\Program Files (x86)\internet explorer\iexplore.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler

uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.5\AOL.EXE" -b

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

StartupFolder: C:\Users\Roo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: intuit.com\ttlc

Trusted Zone: mcafee.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6} : DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\378616B65637 : DhcpNameServer = 68.237.161.12 71.243.0.12

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\B4566796E67456F6277656 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\C696E6B6379737 : DhcpNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray

mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

Hosts: 94.63.240.133 www.google.com

Hosts: 94.63.240.134 www.bing.com

.

============= SERVICES / DRIVERS ===============

.

R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?]

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-8 8551272]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-2-20 652360]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-13 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-13 208536]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-13 161168]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-2 705856]

R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [?]

S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);C:\Windows\system32\DRIVERS\dlcdbus.sys --> C:\Windows\system32\DRIVERS\dlcdbus.sys [?]

S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]

S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys --> C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

.

=============== Created Last 30 ================

.

2012-02-23 02:43:07 20480 ----a-w- C:\Windows\svchost.exe

2012-02-22 11:04:31 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-02-22 11:04:28 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7BF13FF4-C811-473C-BD31-349C3E0EA235}\mpengine.dll

2012-02-21 03:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\Simple Adblock

2012-02-21 02:32:01 -------- d-----w- C:\Users\Roo\AppData\Roaming\Malwarebytes

2012-02-21 02:31:46 -------- d-----w- C:\ProgramData\Malwarebytes

2012-02-21 02:31:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-02-21 02:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware

2012-02-19 18:25:47 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-17 15:08:41 -------- d-----w- C:\Users\Roo\AppData\Roaming\57168

2012-02-17 15:07:55 -------- d-----w- C:\Users\Roo\AppData\Roaming\B8457

2012-02-16 02:16:36 -------- d-----w- C:\63146ec7b3a033f4356ca48e

2012-02-16 02:08:20 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-02-16 02:08:19 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-02-16 02:08:07 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-02-16 02:08:06 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-02-16 02:08:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

2012-02-16 02:07:54 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-02-16 02:07:45 634880 ----a-w- C:\Windows\System32\msvcrt.dll

2012-02-16 02:07:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

2012-02-14 03:14:29 -------- d-----w- C:\Program Files (x86)\LP

2012-02-14 03:00:27 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\52A1.tmp

2012-02-14 03:00:27 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\52A0.tmp

2012-02-06 00:08:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-05 23:30:37 -------- d-----w- C:\Users\Roo\AppData\Roaming\Macrovision

2012-01-25 20:25:19 -------- d-----w- C:\Program Files\iPod

2012-01-25 20:25:18 -------- d-----w- C:\Program Files\iTunes

2012-01-25 20:25:18 -------- d-----w- C:\Program Files (x86)\iTunes

.

==================== Find3M ====================

.

2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll

2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll

2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-06-02 21:26:20 23384 ----a-w- C:\Program Files (x86)\QuickenOLBackupLauncher.exe

2010-06-02 21:25:34 48472 ----a-w- C:\Program Files (x86)\InetTools.dll

2010-06-02 21:24:32 537944 ----a-w- C:\Program Files (x86)\UpdateContent.dll

2010-06-02 21:24:28 57176 ----a-w- C:\Program Files (x86)\RestartExe.exe

2010-06-02 21:24:28 46424 ----a-w- C:\Program Files (x86)\BindContent.exe

2010-06-02 21:24:24 312664 ----a-w- C:\Program Files (x86)\SendError.dll

2010-06-02 21:24:22 32088 ----a-w- C:\Program Files (x86)\qwutilnet.dll

2010-06-02 21:24:12 359768 ----a-w- C:\Program Files (x86)\qwplan.dll

2010-06-02 21:24:10 129880 ----a-w- C:\Program Files (x86)\qwonlineFeatures.dll

2010-06-02 21:24:04 76120 ----a-w- C:\Program Files (x86)\qwipa.dll

2010-06-02 21:22:58 28504 ----a-w- C:\Program Files (x86)\lbt.dll

2010-06-02 21:22:58 129880 ----a-w- C:\Program Files (x86)\QCustomAction.dll

2010-06-02 21:22:46 39768 ----a-w- C:\Program Files (x86)\convert_stub.dll

2010-06-02 21:22:46 155992 ----a-w- C:\Program Files (x86)\cashgen.dll

2010-06-02 21:22:44 34136 ----a-w- C:\Program Files (x86)\CalendarSync.dll

2010-06-02 21:22:42 116568 ----a-w- C:\Program Files (x86)\billmind_qwrmnd.dll

2010-06-02 21:22:40 47448 ----a-w- C:\Program Files (x86)\billmind_alrtpkg.dll

2010-06-02 21:22:40 26456 ----a-w- C:\Program Files (x86)\billmind.exe

2010-06-02 21:22:38 77656 ----a-w- C:\Program Files (x86)\bagent.exe

2010-06-02 21:22:34 354136 ----a-w- C:\Program Files (x86)\alert.dll

2010-06-02 21:22:30 38744 ----a-w- C:\Program Files (x86)\printenv.exe

2010-06-02 21:22:20 1035608 ----a-w- C:\Program Files (x86)\dbghelp.dll

2010-06-02 21:22:18 71000 ----a-w- C:\Program Files (x86)\techhelp.exe

2010-01-04 23:40:10 433976 ----a-w- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe

2010-01-04 23:40:08 861432 ----a-w- C:\Program Files (x86)\QuickenHomeInventory.exe

2009-09-08 17:43:28 15720 ----a-w- C:\Program Files (x86)\mvut14n.dll

2009-09-08 17:42:26 223584 ----a-w- C:\Program Files (x86)\patchw32.dll

2009-09-08 17:40:54 41320 ----a-w- C:\Program Files (x86)\lbt_excite.dll

2009-09-08 17:40:38 23912 ----a-w- C:\Program Files (x86)\dellid.dll

2009-09-08 17:40:28 78184 ----a-w- C:\Program Files (x86)\bgt.dll

2009-09-08 17:40:26 34152 ----a-w- C:\Program Files (x86)\atwork.dll

.

============= FINISH: 7:17:06.35 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 12/11/2009 7:29:39 PM

System Uptime: 2/23/2012 7:02:22 AM (0 hours ago)

.

Motherboard: Dell Inc. | | 0C234M

Processor: Intel® Core2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 323.966 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP167: 2/13/2012 8:29:09 AM - Scheduled Checkpoint

RP168: 2/15/2012 9:08:31 PM - Windows Update

RP169: 2/16/2012 3:00:23 AM - Windows Update

RP170: 2/16/2012 10:30:07 AM - Windows Update

RP171: 2/18/2012 11:11:51 PM - Restore Operation

RP172: 2/19/2012 1:25:15 PM - Windows Update

RP174: 2/19/2012 1:50:58 PM - Windows Defender Checkpoint

RP175: 2/20/2012 11:42:58 PM - Windows Update

.

==== Installed Programs ======================

.

.

Update for Microsoft Office 2007 (KB2508958)

Absolute Notifier

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader 9.1.2

Advanced Audio FX Engine

AnswerWorks 5.0 English Runtime

AnyDVD

AOL Uninstaller (Choose which Products to Remove)

Apple Application Support

Apple Software Update

ATI Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Citrix Presentation Server Client - Web Only

CloneDVDmobile

Compatibility Pack for the 2007 Office system

Consumer In-Home Service Agreement

Coupon Printer for Windows

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell Webcam Central

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

Internet TV for Windows Media Center

iSEEK AnswerWorks English Runtime

Java Auto Updater

Java 6 Update 26

Junk Mail filter update

LeapFrog Connect

LeapFrog Tag Plugin

Live! Cam Avatar Creator

Malwarebytes Anti-Malware version 1.60.1.1000

McAfee SecurityCenter

McAfee Virtual Technician

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Works

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

PowerDVD DX

Quicken 2010

QuickTime

Roxio Burn

Roxio Update Manager

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Simple Adblock

Skins

Skype Toolbars

Skype™ 4.2

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

Uninstall AOL Emergency Connect Utility 1.0

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)

Viewpoint Media Player

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

2/22/2012 9:51:46 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

2/19/2012 10:33:59 AM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).

2/19/2012 1:55:55 PM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 7 time(s).

2/19/2012 1:37:34 PM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s).

2/19/2012 1:34:54 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/19/2012 1:32:55 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/19/2012 1:30:47 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/19/2012 1:28:47 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/19/2012 1:22:19 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/18/2012 11:28:05 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

2/18/2012 11:25:08 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..

2/18/2012 11:11:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff800032c0b5a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021812-25864-01.

.

==== End Of File ===========================

Link to post
Share on other sites

TDSS Killer Log

07:36:49.0721 9032 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

07:36:52.0252 9032 ============================================================

07:36:52.0252 9032 Current date / time: 2012/02/23 07:36:52.0252

07:36:52.0252 9032 SystemInfo:

07:36:52.0252 9032

07:36:52.0252 9032 OS Version: 6.1.7601 ServicePack: 1.0

07:36:52.0252 9032 Product type: Workstation

07:36:52.0262 9032 ComputerName: ROO-SOXLAPTOP

07:36:52.0262 9032 UserName: Roo

07:36:52.0262 9032 Windows directory: C:\Windows

07:36:52.0262 9032 System windows directory: C:\Windows

07:36:52.0262 9032 Running under WOW64

07:36:52.0262 9032 Processor architecture: Intel x64

07:36:52.0262 9032 Number of processors: 2

07:36:52.0262 9032 Page size: 0x1000

07:36:52.0262 9032 Boot type: Normal boot

07:36:52.0262 9032 ============================================================

07:36:54.0113 9032 Initialize success

07:36:56.0883 6232 ============================================================

07:36:56.0883 6232 Scan started

07:36:56.0883 6232 Mode: Manual;

07:36:56.0883 6232 ============================================================

07:37:01.0073 6232 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

07:37:01.0093 6232 1394ohci - ok

07:37:01.0233 6232 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

07:37:01.0253 6232 ACPI - ok

07:37:01.0373 6232 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

07:37:01.0373 6232 AcpiPmi - ok

07:37:01.0523 6232 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

07:37:01.0553 6232 adp94xx - ok

07:37:02.0923 6232 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

07:37:02.0943 6232 adpahci - ok

07:37:03.0503 6232 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

07:37:03.0513 6232 adpu320 - ok

07:37:03.0713 6232 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

07:37:03.0743 6232 AFD - ok

07:37:03.0833 6232 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

07:37:03.0843 6232 agp440 - ok

07:37:03.0923 6232 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

07:37:03.0923 6232 aliide - ok

07:37:04.0023 6232 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

07:37:04.0033 6232 amdide - ok

07:37:04.0263 6232 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

07:37:04.0263 6232 AmdK8 - ok

07:37:04.0373 6232 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

07:37:04.0383 6232 AmdPPM - ok

07:37:04.0463 6232 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

07:37:04.0473 6232 amdsata - ok

07:37:04.0513 6232 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

07:37:04.0523 6232 amdsbs - ok

07:37:04.0553 6232 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

07:37:04.0553 6232 amdxata - ok

07:37:04.0643 6232 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys

07:37:04.0653 6232 AnyDVD - ok

07:37:04.0733 6232 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

07:37:04.0743 6232 AppID - ok

07:37:04.0903 6232 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

07:37:04.0923 6232 arc - ok

07:37:04.0953 6232 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

07:37:04.0963 6232 arcsas - ok

07:37:05.0043 6232 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

07:37:05.0053 6232 AsyncMac - ok

07:37:05.0103 6232 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

07:37:05.0103 6232 atapi - ok

07:37:05.0183 6232 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

07:37:05.0183 6232 AtiHdmiService - ok

07:37:05.0493 6232 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys

07:37:05.0753 6232 atikmdag - ok

07:37:05.0903 6232 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

07:37:05.0933 6232 b06bdrv - ok

07:37:05.0973 6232 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

07:37:05.0983 6232 b57nd60a - ok

07:37:06.0053 6232 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys

07:37:06.0063 6232 BCM42RLY - ok

07:37:06.0363 6232 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys

07:37:06.0553 6232 BCM43XX - ok

07:37:06.0643 6232 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

07:37:06.0643 6232 Beep - ok

07:37:06.0733 6232 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

07:37:06.0743 6232 blbdrive - ok

07:37:06.0833 6232 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

07:37:06.0843 6232 bowser - ok

07:37:06.0873 6232 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

07:37:06.0873 6232 BrFiltLo - ok

07:37:06.0973 6232 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

07:37:06.0973 6232 BrFiltUp - ok

07:37:07.0013 6232 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

07:37:07.0033 6232 Brserid - ok

07:37:07.0073 6232 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

07:37:07.0083 6232 BrSerWdm - ok

07:37:07.0103 6232 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

07:37:07.0103 6232 BrUsbMdm - ok

07:37:07.0143 6232 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

07:37:07.0143 6232 BrUsbSer - ok

07:37:07.0163 6232 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

07:37:07.0173 6232 BTHMODEM - ok

07:37:07.0223 6232 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

07:37:07.0233 6232 cdfs - ok

07:37:07.0403 6232 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

07:37:07.0413 6232 cdrom - ok

07:37:07.0503 6232 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

07:37:07.0503 6232 cfwids - ok

07:37:07.0543 6232 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

07:37:07.0553 6232 circlass - ok

07:37:07.0613 6232 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

07:37:07.0633 6232 CLFS - ok

07:37:07.0723 6232 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

07:37:07.0733 6232 CmBatt - ok

07:37:07.0803 6232 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

07:37:07.0803 6232 cmdide - ok

07:37:07.0873 6232 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

07:37:07.0903 6232 CNG - ok

07:37:07.0963 6232 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

07:37:07.0973 6232 Compbatt - ok

07:37:08.0043 6232 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

07:37:08.0043 6232 CompositeBus - ok

07:37:08.0203 6232 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

07:37:08.0213 6232 crcdisk - ok

07:37:08.0293 6232 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

07:37:08.0333 6232 CSC - ok

07:37:08.0413 6232 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys

07:37:08.0413 6232 CtClsFlt - ok

07:37:08.0573 6232 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys

07:37:08.0583 6232 dc3d - ok

07:37:08.0703 6232 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

07:37:08.0713 6232 DfsC - ok

07:37:08.0803 6232 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

07:37:08.0803 6232 discache - ok

07:37:08.0843 6232 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

07:37:08.0843 6232 Disk - ok

07:37:08.0943 6232 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys

07:37:08.0953 6232 DisplayLinkUsbPort - ok

07:37:09.0013 6232 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys

07:37:09.0013 6232 dlcdbus - ok

07:37:09.0063 6232 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys

07:37:09.0063 6232 dlkmd - ok

07:37:09.0103 6232 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys

07:37:09.0103 6232 dlkmdldr - ok

07:37:09.0203 6232 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

07:37:09.0203 6232 drmkaud - ok

07:37:09.0263 6232 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

07:37:09.0293 6232 DXGKrnl - ok

07:37:09.0463 6232 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

07:37:09.0593 6232 ebdrv - ok

07:37:09.0693 6232 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

07:37:09.0703 6232 ElbyCDIO - ok

07:37:09.0743 6232 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

07:37:09.0763 6232 elxstor - ok

07:37:09.0843 6232 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

07:37:09.0843 6232 ErrDev - ok

07:37:09.0913 6232 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

07:37:09.0923 6232 exfat - ok

07:37:10.0013 6232 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

07:37:10.0023 6232 fastfat - ok

07:37:10.0113 6232 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

07:37:10.0113 6232 fdc - ok

07:37:10.0153 6232 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

07:37:10.0163 6232 FileInfo - ok

07:37:10.0193 6232 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

07:37:10.0193 6232 Filetrace - ok

07:37:10.0223 6232 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

07:37:10.0223 6232 flpydisk - ok

07:37:10.0323 6232 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

07:37:10.0343 6232 FltMgr - ok

07:37:10.0403 6232 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys

07:37:10.0403 6232 FlyUsb - ok

07:37:10.0443 6232 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

07:37:10.0443 6232 FsDepends - ok

07:37:10.0493 6232 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

07:37:10.0503 6232 fssfltr - ok

07:37:10.0533 6232 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

07:37:10.0563 6232 Fs_Rec - ok

07:37:10.0623 6232 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

07:37:10.0633 6232 fvevol - ok

07:37:10.0663 6232 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

07:37:10.0673 6232 gagp30kx - ok

07:37:10.0733 6232 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

07:37:10.0733 6232 GEARAspiWDM - ok

07:37:10.0853 6232 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

07:37:10.0873 6232 hcw85cir - ok

07:37:11.0023 6232 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

07:37:11.0033 6232 HDAudBus - ok

07:37:11.0063 6232 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

07:37:11.0073 6232 HidBatt - ok

07:37:11.0093 6232 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

07:37:11.0103 6232 HidBth - ok

07:37:11.0133 6232 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

07:37:11.0133 6232 HidIr - ok

07:37:11.0193 6232 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

07:37:11.0203 6232 HidUsb - ok

07:37:11.0253 6232 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

07:37:11.0263 6232 HpSAMD - ok

07:37:11.0323 6232 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys

07:37:11.0333 6232 HTCAND64 - ok

07:37:11.0423 6232 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys

07:37:11.0423 6232 htcnprot - ok

07:37:11.0543 6232 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

07:37:11.0563 6232 HTTP - ok

07:37:11.0623 6232 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

07:37:11.0623 6232 hwpolicy - ok

07:37:11.0703 6232 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

07:37:11.0703 6232 i8042prt - ok

07:37:11.0783 6232 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

07:37:11.0813 6232 iaStorV - ok

07:37:11.0883 6232 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

07:37:11.0893 6232 iirsp - ok

07:37:11.0943 6232 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

07:37:11.0953 6232 intelide - ok

07:37:12.0083 6232 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

07:37:12.0093 6232 intelppm - ok

07:37:12.0183 6232 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

07:37:12.0183 6232 IpFilterDriver - ok

07:37:12.0253 6232 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

07:37:12.0253 6232 IPMIDRV - ok

07:37:12.0293 6232 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

07:37:12.0293 6232 IPNAT - ok

07:37:12.0353 6232 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

07:37:12.0353 6232 IRENUM - ok

07:37:12.0393 6232 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

07:37:12.0403 6232 isapnp - ok

07:37:12.0453 6232 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

07:37:12.0463 6232 iScsiPrt - ok

07:37:12.0523 6232 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys

07:37:12.0523 6232 k57nd60a - ok

07:37:12.0563 6232 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

07:37:12.0563 6232 kbdclass - ok

07:37:12.0593 6232 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

07:37:12.0593 6232 kbdhid - ok

07:37:12.0653 6232 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

07:37:12.0653 6232 KSecDD - ok

07:37:12.0693 6232 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

07:37:12.0703 6232 KSecPkg - ok

07:37:12.0743 6232 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

07:37:12.0743 6232 ksthunk - ok

07:37:12.0803 6232 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys

07:37:12.0803 6232 LAN9500 - ok

07:37:12.0878 6232 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

07:37:12.0878 6232 lltdio - ok

07:37:12.0908 6232 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

07:37:12.0918 6232 LSI_FC - ok

07:37:12.0928 6232 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

07:37:12.0938 6232 LSI_SAS - ok

07:37:12.0958 6232 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

07:37:12.0968 6232 LSI_SAS2 - ok

07:37:13.0008 6232 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

07:37:13.0008 6232 LSI_SCSI - ok

07:37:13.0068 6232 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

07:37:13.0068 6232 luafv - ok

07:37:13.0148 6232 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

07:37:13.0158 6232 MBAMProtector - ok

07:37:13.0258 6232 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

07:37:13.0268 6232 megasas - ok

07:37:13.0288 6232 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

07:37:13.0288 6232 MegaSR - ok

07:37:13.0338 6232 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

07:37:13.0338 6232 mfeapfk - ok

07:37:13.0398 6232 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

07:37:13.0398 6232 mfeavfk - ok

07:37:13.0428 6232 mfeavfk01 - ok

07:37:13.0478 6232 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

07:37:13.0488 6232 mfefirek - ok

07:37:13.0538 6232 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

07:37:13.0558 6232 mfehidk - ok

07:37:13.0598 6232 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

07:37:13.0608 6232 mfenlfk - ok

07:37:13.0658 6232 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

07:37:13.0658 6232 mferkdet - ok

07:37:13.0698 6232 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

07:37:13.0698 6232 mfewfpk - ok

07:37:13.0758 6232 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

07:37:13.0758 6232 Modem - ok

07:37:13.0808 6232 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

07:37:13.0808 6232 monitor - ok

07:37:13.0868 6232 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

07:37:13.0868 6232 mouclass - ok

07:37:13.0908 6232 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

07:37:13.0918 6232 mouhid - ok

07:37:13.0968 6232 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

07:37:13.0968 6232 mountmgr - ok

07:37:14.0018 6232 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

07:37:14.0028 6232 mpio - ok

07:37:14.0048 6232 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

07:37:14.0048 6232 mpsdrv - ok

07:37:14.0088 6232 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

07:37:14.0088 6232 MRxDAV - ok

07:37:14.0138 6232 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

07:37:14.0138 6232 mrxsmb - ok

07:37:14.0178 6232 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

07:37:14.0178 6232 mrxsmb10 - ok

07:37:14.0198 6232 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

07:37:14.0198 6232 mrxsmb20 - ok

07:37:14.0218 6232 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

07:37:14.0228 6232 msahci - ok

07:37:14.0248 6232 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

07:37:14.0248 6232 msdsm - ok

07:37:14.0298 6232 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

07:37:14.0298 6232 Msfs - ok

07:37:14.0318 6232 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

07:37:14.0318 6232 mshidkmdf - ok

07:37:14.0358 6232 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

07:37:14.0358 6232 msisadrv - ok

07:37:14.0408 6232 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

07:37:14.0408 6232 MSKSSRV - ok

07:37:14.0458 6232 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

07:37:14.0458 6232 MSPCLOCK - ok

07:37:14.0478 6232 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

07:37:14.0488 6232 MSPQM - ok

07:37:14.0558 6232 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

07:37:14.0558 6232 MsRPC - ok

07:37:14.0578 6232 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

07:37:14.0588 6232 mssmbios - ok

07:37:14.0608 6232 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

07:37:14.0608 6232 MSTEE - ok

07:37:14.0628 6232 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

07:37:14.0628 6232 MTConfig - ok

07:37:14.0648 6232 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

07:37:14.0658 6232 Mup - ok

07:37:14.0698 6232 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

07:37:14.0708 6232 NativeWifiP - ok

07:37:14.0788 6232 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

07:37:14.0808 6232 NDIS - ok

07:37:14.0828 6232 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

07:37:14.0838 6232 NdisCap - ok

07:37:14.0878 6232 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

07:37:14.0878 6232 NdisTapi - ok

07:37:14.0908 6232 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

07:37:14.0918 6232 Ndisuio - ok

07:37:14.0948 6232 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

07:37:14.0958 6232 NdisWan - ok

07:37:14.0998 6232 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

07:37:14.0998 6232 NDProxy - ok

07:37:15.0018 6232 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

07:37:15.0018 6232 NetBIOS - ok

07:37:15.0068 6232 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

07:37:15.0068 6232 NetBT - ok

07:37:15.0118 6232 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

07:37:15.0128 6232 nfrd960 - ok

07:37:15.0168 6232 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

07:37:15.0178 6232 Npfs - ok

07:37:15.0198 6232 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

07:37:15.0198 6232 nsiproxy - ok

07:37:15.0278 6232 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

07:37:15.0318 6232 Ntfs - ok

07:37:15.0378 6232 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

07:37:15.0388 6232 NuidFltr - ok

07:37:15.0408 6232 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

07:37:15.0408 6232 Null - ok

07:37:15.0448 6232 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

07:37:15.0448 6232 nvraid - ok

07:37:15.0478 6232 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

07:37:15.0478 6232 nvstor - ok

07:37:15.0518 6232 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

07:37:15.0528 6232 nv_agp - ok

07:37:15.0558 6232 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

07:37:15.0558 6232 ohci1394 - ok

07:37:15.0618 6232 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

07:37:15.0618 6232 Parport - ok

07:37:15.0648 6232 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

07:37:15.0648 6232 partmgr - ok

07:37:15.0758 6232 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms

07:37:15.0798 6232 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

07:37:15.0828 6232 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

07:37:15.0838 6232 pci - ok

07:37:15.0868 6232 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

07:37:15.0879 6232 pciide - ok

07:37:15.0919 6232 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

07:37:15.0919 6232 pcmcia - ok

07:37:15.0949 6232 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

07:37:15.0949 6232 pcw - ok

07:37:15.0979 6232 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

07:37:15.0999 6232 PEAUTH - ok

07:37:16.0079 6232 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys

07:37:16.0079 6232 Point64 - ok

07:37:16.0139 6232 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

07:37:16.0139 6232 PptpMiniport - ok

07:37:16.0159 6232 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

07:37:16.0169 6232 Processor - ok

07:37:16.0229 6232 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

07:37:16.0229 6232 Psched - ok

07:37:16.0279 6232 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

07:37:16.0279 6232 PxHlpa64 - ok

07:37:16.0329 6232 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

07:37:16.0359 6232 ql2300 - ok

07:37:16.0379 6232 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

07:37:16.0389 6232 ql40xx - ok

07:37:16.0399 6232 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

07:37:16.0399 6232 QWAVEdrv - ok

07:37:16.0419 6232 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

07:37:16.0429 6232 RasAcd - ok

07:37:16.0459 6232 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

07:37:16.0459 6232 RasAgileVpn - ok

07:37:16.0499 6232 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

07:37:16.0509 6232 Rasl2tp - ok

07:37:16.0529 6232 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

07:37:16.0529 6232 RasPppoe - ok

07:37:16.0559 6232 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

07:37:16.0559 6232 RasSstp - ok

07:37:16.0599 6232 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

07:37:16.0609 6232 rdbss - ok

07:37:16.0629 6232 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

07:37:16.0629 6232 rdpbus - ok

07:37:16.0639 6232 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

07:37:16.0639 6232 RDPCDD - ok

07:37:16.0689 6232 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

07:37:16.0699 6232 RDPDR - ok

07:37:16.0739 6232 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

07:37:16.0739 6232 RDPENCDD - ok

07:37:16.0759 6232 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

07:37:16.0759 6232 RDPREFMP - ok

07:37:16.0829 6232 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

07:37:16.0829 6232 RdpVideoMiniport - ok

07:37:16.0899 6232 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

07:37:16.0909 6232 RDPWD - ok

07:37:16.0979 6232 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

07:37:16.0989 6232 rdyboost - ok

07:37:17.0029 6232 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys

07:37:17.0029 6232 rimmptsk - ok

07:37:17.0049 6232 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys

07:37:17.0059 6232 rimsptsk - ok

07:37:17.0099 6232 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

07:37:17.0099 6232 RimUsb - ok

07:37:17.0139 6232 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys

07:37:17.0149 6232 rismxdp - ok

07:37:17.0209 6232 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

07:37:17.0209 6232 rspndr - ok

07:37:17.0249 6232 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

07:37:17.0249 6232 s3cap - ok

07:37:17.0279 6232 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

07:37:17.0279 6232 sbp2port - ok

07:37:17.0329 6232 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

07:37:17.0329 6232 scfilter - ok

07:37:17.0359 6232 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

07:37:17.0359 6232 sdbus - ok

07:37:17.0399 6232 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

07:37:17.0399 6232 secdrv - ok

07:37:17.0439 6232 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

07:37:17.0439 6232 Serenum - ok

07:37:17.0469 6232 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

07:37:17.0469 6232 Serial - ok

07:37:17.0509 6232 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

07:37:17.0509 6232 sermouse - ok

07:37:17.0539 6232 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

07:37:17.0539 6232 sffdisk - ok

07:37:17.0559 6232 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

07:37:17.0559 6232 sffp_mmc - ok

07:37:17.0579 6232 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

07:37:17.0589 6232 sffp_sd - ok

07:37:17.0609 6232 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

07:37:17.0609 6232 sfloppy - ok

07:37:17.0699 6232 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

07:37:17.0699 6232 SiSRaid2 - ok

07:37:17.0739 6232 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

07:37:17.0739 6232 SiSRaid4 - ok

07:37:17.0789 6232 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

07:37:17.0799 6232 Smb - ok

07:37:17.0849 6232 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

07:37:17.0859 6232 spldr - ok

07:37:17.0909 6232 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

07:37:17.0919 6232 srv - ok

07:37:17.0959 6232 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

07:37:17.0969 6232 srv2 - ok

07:37:18.0009 6232 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

07:37:18.0009 6232 srvnet - ok

07:37:18.0069 6232 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

07:37:18.0069 6232 stexstor - ok

07:37:18.0109 6232 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys

07:37:18.0119 6232 STHDA - ok

07:37:18.0169 6232 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

07:37:18.0179 6232 storflt - ok

07:37:18.0189 6232 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

07:37:18.0199 6232 storvsc - ok

07:37:18.0239 6232 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

07:37:18.0239 6232 swenum - ok

07:37:18.0279 6232 Synth3dVsc - ok

07:37:18.0319 6232 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys

07:37:18.0329 6232 SynTP - ok

07:37:18.0419 6232 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

07:37:18.0449 6232 Tcpip - ok

07:37:18.0519 6232 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

07:37:18.0529 6232 TCPIP6 - ok

07:37:18.0569 6232 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

07:37:18.0569 6232 tcpipreg - ok

07:37:18.0609 6232 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

07:37:18.0609 6232 TDPIPE - ok

07:37:18.0639 6232 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

07:37:18.0639 6232 TDTCP - ok

07:37:18.0689 6232 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

07:37:18.0689 6232 tdx - ok

07:37:18.0729 6232 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

07:37:18.0729 6232 TermDD - ok

07:37:18.0789 6232 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

07:37:18.0789 6232 tssecsrv - ok

07:37:18.0829 6232 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

07:37:18.0839 6232 TsUsbFlt - ok

07:37:18.0849 6232 tsusbhub - ok

07:37:18.0910 6232 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

07:37:18.0910 6232 tunnel - ok

07:37:18.0930 6232 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

07:37:18.0940 6232 uagp35 - ok

07:37:18.0980 6232 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

07:37:18.0990 6232 udfs - ok

07:37:19.0020 6232 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

07:37:19.0020 6232 uliagpkx - ok

07:37:19.0060 6232 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

07:37:19.0060 6232 umbus - ok

07:37:19.0080 6232 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

07:37:19.0080 6232 UmPass - ok

07:37:19.0140 6232 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

07:37:19.0140 6232 USBAAPL64 - ok

07:37:19.0170 6232 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

07:37:19.0170 6232 usbccgp - ok

07:37:19.0210 6232 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

07:37:19.0210 6232 usbcir - ok

07:37:19.0230 6232 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

07:37:19.0240 6232 usbehci - ok

07:37:19.0260 6232 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

07:37:19.0260 6232 usbhub - ok

07:37:19.0280 6232 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

07:37:19.0290 6232 usbohci - ok

07:37:19.0310 6232 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

07:37:19.0310 6232 usbprint - ok

07:37:19.0330 6232 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

07:37:19.0330 6232 USBSTOR - ok

07:37:19.0460 6232 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

07:37:19.0460 6232 usbuhci - ok

07:37:19.0520 6232 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

07:37:19.0520 6232 usbvideo - ok

07:37:19.0550 6232 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

07:37:19.0550 6232 vdrvroot - ok

07:37:19.0590 6232 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

07:37:19.0590 6232 vga - ok

07:37:19.0610 6232 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

07:37:19.0620 6232 VgaSave - ok

07:37:19.0640 6232 VGPU - ok

07:37:19.0670 6232 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

07:37:19.0680 6232 vhdmp - ok

07:37:19.0720 6232 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

07:37:19.0720 6232 viaide - ok

07:37:19.0760 6232 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

07:37:19.0770 6232 vmbus - ok

07:37:19.0780 6232 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

07:37:19.0790 6232 VMBusHID - ok

07:37:19.0810 6232 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

07:37:19.0810 6232 volmgr - ok

07:37:19.0870 6232 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

07:37:19.0870 6232 volmgrx - ok

07:37:19.0890 6232 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

07:37:19.0900 6232 volsnap - ok

07:37:19.0920 6232 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

07:37:19.0920 6232 vsmraid - ok

07:37:19.0970 6232 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

07:37:19.0970 6232 vwifibus - ok

07:37:19.0990 6232 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

07:37:20.0000 6232 vwififlt - ok

07:37:20.0040 6232 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

07:37:20.0040 6232 vwifimp - ok

07:37:20.0080 6232 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

07:37:20.0080 6232 WacomPen - ok

07:37:20.0120 6232 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

07:37:20.0130 6232 WANARP - ok

07:37:20.0150 6232 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

07:37:20.0150 6232 Wanarpv6 - ok

07:37:20.0190 6232 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys

07:37:20.0190 6232 wanatw - ok

07:37:20.0280 6232 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

07:37:20.0280 6232 Wd - ok

07:37:20.0320 6232 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

07:37:20.0320 6232 WDC_SAM - ok

07:37:20.0370 6232 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

07:37:20.0380 6232 Wdf01000 - ok

07:37:20.0440 6232 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

07:37:20.0440 6232 WfpLwf - ok

07:37:20.0480 6232 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

07:37:20.0490 6232 WimFltr - ok

07:37:20.0510 6232 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

07:37:20.0510 6232 WIMMount - ok

07:37:20.0590 6232 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

07:37:20.0590 6232 WinUsb - ok

07:37:20.0640 6232 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

07:37:20.0650 6232 WmiAcpi - ok

07:37:20.0680 6232 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

07:37:20.0690 6232 ws2ifsl - ok

07:37:20.0740 6232 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

07:37:20.0740 6232 WudfPf - ok

07:37:20.0790 6232 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

07:37:20.0800 6232 WUDFRd - ok

07:37:20.0860 6232 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0

07:37:20.0921 6232 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning

07:37:20.0921 6232 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)

07:37:20.0931 6232 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0

07:37:20.0931 6232 \Device\Harddisk0\DR0\Partition0 - ok

07:37:20.0941 6232 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1

07:37:20.0951 6232 \Device\Harddisk0\DR0\Partition1 - ok

07:37:20.0951 6232 ============================================================

07:37:20.0951 6232 Scan finished

07:37:20.0951 6232 ============================================================

07:37:20.0961 8560 Detected object count: 1

07:37:20.0961 8560 Actual detected object count: 1

07:37:31.0192 8560 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user

07:37:31.0192 8560 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip

Link to post
Share on other sites

You are welcome. No need to quote my posts. :)

Execute TDSSKiller.exe and press Start Scan.

  • Ensure Cure is selected ( it should be by default )
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed
  • Click Continue then click Reboot now.

Once complete, a log will be produced at the root drive which is typically C:\

For example, C:\TDSSKiller.2.4.0.0_24.07.2010_13.10.52_log.txt.

Please post the contents of that log in your next reply.

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to this topic How to disable your security applications

====================================================

Double click on combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

*Note - if after running ComboFix you see a message similar to 'registry key marked for deletion..' rebooting the machine will resolve that.

Please post in your next reply

TDSSKiller Log

Combofix.txt

Link to post
Share on other sites

TDSSKiller Log is below. I'm getting the other next.

16:28:11.0234 4404 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

16:28:14.0755 4404 ============================================================

16:28:14.0755 4404 Current date / time: 2012/02/23 16:28:14.0755

16:28:14.0755 4404 SystemInfo:

16:28:14.0755 4404

16:28:14.0755 4404 OS Version: 6.1.7601 ServicePack: 1.0

16:28:14.0755 4404 Product type: Workstation

16:28:14.0755 4404 ComputerName: ROO-SOXLAPTOP

16:28:14.0755 4404 UserName: Roo

16:28:14.0755 4404 Windows directory: C:\Windows

16:28:14.0755 4404 System windows directory: C:\Windows

16:28:14.0755 4404 Running under WOW64

16:28:14.0755 4404 Processor architecture: Intel x64

16:28:14.0755 4404 Number of processors: 2

16:28:14.0755 4404 Page size: 0x1000

16:28:14.0755 4404 Boot type: Normal boot

16:28:14.0755 4404 ============================================================

16:28:17.0145 4404 Initialize success

16:28:30.0968 5620 ============================================================

16:28:30.0968 5620 Scan started

16:28:30.0968 5620 Mode: Manual;

16:28:30.0968 5620 ============================================================

16:28:32.0348 5620 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:28:32.0398 5620 1394ohci - ok

16:28:32.0458 5620 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:28:32.0508 5620 ACPI - ok

16:28:32.0548 5620 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:28:32.0588 5620 AcpiPmi - ok

16:28:32.0648 5620 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:28:32.0658 5620 adp94xx - ok

16:28:32.0678 5620 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:28:32.0688 5620 adpahci - ok

16:28:32.0718 5620 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:28:32.0718 5620 adpu320 - ok

16:28:32.0798 5620 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

16:28:32.0848 5620 AFD - ok

16:28:32.0878 5620 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:28:32.0878 5620 agp440 - ok

16:28:32.0928 5620 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:28:32.0928 5620 aliide - ok

16:28:32.0968 5620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:28:32.0978 5620 amdide - ok

16:28:33.0018 5620 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:28:33.0018 5620 AmdK8 - ok

16:28:33.0048 5620 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:28:33.0048 5620 AmdPPM - ok

16:28:33.0088 5620 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

16:28:33.0138 5620 amdsata - ok

16:28:33.0168 5620 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:28:33.0178 5620 amdsbs - ok

16:28:33.0188 5620 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

16:28:33.0238 5620 amdxata - ok

16:28:33.0308 5620 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys

16:28:33.0358 5620 AnyDVD - ok

16:28:33.0438 5620 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:28:33.0488 5620 AppID - ok

16:28:33.0568 5620 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:28:33.0578 5620 arc - ok

16:28:33.0588 5620 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:28:33.0598 5620 arcsas - ok

16:28:33.0628 5620 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:28:33.0638 5620 AsyncMac - ok

16:28:33.0668 5620 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:28:33.0668 5620 atapi - ok

16:28:33.0718 5620 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

16:28:33.0768 5620 AtiHdmiService - ok

16:28:33.0908 5620 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys

16:28:34.0008 5620 atikmdag - ok

16:28:34.0068 5620 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:28:34.0078 5620 b06bdrv - ok

16:28:34.0118 5620 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:28:34.0128 5620 b57nd60a - ok

16:28:34.0158 5620 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys

16:28:34.0208 5620 BCM42RLY - ok

16:28:34.0308 5620 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys

16:28:34.0378 5620 BCM43XX - ok

16:28:34.0438 5620 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:28:34.0448 5620 Beep - ok

16:28:34.0518 5620 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:28:34.0528 5620 blbdrive - ok

16:28:34.0618 5620 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:28:34.0658 5620 bowser - ok

16:28:34.0698 5620 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:28:34.0698 5620 BrFiltLo - ok

16:28:34.0718 5620 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:28:34.0728 5620 BrFiltUp - ok

16:28:34.0768 5620 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:28:34.0788 5620 Brserid - ok

16:28:34.0808 5620 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:28:34.0808 5620 BrSerWdm - ok

16:28:34.0838 5620 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:28:34.0838 5620 BrUsbMdm - ok

16:28:34.0858 5620 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:28:34.0858 5620 BrUsbSer - ok

16:28:34.0888 5620 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:28:34.0888 5620 BTHMODEM - ok

16:28:34.0928 5620 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:28:34.0928 5620 cdfs - ok

16:28:34.0988 5620 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

16:28:35.0038 5620 cdrom - ok

16:28:35.0098 5620 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

16:28:35.0148 5620 cfwids - ok

16:28:35.0188 5620 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:28:35.0188 5620 circlass - ok

16:28:35.0238 5620 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:28:35.0238 5620 CLFS - ok

16:28:35.0298 5620 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:28:35.0308 5620 CmBatt - ok

16:28:35.0348 5620 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:28:35.0358 5620 cmdide - ok

16:28:35.0388 5620 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:28:35.0428 5620 CNG - ok

16:28:35.0468 5620 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:28:35.0468 5620 Compbatt - ok

16:28:35.0508 5620 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

16:28:35.0558 5620 CompositeBus - ok

16:28:35.0598 5620 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:28:35.0598 5620 crcdisk - ok

16:28:35.0728 5620 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

16:28:35.0778 5620 CSC - ok

16:28:35.0858 5620 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys

16:28:35.0908 5620 CtClsFlt - ok

16:28:35.0978 5620 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys

16:28:36.0038 5620 dc3d - ok

16:28:36.0098 5620 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:28:36.0148 5620 DfsC - ok

16:28:36.0178 5620 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:28:36.0178 5620 discache - ok

16:28:36.0208 5620 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:28:36.0218 5620 Disk - ok

16:28:36.0278 5620 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys

16:28:36.0328 5620 DisplayLinkUsbPort - ok

16:28:36.0358 5620 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys

16:28:36.0408 5620 dlcdbus - ok

16:28:36.0468 5620 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys

16:28:36.0518 5620 dlkmd - ok

16:28:36.0528 5620 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys

16:28:36.0578 5620 dlkmdldr - ok

16:28:36.0648 5620 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:28:36.0658 5620 drmkaud - ok

16:28:36.0718 5620 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:28:36.0778 5620 DXGKrnl - ok

16:28:36.0868 5620 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:28:36.0908 5620 ebdrv - ok

16:28:36.0978 5620 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

16:28:37.0028 5620 ElbyCDIO - ok

16:28:37.0078 5620 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:28:37.0088 5620 elxstor - ok

16:28:37.0118 5620 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:28:37.0128 5620 ErrDev - ok

16:28:37.0178 5620 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:28:37.0188 5620 exfat - ok

16:28:37.0218 5620 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:28:37.0228 5620 fastfat - ok

16:28:37.0268 5620 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:28:37.0268 5620 fdc - ok

16:28:37.0298 5620 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:28:37.0298 5620 FileInfo - ok

16:28:37.0318 5620 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:28:37.0328 5620 Filetrace - ok

16:28:37.0338 5620 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:28:37.0348 5620 flpydisk - ok

16:28:37.0388 5620 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:28:37.0428 5620 FltMgr - ok

16:28:37.0478 5620 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys

16:28:37.0528 5620 FlyUsb - ok

16:28:37.0558 5620 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:28:37.0558 5620 FsDepends - ok

16:28:37.0588 5620 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

16:28:37.0638 5620 fssfltr - ok

16:28:37.0658 5620 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:28:37.0658 5620 Fs_Rec - ok

16:28:37.0718 5620 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:28:37.0758 5620 fvevol - ok

16:28:37.0788 5620 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:28:37.0798 5620 gagp30kx - ok

16:28:37.0838 5620 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:28:37.0888 5620 GEARAspiWDM - ok

16:28:37.0958 5620 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:28:37.0958 5620 hcw85cir - ok

16:28:38.0018 5620 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

16:28:38.0058 5620 HDAudBus - ok

16:28:38.0078 5620 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:28:38.0088 5620 HidBatt - ok

16:28:38.0118 5620 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:28:38.0128 5620 HidBth - ok

16:28:38.0138 5620 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:28:38.0148 5620 HidIr - ok

16:28:38.0188 5620 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:28:38.0238 5620 HidUsb - ok

16:28:38.0278 5620 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:28:38.0328 5620 HpSAMD - ok

16:28:38.0368 5620 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys

16:28:38.0408 5620 HTCAND64 - ok

16:28:38.0478 5620 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys

16:28:38.0518 5620 htcnprot - ok

16:28:38.0578 5620 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:28:38.0578 5620 HTTP - ok

16:28:38.0618 5620 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:28:38.0658 5620 hwpolicy - ok

16:28:38.0718 5620 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

16:28:38.0718 5620 i8042prt - ok

16:28:38.0798 5620 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:28:38.0858 5620 iaStorV - ok

16:28:38.0918 5620 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:28:38.0918 5620 iirsp - ok

16:28:38.0948 5620 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:28:38.0948 5620 intelide - ok

16:28:38.0978 5620 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:28:38.0988 5620 intelppm - ok

16:28:39.0048 5620 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:28:39.0088 5620 IpFilterDriver - ok

16:28:39.0118 5620 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:28:39.0168 5620 IPMIDRV - ok

16:28:39.0188 5620 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:28:39.0198 5620 IPNAT - ok

16:28:39.0248 5620 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:28:39.0258 5620 IRENUM - ok

16:28:39.0278 5620 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:28:39.0288 5620 isapnp - ok

16:28:39.0308 5620 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:28:39.0358 5620 iScsiPrt - ok

16:28:39.0408 5620 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys

16:28:39.0418 5620 k57nd60a - ok

16:28:39.0458 5620 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

16:28:39.0468 5620 kbdclass - ok

16:28:39.0488 5620 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

16:28:39.0538 5620 kbdhid - ok

16:28:39.0578 5620 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:28:39.0608 5620 KSecDD - ok

16:28:39.0648 5620 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:28:39.0707 5620 KSecPkg - ok

16:28:39.0739 5620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:28:39.0739 5620 ksthunk - ok

16:28:39.0809 5620 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys

16:28:39.0859 5620 LAN9500 - ok

16:28:39.0919 5620 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:28:39.0929 5620 lltdio - ok

16:28:39.0959 5620 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:28:39.0969 5620 LSI_FC - ok

16:28:39.0979 5620 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:28:39.0989 5620 LSI_SAS - ok

16:28:40.0009 5620 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:28:40.0009 5620 LSI_SAS2 - ok

16:28:40.0059 5620 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:28:40.0059 5620 LSI_SCSI - ok

16:28:40.0099 5620 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:28:40.0099 5620 luafv - ok

16:28:40.0169 5620 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

16:28:40.0219 5620 MBAMProtector - ok

16:28:40.0319 5620 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:28:40.0319 5620 megasas - ok

16:28:40.0349 5620 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:28:40.0359 5620 MegaSR - ok

16:28:40.0399 5620 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

16:28:40.0449 5620 mfeapfk - ok

16:28:40.0499 5620 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

16:28:40.0559 5620 mfeavfk - ok

16:28:40.0589 5620 mfeavfk01 - ok

16:28:40.0659 5620 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

16:28:40.0719 5620 mfefirek - ok

16:28:40.0769 5620 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

16:28:40.0849 5620 mfehidk - ok

16:28:40.0889 5620 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

16:28:40.0939 5620 mfenlfk - ok

16:28:40.0979 5620 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

16:28:41.0029 5620 mferkdet - ok

16:28:41.0059 5620 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

16:28:41.0109 5620 mfewfpk - ok

16:28:41.0169 5620 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:28:41.0169 5620 Modem - ok

16:28:41.0219 5620 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:28:41.0219 5620 monitor - ok

16:28:41.0269 5620 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:28:41.0279 5620 mouclass - ok

16:28:41.0319 5620 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:28:41.0329 5620 mouhid - ok

16:28:41.0379 5620 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:28:41.0429 5620 mountmgr - ok

16:28:41.0469 5620 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:28:41.0529 5620 mpio - ok

16:28:41.0559 5620 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:28:41.0559 5620 mpsdrv - ok

16:28:41.0609 5620 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:28:41.0669 5620 MRxDAV - ok

16:28:41.0709 5620 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:28:41.0759 5620 mrxsmb - ok

16:28:41.0789 5620 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:28:41.0849 5620 mrxsmb10 - ok

16:28:41.0869 5620 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:28:41.0909 5620 mrxsmb20 - ok

16:28:41.0929 5620 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:28:41.0979 5620 msahci - ok

16:28:42.0009 5620 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:28:42.0059 5620 msdsm - ok

16:28:42.0109 5620 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:28:42.0109 5620 Msfs - ok

16:28:42.0149 5620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:28:42.0159 5620 mshidkmdf - ok

16:28:42.0169 5620 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:28:42.0179 5620 msisadrv - ok

16:28:42.0229 5620 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:28:42.0239 5620 MSKSSRV - ok

16:28:42.0269 5620 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:28:42.0279 5620 MSPCLOCK - ok

16:28:42.0299 5620 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:28:42.0299 5620 MSPQM - ok

16:28:42.0339 5620 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:28:42.0389 5620 MsRPC - ok

16:28:42.0409 5620 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

16:28:42.0409 5620 mssmbios - ok

16:28:42.0450 5620 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:28:42.0460 5620 MSTEE - ok

16:28:42.0480 5620 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:28:42.0480 5620 MTConfig - ok

16:28:42.0520 5620 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:28:42.0520 5620 Mup - ok

16:28:42.0570 5620 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:28:42.0580 5620 NativeWifiP - ok

16:28:42.0650 5620 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

16:28:42.0650 5620 NDIS - ok

16:28:42.0680 5620 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:28:42.0690 5620 NdisCap - ok

16:28:42.0720 5620 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:28:42.0720 5620 NdisTapi - ok

16:28:42.0750 5620 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:28:42.0800 5620 Ndisuio - ok

16:28:42.0851 5620 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:28:42.0901 5620 NdisWan - ok

16:28:42.0941 5620 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:28:42.0981 5620 NDProxy - ok

16:28:43.0001 5620 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:28:43.0001 5620 NetBIOS - ok

16:28:43.0041 5620 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:28:43.0081 5620 NetBT - ok

16:28:43.0141 5620 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:28:43.0141 5620 nfrd960 - ok

16:28:43.0181 5620 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:28:43.0181 5620 Npfs - ok

16:28:43.0201 5620 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:28:43.0201 5620 nsiproxy - ok

16:28:43.0271 5620 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:28:43.0381 5620 Ntfs - ok

16:28:43.0441 5620 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

16:28:43.0491 5620 NuidFltr - ok

16:28:43.0511 5620 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:28:43.0521 5620 Null - ok

16:28:43.0561 5620 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:28:43.0611 5620 nvraid - ok

16:28:43.0631 5620 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:28:43.0681 5620 nvstor - ok

16:28:43.0721 5620 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:28:43.0721 5620 nv_agp - ok

16:28:43.0791 5620 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:28:43.0801 5620 ohci1394 - ok

16:28:43.0891 5620 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:28:43.0901 5620 Parport - ok

16:28:43.0941 5620 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

16:28:43.0991 5620 partmgr - ok

16:28:44.0111 5620 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms

16:28:44.0111 5620 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

16:28:44.0141 5620 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:28:44.0141 5620 pci - ok

16:28:44.0181 5620 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:28:44.0191 5620 pciide - ok

16:28:44.0211 5620 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:28:44.0221 5620 pcmcia - ok

16:28:44.0241 5620 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:28:44.0251 5620 pcw - ok

16:28:44.0271 5620 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:28:44.0291 5620 PEAUTH - ok

16:28:44.0371 5620 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys

16:28:44.0421 5620 Point64 - ok

16:28:44.0471 5620 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:28:44.0521 5620 PptpMiniport - ok

16:28:44.0541 5620 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:28:44.0541 5620 Processor - ok

16:28:44.0601 5620 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:28:44.0601 5620 Psched - ok

16:28:44.0651 5620 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

16:28:44.0711 5620 PxHlpa64 - ok

16:28:44.0751 5620 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:28:44.0791 5620 ql2300 - ok

16:28:44.0821 5620 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:28:44.0821 5620 ql40xx - ok

16:28:44.0842 5620 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:28:44.0842 5620 QWAVEdrv - ok

16:28:44.0862 5620 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:28:44.0872 5620 RasAcd - ok

16:28:44.0922 5620 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:28:44.0922 5620 RasAgileVpn - ok

16:28:44.0962 5620 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:28:45.0012 5620 Rasl2tp - ok

16:28:45.0032 5620 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:28:45.0032 5620 RasPppoe - ok

16:28:45.0062 5620 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:28:45.0062 5620 RasSstp - ok

16:28:45.0102 5620 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:28:45.0152 5620 rdbss - ok

16:28:45.0172 5620 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:28:45.0182 5620 rdpbus - ok

16:28:45.0202 5620 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:28:45.0202 5620 RDPCDD - ok

16:28:45.0252 5620 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

16:28:45.0292 5620 RDPDR - ok

16:28:45.0332 5620 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:28:45.0342 5620 RDPENCDD - ok

16:28:45.0362 5620 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:28:45.0362 5620 RDPREFMP - ok

16:28:45.0422 5620 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

16:28:45.0472 5620 RdpVideoMiniport - ok

16:28:45.0512 5620 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

16:28:45.0562 5620 RDPWD - ok

16:28:45.0602 5620 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:28:45.0652 5620 rdyboost - ok

16:28:45.0692 5620 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys

16:28:45.0742 5620 rimmptsk - ok

16:28:45.0762 5620 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys

16:28:45.0802 5620 rimsptsk - ok

16:28:45.0852 5620 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

16:28:45.0892 5620 RimUsb - ok

16:28:45.0932 5620 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys

16:28:45.0982 5620 rismxdp - ok

16:28:46.0052 5620 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:28:46.0052 5620 rspndr - ok

16:28:46.0092 5620 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

16:28:46.0132 5620 s3cap - ok

16:28:46.0162 5620 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:28:46.0212 5620 sbp2port - ok

16:28:46.0252 5620 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:28:46.0302 5620 scfilter - ok

16:28:46.0332 5620 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

16:28:46.0372 5620 sdbus - ok

16:28:46.0422 5620 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:28:46.0422 5620 secdrv - ok

16:28:46.0452 5620 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:28:46.0452 5620 Serenum - ok

16:28:46.0482 5620 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:28:46.0482 5620 Serial - ok

16:28:46.0522 5620 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:28:46.0522 5620 sermouse - ok

16:28:46.0562 5620 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:28:46.0562 5620 sffdisk - ok

16:28:46.0582 5620 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:28:46.0582 5620 sffp_mmc - ok

16:28:46.0602 5620 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:28:46.0652 5620 sffp_sd - ok

16:28:46.0662 5620 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:28:46.0672 5620 sfloppy - ok

16:28:46.0712 5620 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:28:46.0732 5620 SiSRaid2 - ok

16:28:46.0752 5620 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:28:46.0762 5620 SiSRaid4 - ok

16:28:46.0802 5620 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:28:46.0802 5620 Smb - ok

16:28:46.0832 5620 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:28:46.0832 5620 spldr - ok

16:28:46.0913 5620 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:28:46.0963 5620 srv - ok

16:28:47.0013 5620 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:28:47.0063 5620 srv2 - ok

16:28:47.0113 5620 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:28:47.0163 5620 srvnet - ok

16:28:47.0223 5620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:28:47.0223 5620 stexstor - ok

16:28:47.0283 5620 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys

16:28:47.0333 5620 STHDA - ok

16:28:47.0363 5620 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

16:28:47.0413 5620 storflt - ok

16:28:47.0433 5620 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

16:28:47.0483 5620 storvsc - ok

16:28:47.0523 5620 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

16:28:47.0523 5620 swenum - ok

16:28:47.0583 5620 Synth3dVsc - ok

16:28:47.0633 5620 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys

16:28:47.0773 5620 SynTP - ok

16:28:47.0963 5620 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

16:28:48.0153 5620 Tcpip - ok

16:28:48.0263 5620 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

16:28:48.0283 5620 TCPIP6 - ok

16:28:48.0343 5620 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:28:48.0463 5620 tcpipreg - ok

16:28:48.0503 5620 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:28:48.0523 5620 TDPIPE - ok

16:28:48.0553 5620 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

16:28:48.0563 5620 TDTCP - ok

16:28:48.0623 5620 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:28:48.0743 5620 tdx - ok

16:28:48.0783 5620 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

16:28:48.0883 5620 TermDD - ok

16:28:48.0973 5620 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:28:49.0093 5620 tssecsrv - ok

16:28:49.0143 5620 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:28:49.0273 5620 TsUsbFlt - ok

16:28:49.0293 5620 tsusbhub - ok

16:28:49.0353 5620 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:28:49.0473 5620 tunnel - ok

16:28:49.0503 5620 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:28:49.0523 5620 uagp35 - ok

16:28:49.0573 5620 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:28:49.0693 5620 udfs - ok

16:28:49.0743 5620 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:28:49.0763 5620 uliagpkx - ok

16:28:49.0813 5620 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

16:28:49.0933 5620 umbus - ok

16:28:49.0963 5620 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:28:49.0963 5620 UmPass - ok

16:28:50.0033 5620 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

16:28:50.0153 5620 USBAAPL64 - ok

16:28:50.0183 5620 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

16:28:50.0313 5620 usbccgp - ok

16:28:50.0363 5620 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:28:50.0383 5620 usbcir - ok

16:28:50.0413 5620 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

16:28:50.0533 5620 usbehci - ok

16:28:50.0583 5620 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:28:50.0753 5620 usbhub - ok

16:28:50.0783 5620 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

16:28:50.0913 5620 usbohci - ok

16:28:50.0933 5620 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:28:50.0943 5620 usbprint - ok

16:28:50.0973 5620 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:28:51.0103 5620 USBSTOR - ok

16:28:51.0133 5620 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

16:28:51.0253 5620 usbuhci - ok

16:28:51.0303 5620 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

16:28:51.0433 5620 usbvideo - ok

16:28:51.0513 5620 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:28:51.0523 5620 vdrvroot - ok

16:28:51.0583 5620 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:28:51.0593 5620 vga - ok

16:28:51.0623 5620 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:28:51.0633 5620 VgaSave - ok

16:28:51.0683 5620 VGPU - ok

16:28:51.0733 5620 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:28:52.0003 5620 vhdmp - ok

16:28:52.0053 5620 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:28:52.0073 5620 viaide - ok

16:28:52.0143 5620 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

16:28:52.0403 5620 vmbus - ok

16:28:52.0443 5620 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

16:28:52.0703 5620 VMBusHID - ok

16:28:52.0793 5620 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:28:53.0053 5620 volmgr - ok

16:28:53.0133 5620 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:28:53.0423 5620 volmgrx - ok

16:28:53.0473 5620 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:28:53.0743 5620 volsnap - ok

16:28:53.0843 5620 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:28:53.0883 5620 vsmraid - ok

16:28:54.0013 5620 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

16:28:54.0033 5620 vwifibus - ok

16:28:54.0093 5620 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

16:28:54.0123 5620 vwififlt - ok

16:28:54.0183 5620 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

16:28:54.0243 5620 vwifimp - ok

16:28:54.0313 5620 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:28:54.0353 5620 WacomPen - ok

16:28:54.0423 5620 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:28:54.0663 5620 WANARP - ok

16:28:54.0703 5620 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:28:54.0703 5620 Wanarpv6 - ok

16:28:54.0793 5620 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys

16:28:55.0003 5620 wanatw - ok

16:28:55.0173 5620 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:28:55.0213 5620 Wd - ok

16:28:55.0283 5620 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

16:28:55.0523 5620 WDC_SAM - ok

16:28:55.0633 5620 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:28:55.0703 5620 Wdf01000 - ok

16:28:55.0933 5620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:28:55.0953 5620 WfpLwf - ok

16:28:56.0003 5620 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

16:28:56.0213 5620 WimFltr - ok

16:28:56.0243 5620 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:28:56.0263 5620 WIMMount - ok

16:28:56.0483 5620 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

16:28:56.0653 5620 WinUsb - ok

16:28:56.0763 5620 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

16:28:56.0783 5620 WmiAcpi - ok

16:28:56.0873 5620 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:28:56.0893 5620 ws2ifsl - ok

16:28:56.0993 5620 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

16:28:57.0173 5620 WudfPf - ok

16:28:57.0233 5620 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:28:57.0413 5620 WUDFRd - ok

16:28:57.0603 5620 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0

16:28:57.0693 5620 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning

16:28:57.0693 5620 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)

16:28:57.0703 5620 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0

16:28:57.0713 5620 \Device\Harddisk0\DR0\Partition0 - ok

16:28:57.0733 5620 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1

16:28:57.0733 5620 \Device\Harddisk0\DR0\Partition1 - ok

16:28:57.0733 5620 ============================================================

16:28:57.0733 5620 Scan finished

16:28:57.0733 5620 ============================================================

16:28:57.0783 3544 Detected object count: 1

16:28:57.0783 3544 Actual detected object count: 1

16:29:28.0129 3544 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user

16:29:28.0129 3544 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip

16:29:47.0843 7248 Deinitialize success

Link to post
Share on other sites

Hi,

Cure and Delete are not options for me. My options were skip, copy to quarantine, and restore. I chose copy to quarantine.

18:55:43.0746 8072 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06

18:55:45.0752 8072 ============================================================

18:55:45.0752 8072 Current date / time: 2012/02/23 18:55:45.0752

18:55:45.0752 8072 SystemInfo:

18:55:45.0752 8072

18:55:45.0752 8072 OS Version: 6.1.7601 ServicePack: 1.0

18:55:45.0752 8072 Product type: Workstation

18:55:45.0752 8072 ComputerName: ROO-SOXLAPTOP

18:55:45.0753 8072 UserName: Roo

18:55:45.0753 8072 Windows directory: C:\Windows

18:55:45.0753 8072 System windows directory: C:\Windows

18:55:45.0753 8072 Running under WOW64

18:55:45.0753 8072 Processor architecture: Intel x64

18:55:45.0753 8072 Number of processors: 2

18:55:45.0753 8072 Page size: 0x1000

18:55:45.0753 8072 Boot type: Normal boot

18:55:45.0753 8072 ============================================================

18:55:49.0619 8072 Initialize success

18:56:04.0295 4736 ============================================================

18:56:04.0295 4736 Scan started

18:56:04.0295 4736 Mode: Manual;

18:56:04.0295 4736 ============================================================

18:56:14.0034 4736 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

18:56:14.0037 4736 1394ohci - ok

18:56:14.0200 4736 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

18:56:14.0206 4736 ACPI - ok

18:56:14.0325 4736 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

18:56:14.0327 4736 AcpiPmi - ok

18:56:14.0462 4736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

18:56:14.0480 4736 adp94xx - ok

18:56:14.0541 4736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

18:56:14.0547 4736 adpahci - ok

18:56:14.0599 4736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

18:56:14.0608 4736 adpu320 - ok

18:56:14.0690 4736 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

18:56:14.0697 4736 AFD - ok

18:56:14.0722 4736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

18:56:14.0725 4736 agp440 - ok

18:56:14.0768 4736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

18:56:14.0770 4736 aliide - ok

18:56:14.0808 4736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

18:56:14.0810 4736 amdide - ok

18:56:14.0834 4736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

18:56:14.0837 4736 AmdK8 - ok

18:56:14.0857 4736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

18:56:14.0859 4736 AmdPPM - ok

18:56:14.0877 4736 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

18:56:14.0880 4736 amdsata - ok

18:56:14.0898 4736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

18:56:14.0904 4736 amdsbs - ok

18:56:14.0922 4736 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

18:56:14.0922 4736 amdxata - ok

18:56:14.0986 4736 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys

18:56:14.0987 4736 AnyDVD - ok

18:56:15.0070 4736 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

18:56:15.0073 4736 AppID - ok

18:56:15.0152 4736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

18:56:15.0156 4736 arc - ok

18:56:15.0194 4736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

18:56:15.0197 4736 arcsas - ok

18:56:15.0275 4736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

18:56:15.0280 4736 AsyncMac - ok

18:56:15.0332 4736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

18:56:15.0333 4736 atapi - ok

18:56:15.0381 4736 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

18:56:15.0382 4736 AtiHdmiService - ok

18:56:15.0561 4736 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys

18:56:15.0689 4736 atikmdag - ok

18:56:16.0286 4736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

18:56:16.0302 4736 b06bdrv - ok

18:56:16.0384 4736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

18:56:16.0389 4736 b57nd60a - ok

18:56:16.0474 4736 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys

18:56:16.0475 4736 BCM42RLY - ok

18:56:16.0611 4736 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys

18:56:16.0627 4736 BCM43XX - ok

18:56:16.0772 4736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

18:56:16.0775 4736 Beep - ok

18:56:16.0832 4736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

18:56:16.0834 4736 blbdrive - ok

18:56:16.0901 4736 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

18:56:16.0903 4736 bowser - ok

18:56:16.0985 4736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

18:56:16.0987 4736 BrFiltLo - ok

18:56:17.0003 4736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

18:56:17.0004 4736 BrFiltUp - ok

18:56:17.0055 4736 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

18:56:17.0059 4736 BridgeMP - ok

18:56:17.0087 4736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

18:56:17.0093 4736 Brserid - ok

18:56:17.0113 4736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

18:56:17.0116 4736 BrSerWdm - ok

18:56:17.0132 4736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

18:56:17.0134 4736 BrUsbMdm - ok

18:56:17.0158 4736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

18:56:17.0166 4736 BrUsbSer - ok

18:56:17.0200 4736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

18:56:17.0202 4736 BTHMODEM - ok

18:56:17.0232 4736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

18:56:17.0235 4736 cdfs - ok

18:56:17.0287 4736 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

18:56:17.0291 4736 cdrom - ok

18:56:17.0368 4736 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

18:56:17.0369 4736 cfwids - ok

18:56:17.0411 4736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

18:56:17.0414 4736 circlass - ok

18:56:17.0490 4736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

18:56:17.0504 4736 CLFS - ok

18:56:17.0593 4736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

18:56:17.0597 4736 CmBatt - ok

18:56:17.0632 4736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

18:56:17.0641 4736 cmdide - ok

18:56:17.0731 4736 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

18:56:17.0746 4736 CNG - ok

18:56:17.0796 4736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

18:56:17.0797 4736 Compbatt - ok

18:56:17.0843 4736 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

18:56:17.0849 4736 CompositeBus - ok

18:56:17.0913 4736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

18:56:17.0915 4736 crcdisk - ok

18:56:18.0010 4736 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

18:56:18.0041 4736 CSC - ok

18:56:18.0200 4736 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys

18:56:18.0211 4736 CtClsFlt - ok

18:56:18.0327 4736 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys

18:56:18.0328 4736 dc3d - ok

18:56:18.0545 4736 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

18:56:18.0553 4736 DfsC - ok

18:56:18.0631 4736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

18:56:18.0632 4736 discache - ok

18:56:18.0706 4736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

18:56:18.0709 4736 Disk - ok

18:56:18.0844 4736 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys

18:56:18.0846 4736 DisplayLinkUsbPort - ok

18:56:18.0892 4736 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys

18:56:18.0896 4736 dlcdbus - ok

18:56:18.0945 4736 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys

18:56:18.0946 4736 dlkmd - ok

18:56:18.0970 4736 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys

18:56:18.0971 4736 dlkmdldr - ok

18:56:19.0123 4736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

18:56:19.0131 4736 drmkaud - ok

18:56:19.0263 4736 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

18:56:19.0270 4736 DXGKrnl - ok

18:56:19.0621 4736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

18:56:19.0880 4736 ebdrv - ok

18:56:20.0248 4736 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

18:56:20.0249 4736 ElbyCDIO - ok

18:56:20.0349 4736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

18:56:20.0363 4736 elxstor - ok

18:56:20.0549 4736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

18:56:20.0558 4736 ErrDev - ok

18:56:20.0641 4736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

18:56:20.0646 4736 exfat - ok

18:56:20.0681 4736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

18:56:20.0688 4736 fastfat - ok

18:56:20.0753 4736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

18:56:20.0756 4736 fdc - ok

18:56:20.0815 4736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

18:56:20.0818 4736 FileInfo - ok

18:56:20.0888 4736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

18:56:20.0891 4736 Filetrace - ok

18:56:20.0984 4736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

18:56:20.0991 4736 flpydisk - ok

18:56:21.0056 4736 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

18:56:21.0061 4736 FltMgr - ok

18:56:21.0117 4736 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys

18:56:21.0120 4736 FlyUsb - ok

18:56:21.0183 4736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

18:56:21.0189 4736 FsDepends - ok

18:56:21.0244 4736 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

18:56:21.0247 4736 fssfltr - ok

18:56:21.0312 4736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

18:56:21.0313 4736 Fs_Rec - ok

18:56:21.0378 4736 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

18:56:21.0382 4736 fvevol - ok

18:56:21.0405 4736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

18:56:21.0409 4736 gagp30kx - ok

18:56:21.0480 4736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:56:21.0481 4736 GEARAspiWDM - ok

18:56:21.0734 4736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

18:56:21.0738 4736 hcw85cir - ok

18:56:21.0800 4736 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

18:56:21.0804 4736 HDAudBus - ok

18:56:21.0856 4736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

18:56:21.0861 4736 HidBatt - ok

18:56:21.0887 4736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

18:56:21.0895 4736 HidBth - ok

18:56:21.0990 4736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

18:56:21.0994 4736 HidIr - ok

18:56:22.0158 4736 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

18:56:22.0164 4736 HidUsb - ok

18:56:22.0316 4736 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

18:56:22.0322 4736 HpSAMD - ok

18:56:22.0545 4736 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys

18:56:22.0549 4736 HTCAND64 - ok

18:56:22.0786 4736 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys

18:56:22.0789 4736 htcnprot - ok

18:56:23.0634 4736 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

18:56:23.0680 4736 HTTP - ok

18:56:25.0081 4736 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

18:56:25.0082 4736 hwpolicy - ok

18:56:25.0211 4736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

18:56:25.0214 4736 i8042prt - ok

18:56:25.0473 4736 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

18:56:25.0518 4736 iaStorV - ok

18:56:25.0812 4736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

18:56:25.0818 4736 iirsp - ok

18:56:25.0856 4736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

18:56:25.0863 4736 intelide - ok

18:56:25.0910 4736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

18:56:25.0912 4736 intelppm - ok

18:56:26.0459 4736 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:56:26.0493 4736 IpFilterDriver - ok

18:56:26.0584 4736 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

18:56:26.0587 4736 IPMIDRV - ok

18:56:26.0668 4736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

18:56:26.0773 4736 IPNAT - ok

18:56:27.0243 4736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

18:56:27.0245 4736 IRENUM - ok

18:56:27.0296 4736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

18:56:27.0298 4736 isapnp - ok

18:56:27.0334 4736 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

18:56:27.0343 4736 iScsiPrt - ok

18:56:27.0635 4736 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys

18:56:27.0649 4736 k57nd60a - ok

18:56:27.0916 4736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

18:56:27.0917 4736 kbdclass - ok

18:56:28.0160 4736 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

18:56:28.0167 4736 kbdhid - ok

18:56:28.0259 4736 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

18:56:28.0263 4736 KSecDD - ok

18:56:28.0321 4736 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

18:56:28.0324 4736 KSecPkg - ok

18:56:28.0380 4736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

18:56:28.0387 4736 ksthunk - ok

18:56:28.0497 4736 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys

18:56:28.0526 4736 LAN9500 - ok

18:56:28.0634 4736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

18:56:28.0637 4736 lltdio - ok

18:56:28.0725 4736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

18:56:28.0731 4736 LSI_FC - ok

18:56:28.0755 4736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

18:56:28.0759 4736 LSI_SAS - ok

18:56:28.0786 4736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

18:56:28.0793 4736 LSI_SAS2 - ok

18:56:28.0839 4736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

18:56:28.0842 4736 LSI_SCSI - ok

18:56:28.0880 4736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

18:56:28.0885 4736 luafv - ok

18:56:29.0042 4736 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

18:56:29.0043 4736 MBAMProtector - ok

18:56:29.0199 4736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

18:56:29.0207 4736 megasas - ok

18:56:29.0283 4736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

18:56:29.0289 4736 MegaSR - ok

18:56:29.0355 4736 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

18:56:29.0356 4736 mfeapfk - ok

18:56:29.0433 4736 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

18:56:29.0436 4736 mfeavfk - ok

18:56:29.0556 4736 mfeavfk01 - ok

18:56:29.0908 4736 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

18:56:29.0912 4736 mfefirek - ok

18:56:30.0024 4736 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

18:56:30.0040 4736 mfehidk - ok

18:56:30.0125 4736 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

18:56:30.0126 4736 mfenlfk - ok

18:56:30.0199 4736 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

18:56:30.0206 4736 mferkdet - ok

18:56:30.0260 4736 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

18:56:30.0265 4736 mfewfpk - ok

18:56:30.0330 4736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

18:56:30.0335 4736 Modem - ok

18:56:30.0388 4736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

18:56:30.0389 4736 monitor - ok

18:56:30.0447 4736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

18:56:30.0448 4736 mouclass - ok

18:56:30.0503 4736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

18:56:30.0505 4736 mouhid - ok

18:56:30.0542 4736 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

18:56:30.0546 4736 mountmgr - ok

18:56:30.0669 4736 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

18:56:30.0701 4736 mpio - ok

18:56:30.0726 4736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

18:56:30.0728 4736 mpsdrv - ok

18:56:30.0769 4736 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

18:56:30.0772 4736 MRxDAV - ok

18:56:30.0815 4736 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:56:30.0820 4736 mrxsmb - ok

18:56:30.0864 4736 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:56:30.0872 4736 mrxsmb10 - ok

18:56:30.0945 4736 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:56:30.0949 4736 mrxsmb20 - ok

18:56:31.0002 4736 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

18:56:31.0003 4736 msahci - ok

18:56:31.0045 4736 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

18:56:31.0049 4736 msdsm - ok

18:56:31.0118 4736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

18:56:31.0121 4736 Msfs - ok

18:56:31.0148 4736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

18:56:31.0150 4736 mshidkmdf - ok

18:56:31.0203 4736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

18:56:31.0204 4736 msisadrv - ok

18:56:31.0253 4736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

18:56:31.0256 4736 MSKSSRV - ok

18:56:31.0294 4736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

18:56:31.0297 4736 MSPCLOCK - ok

18:56:31.0328 4736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

18:56:31.0330 4736 MSPQM - ok

18:56:31.0398 4736 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

18:56:31.0414 4736 MsRPC - ok

18:56:31.0472 4736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

18:56:31.0472 4736 mssmbios - ok

18:56:31.0909 4736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

18:56:31.0915 4736 MSTEE - ok

18:56:32.0044 4736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

18:56:32.0047 4736 MTConfig - ok

18:56:32.0149 4736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

18:56:32.0150 4736 Mup - ok

18:56:32.0242 4736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

18:56:32.0259 4736 NativeWifiP - ok

18:56:32.0360 4736 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

18:56:32.0392 4736 NDIS - ok

18:56:32.0453 4736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

18:56:32.0462 4736 NdisCap - ok

18:56:32.0530 4736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

18:56:32.0534 4736 NdisTapi - ok

18:56:32.0614 4736 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

18:56:32.0618 4736 Ndisuio - ok

18:56:32.0715 4736 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

18:56:32.0721 4736 NdisWan - ok

18:56:32.0785 4736 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

18:56:32.0788 4736 NDProxy - ok

18:56:32.0886 4736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

18:56:32.0890 4736 NetBIOS - ok

18:56:32.0989 4736 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

18:56:33.0002 4736 NetBT - ok

18:56:33.0174 4736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

18:56:33.0176 4736 nfrd960 - ok

18:56:33.0249 4736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

18:56:33.0252 4736 Npfs - ok

18:56:33.0368 4736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

18:56:33.0369 4736 nsiproxy - ok

18:56:34.0550 4736 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

18:56:34.0603 4736 Ntfs - ok

18:56:34.0769 4736 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

18:56:34.0778 4736 NuidFltr - ok

18:56:34.0852 4736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

18:56:34.0861 4736 Null - ok

18:56:35.0001 4736 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

18:56:35.0011 4736 nvraid - ok

18:56:35.0091 4736 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

18:56:35.0101 4736 nvstor - ok

18:56:35.0141 4736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

18:56:35.0151 4736 nv_agp - ok

18:56:35.0211 4736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

18:56:35.0221 4736 ohci1394 - ok

18:56:35.0321 4736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

18:56:35.0321 4736 Parport - ok

18:56:35.0431 4736 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

18:56:35.0431 4736 partmgr - ok

18:56:36.0081 4736 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms

18:56:36.0291 4736 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

18:56:36.0451 4736 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

18:56:36.0461 4736 pci - ok

18:56:36.0511 4736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

18:56:36.0521 4736 pciide - ok

18:56:36.0601 4736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

18:56:36.0621 4736 pcmcia - ok

18:56:36.0901 4736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

18:56:36.0901 4736 pcw - ok

18:56:37.0252 4736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

18:56:37.0277 4736 PEAUTH - ok

18:56:38.0160 4736 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys

18:56:38.0170 4736 Point64 - ok

18:56:38.0620 4736 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

18:56:38.0630 4736 PptpMiniport - ok

18:56:38.0800 4736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

18:56:38.0810 4736 Processor - ok

18:56:38.0920 4736 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

18:56:38.0930 4736 Psched - ok

18:56:39.0040 4736 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

18:56:39.0050 4736 PxHlpa64 - ok

18:56:39.0260 4736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

18:56:39.0330 4736 ql2300 - ok

18:56:39.0400 4736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

18:56:39.0420 4736 ql40xx - ok

18:56:39.0470 4736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

18:56:39.0480 4736 QWAVEdrv - ok

18:56:39.0610 4736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

18:56:39.0610 4736 RasAcd - ok

18:56:39.0790 4736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

18:56:39.0800 4736 RasAgileVpn - ok

18:56:39.0910 4736 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:56:39.0920 4736 Rasl2tp - ok

18:56:40.0000 4736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

18:56:40.0010 4736 RasPppoe - ok

18:56:40.0040 4736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

18:56:40.0050 4736 RasSstp - ok

18:56:40.0130 4736 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

18:56:40.0160 4736 rdbss - ok

18:56:40.0210 4736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

18:56:40.0210 4736 rdpbus - ok

18:56:40.0270 4736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:56:40.0280 4736 RDPCDD - ok

18:56:40.0350 4736 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

18:56:40.0360 4736 RDPDR - ok

18:56:40.0400 4736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

18:56:40.0400 4736 RDPENCDD - ok

18:56:40.0470 4736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

18:56:40.0480 4736 RDPREFMP - ok

18:56:40.0590 4736 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

18:56:40.0600 4736 RdpVideoMiniport - ok

18:56:40.0670 4736 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

18:56:40.0680 4736 RDPWD - ok

18:56:40.0810 4736 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

18:56:40.0830 4736 rdyboost - ok

18:56:41.0100 4736 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys

18:56:41.0100 4736 rimmptsk - ok

18:56:41.0140 4736 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys

18:56:41.0150 4736 rimsptsk - ok

18:56:41.0200 4736 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

18:56:41.0210 4736 RimUsb - ok

18:56:41.0280 4736 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys

18:56:41.0290 4736 rismxdp - ok

18:56:41.0410 4736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

18:56:41.0420 4736 rspndr - ok

18:56:41.0510 4736 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

18:56:41.0510 4736 s3cap - ok

18:56:41.0680 4736 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

18:56:41.0690 4736 sbp2port - ok

18:56:41.0840 4736 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

18:56:41.0840 4736 scfilter - ok

18:56:41.0940 4736 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

18:56:41.0950 4736 sdbus - ok

18:56:42.0060 4736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

18:56:42.0070 4736 secdrv - ok

18:56:42.0190 4736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

18:56:42.0190 4736 Serenum - ok

18:56:42.0250 4736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

18:56:42.0260 4736 Serial - ok

18:56:42.0450 4736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

18:56:42.0460 4736 sermouse - ok

18:56:42.0590 4736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

18:56:42.0590 4736 sffdisk - ok

18:56:42.0660 4736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

18:56:42.0670 4736 sffp_mmc - ok

18:56:42.0750 4736 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

18:56:42.0750 4736 sffp_sd - ok

18:56:42.0930 4736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

18:56:42.0930 4736 sfloppy - ok

18:56:43.0020 4736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

18:56:43.0030 4736 SiSRaid2 - ok

18:56:43.0080 4736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

18:56:43.0090 4736 SiSRaid4 - ok

18:56:43.0170 4736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

18:56:43.0170 4736 Smb - ok

18:56:43.0320 4736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

18:56:43.0330 4736 spldr - ok

18:56:43.0470 4736 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

18:56:43.0530 4736 srv - ok

18:56:43.0620 4736 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

18:56:43.0650 4736 srv2 - ok

18:56:43.0830 4736 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

18:56:43.0840 4736 srvnet - ok

18:56:44.0010 4736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

18:56:44.0020 4736 stexstor - ok

18:56:44.0110 4736 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys

18:56:44.0150 4736 STHDA - ok

18:56:44.0250 4736 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

18:56:44.0250 4736 storflt - ok

18:56:44.0340 4736 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

18:56:44.0350 4736 storvsc - ok

18:56:44.0420 4736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

18:56:44.0420 4736 swenum - ok

18:56:44.0560 4736 Synth3dVsc - ok

18:56:44.0660 4736 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys

18:56:44.0670 4736 SynTP - ok

18:56:44.0890 4736 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

18:56:44.0970 4736 Tcpip - ok

18:56:45.0140 4736 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

18:56:45.0260 4736 TCPIP6 - ok

18:56:45.0380 4736 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

18:56:45.0380 4736 tcpipreg - ok

18:56:45.0450 4736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

18:56:45.0460 4736 TDPIPE - ok

18:56:45.0520 4736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

18:56:45.0530 4736 TDTCP - ok

18:56:45.0700 4736 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

18:56:45.0720 4736 tdx - ok

18:56:45.0810 4736 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

18:56:45.0810 4736 TermDD - ok

18:56:45.0950 4736 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:56:45.0950 4736 tssecsrv - ok

18:56:46.0020 4736 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

18:56:46.0030 4736 TsUsbFlt - ok

18:56:46.0060 4736 tsusbhub - ok

18:56:46.0150 4736 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

18:56:46.0150 4736 tunnel - ok

18:56:46.0290 4736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

18:56:46.0290 4736 uagp35 - ok

18:56:46.0370 4736 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

18:56:46.0390 4736 udfs - ok

18:56:46.0510 4736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

18:56:46.0510 4736 uliagpkx - ok

18:56:46.0590 4736 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

18:56:46.0590 4736 umbus - ok

18:56:46.0630 4736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

18:56:46.0640 4736 UmPass - ok

18:56:46.0760 4736 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

18:56:46.0770 4736 USBAAPL64 - ok

18:56:46.0840 4736 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

18:56:46.0850 4736 usbccgp - ok

18:56:46.0880 4736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

18:56:46.0890 4736 usbcir - ok

18:56:46.0920 4736 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

18:56:46.0930 4736 usbehci - ok

18:56:46.0990 4736 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

18:56:47.0010 4736 usbhub - ok

18:56:47.0050 4736 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

18:56:47.0050 4736 usbohci - ok

18:56:47.0110 4736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

18:56:47.0110 4736 usbprint - ok

18:56:47.0150 4736 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:56:47.0150 4736 USBSTOR - ok

18:56:47.0180 4736 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

18:56:47.0180 4736 usbuhci - ok

18:56:47.0240 4736 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

18:56:47.0250 4736 usbvideo - ok

18:56:47.0330 4736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

18:56:47.0330 4736 vdrvroot - ok

18:56:47.0460 4736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

18:56:47.0460 4736 vga - ok

18:56:47.0490 4736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

18:56:47.0500 4736 VgaSave - ok

18:56:47.0560 4736 VGPU - ok

18:56:47.0710 4736 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

18:56:47.0720 4736 vhdmp - ok

18:56:47.0780 4736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

18:56:47.0790 4736 viaide - ok

18:56:47.0910 4736 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

18:56:47.0920 4736 vmbus - ok

18:56:47.0950 4736 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

18:56:47.0960 4736 VMBusHID - ok

18:56:48.0010 4736 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

18:56:48.0020 4736 volmgr - ok

18:56:48.0100 4736 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

18:56:48.0110 4736 volmgrx - ok

18:56:48.0270 4736 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

18:56:48.0280 4736 volsnap - ok

18:56:48.0360 4736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

18:56:48.0370 4736 vsmraid - ok

18:56:48.0460 4736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

18:56:48.0460 4736 vwifibus - ok

18:56:48.0540 4736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

18:56:48.0540 4736 vwififlt - ok

18:56:48.0610 4736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

18:56:48.0610 4736 vwifimp - ok

18:56:48.0680 4736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

18:56:48.0690 4736 WacomPen - ok

18:56:48.0760 4736 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

18:56:48.0760 4736 WANARP - ok

18:56:48.0790 4736 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

18:56:48.0790 4736 Wanarpv6 - ok

18:56:48.0860 4736 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys

18:56:48.0860 4736 wanatw - ok

18:56:49.0020 4736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

18:56:49.0020 4736 Wd - ok

18:56:49.0090 4736 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

18:56:49.0090 4736 WDC_SAM - ok

18:56:49.0190 4736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

18:56:49.0220 4736 Wdf01000 - ok

18:56:49.0340 4736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

18:56:49.0350 4736 WfpLwf - ok

18:56:49.0400 4736 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

18:56:49.0400 4736 WimFltr - ok

18:56:49.0440 4736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

18:56:49.0450 4736 WIMMount - ok

18:56:49.0640 4736 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

18:56:49.0650 4736 WinUsb - ok

18:56:49.0750 4736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

18:56:49.0760 4736 WmiAcpi - ok

18:56:49.0910 4736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

18:56:49.0910 4736 ws2ifsl - ok

18:56:50.0010 4736 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

18:56:50.0010 4736 WudfPf - ok

18:56:50.0080 4736 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:56:50.0090 4736 WUDFRd - ok

18:56:50.0210 4736 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0

18:56:50.0300 4736 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning

18:56:50.0300 4736 \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)

18:56:50.0320 4736 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0

18:56:50.0320 4736 \Device\Harddisk0\DR0\Partition0 - ok

18:56:50.0340 4736 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1

18:56:50.0350 4736 \Device\Harddisk0\DR0\Partition1 - ok

18:56:50.0350 4736 ============================================================

18:56:50.0350 4736 Scan finished

18:56:50.0350 4736 ============================================================

18:56:50.0390 6592 Detected object count: 1

18:56:50.0390 6592 Actual detected object count: 1

19:00:34.0706 6592 \Device\Harddisk0\DR0 - copied to quarantine

19:00:34.0706 6592 \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Quarantine

19:00:42.0328 8060 Deinitialize success

Link to post
Share on other sites

I did not have the latest version of TDSSKiller. I upgraded to the latest version and I now have the Cure option. Here is the log with the Cure option picked.

21:05:28.0665 7556 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

21:05:29.0515 7556 ============================================================

21:05:29.0515 7556 Current date / time: 2012/02/23 21:05:29.0515

21:05:29.0515 7556 SystemInfo:

21:05:29.0515 7556

21:05:29.0515 7556 OS Version: 6.1.7601 ServicePack: 1.0

21:05:29.0515 7556 Product type: Workstation

21:05:29.0515 7556 ComputerName: ROO-SOXLAPTOP

21:05:29.0515 7556 UserName: Roo

21:05:29.0515 7556 Windows directory: C:\Windows

21:05:29.0515 7556 System windows directory: C:\Windows

21:05:29.0515 7556 Running under WOW64

21:05:29.0515 7556 Processor architecture: Intel x64

21:05:29.0515 7556 Number of processors: 2

21:05:29.0515 7556 Page size: 0x1000

21:05:29.0515 7556 Boot type: Normal boot

21:05:29.0515 7556 ============================================================

21:05:30.0855 7556 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:05:30.0865 7556 \Device\Harddisk0\DR0:

21:05:30.0865 7556 MBR used

21:05:30.0865 7556 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000

21:05:30.0865 7556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B

21:05:30.0885 7556 Initialize success

21:05:30.0885 7556 ============================================================

21:05:33.0656 0400 ============================================================

21:05:33.0656 0400 Scan started

21:05:33.0656 0400 Mode: Manual;

21:05:33.0656 0400 ============================================================

21:05:35.0236 0400 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

21:05:35.0306 0400 1394ohci - ok

21:05:35.0366 0400 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

21:05:35.0426 0400 ACPI - ok

21:05:35.0456 0400 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

21:05:35.0496 0400 AcpiPmi - ok

21:05:35.0556 0400 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

21:05:35.0576 0400 adp94xx - ok

21:05:35.0606 0400 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

21:05:35.0616 0400 adpahci - ok

21:05:35.0676 0400 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

21:05:35.0696 0400 adpu320 - ok

21:05:35.0766 0400 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

21:05:35.0826 0400 AFD - ok

21:05:35.0856 0400 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

21:05:35.0856 0400 agp440 - ok

21:05:35.0896 0400 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

21:05:35.0916 0400 aliide - ok

21:05:35.0946 0400 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

21:05:35.0946 0400 amdide - ok

21:05:36.0006 0400 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

21:05:36.0006 0400 AmdK8 - ok

21:05:36.0026 0400 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

21:05:36.0036 0400 AmdPPM - ok

21:05:36.0086 0400 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

21:05:36.0146 0400 amdsata - ok

21:05:36.0176 0400 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

21:05:36.0186 0400 amdsbs - ok

21:05:36.0206 0400 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

21:05:36.0246 0400 amdxata - ok

21:05:36.0306 0400 AnyDVD (2d71d1eed26923802c1c1b26e603fe0c) C:\Windows\system32\Drivers\AnyDVD.sys

21:05:36.0366 0400 AnyDVD - ok

21:05:36.0446 0400 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

21:05:36.0496 0400 AppID - ok

21:05:36.0566 0400 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

21:05:36.0576 0400 arc - ok

21:05:36.0596 0400 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

21:05:36.0616 0400 arcsas - ok

21:05:36.0656 0400 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

21:05:36.0666 0400 AsyncMac - ok

21:05:36.0706 0400 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

21:05:36.0706 0400 atapi - ok

21:05:36.0766 0400 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

21:05:36.0836 0400 AtiHdmiService - ok

21:05:36.0996 0400 atikmdag (a08339ae90972e268b9622c668f450e8) C:\Windows\system32\DRIVERS\atikmdag.sys

21:05:37.0096 0400 atikmdag - ok

21:05:37.0186 0400 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

21:05:37.0196 0400 b06bdrv - ok

21:05:37.0246 0400 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

21:05:37.0256 0400 b57nd60a - ok

21:05:37.0306 0400 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys

21:05:37.0366 0400 BCM42RLY - ok

21:05:37.0466 0400 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys

21:05:37.0526 0400 BCM43XX - ok

21:05:37.0596 0400 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

21:05:37.0606 0400 Beep - ok

21:05:37.0666 0400 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

21:05:37.0686 0400 blbdrive - ok

21:05:37.0766 0400 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

21:05:37.0826 0400 bowser - ok

21:05:37.0866 0400 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:05:37.0866 0400 BrFiltLo - ok

21:05:37.0886 0400 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:05:37.0896 0400 BrFiltUp - ok

21:05:37.0936 0400 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

21:05:37.0946 0400 BridgeMP - ok

21:05:37.0986 0400 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

21:05:37.0996 0400 Brserid - ok

21:05:38.0036 0400 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

21:05:38.0046 0400 BrSerWdm - ok

21:05:38.0066 0400 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:05:38.0066 0400 BrUsbMdm - ok

21:05:38.0126 0400 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

21:05:38.0136 0400 BrUsbSer - ok

21:05:38.0166 0400 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

21:05:38.0166 0400 BTHMODEM - ok

21:05:38.0206 0400 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

21:05:38.0216 0400 cdfs - ok

21:05:38.0266 0400 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

21:05:38.0306 0400 cdrom - ok

21:05:38.0366 0400 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

21:05:38.0426 0400 cfwids - ok

21:05:38.0446 0400 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

21:05:38.0446 0400 circlass - ok

21:05:38.0486 0400 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

21:05:38.0506 0400 CLFS - ok

21:05:38.0546 0400 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

21:05:38.0546 0400 CmBatt - ok

21:05:38.0566 0400 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

21:05:38.0566 0400 cmdide - ok

21:05:38.0616 0400 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

21:05:38.0686 0400 CNG - ok

21:05:38.0716 0400 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

21:05:38.0716 0400 Compbatt - ok

21:05:38.0776 0400 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

21:05:38.0846 0400 CompositeBus - ok

21:05:38.0896 0400 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

21:05:38.0906 0400 crcdisk - ok

21:05:38.0976 0400 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

21:05:39.0046 0400 CSC - ok

21:05:39.0096 0400 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys

21:05:39.0146 0400 CtClsFlt - ok

21:05:39.0206 0400 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys

21:05:39.0266 0400 dc3d - ok

21:05:39.0306 0400 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

21:05:39.0346 0400 DfsC - ok

21:05:39.0386 0400 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

21:05:39.0396 0400 discache - ok

21:05:39.0446 0400 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

21:05:39.0456 0400 Disk - ok

21:05:39.0517 0400 DisplayLinkUsbPort (15d38bfec1c6db925a9427052ac2bd77) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys

21:05:39.0567 0400 DisplayLinkUsbPort - ok

21:05:39.0607 0400 dlcdbus (0e787242686a9fc890ed420c9c287686) C:\Windows\system32\DRIVERS\dlcdbus.sys

21:05:39.0657 0400 dlcdbus - ok

21:05:39.0707 0400 dlkmd (f7b3c3e03d957d73d41947402d9cd406) C:\Windows\system32\drivers\dlkmd.sys

21:05:39.0757 0400 dlkmd - ok

21:05:39.0787 0400 dlkmdldr (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys

21:05:39.0837 0400 dlkmdldr - ok

21:05:39.0917 0400 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

21:05:39.0917 0400 drmkaud - ok

21:05:39.0977 0400 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

21:05:40.0037 0400 DXGKrnl - ok

21:05:40.0307 0400 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

21:05:40.0347 0400 ebdrv - ok

21:05:40.0417 0400 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys

21:05:40.0487 0400 ElbyCDIO - ok

21:05:40.0517 0400 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

21:05:40.0527 0400 elxstor - ok

21:05:40.0567 0400 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

21:05:40.0577 0400 ErrDev - ok

21:05:40.0617 0400 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

21:05:40.0627 0400 exfat - ok

21:05:40.0687 0400 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

21:05:40.0697 0400 fastfat - ok

21:05:40.0737 0400 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

21:05:40.0747 0400 fdc - ok

21:05:40.0797 0400 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

21:05:40.0797 0400 FileInfo - ok

21:05:40.0827 0400 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

21:05:40.0827 0400 Filetrace - ok

21:05:40.0847 0400 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

21:05:40.0847 0400 flpydisk - ok

21:05:40.0897 0400 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

21:05:40.0937 0400 FltMgr - ok

21:05:40.0987 0400 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys

21:05:41.0037 0400 FlyUsb - ok

21:05:41.0057 0400 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

21:05:41.0067 0400 FsDepends - ok

21:05:41.0117 0400 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

21:05:41.0177 0400 fssfltr - ok

21:05:41.0197 0400 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

21:05:41.0197 0400 Fs_Rec - ok

21:05:41.0257 0400 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

21:05:41.0307 0400 fvevol - ok

21:05:41.0327 0400 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:05:41.0327 0400 gagp30kx - ok

21:05:41.0367 0400 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:05:41.0427 0400 GEARAspiWDM - ok

21:05:41.0567 0400 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

21:05:41.0567 0400 hcw85cir - ok

21:05:41.0647 0400 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

21:05:41.0697 0400 HDAudBus - ok

21:05:41.0727 0400 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

21:05:41.0727 0400 HidBatt - ok

21:05:41.0767 0400 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

21:05:41.0767 0400 HidBth - ok

21:05:41.0807 0400 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

21:05:41.0817 0400 HidIr - ok

21:05:41.0867 0400 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

21:05:41.0917 0400 HidUsb - ok

21:05:41.0957 0400 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

21:05:42.0007 0400 HpSAMD - ok

21:05:42.0047 0400 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys

21:05:42.0117 0400 HTCAND64 - ok

21:05:42.0197 0400 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys

21:05:42.0247 0400 htcnprot - ok

21:05:42.0287 0400 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

21:05:42.0397 0400 HTTP - ok

21:05:42.0437 0400 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

21:05:42.0467 0400 hwpolicy - ok

21:05:42.0507 0400 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

21:05:42.0528 0400 i8042prt - ok

21:05:42.0568 0400 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

21:05:42.0638 0400 iaStorV - ok

21:05:42.0718 0400 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

21:05:42.0728 0400 iirsp - ok

21:05:42.0778 0400 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

21:05:42.0778 0400 intelide - ok

21:05:42.0808 0400 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

21:05:42.0828 0400 intelppm - ok

21:05:42.0898 0400 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:05:42.0938 0400 IpFilterDriver - ok

21:05:42.0958 0400 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

21:05:43.0008 0400 IPMIDRV - ok

21:05:43.0038 0400 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

21:05:43.0048 0400 IPNAT - ok

21:05:43.0108 0400 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

21:05:43.0108 0400 IRENUM - ok

21:05:43.0128 0400 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

21:05:43.0138 0400 isapnp - ok

21:05:43.0158 0400 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

21:05:43.0208 0400 iScsiPrt - ok

21:05:43.0268 0400 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\Windows\system32\DRIVERS\k57nd60a.sys

21:05:43.0288 0400 k57nd60a - ok

21:05:43.0308 0400 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

21:05:43.0318 0400 kbdclass - ok

21:05:43.0328 0400 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

21:05:43.0388 0400 kbdhid - ok

21:05:43.0418 0400 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

21:05:43.0468 0400 KSecDD - ok

21:05:43.0508 0400 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

21:05:43.0548 0400 KSecPkg - ok

21:05:43.0578 0400 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

21:05:43.0588 0400 ksthunk - ok

21:05:43.0658 0400 LAN9500 (bc2539d1f5f6b7def2f736d93a9a0938) C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys

21:05:43.0708 0400 LAN9500 - ok

21:05:43.0778 0400 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

21:05:43.0788 0400 lltdio - ok

21:05:43.0838 0400 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:05:43.0838 0400 LSI_FC - ok

21:05:43.0858 0400 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:05:43.0858 0400 LSI_SAS - ok

21:05:43.0888 0400 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:05:43.0888 0400 LSI_SAS2 - ok

21:05:43.0928 0400 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:05:43.0938 0400 LSI_SCSI - ok

21:05:43.0968 0400 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

21:05:43.0968 0400 luafv - ok

21:05:44.0028 0400 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

21:05:44.0098 0400 MBAMProtector - ok

21:05:44.0198 0400 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

21:05:44.0208 0400 megasas - ok

21:05:44.0238 0400 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

21:05:44.0248 0400 MegaSR - ok

21:05:44.0288 0400 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

21:05:44.0328 0400 mfeapfk - ok

21:05:44.0368 0400 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

21:05:44.0418 0400 mfeavfk - ok

21:05:44.0438 0400 mfeavfk01 - ok

21:05:44.0488 0400 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

21:05:44.0558 0400 mfefirek - ok

21:05:44.0578 0400 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

21:05:44.0628 0400 mfehidk - ok

21:05:44.0688 0400 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

21:05:44.0758 0400 mfenlfk - ok

21:05:44.0808 0400 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

21:05:44.0858 0400 mferkdet - ok

21:05:44.0888 0400 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

21:05:44.0938 0400 mfewfpk - ok

21:05:45.0008 0400 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

21:05:45.0008 0400 Modem - ok

21:05:45.0068 0400 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

21:05:45.0078 0400 monitor - ok

21:05:45.0148 0400 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

21:05:45.0148 0400 mouclass - ok

21:05:45.0198 0400 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

21:05:45.0208 0400 mouhid - ok

21:05:45.0278 0400 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

21:05:45.0358 0400 mountmgr - ok

21:05:45.0388 0400 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

21:05:45.0448 0400 mpio - ok

21:05:45.0478 0400 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

21:05:45.0478 0400 mpsdrv - ok

21:05:45.0528 0400 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

21:05:45.0598 0400 MRxDAV - ok

21:05:45.0628 0400 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:05:45.0688 0400 mrxsmb - ok

21:05:45.0738 0400 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:05:45.0808 0400 mrxsmb10 - ok

21:05:45.0828 0400 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:05:45.0868 0400 mrxsmb20 - ok

21:05:45.0908 0400 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

21:05:45.0968 0400 msahci - ok

21:05:45.0988 0400 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

21:05:46.0048 0400 msdsm - ok

21:05:46.0088 0400 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

21:05:46.0098 0400 Msfs - ok

21:05:46.0118 0400 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

21:05:46.0128 0400 mshidkmdf - ok

21:05:46.0138 0400 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

21:05:46.0138 0400 msisadrv - ok

21:05:46.0198 0400 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

21:05:46.0208 0400 MSKSSRV - ok

21:05:46.0248 0400 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

21:05:46.0258 0400 MSPCLOCK - ok

21:05:46.0288 0400 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

21:05:46.0298 0400 MSPQM - ok

21:05:46.0338 0400 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

21:05:46.0398 0400 MsRPC - ok

21:05:46.0418 0400 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

21:05:46.0418 0400 mssmbios - ok

21:05:46.0438 0400 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

21:05:46.0438 0400 MSTEE - ok

21:05:46.0458 0400 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

21:05:46.0468 0400 MTConfig - ok

21:05:46.0488 0400 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

21:05:46.0498 0400 Mup - ok

21:05:46.0569 0400 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

21:05:46.0589 0400 NativeWifiP - ok

21:05:46.0719 0400 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

21:05:46.0789 0400 NDIS - ok

21:05:46.0819 0400 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

21:05:46.0829 0400 NdisCap - ok

21:05:46.0869 0400 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

21:05:46.0869 0400 NdisTapi - ok

21:05:46.0919 0400 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

21:05:46.0979 0400 Ndisuio - ok

21:05:47.0019 0400 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

21:05:47.0089 0400 NdisWan - ok

21:05:47.0129 0400 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

21:05:47.0189 0400 NDProxy - ok

21:05:47.0209 0400 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

21:05:47.0209 0400 NetBIOS - ok

21:05:47.0239 0400 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

21:05:47.0309 0400 NetBT - ok

21:05:47.0349 0400 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

21:05:47.0349 0400 nfrd960 - ok

21:05:47.0379 0400 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

21:05:47.0389 0400 Npfs - ok

21:05:47.0409 0400 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

21:05:47.0419 0400 nsiproxy - ok

21:05:47.0479 0400 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

21:05:47.0659 0400 Ntfs - ok

21:05:47.0739 0400 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys

21:05:47.0819 0400 NuidFltr - ok

21:05:47.0839 0400 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

21:05:47.0849 0400 Null - ok

21:05:47.0889 0400 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

21:05:47.0939 0400 nvraid - ok

21:05:47.0979 0400 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

21:05:48.0019 0400 nvstor - ok

21:05:48.0059 0400 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

21:05:48.0069 0400 nv_agp - ok

21:05:48.0089 0400 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

21:05:48.0099 0400 ohci1394 - ok

21:05:48.0149 0400 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

21:05:48.0179 0400 Parport - ok

21:05:48.0219 0400 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

21:05:48.0309 0400 partmgr - ok

21:05:48.0449 0400 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms

21:05:48.0499 0400 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

21:05:48.0539 0400 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

21:05:48.0589 0400 pci - ok

21:05:48.0619 0400 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

21:05:48.0619 0400 pciide - ok

21:05:48.0689 0400 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

21:05:48.0709 0400 pcmcia - ok

21:05:48.0729 0400 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

21:05:48.0729 0400 pcw - ok

21:05:48.0759 0400 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

21:05:48.0769 0400 PEAUTH - ok

21:05:48.0849 0400 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys

21:05:48.0899 0400 Point64 - ok

21:05:48.0959 0400 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

21:05:49.0039 0400 PptpMiniport - ok

21:05:49.0059 0400 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

21:05:49.0059 0400 Processor - ok

21:05:49.0109 0400 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

21:05:49.0169 0400 Psched - ok

21:05:49.0219 0400 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

21:05:49.0259 0400 PxHlpa64 - ok

21:05:49.0299 0400 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

21:05:49.0359 0400 ql2300 - ok

21:05:49.0379 0400 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

21:05:49.0379 0400 ql40xx - ok

21:05:49.0399 0400 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

21:05:49.0409 0400 QWAVEdrv - ok

21:05:49.0429 0400 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

21:05:49.0429 0400 RasAcd - ok

21:05:49.0479 0400 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:05:49.0489 0400 RasAgileVpn - ok

21:05:49.0539 0400 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:05:49.0590 0400 Rasl2tp - ok

21:05:49.0610 0400 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

21:05:49.0620 0400 RasPppoe - ok

21:05:49.0660 0400 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

21:05:49.0670 0400 RasSstp - ok

21:05:49.0740 0400 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

21:05:49.0800 0400 rdbss - ok

21:05:49.0820 0400 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

21:05:49.0820 0400 rdpbus - ok

21:05:49.0850 0400 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:05:49.0850 0400 RDPCDD - ok

21:05:49.0900 0400 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

21:05:49.0950 0400 RDPDR - ok

21:05:49.0970 0400 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

21:05:49.0970 0400 RDPENCDD - ok

21:05:50.0010 0400 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

21:05:50.0020 0400 RDPREFMP - ok

21:05:50.0070 0400 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

21:05:50.0130 0400 RdpVideoMiniport - ok

21:05:50.0160 0400 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

21:05:50.0220 0400 RDPWD - ok

21:05:50.0280 0400 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

21:05:50.0340 0400 rdyboost - ok

21:05:50.0400 0400 rimmptsk (6faf5b04bedc66d300d9d233b2d222f0) C:\Windows\system32\DRIVERS\rimmpx64.sys

21:05:50.0460 0400 rimmptsk - ok

21:05:50.0480 0400 rimsptsk (67f50c31713106fd1b0f286f86aa2b2e) C:\Windows\system32\DRIVERS\rimspx64.sys

21:05:50.0520 0400 rimsptsk - ok

21:05:50.0570 0400 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

21:05:50.0630 0400 RimUsb - ok

21:05:50.0690 0400 rismxdp (4d7ef3d46346ec4c58784db964b365de) C:\Windows\system32\DRIVERS\rixdpx64.sys

21:05:50.0760 0400 rismxdp - ok

21:05:50.0830 0400 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

21:05:50.0830 0400 rspndr - ok

21:05:50.0880 0400 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

21:05:50.0940 0400 s3cap - ok

21:05:50.0970 0400 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

21:05:51.0020 0400 sbp2port - ok

21:05:51.0060 0400 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

21:05:51.0120 0400 scfilter - ok

21:05:51.0150 0400 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

21:05:51.0200 0400 sdbus - ok

21:05:51.0240 0400 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

21:05:51.0250 0400 secdrv - ok

21:05:51.0290 0400 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

21:05:51.0300 0400 Serenum - ok

21:05:51.0320 0400 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

21:05:51.0320 0400 Serial - ok

21:05:51.0350 0400 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

21:05:51.0360 0400 sermouse - ok

21:05:51.0410 0400 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

21:05:51.0410 0400 sffdisk - ok

21:05:51.0430 0400 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

21:05:51.0430 0400 sffp_mmc - ok

21:05:51.0460 0400 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

21:05:51.0510 0400 sffp_sd - ok

21:05:51.0530 0400 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

21:05:51.0540 0400 sfloppy - ok

21:05:51.0580 0400 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:05:51.0590 0400 SiSRaid2 - ok

21:05:51.0610 0400 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

21:05:51.0620 0400 SiSRaid4 - ok

21:05:51.0700 0400 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

21:05:51.0710 0400 Smb - ok

21:05:51.0760 0400 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

21:05:51.0770 0400 spldr - ok

21:05:51.0820 0400 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

21:05:51.0890 0400 srv - ok

21:05:51.0940 0400 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

21:05:51.0990 0400 srv2 - ok

21:05:52.0020 0400 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

21:05:52.0080 0400 srvnet - ok

21:05:52.0130 0400 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

21:05:52.0130 0400 stexstor - ok

21:05:52.0190 0400 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys

21:05:52.0260 0400 STHDA - ok

21:05:52.0300 0400 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

21:05:52.0350 0400 storflt - ok

21:05:52.0380 0400 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

21:05:52.0420 0400 storvsc - ok

21:05:52.0460 0400 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

21:05:52.0460 0400 swenum - ok

21:05:52.0520 0400 Synth3dVsc - ok

21:05:52.0570 0400 SynTP (1657b7442d5ce30533f5c4317716b468) C:\Windows\system32\DRIVERS\SynTP.sys

21:05:52.0650 0400 SynTP - ok

21:05:52.0740 0400 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

21:05:52.0880 0400 Tcpip - ok

21:05:52.0960 0400 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

21:05:52.0980 0400 TCPIP6 - ok

21:05:53.0030 0400 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

21:05:53.0090 0400 tcpipreg - ok

21:05:53.0130 0400 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

21:05:53.0150 0400 TDPIPE - ok

21:05:53.0170 0400 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

21:05:53.0170 0400 TDTCP - ok

21:05:53.0210 0400 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

21:05:53.0260 0400 tdx - ok

21:05:53.0300 0400 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

21:05:53.0330 0400 TermDD - ok

21:05:53.0390 0400 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:05:53.0430 0400 tssecsrv - ok

21:05:53.0470 0400 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

21:05:53.0510 0400 TsUsbFlt - ok

21:05:53.0520 0400 tsusbhub - ok

21:05:53.0590 0400 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

21:05:53.0660 0400 tunnel - ok

21:05:53.0690 0400 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

21:05:53.0690 0400 uagp35 - ok

21:05:53.0740 0400 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

21:05:53.0810 0400 udfs - ok

21:05:53.0870 0400 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

21:05:53.0880 0400 uliagpkx - ok

21:05:53.0950 0400 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

21:05:54.0020 0400 umbus - ok

21:05:54.0050 0400 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

21:05:54.0050 0400 UmPass - ok

21:05:54.0130 0400 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

21:05:54.0190 0400 USBAAPL64 - ok

21:05:54.0230 0400 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

21:05:54.0300 0400 usbccgp - ok

21:05:54.0330 0400 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

21:05:54.0340 0400 usbcir - ok

21:05:54.0360 0400 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

21:05:54.0420 0400 usbehci - ok

21:05:54.0440 0400 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

21:05:54.0510 0400 usbhub - ok

21:05:54.0530 0400 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

21:05:54.0590 0400 usbohci - ok

21:05:54.0610 0400 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

21:05:54.0620 0400 usbprint - ok

21:05:54.0680 0400 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:05:54.0740 0400 USBSTOR - ok

21:05:54.0760 0400 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

21:05:54.0810 0400 usbuhci - ok

21:05:54.0850 0400 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

21:05:54.0920 0400 usbvideo - ok

21:05:54.0950 0400 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

21:05:54.0950 0400 vdrvroot - ok

21:05:55.0000 0400 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

21:05:55.0010 0400 vga - ok

21:05:55.0040 0400 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

21:05:55.0050 0400 VgaSave - ok

21:05:55.0070 0400 VGPU - ok

21:05:55.0090 0400 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

21:05:55.0140 0400 vhdmp - ok

21:05:55.0170 0400 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

21:05:55.0180 0400 viaide - ok

21:05:55.0230 0400 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

21:05:55.0300 0400 vmbus - ok

21:05:55.0320 0400 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

21:05:55.0370 0400 VMBusHID - ok

21:05:55.0390 0400 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

21:05:55.0440 0400 volmgr - ok

21:05:55.0490 0400 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

21:05:55.0570 0400 volmgrx - ok

21:05:55.0590 0400 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

21:05:55.0640 0400 volsnap - ok

21:05:55.0680 0400 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

21:05:55.0710 0400 vsmraid - ok

21:05:55.0760 0400 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

21:05:55.0760 0400 vwifibus - ok

21:05:55.0790 0400 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

21:05:55.0810 0400 vwififlt - ok

21:05:55.0850 0400 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

21:05:55.0860 0400 vwifimp - ok

21:05:55.0910 0400 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

21:05:55.0910 0400 WacomPen - ok

21:05:55.0970 0400 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

21:05:56.0030 0400 WANARP - ok

21:05:56.0050 0400 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

21:05:56.0050 0400 Wanarpv6 - ok

21:05:56.0110 0400 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys

21:05:56.0170 0400 wanatw - ok

21:05:56.0230 0400 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

21:05:56.0230 0400 Wd - ok

21:05:56.0270 0400 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys

21:05:56.0330 0400 WDC_SAM - ok

21:05:56.0370 0400 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

21:05:56.0390 0400 Wdf01000 - ok

21:05:56.0450 0400 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

21:05:56.0450 0400 WfpLwf - ok

21:05:56.0490 0400 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

21:05:56.0550 0400 WimFltr - ok

21:05:56.0571 0400 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

21:05:56.0571 0400 WIMMount - ok

21:05:56.0661 0400 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

21:05:56.0731 0400 WinUsb - ok

21:05:56.0771 0400 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

21:05:56.0781 0400 WmiAcpi - ok

21:05:56.0811 0400 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

21:05:56.0811 0400 ws2ifsl - ok

21:05:56.0871 0400 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

21:05:56.0931 0400 WudfPf - ok

21:05:56.0971 0400 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:05:57.0031 0400 WUDFRd - ok

21:05:57.0061 0400 MBR (0x1B8) (4bf077b4df3f4f5483a79d4ce511c7f3) \Device\Harddisk0\DR0

21:05:57.0091 0400 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

21:05:57.0091 0400 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

21:05:57.0131 0400 Boot (0x1200) (d7378bf694d12b3be92b25933efd13fa) \Device\Harddisk0\DR0\Partition0

21:05:57.0141 0400 \Device\Harddisk0\DR0\Partition0 - ok

21:05:57.0161 0400 Boot (0x1200) (ebbe15e9ac9bd469cb60522a92bcc846) \Device\Harddisk0\DR0\Partition1

21:05:57.0161 0400 \Device\Harddisk0\DR0\Partition1 - ok

21:05:57.0161 0400 ============================================================

21:05:57.0161 0400 Scan finished

21:05:57.0161 0400 ============================================================

21:05:57.0201 6892 Detected object count: 1

21:05:57.0201 6892 Actual detected object count: 1

21:06:18.0525 6892 \Device\Harddisk0\DR0\# - copied to quarantine

21:06:18.0525 6892 \Device\Harddisk0\DR0 - copied to quarantine

21:06:18.0725 6892 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

21:06:24.0346 6892 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

21:06:30.0049 6892 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

21:06:30.0129 6892 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

21:06:30.0189 6892 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

21:06:35.0769 6892 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

21:06:41.0391 6892 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

21:06:41.0391 6892 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

21:06:41.0401 6892 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

21:06:41.0411 6892 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

21:06:47.0103 6892 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

21:06:52.0683 6892 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

21:06:52.0713 6892 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

21:06:52.0713 6892 \Device\Harddisk0\DR0 - ok

21:06:52.0963 6892 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

21:07:35.0597 3984 Deinitialize success

Link to post
Share on other sites

Now the combofix works. Here is the log.

ComboFix 12-02-23.01 - Roo 02/23/2012 21:19:41.1.2 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4279 [GMT -5:00]

Running from: c:\users\Roo\Software\ComboFix\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\LP

c:\program files (x86)\LP\015B\4BEF.tmp

c:\program files (x86)\LP\015B\54F2.tmp

c:\program files (x86)\LP\015B\607A.tmp

c:\program files (x86)\LP\015B\67A8.tmp

c:\program files (x86)\LP\015B\A4F8.tmp

c:\program files (x86)\LP\015B\BBFE.tmp

c:\program files (x86)\LP\015B\FAA5.tmp

c:\programdata\PCDr\5907\Downloads\f8338de4-40cb-4494-bc70-93db3ab9e32d.dll

c:\programdata\PCDr\5907\Downloads\fa2ff61b-2c58-4071-916b-f881289a3959.dll

c:\users\Roo\AppData\Roaming\Install.dat

c:\windows\svchost.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-01-24 to 2012-02-24 )))))))))))))))))))))))))))))))

.

.

2012-02-24 02:30 . 2012-02-24 02:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-24 00:00 . 2012-02-24 02:06 -------- d-----w- C:\TDSSKiller_Quarantine

2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\programdata\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d--h--w- c:\programdata\Common Files

2012-02-22 11:04 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BF13FF4-C811-473C-BD31-349C3E0EA235}\mpengine.dll

2012-02-21 03:20 . 2012-02-21 03:28 -------- d-----w- c:\program files (x86)\Common Files\Simple Adblock

2012-02-21 02:32 . 2012-02-21 02:32 -------- d-----w- c:\users\Roo\AppData\Roaming\Malwarebytes

2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\programdata\Malwarebytes

2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2012-02-21 02:31 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-19 18:25 . 2012-01-29 10:10 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-17 15:08 . 2012-02-19 02:13 -------- d-----w- c:\users\Roo\AppData\Roaming\57168

2012-02-17 15:07 . 2012-02-19 02:12 -------- d-----w- c:\users\Roo\AppData\Roaming\B8457

2012-02-16 02:16 . 2012-02-16 02:16 -------- d-----w- C:\63146ec7b3a033f4356ca48e

2012-02-16 02:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

2012-02-16 02:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

2012-02-16 02:08 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-16 02:08 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2012-02-16 02:08 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

2012-02-16 02:07 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-02-16 02:07 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-16 02:07 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A1.tmp

2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A0.tmp

2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\program files\Google

2012-02-06 00:08 . 2012-02-06 00:08 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\windows\system32\Macromed

2012-02-05 23:30 . 2012-02-05 23:30 -------- d-----w- c:\users\Roo\AppData\Roaming\Macrovision

2012-01-25 20:25 . 2012-01-25 20:25 -------- d-----w- c:\program files\iPod

2012-01-25 20:25 . 2012-01-25 20:26 -------- d-----w- c:\program files\iTunes

2012-01-25 20:25 . 2012-01-25 20:26 -------- d-----w- c:\program files (x86)\iTunes

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\xsell.dll

2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\xmlparse_tok.dll

2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\xmlparse.dll

2010-06-02 21:27 . 2009-09-08 17:43 946520 ----a-w- c:\program files (x86)\ttaximp.dll

2010-06-02 21:27 . 2009-09-08 17:43 91992 ----a-w- c:\program files (x86)\qwsnap.dll

2010-06-02 21:27 . 2009-09-08 17:43 810328 ----a-w- c:\program files (x86)\qwwin.dll

2010-06-02 21:27 . 2009-09-08 17:43 78680 ----a-w- c:\program files (x86)\qwinver.dll

2010-06-02 21:27 . 2009-09-08 17:43 70488 ----a-w- c:\program files (x86)\qwcntr.dll

2010-06-02 21:27 . 2009-09-08 17:43 48984 ----a-w- c:\program files (x86)\QWVER.DLL

2010-06-02 21:27 . 2009-09-08 17:43 321368 ----a-w- c:\program files (x86)\qwpr.dll

2010-06-02 21:27 . 2009-09-08 17:43 2832728 ----a-w- c:\program files (x86)\qwutil.dll

2010-06-02 21:27 . 2009-09-08 17:43 2603352 ----a-w- c:\program files (x86)\qwonline.dll

2010-06-02 21:27 . 2009-09-08 17:43 229208 ----a-w- c:\program files (x86)\qwapp.dll

2010-06-02 21:27 . 2009-09-08 17:43 13656 ----a-w- c:\program files (x86)\qwsync.dll

2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\qwxmlparse_tok.dll

2010-06-02 21:27 . 2009-09-08 17:43 111960 ----a-w- c:\program files (x86)\qwinet.dll

2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\qwxmlparse.dll

2010-06-02 21:27 . 2009-09-08 17:43 879448 ----a-w- c:\program files (x86)\qvault.dll

2010-06-02 21:27 . 2009-09-08 17:43 82264 ----a-w- c:\program files (x86)\QShowHelp.dll

2010-06-02 21:27 . 2009-09-08 17:43 330072 ----a-w- c:\program files (x86)\qtax.dll

2010-06-02 21:27 . 2009-09-08 17:43 27480 ----a-w- c:\program files (x86)\qsapi_eng.dll

2010-06-02 21:27 . 2009-09-08 17:43 25432 ----a-w- c:\program files (x86)\qsapi.dll

2010-06-02 21:27 . 2009-09-08 17:43 136024 ----a-w- c:\program files (x86)\qrep.dll

2010-06-02 21:27 . 2009-09-08 17:43 132952 ----a-w- c:\program files (x86)\qsac.dll

2010-06-02 21:27 . 2009-09-08 17:43 127832 ----a-w- c:\program files (x86)\Qsetup.dll

2010-06-02 21:27 . 2009-09-08 17:43 1163096 ----a-w- c:\program files (x86)\qreports.dll

2010-06-02 21:27 . 2009-09-08 17:43 89432 ----a-w- c:\program files (x86)\qindex.dll

2010-06-02 21:27 . 2009-09-08 17:43 79192 ----a-w- c:\program files (x86)\mvmc14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 74072 ----a-w- c:\program files (x86)\mvix14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 71512 ----a-w- c:\program files (x86)\qdapp.dll

2010-06-02 21:27 . 2009-09-08 17:43 631640 ----a-w- c:\program files (x86)\qdb.dll

2010-06-02 21:27 . 2009-09-08 17:43 61784 ----a-w- c:\program files (x86)\mvfs14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 56664 ----a-w- c:\program files (x86)\mvsr14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 56152 ----a-w- c:\program files (x86)\mvtl14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 42840 ----a-w- c:\program files (x86)\onlncall.dll

2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\mvmg14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 380248 ----a-w- c:\program files (x86)\qcomutil.dll

2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\mvbk14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 2778968 ----a-w- c:\program files (x86)\ofxsdk_qw.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\qdappui.dll

2010-06-02 21:27 . 2009-09-08 17:43 1492312 ----a-w- c:\program files (x86)\online.dll

2010-06-02 21:27 . 2009-09-08 17:43 148824 ----a-w- c:\program files (x86)\olbservice.dll

2010-06-02 21:27 . 2009-09-08 17:43 1262424 ----a-w- c:\program files (x86)\qaccess.dll

2010-06-02 21:27 . 2009-09-08 17:43 117592 ----a-w- c:\program files (x86)\mvcl14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 114008 ----a-w- c:\program files (x86)\QCONNECT.DLL

2010-06-02 21:27 . 2009-09-08 17:43 77144 ----a-w- c:\program files (x86)\graphs.dll

2010-06-02 21:27 . 2009-09-08 17:43 66904 ----a-w- c:\program files (x86)\atwork_xprint.dll

2010-06-02 21:27 . 2009-09-08 17:43 63320 ----a-w- c:\program files (x86)\dllapps_dedfnd.dll

2010-06-02 21:27 . 2009-09-08 17:43 53592 ----a-w- c:\program files (x86)\dllapps_savgol.dll

2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\bgt_pnf.dll

2010-06-02 21:27 . 2009-09-08 17:43 275288 ----a-w- c:\program files (x86)\lbtmngr.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\gdipapi.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\calnote.dll

2010-06-02 21:27 . 2009-09-08 17:43 16728 ----a-w- c:\program files (x86)\custprof.dll

2010-06-02 21:27 . 2009-09-08 17:43 166232 ----a-w- c:\program files (x86)\cashflow.dll

2010-06-02 21:27 . 2009-09-08 17:43 115032 ----a-w- c:\program files (x86)\dllapps_frcast.dll

2010-06-02 21:27 . 2009-09-08 17:43 107352 ----a-w- c:\program files (x86)\dllapps_dbtred.dll

2010-06-02 21:27 . 2009-09-08 17:43 105816 ----a-w- c:\program files (x86)\dllapps_plan.dll

2010-06-02 21:26 . 2009-09-08 17:42 23384 ----a-w- c:\program files (x86)\QuickenOLBackupLauncher.exe

2010-06-02 21:25 . 2009-09-08 17:42 48472 ----a-w- c:\program files (x86)\InetTools.dll

2010-06-02 21:24 . 2009-09-08 17:41 537944 ----a-w- c:\program files (x86)\UpdateContent.dll

2010-06-02 21:24 . 2009-09-08 17:41 46424 ----a-w- c:\program files (x86)\BindContent.exe

2010-06-02 21:24 . 2009-09-08 17:41 57176 ----a-w- c:\program files (x86)\RestartExe.exe

2010-06-02 21:24 . 2009-09-08 17:41 312664 ----a-w- c:\program files (x86)\SendError.dll

2010-06-02 21:24 . 2009-11-13 05:39 32088 ----a-w- c:\program files (x86)\qwutilnet.dll

2010-06-02 21:24 . 2009-09-08 17:41 359768 ----a-w- c:\program files (x86)\qwplan.dll

2010-06-02 21:24 . 2009-09-08 17:41 129880 ----a-w- c:\program files (x86)\qwonlineFeatures.dll

2010-06-02 21:24 . 2009-09-08 17:41 76120 ----a-w- c:\program files (x86)\qwipa.dll

2010-06-02 21:23 . 2009-09-08 17:41 10163032 ----a-w- c:\program files (x86)\qwmain.dll

2010-06-02 21:23 . 2009-09-08 17:41 103256 ----a-w- c:\program files (x86)\qnet.dll

2010-06-02 21:23 . 2009-09-08 17:41 114008 ----a-w- c:\program files (x86)\qcon32.dll

2010-06-02 21:23 . 2009-09-08 17:41 680792 ----a-w- c:\program files (x86)\decapi.dll

2010-06-02 21:23 . 2009-09-08 17:41 173400 ----a-w- c:\program files (x86)\xport.dll

2010-06-02 21:23 . 2009-09-08 17:41 185176 ----a-w- c:\program files (x86)\sport.dll

2010-06-02 21:23 . 2009-09-08 17:41 155992 ----a-w- c:\program files (x86)\MoneyFileReader.dll

2010-06-02 21:23 . 2009-09-08 17:41 142680 ----a-w- c:\program files (x86)\MoneyFileConverter.dll

2010-06-02 21:23 . 2009-09-08 17:41 63320 ----a-w- c:\program files (x86)\lbt_ux.dll

2010-06-02 21:23 . 2009-09-08 17:41 60248 ----a-w- c:\program files (x86)\txstuff.dll

2010-06-02 21:23 . 2009-09-08 17:41 315736 ----a-w- c:\program files (x86)\lbt_webrequest.dll

2010-06-02 21:23 . 2009-09-08 17:40 66904 ----a-w- c:\program files (x86)\lbt_rte.dll

2010-06-02 21:23 . 2009-09-08 17:40 71512 ----a-w- c:\program files (x86)\lbt_qupddir.dll

2010-06-02 21:23 . 2009-09-08 17:40 80728 ----a-w- c:\program files (x86)\lbt_qplus.dll

2010-06-02 21:23 . 2009-09-08 17:40 68440 ----a-w- c:\program files (x86)\lbt_pvsync.dll

2010-06-02 21:23 . 2009-09-08 17:40 63832 ----a-w- c:\program files (x86)\lbt_decompression.dll

2010-06-02 21:23 . 2009-09-08 17:40 357720 ----a-w- c:\program files (x86)\lbt_customerCentral.dll

2010-06-02 21:23 . 2009-09-08 17:40 64344 ----a-w- c:\program files (x86)\lbt_bullseye.dll

2010-06-02 21:23 . 2009-09-08 17:40 61784 ----a-w- c:\program files (x86)\lbt_Auto1Way.dll

2010-06-02 21:22 . 2009-09-08 17:40 28504 ----a-w- c:\program files (x86)\lbt.dll

2010-06-02 21:22 . 2009-09-08 17:40 129880 ----a-w- c:\program files (x86)\QCustomAction.dll

2010-06-02 21:22 . 2009-09-08 17:40 39768 ----a-w- c:\program files (x86)\convert_stub.dll

2010-06-02 21:22 . 2009-09-08 17:40 155992 ----a-w- c:\program files (x86)\cashgen.dll

2010-06-02 21:22 . 2009-09-08 17:40 34136 ----a-w- c:\program files (x86)\CalendarSync.dll

2010-06-02 21:22 . 2009-09-08 17:40 116568 ----a-w- c:\program files (x86)\billmind_qwrmnd.dll

2010-06-02 21:22 . 2009-09-08 17:40 47448 ----a-w- c:\program files (x86)\billmind_alrtpkg.dll

2010-06-02 21:22 . 2009-09-08 17:40 26456 ----a-w- c:\program files (x86)\billmind.exe

2010-06-02 21:22 . 2009-09-08 17:40 77656 ----a-w- c:\program files (x86)\bagent.exe

2010-06-02 21:22 . 2009-09-08 17:40 354136 ----a-w- c:\program files (x86)\alert.dll

2010-06-02 21:22 . 2009-09-08 17:40 38744 ----a-w- c:\program files (x86)\printenv.exe

2010-06-02 21:22 . 2009-09-08 17:40 1035608 ----a-w- c:\program files (x86)\dbghelp.dll

2010-06-02 21:22 . 2009-09-08 17:40 71000 ----a-w- c:\program files (x86)\techhelp.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-02-23 12:34 1574240 ----a-w- c:\program files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\9.0.0.23\AVG Secure Search_toolbar.dll" [2012-02-23 1574240]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"HostManager"="c:\program files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe" [2009-07-20 41264]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]

"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]

"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-02-23 892768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616]

.

c:\users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [x]

R3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\DRIVERS\dlcdbus.sys [x]

R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]

R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\DRIVERS\lan9500-x64-n51f.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]

S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-08 8551272]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168]

S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]

S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [2012-02-23 869216]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59]

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59]

.

2012-02-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

2012-02-23 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://isearch.avg.com/?cid={646EDEB7-C6E6-46C2-A086-E04BC1D1462E}&mid=e59cecda502947d18dced14acce4e9e6-49b99d1abb4251dc0f4c8caac757d6570d3d621e〈=en&ds=ft011&pr=sa&d=2012-02-23 07:34&v=9.0.0.23&sap=hp

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: internet

Trusted Zone: intuit.com\ttlc

Trusted Zone: mcafee.com

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe

Wow6432Node-HKLM-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-TurboTax 2009 - f:\program files\Turbo Tax 09\Installer\TurboTax 2009 Installer.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe

c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

.

**************************************************************************

.

Completion time: 2012-02-23 21:37:34 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-24 02:37

.

Pre-Run: 346,189,152,256 bytes free

Post-Run: 347,227,086,848 bytes free

.

- - End Of File - - E99B284C1C36575D5CA27A833B10ED39

Link to post
Share on other sites

Hi Daniel,

Thanks so much for your help. I think the virus is gone. I've run a scan in McAfee that came back clean. I've also run a scan in Malwarebytes that came back clean.

I'm not sure how my PC became infected with this horrid thing. Can you recommend any other/different software besides the McAfee virus software and the Malwarebytes? I'm trying to do my best to avoid this in the future.

Thanks so much

Sheila

Link to post
Share on other sites

Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.

Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Good that they updated TDSSKiller. The first reports indicated' date=' that the kind of rootkit is "unknown" so need to choose "Restore" but this will create a default MBR code on your OS which can cause problems.

We have to work very carefully with this kind of infections :)

Open [b']notepad and copy/paste the text in the Code-box below into it:


DirLook::
c:\users\Roo\AppData\Roaming\57168
c:\users\Roo\AppData\Roaming\B8457
C:\63146ec7b3a033f4356ca48e

File::
c:\programdata\Microsoft\Windows\DRM\52A1.tmp
c:\programdata\Microsoft\Windows\DRM\52A0.tmp

  • Save this as CFScript.txt, in the same location as ComboFix.exe.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Please post in your next reply

Combofix.txt

Link to post
Share on other sites

ComboFix log

ComboFix 12-02-23.01 - Roo 02/25/2012 7:35.2.2 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4118 [GMT -5:00]

Running from: c:\users\Roo\Software\ComboFix\ComboFix.exe

Command switches used :: c:\users\Roo\Software\ComboFix\CFScript.txt

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\programdata\Microsoft\Windows\DRM\52A0.tmp"

"c:\programdata\Microsoft\Windows\DRM\52A1.tmp"

.

.

((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))))

.

.

2012-02-25 12:45 . 2012-02-25 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-25 12:30 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\mpengine.dll

2012-02-24 00:00 . 2012-02-24 02:06 -------- d-----w- C:\TDSSKiller_Quarantine

2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\programdata\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d--h--w- c:\programdata\Common Files

2012-02-21 03:20 . 2012-02-21 03:28 -------- d-----w- c:\program files (x86)\Common Files\Simple Adblock

2012-02-21 02:32 . 2012-02-21 02:32 -------- d-----w- c:\users\Roo\AppData\Roaming\Malwarebytes

2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\programdata\Malwarebytes

2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2012-02-21 02:31 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-19 18:25 . 2012-01-29 10:10 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-17 15:08 . 2012-02-19 02:13 -------- d-----w- c:\users\Roo\AppData\Roaming\57168

2012-02-17 15:07 . 2012-02-19 02:12 -------- d-----w- c:\users\Roo\AppData\Roaming\B8457

2012-02-16 02:16 . 2012-02-16 02:16 -------- d-----w- C:\63146ec7b3a033f4356ca48e

2012-02-16 02:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

2012-02-16 02:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

2012-02-16 02:08 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-16 02:08 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2012-02-16 02:08 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

2012-02-16 02:07 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-02-16 02:07 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-16 02:07 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A1.tmp

2012-02-14 03:00 . 2012-02-14 03:00 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\52A0.tmp

2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\program files\Google

2012-02-06 00:08 . 2012-02-06 00:08 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\windows\system32\Macromed

2012-02-05 23:30 . 2012-02-05 23:30 -------- d-----w- c:\users\Roo\AppData\Roaming\Macrovision

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\xsell.dll

2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\xmlparse_tok.dll

2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\xmlparse.dll

2010-06-02 21:27 . 2009-09-08 17:43 946520 ----a-w- c:\program files (x86)\ttaximp.dll

2010-06-02 21:27 . 2009-09-08 17:43 91992 ----a-w- c:\program files (x86)\qwsnap.dll

2010-06-02 21:27 . 2009-09-08 17:43 810328 ----a-w- c:\program files (x86)\qwwin.dll

2010-06-02 21:27 . 2009-09-08 17:43 78680 ----a-w- c:\program files (x86)\qwinver.dll

2010-06-02 21:27 . 2009-09-08 17:43 70488 ----a-w- c:\program files (x86)\qwcntr.dll

2010-06-02 21:27 . 2009-09-08 17:43 48984 ----a-w- c:\program files (x86)\QWVER.DLL

2010-06-02 21:27 . 2009-09-08 17:43 321368 ----a-w- c:\program files (x86)\qwpr.dll

2010-06-02 21:27 . 2009-09-08 17:43 2832728 ----a-w- c:\program files (x86)\qwutil.dll

2010-06-02 21:27 . 2009-09-08 17:43 2603352 ----a-w- c:\program files (x86)\qwonline.dll

2010-06-02 21:27 . 2009-09-08 17:43 229208 ----a-w- c:\program files (x86)\qwapp.dll

2010-06-02 21:27 . 2009-09-08 17:43 13656 ----a-w- c:\program files (x86)\qwsync.dll

2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\qwxmlparse_tok.dll

2010-06-02 21:27 . 2009-09-08 17:43 111960 ----a-w- c:\program files (x86)\qwinet.dll

2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\qwxmlparse.dll

2010-06-02 21:27 . 2009-09-08 17:43 879448 ----a-w- c:\program files (x86)\qvault.dll

2010-06-02 21:27 . 2009-09-08 17:43 82264 ----a-w- c:\program files (x86)\QShowHelp.dll

2010-06-02 21:27 . 2009-09-08 17:43 330072 ----a-w- c:\program files (x86)\qtax.dll

2010-06-02 21:27 . 2009-09-08 17:43 27480 ----a-w- c:\program files (x86)\qsapi_eng.dll

2010-06-02 21:27 . 2009-09-08 17:43 25432 ----a-w- c:\program files (x86)\qsapi.dll

2010-06-02 21:27 . 2009-09-08 17:43 136024 ----a-w- c:\program files (x86)\qrep.dll

2010-06-02 21:27 . 2009-09-08 17:43 132952 ----a-w- c:\program files (x86)\qsac.dll

2010-06-02 21:27 . 2009-09-08 17:43 127832 ----a-w- c:\program files (x86)\Qsetup.dll

2010-06-02 21:27 . 2009-09-08 17:43 1163096 ----a-w- c:\program files (x86)\qreports.dll

2010-06-02 21:27 . 2009-09-08 17:43 89432 ----a-w- c:\program files (x86)\qindex.dll

2010-06-02 21:27 . 2009-09-08 17:43 79192 ----a-w- c:\program files (x86)\mvmc14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 74072 ----a-w- c:\program files (x86)\mvix14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 71512 ----a-w- c:\program files (x86)\qdapp.dll

2010-06-02 21:27 . 2009-09-08 17:43 631640 ----a-w- c:\program files (x86)\qdb.dll

2010-06-02 21:27 . 2009-09-08 17:43 61784 ----a-w- c:\program files (x86)\mvfs14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 56664 ----a-w- c:\program files (x86)\mvsr14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 56152 ----a-w- c:\program files (x86)\mvtl14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 42840 ----a-w- c:\program files (x86)\onlncall.dll

2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\mvmg14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 380248 ----a-w- c:\program files (x86)\qcomutil.dll

2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\mvbk14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 2778968 ----a-w- c:\program files (x86)\ofxsdk_qw.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\qdappui.dll

2010-06-02 21:27 . 2009-09-08 17:43 1492312 ----a-w- c:\program files (x86)\online.dll

2010-06-02 21:27 . 2009-09-08 17:43 148824 ----a-w- c:\program files (x86)\olbservice.dll

2010-06-02 21:27 . 2009-09-08 17:43 1262424 ----a-w- c:\program files (x86)\qaccess.dll

2010-06-02 21:27 . 2009-09-08 17:43 117592 ----a-w- c:\program files (x86)\mvcl14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 114008 ----a-w- c:\program files (x86)\QCONNECT.DLL

2010-06-02 21:27 . 2009-09-08 17:43 77144 ----a-w- c:\program files (x86)\graphs.dll

2010-06-02 21:27 . 2009-09-08 17:43 66904 ----a-w- c:\program files (x86)\atwork_xprint.dll

2010-06-02 21:27 . 2009-09-08 17:43 63320 ----a-w- c:\program files (x86)\dllapps_dedfnd.dll

2010-06-02 21:27 . 2009-09-08 17:43 53592 ----a-w- c:\program files (x86)\dllapps_savgol.dll

2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\bgt_pnf.dll

2010-06-02 21:27 . 2009-09-08 17:43 275288 ----a-w- c:\program files (x86)\lbtmngr.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\gdipapi.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\calnote.dll

2010-06-02 21:27 . 2009-09-08 17:43 16728 ----a-w- c:\program files (x86)\custprof.dll

2010-06-02 21:27 . 2009-09-08 17:43 166232 ----a-w- c:\program files (x86)\cashflow.dll

2010-06-02 21:27 . 2009-09-08 17:43 115032 ----a-w- c:\program files (x86)\dllapps_frcast.dll

2010-06-02 21:27 . 2009-09-08 17:43 107352 ----a-w- c:\program files (x86)\dllapps_dbtred.dll

2010-06-02 21:27 . 2009-09-08 17:43 105816 ----a-w- c:\program files (x86)\dllapps_plan.dll

2010-06-02 21:26 . 2009-09-08 17:42 23384 ----a-w- c:\program files (x86)\QuickenOLBackupLauncher.exe

2010-06-02 21:25 . 2009-09-08 17:42 48472 ----a-w- c:\program files (x86)\InetTools.dll

2010-06-02 21:24 . 2009-09-08 17:41 537944 ----a-w- c:\program files (x86)\UpdateContent.dll

2010-06-02 21:24 . 2009-09-08 17:41 46424 ----a-w- c:\program files (x86)\BindContent.exe

2010-06-02 21:24 . 2009-09-08 17:41 57176 ----a-w- c:\program files (x86)\RestartExe.exe

2010-06-02 21:24 . 2009-09-08 17:41 312664 ----a-w- c:\program files (x86)\SendError.dll

2010-06-02 21:24 . 2009-11-13 05:39 32088 ----a-w- c:\program files (x86)\qwutilnet.dll

2010-06-02 21:24 . 2009-09-08 17:41 359768 ----a-w- c:\program files (x86)\qwplan.dll

2010-06-02 21:24 . 2009-09-08 17:41 129880 ----a-w- c:\program files (x86)\qwonlineFeatures.dll

2010-06-02 21:24 . 2009-09-08 17:41 76120 ----a-w- c:\program files (x86)\qwipa.dll

2010-06-02 21:23 . 2009-09-08 17:41 10163032 ----a-w- c:\program files (x86)\qwmain.dll

2010-06-02 21:23 . 2009-09-08 17:41 103256 ----a-w- c:\program files (x86)\qnet.dll

2010-06-02 21:23 . 2009-09-08 17:41 114008 ----a-w- c:\program files (x86)\qcon32.dll

2010-06-02 21:23 . 2009-09-08 17:41 680792 ----a-w- c:\program files (x86)\decapi.dll

2010-06-02 21:23 . 2009-09-08 17:41 173400 ----a-w- c:\program files (x86)\xport.dll

2010-06-02 21:23 . 2009-09-08 17:41 185176 ----a-w- c:\program files (x86)\sport.dll

2010-06-02 21:23 . 2009-09-08 17:41 155992 ----a-w- c:\program files (x86)\MoneyFileReader.dll

2010-06-02 21:23 . 2009-09-08 17:41 142680 ----a-w- c:\program files (x86)\MoneyFileConverter.dll

2010-06-02 21:23 . 2009-09-08 17:41 63320 ----a-w- c:\program files (x86)\lbt_ux.dll

2010-06-02 21:23 . 2009-09-08 17:41 60248 ----a-w- c:\program files (x86)\txstuff.dll

2010-06-02 21:23 . 2009-09-08 17:41 315736 ----a-w- c:\program files (x86)\lbt_webrequest.dll

2010-06-02 21:23 . 2009-09-08 17:40 66904 ----a-w- c:\program files (x86)\lbt_rte.dll

2010-06-02 21:23 . 2009-09-08 17:40 71512 ----a-w- c:\program files (x86)\lbt_qupddir.dll

2010-06-02 21:23 . 2009-09-08 17:40 80728 ----a-w- c:\program files (x86)\lbt_qplus.dll

2010-06-02 21:23 . 2009-09-08 17:40 68440 ----a-w- c:\program files (x86)\lbt_pvsync.dll

2010-06-02 21:23 . 2009-09-08 17:40 63832 ----a-w- c:\program files (x86)\lbt_decompression.dll

2010-06-02 21:23 . 2009-09-08 17:40 357720 ----a-w- c:\program files (x86)\lbt_customerCentral.dll

2010-06-02 21:23 . 2009-09-08 17:40 64344 ----a-w- c:\program files (x86)\lbt_bullseye.dll

2010-06-02 21:23 . 2009-09-08 17:40 61784 ----a-w- c:\program files (x86)\lbt_Auto1Way.dll

2010-06-02 21:22 . 2009-09-08 17:40 28504 ----a-w- c:\program files (x86)\lbt.dll

2010-06-02 21:22 . 2009-09-08 17:40 129880 ----a-w- c:\program files (x86)\QCustomAction.dll

2010-06-02 21:22 . 2009-09-08 17:40 39768 ----a-w- c:\program files (x86)\convert_stub.dll

2010-06-02 21:22 . 2009-09-08 17:40 155992 ----a-w- c:\program files (x86)\cashgen.dll

2010-06-02 21:22 . 2009-09-08 17:40 34136 ----a-w- c:\program files (x86)\CalendarSync.dll

2010-06-02 21:22 . 2009-09-08 17:40 116568 ----a-w- c:\program files (x86)\billmind_qwrmnd.dll

2010-06-02 21:22 . 2009-09-08 17:40 47448 ----a-w- c:\program files (x86)\billmind_alrtpkg.dll

2010-06-02 21:22 . 2009-09-08 17:40 26456 ----a-w- c:\program files (x86)\billmind.exe

2010-06-02 21:22 . 2009-09-08 17:40 77656 ----a-w- c:\program files (x86)\bagent.exe

2010-06-02 21:22 . 2009-09-08 17:40 354136 ----a-w- c:\program files (x86)\alert.dll

2010-06-02 21:22 . 2009-09-08 17:40 38744 ----a-w- c:\program files (x86)\printenv.exe

2010-06-02 21:22 . 2009-09-08 17:40 1035608 ----a-w- c:\program files (x86)\dbghelp.dll

2010-06-02 21:22 . 2009-09-08 17:40 71000 ----a-w- c:\program files (x86)\techhelp.exe

.

.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Directory of C:\63146ec7b3a033f4356ca48e ----

.

2012-02-16 02:16 . 2012-02-16 02:16 788 ---ha-w- c:\63146ec7b3a033f4356ca48e\$shtdwn$.req

2011-10-26 21:39 . 2011-10-26 21:39 36530 ----a-w- c:\63146ec7b3a033f4356ca48e\1046\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37394 ----a-w- c:\63146ec7b3a033f4356ca48e\1049\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36014 ----a-w- c:\63146ec7b3a033f4356ca48e\1053\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36274 ----a-w- c:\63146ec7b3a033f4356ca48e\1055\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 28414 ----a-w- c:\63146ec7b3a033f4356ca48e\2052\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37332 ----a-w- c:\63146ec7b3a033f4356ca48e\2070\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37096 ----a-w- c:\63146ec7b3a033f4356ca48e\3082\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 33028 ----a-w- c:\63146ec7b3a033f4356ca48e\1037\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37692 ----a-w- c:\63146ec7b3a033f4356ca48e\1038\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37048 ----a-w- c:\63146ec7b3a033f4356ca48e\1040\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 31424 ----a-w- c:\63146ec7b3a033f4356ca48e\1041\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 30504 ----a-w- c:\63146ec7b3a033f4356ca48e\1042\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36850 ----a-w- c:\63146ec7b3a033f4356ca48e\1043\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36546 ----a-w- c:\63146ec7b3a033f4356ca48e\1044\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37132 ----a-w- c:\63146ec7b3a033f4356ca48e\1045\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 28422 ----a-w- c:\63146ec7b3a033f4356ca48e\1028\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36716 ----a-w- c:\63146ec7b3a033f4356ca48e\1029\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36020 ----a-w- c:\63146ec7b3a033f4356ca48e\1030\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37858 ----a-w- c:\63146ec7b3a033f4356ca48e\1031\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 38668 ----a-w- c:\63146ec7b3a033f4356ca48e\1032\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 36066 ----a-w- c:\63146ec7b3a033f4356ca48e\1035\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 37676 ----a-w- c:\63146ec7b3a033f4356ca48e\1036\LocalizedData.xml

2011-10-26 21:39 . 2011-10-26 21:39 28422 ----a-w- c:\63146ec7b3a033f4356ca48e\3076\LocalizedData.xml

2011-10-26 21:38 . 2011-10-26 21:38 34118 ----a-w- c:\63146ec7b3a033f4356ca48e\1025\LocalizedData.xml

2011-10-26 21:38 . 2011-10-26 21:38 24926 ----a-w- c:\63146ec7b3a033f4356ca48e\ParameterInfo.xml

2011-10-26 21:38 . 2011-10-26 21:38 35802 ----a-w- c:\63146ec7b3a033f4356ca48e\1033\LocalizedData.xml

2011-10-26 21:36 . 2011-10-26 21:36 2829312 ----a-w- c:\63146ec7b3a033f4356ca48e\NDP40-KB2633870.msp

2011-10-26 20:41 . 2011-10-26 20:41 3628 ----a-w- c:\63146ec7b3a033f4356ca48e\header.bmp

2011-10-26 20:41 . 2011-10-26 20:41 196662 ----a-w- c:\63146ec7b3a033f4356ca48e\SplashScreen.bmp

2011-10-26 20:41 . 2011-10-26 20:41 13606 ----a-w- c:\63146ec7b3a033f4356ca48e\Strings.xml

2011-10-26 20:41 . 2011-10-26 20:41 36180 ----a-w- c:\63146ec7b3a033f4356ca48e\UiInfo.xml

2011-10-26 20:41 . 2011-10-26 20:41 104072 ----a-w- c:\63146ec7b3a033f4356ca48e\watermark.bmp

2011-10-26 20:41 . 2011-10-26 20:41 123035 ----a-w- c:\63146ec7b3a033f4356ca48e\1025\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 128333 ----a-w- c:\63146ec7b3a033f4356ca48e\1028\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 101146 ----a-w- c:\63146ec7b3a033f4356ca48e\1029\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 109464 ----a-w- c:\63146ec7b3a033f4356ca48e\1030\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 91719 ----a-w- c:\63146ec7b3a033f4356ca48e\1031\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 102048 ----a-w- c:\63146ec7b3a033f4356ca48e\1032\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 138595 ----a-w- c:\63146ec7b3a033f4356ca48e\1033\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 111176 ----a-w- c:\63146ec7b3a033f4356ca48e\1035\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 133172 ----a-w- c:\63146ec7b3a033f4356ca48e\1036\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 125351 ----a-w- c:\63146ec7b3a033f4356ca48e\1037\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 110879 ----a-w- c:\63146ec7b3a033f4356ca48e\1038\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 124974 ----a-w- c:\63146ec7b3a033f4356ca48e\1040\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 111958 ----a-w- c:\63146ec7b3a033f4356ca48e\1041\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 149503 ----a-w- c:\63146ec7b3a033f4356ca48e\1042\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 35285 ----a-w- c:\63146ec7b3a033f4356ca48e\1043\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 36083 ----a-w- c:\63146ec7b3a033f4356ca48e\1044\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 126541 ----a-w- c:\63146ec7b3a033f4356ca48e\1045\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 109574 ----a-w- c:\63146ec7b3a033f4356ca48e\1046\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 49319 ----a-w- c:\63146ec7b3a033f4356ca48e\1049\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 125073 ----a-w- c:\63146ec7b3a033f4356ca48e\1053\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 112947 ----a-w- c:\63146ec7b3a033f4356ca48e\1055\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 110754 ----a-w- c:\63146ec7b3a033f4356ca48e\2052\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 125196 ----a-w- c:\63146ec7b3a033f4356ca48e\2070\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 2060 ----a-w- c:\63146ec7b3a033f4356ca48e\3076\eula.rtf

2011-10-26 20:41 . 2011-10-26 20:41 108174 ----a-w- c:\63146ec7b3a033f4356ca48e\3082\eula.rtf

2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\3082\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 14424 ----a-w- c:\63146ec7b3a033f4356ca48e\2052\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\2070\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 18008 ----a-w- c:\63146ec7b3a033f4356ca48e\1053\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 18008 ----a-w- c:\63146ec7b3a033f4356ca48e\1055\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1045\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1046\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1049\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 18008 ----a-w- c:\63146ec7b3a033f4356ca48e\1044\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 15448 ----a-w- c:\63146ec7b3a033f4356ca48e\1042\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 19544 ----a-w- c:\63146ec7b3a033f4356ca48e\1043\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1040\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 15960 ----a-w- c:\63146ec7b3a033f4356ca48e\1041\SetupResources.dll

2011-10-26 19:42 . 2011-10-26 19:42 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1038\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 16984 ----a-w- c:\63146ec7b3a033f4356ca48e\1037\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1035\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1036\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 19544 ----a-w- c:\63146ec7b3a033f4356ca48e\1032\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 17496 ----a-w- c:\63146ec7b3a033f4356ca48e\1033\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 19032 ----a-w- c:\63146ec7b3a033f4356ca48e\1031\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1030\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 18520 ----a-w- c:\63146ec7b3a033f4356ca48e\1029\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 14424 ----a-w- c:\63146ec7b3a033f4356ca48e\1028\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 14424 ----a-w- c:\63146ec7b3a033f4356ca48e\3076\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 296520 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupUi.dll

2011-10-26 19:41 . 2011-10-26 19:41 17496 ----a-w- c:\63146ec7b3a033f4356ca48e\1025\SetupResources.dll

2011-10-26 19:41 . 2011-10-26 19:41 810064 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupEngine.dll

2011-10-26 19:41 . 2011-10-26 19:41 78912 ----a-w- c:\63146ec7b3a033f4356ca48e\Setup.exe

2011-10-26 19:24 . 2011-10-26 19:24 16118 ----a-w- c:\63146ec7b3a033f4356ca48e\DHtmlHeader.html

2011-10-26 19:24 . 2011-10-26 19:24 30120 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupUi.xsd

2011-10-26 19:24 . 2011-10-26 19:24 144416 ----a-w- c:\63146ec7b3a033f4356ca48e\sqmapi.dll

2011-10-26 19:24 . 2011-10-26 19:24 96848 ----a-w- c:\63146ec7b3a033f4356ca48e\SetupUtility.exe

2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Print.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate1.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate2.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate3.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate4.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate5.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate6.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate7.ico

2011-10-26 19:20 . 2011-10-26 19:20 894 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Rotate8.ico

2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Save.ico

2011-10-26 19:20 . 2011-10-26 19:20 36710 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\Setup.ico

2011-10-26 19:20 . 2011-10-26 19:20 10134 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\stop.ico

2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\SysReqMet.ico

2011-10-26 19:20 . 2011-10-26 19:20 1150 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\SysReqNotMet.ico

2011-10-26 19:20 . 2011-10-26 19:20 10134 ----a-w- c:\63146ec7b3a033f4356ca48e\Graphics\warn.ico

.

---- Directory of c:\users\Roo\AppData\Roaming\57168 ----

.

.

---- Directory of c:\users\Roo\AppData\Roaming\B8457 ----

.

2012-02-17 15:07 . 2012-02-18 16:14 9011 ----a-w- c:\users\Roo\AppData\Roaming\B8457\7168.845

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-24_02.32.54 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-12-02 15:37 . 2012-02-25 12:48 59854 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-02-25 12:25 43822 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-12-12 01:40 . 2012-02-25 12:25 15986 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3099364093-3267457688-942095451-1001_UserData.bin

- 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-12-12 00:21 . 2012-02-25 12:23 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-12-12 00:21 . 2012-02-25 12:23 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:23 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-02-24 02:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-02-25 12:46 . 2012-02-25 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-02-25 12:46 . 2012-02-25 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 04:54 . 2012-02-24 00:18 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:24 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 05:01 . 2012-02-24 02:31 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-02-25 12:45 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 04:54 . 2012-02-24 00:18 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:24 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-09-21 07:18 . 2012-02-25 12:45 9811865 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3099364093-3267457688-942095451-1001-8192.dat

- 2009-07-14 04:54 . 2012-02-24 00:18 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:24 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-02-25 12:24 1811296 ----a-w- c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-25 1811296]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"HostManager"="c:\program files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe" [2009-07-20 41264]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]

"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]

"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-02-25 939872]

"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-02-25 928096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616]

.

c:\users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [x]

R3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\DRIVERS\dlcdbus.sys [x]

R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]

R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\DRIVERS\lan9500-x64-n51f.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]

S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-08 8551272]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168]

S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]

S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-25 909152]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59]

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59]

.

2012-02-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

2012-02-25 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://isearch.avg.com/?cid={646EDEB7-C6E6-46C2-A086-E04BC1D1462E}&mid=e59cecda502947d18dced14acce4e9e6-49b99d1abb4251dc0f4c8caac757d6570d3d621e〈=en&ds=ft011&pr=sa&d=2012-02-23 07:34&v=9.0.0.23&sap=hp

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: internet

Trusted Zone: intuit.com\ttlc

Trusted Zone: mcafee.com

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe

c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

.

**************************************************************************

.

Completion time: 2012-02-25 07:52:01 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-25 12:52

ComboFix2.txt 2012-02-24 02:37

.

Pre-Run: 348,107,100,160 bytes free

Post-Run: 347,640,123,392 bytes free

.

- - End Of File - - 02F40E42BCBF93276C38436032106538

Link to post
Share on other sites

Open notepad and copy/paste the text in the Code-box below into it:


Rootkit::
c:\programdata\Microsoft\Windows\DRM\52A1.tmp
c:\programdata\Microsoft\Windows\DRM\52A0.tmp

Folder::
c:\users\Roo\AppData\Roaming\57168
c:\users\Roo\AppData\Roaming\B8457

  • Save this as CFScript.txt, in the same location as ComboFix.exe.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Please post in your next reply

Combofix.txt

Note any open issues

Link to post
Share on other sites

Thanks. ComboFix Log

ComboFix 12-02-23.01 - Roo 02/25/2012 10:27:03.3.2 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4093 [GMT -5:00]

Running from: c:\users\Roo\Software\ComboFix\ComboFix.exe

Command switches used :: c:\users\Roo\Software\ComboFix\CFScript.txt

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Roo\AppData\Roaming\57168

c:\users\Roo\AppData\Roaming\B8457

c:\users\Roo\AppData\Roaming\B8457\7168.845

.

.

((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))))

.

.

2012-02-25 15:34 . 2012-02-25 15:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-02-25 12:30 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\mpengine.dll

2012-02-24 00:00 . 2012-02-24 02:06 -------- d-----w- C:\TDSSKiller_Quarantine

2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\programdata\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search

2012-02-23 12:34 . 2012-02-25 12:25 -------- d-----w- c:\program files (x86)\AVG Secure Search

2012-02-23 12:34 . 2012-02-23 12:34 -------- d--h--w- c:\programdata\Common Files

2012-02-21 03:20 . 2012-02-21 03:28 -------- d-----w- c:\program files (x86)\Common Files\Simple Adblock

2012-02-21 02:32 . 2012-02-21 02:32 -------- d-----w- c:\users\Roo\AppData\Roaming\Malwarebytes

2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\programdata\Malwarebytes

2012-02-21 02:31 . 2012-02-21 02:31 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware

2012-02-21 02:31 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-19 18:25 . 2012-01-29 10:10 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-16 02:16 . 2012-02-16 02:16 -------- d-----w- C:\63146ec7b3a033f4356ca48e

2012-02-16 02:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl

2012-02-16 02:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl

2012-02-16 02:08 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-02-16 02:08 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

2012-02-16 02:08 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys

2012-02-16 02:07 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-02-16 02:07 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll

2012-02-16 02:07 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll

2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\program files\Google

2012-02-06 00:08 . 2012-02-06 00:08 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-06 00:08 . 2012-02-06 00:08 -------- d-----w- c:\windows\system32\Macromed

2012-02-05 23:30 . 2012-02-05 23:30 -------- d-----w- c:\users\Roo\AppData\Roaming\Macrovision

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\xsell.dll

2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\xmlparse_tok.dll

2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\xmlparse.dll

2010-06-02 21:27 . 2009-09-08 17:43 946520 ----a-w- c:\program files (x86)\ttaximp.dll

2010-06-02 21:27 . 2009-09-08 17:43 91992 ----a-w- c:\program files (x86)\qwsnap.dll

2010-06-02 21:27 . 2009-09-08 17:43 810328 ----a-w- c:\program files (x86)\qwwin.dll

2010-06-02 21:27 . 2009-09-08 17:43 78680 ----a-w- c:\program files (x86)\qwinver.dll

2010-06-02 21:27 . 2009-09-08 17:43 70488 ----a-w- c:\program files (x86)\qwcntr.dll

2010-06-02 21:27 . 2009-09-08 17:43 48984 ----a-w- c:\program files (x86)\QWVER.DLL

2010-06-02 21:27 . 2009-09-08 17:43 321368 ----a-w- c:\program files (x86)\qwpr.dll

2010-06-02 21:27 . 2009-09-08 17:43 2832728 ----a-w- c:\program files (x86)\qwutil.dll

2010-06-02 21:27 . 2009-09-08 17:43 2603352 ----a-w- c:\program files (x86)\qwonline.dll

2010-06-02 21:27 . 2009-09-08 17:43 229208 ----a-w- c:\program files (x86)\qwapp.dll

2010-06-02 21:27 . 2009-09-08 17:43 13656 ----a-w- c:\program files (x86)\qwsync.dll

2010-06-02 21:27 . 2009-09-08 17:43 133976 ----a-w- c:\program files (x86)\qwxmlparse_tok.dll

2010-06-02 21:27 . 2009-09-08 17:43 111960 ----a-w- c:\program files (x86)\qwinet.dll

2010-06-02 21:27 . 2009-09-08 17:43 107864 ----a-w- c:\program files (x86)\qwxmlparse.dll

2010-06-02 21:27 . 2009-09-08 17:43 879448 ----a-w- c:\program files (x86)\qvault.dll

2010-06-02 21:27 . 2009-09-08 17:43 82264 ----a-w- c:\program files (x86)\QShowHelp.dll

2010-06-02 21:27 . 2009-09-08 17:43 330072 ----a-w- c:\program files (x86)\qtax.dll

2010-06-02 21:27 . 2009-09-08 17:43 27480 ----a-w- c:\program files (x86)\qsapi_eng.dll

2010-06-02 21:27 . 2009-09-08 17:43 25432 ----a-w- c:\program files (x86)\qsapi.dll

2010-06-02 21:27 . 2009-09-08 17:43 136024 ----a-w- c:\program files (x86)\qrep.dll

2010-06-02 21:27 . 2009-09-08 17:43 132952 ----a-w- c:\program files (x86)\qsac.dll

2010-06-02 21:27 . 2009-09-08 17:43 127832 ----a-w- c:\program files (x86)\Qsetup.dll

2010-06-02 21:27 . 2009-09-08 17:43 1163096 ----a-w- c:\program files (x86)\qreports.dll

2010-06-02 21:27 . 2009-09-08 17:43 89432 ----a-w- c:\program files (x86)\qindex.dll

2010-06-02 21:27 . 2009-09-08 17:43 79192 ----a-w- c:\program files (x86)\mvmc14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 74072 ----a-w- c:\program files (x86)\mvix14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 71512 ----a-w- c:\program files (x86)\qdapp.dll

2010-06-02 21:27 . 2009-09-08 17:43 631640 ----a-w- c:\program files (x86)\qdb.dll

2010-06-02 21:27 . 2009-09-08 17:43 61784 ----a-w- c:\program files (x86)\mvfs14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 56664 ----a-w- c:\program files (x86)\mvsr14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 56152 ----a-w- c:\program files (x86)\mvtl14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 42840 ----a-w- c:\program files (x86)\onlncall.dll

2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\mvmg14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 380248 ----a-w- c:\program files (x86)\qcomutil.dll

2010-06-02 21:27 . 2009-09-08 17:43 31064 ----a-w- c:\program files (x86)\mvbk14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 2778968 ----a-w- c:\program files (x86)\ofxsdk_qw.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\qdappui.dll

2010-06-02 21:27 . 2009-09-08 17:43 1492312 ----a-w- c:\program files (x86)\online.dll

2010-06-02 21:27 . 2009-09-08 17:43 148824 ----a-w- c:\program files (x86)\olbservice.dll

2010-06-02 21:27 . 2009-09-08 17:43 1262424 ----a-w- c:\program files (x86)\qaccess.dll

2010-06-02 21:27 . 2009-09-08 17:43 117592 ----a-w- c:\program files (x86)\mvcl14n.dll

2010-06-02 21:27 . 2009-09-08 17:43 114008 ----a-w- c:\program files (x86)\QCONNECT.DLL

2010-06-02 21:27 . 2009-09-08 17:43 77144 ----a-w- c:\program files (x86)\graphs.dll

2010-06-02 21:27 . 2009-09-08 17:43 66904 ----a-w- c:\program files (x86)\atwork_xprint.dll

2010-06-02 21:27 . 2009-09-08 17:43 63320 ----a-w- c:\program files (x86)\dllapps_dedfnd.dll

2010-06-02 21:27 . 2009-09-08 17:43 53592 ----a-w- c:\program files (x86)\dllapps_savgol.dll

2010-06-02 21:27 . 2009-09-08 17:43 38232 ----a-w- c:\program files (x86)\bgt_pnf.dll

2010-06-02 21:27 . 2009-09-08 17:43 275288 ----a-w- c:\program files (x86)\lbtmngr.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\gdipapi.dll

2010-06-02 21:27 . 2009-09-08 17:43 26968 ----a-w- c:\program files (x86)\calnote.dll

2010-06-02 21:27 . 2009-09-08 17:43 16728 ----a-w- c:\program files (x86)\custprof.dll

2010-06-02 21:27 . 2009-09-08 17:43 166232 ----a-w- c:\program files (x86)\cashflow.dll

2010-06-02 21:27 . 2009-09-08 17:43 115032 ----a-w- c:\program files (x86)\dllapps_frcast.dll

2010-06-02 21:27 . 2009-09-08 17:43 107352 ----a-w- c:\program files (x86)\dllapps_dbtred.dll

2010-06-02 21:27 . 2009-09-08 17:43 105816 ----a-w- c:\program files (x86)\dllapps_plan.dll

2010-06-02 21:26 . 2009-09-08 17:42 23384 ----a-w- c:\program files (x86)\QuickenOLBackupLauncher.exe

2010-06-02 21:25 . 2009-09-08 17:42 48472 ----a-w- c:\program files (x86)\InetTools.dll

2010-06-02 21:24 . 2009-09-08 17:41 537944 ----a-w- c:\program files (x86)\UpdateContent.dll

2010-06-02 21:24 . 2009-09-08 17:41 46424 ----a-w- c:\program files (x86)\BindContent.exe

2010-06-02 21:24 . 2009-09-08 17:41 57176 ----a-w- c:\program files (x86)\RestartExe.exe

2010-06-02 21:24 . 2009-09-08 17:41 312664 ----a-w- c:\program files (x86)\SendError.dll

2010-06-02 21:24 . 2009-11-13 05:39 32088 ----a-w- c:\program files (x86)\qwutilnet.dll

2010-06-02 21:24 . 2009-09-08 17:41 359768 ----a-w- c:\program files (x86)\qwplan.dll

2010-06-02 21:24 . 2009-09-08 17:41 129880 ----a-w- c:\program files (x86)\qwonlineFeatures.dll

2010-06-02 21:24 . 2009-09-08 17:41 76120 ----a-w- c:\program files (x86)\qwipa.dll

2010-06-02 21:23 . 2009-09-08 17:41 10163032 ----a-w- c:\program files (x86)\qwmain.dll

2010-06-02 21:23 . 2009-09-08 17:41 103256 ----a-w- c:\program files (x86)\qnet.dll

2010-06-02 21:23 . 2009-09-08 17:41 114008 ----a-w- c:\program files (x86)\qcon32.dll

2010-06-02 21:23 . 2009-09-08 17:41 680792 ----a-w- c:\program files (x86)\decapi.dll

2010-06-02 21:23 . 2009-09-08 17:41 173400 ----a-w- c:\program files (x86)\xport.dll

2010-06-02 21:23 . 2009-09-08 17:41 185176 ----a-w- c:\program files (x86)\sport.dll

2010-06-02 21:23 . 2009-09-08 17:41 155992 ----a-w- c:\program files (x86)\MoneyFileReader.dll

2010-06-02 21:23 . 2009-09-08 17:41 142680 ----a-w- c:\program files (x86)\MoneyFileConverter.dll

2010-06-02 21:23 . 2009-09-08 17:41 63320 ----a-w- c:\program files (x86)\lbt_ux.dll

2010-06-02 21:23 . 2009-09-08 17:41 60248 ----a-w- c:\program files (x86)\txstuff.dll

2010-06-02 21:23 . 2009-09-08 17:41 315736 ----a-w- c:\program files (x86)\lbt_webrequest.dll

2010-06-02 21:23 . 2009-09-08 17:40 66904 ----a-w- c:\program files (x86)\lbt_rte.dll

2010-06-02 21:23 . 2009-09-08 17:40 71512 ----a-w- c:\program files (x86)\lbt_qupddir.dll

2010-06-02 21:23 . 2009-09-08 17:40 80728 ----a-w- c:\program files (x86)\lbt_qplus.dll

2010-06-02 21:23 . 2009-09-08 17:40 68440 ----a-w- c:\program files (x86)\lbt_pvsync.dll

2010-06-02 21:23 . 2009-09-08 17:40 63832 ----a-w- c:\program files (x86)\lbt_decompression.dll

2010-06-02 21:23 . 2009-09-08 17:40 357720 ----a-w- c:\program files (x86)\lbt_customerCentral.dll

2010-06-02 21:23 . 2009-09-08 17:40 64344 ----a-w- c:\program files (x86)\lbt_bullseye.dll

2010-06-02 21:23 . 2009-09-08 17:40 61784 ----a-w- c:\program files (x86)\lbt_Auto1Way.dll

2010-06-02 21:22 . 2009-09-08 17:40 28504 ----a-w- c:\program files (x86)\lbt.dll

2010-06-02 21:22 . 2009-09-08 17:40 129880 ----a-w- c:\program files (x86)\QCustomAction.dll

2010-06-02 21:22 . 2009-09-08 17:40 39768 ----a-w- c:\program files (x86)\convert_stub.dll

2010-06-02 21:22 . 2009-09-08 17:40 155992 ----a-w- c:\program files (x86)\cashgen.dll

2010-06-02 21:22 . 2009-09-08 17:40 34136 ----a-w- c:\program files (x86)\CalendarSync.dll

2010-06-02 21:22 . 2009-09-08 17:40 116568 ----a-w- c:\program files (x86)\billmind_qwrmnd.dll

2010-06-02 21:22 . 2009-09-08 17:40 47448 ----a-w- c:\program files (x86)\billmind_alrtpkg.dll

2010-06-02 21:22 . 2009-09-08 17:40 26456 ----a-w- c:\program files (x86)\billmind.exe

2010-06-02 21:22 . 2009-09-08 17:40 77656 ----a-w- c:\program files (x86)\bagent.exe

2010-06-02 21:22 . 2009-09-08 17:40 354136 ----a-w- c:\program files (x86)\alert.dll

2010-06-02 21:22 . 2009-09-08 17:40 38744 ----a-w- c:\program files (x86)\printenv.exe

2010-06-02 21:22 . 2009-09-08 17:40 1035608 ----a-w- c:\program files (x86)\dbghelp.dll

2010-06-02 21:22 . 2009-09-08 17:40 71000 ----a-w- c:\program files (x86)\techhelp.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-24_02.32.54 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-12-02 15:37 . 2012-02-25 15:38 60108 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-02-25 15:38 43878 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2009-12-12 01:40 . 2012-02-25 15:38 16070 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3099364093-3267457688-942095451-1001_UserData.bin

- 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-12-12 00:21 . 2012-02-25 15:32 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-12-12 00:21 . 2012-02-24 02:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-12-12 00:21 . 2012-02-25 15:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-25 15:32 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-02-24 02:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-02-25 15:36 . 2012-02-25 15:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-02-24 02:32 . 2012-02-24 02:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-02-25 15:36 . 2012-02-25 15:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 04:54 . 2012-02-24 00:18 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:24 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 05:01 . 2012-02-24 02:31 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-02-25 15:35 406024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 04:54 . 2012-02-24 00:18 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:24 4456448 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-09-21 07:18 . 2012-02-25 15:35 9834984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3099364093-3267457688-942095451-1001-8192.dat

- 2009-07-14 04:54 . 2012-02-24 00:18 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-02-25 12:24 15761408 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-02-25 12:24 1811296 ----a-w- c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-25 1811296]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-09-26 210208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-19 494064]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"HostManager"="c:\program files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe" [2009-07-20 41264]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1675160]

"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2010-10-08 86184]

"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]

"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-12-20 634880]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-02-25 939872]

"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-02-25 928096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616]

.

c:\users\Roo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]

WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [x]

R3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);c:\windows\system32\DRIVERS\dlcdbus.sys [x]

R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]

R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;c:\windows\system32\DRIVERS\lan9500-x64-n51f.sys [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-02-01 25072]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]

S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-08 10408]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-08 8551272]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2011-10-18 161168]

S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]

S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-25 909152]

S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59]

.

2012-02-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 14:59]

.

2012-02-23 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

2012-02-25 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://isearch.avg.com/?cid={646EDEB7-C6E6-46C2-A086-E04BC1D1462E}&mid=e59cecda502947d18dced14acce4e9e6-49b99d1abb4251dc0f4c8caac757d6570d3d621e〈=en&ds=ft011&pr=sa&d=2012-02-23 07:34&v=9.0.0.23&sap=hp

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: internet

Trusted Zone: intuit.com\ttlc

Trusted Zone: mcafee.com

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe

c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

.

**************************************************************************

.

Completion time: 2012-02-25 10:41:42 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-25 15:41

ComboFix2.txt 2012-02-25 12:52

ComboFix3.txt 2012-02-24 02:37

.

Pre-Run: 347,814,957,056 bytes free

Post-Run: 347,760,558,080 bytes free

.

- - End Of File - - D086C03146B7452B8E7EF3E219566F47

Link to post
Share on other sites

Hy there,

Go here to run an online scanner from ESET.

  • Note: You will need to use Internet explorer for this scan
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked, and the option Scan unwanted applications is checked
  • Click Start
  • Wait for the scan to finish
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name.
  • Push the Back button.
  • Push Finish

Please post this logfile in your next reply

Please launch DDS

  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt

    [*]Save both reports to your desktop and post both in your next reply

Please post in your next reply

ESET Log

dds.txt

attach.txt

Note any open issues

Link to post
Share on other sites

Thanks. I ran the ESET tool. It didn't find any threats and so I had no option to save a file to my PC.

It has this....

Scan Results

No Threats found.

Scanned Files: 265031

Infected Files: 0

Cleaned Files: 0

Total Scan Time: 01:12:31

Scan Status: Finished

DDS Log

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Roo at 15:13:58 on 2012-02-27

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.3939 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe

C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files (x86)\AOL 9.5\waol.exe

C:\Program Files (x86)\AOL 9.5\shellmon.exe

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler

uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.5\AOL.EXE" -b

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

StartupFolder: C:\Users\Roo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: intuit.com\ttlc

Trusted Zone: mcafee.com

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6} : DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\378616B65637 : DhcpNameServer = 68.237.161.12 71.243.0.12

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\B4566796E67456F6277656 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\C696E6B6379737 : DhcpNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?]

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-8 8551272]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-2-20 652360]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-13 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-13 208536]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-13 161168]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-2 705856]

R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-2-25 909152]

R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-2-1 25072]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [?]

S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);C:\Windows\system32\DRIVERS\dlcdbus.sys --> C:\Windows\system32\DRIVERS\dlcdbus.sys [?]

S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]

S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys --> C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

.

=============== Created Last 30 ================

.

2012-02-27 18:45:11 -------- d-----w- C:\Program Files (x86)\ESET

2012-02-25 18:07:26 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\offreg.dll

2012-02-25 15:45:56 -------- d-sh--w- C:\$RECYCLE.BIN

2012-02-25 12:30:22 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F6D72B1B-06BC-4E7D-89EA-124F9DC92755}\mpengine.dll

2012-02-24 00:00:34 -------- d-----w- C:\TDSSKiller_Quarantine

2012-02-23 21:45:09 98816 ----a-w- C:\Windows\sed.exe

2012-02-23 21:45:09 518144 ----a-w- C:\Windows\SWREG.exe

2012-02-23 21:45:09 256000 ----a-w- C:\Windows\PEV.exe

2012-02-23 21:45:09 208896 ----a-w- C:\Windows\MBR.exe

2012-02-23 12:34:29 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-02-23 12:34:23 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-02-23 12:34:21 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-02-23 12:34:10 -------- d--h--w- C:\ProgramData\Common Files

2012-02-22 11:04:31 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-02-21 03:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\Simple Adblock

2012-02-21 02:32:01 -------- d-----w- C:\Users\Roo\AppData\Roaming\Malwarebytes

2012-02-21 02:31:46 -------- d-----w- C:\ProgramData\Malwarebytes

2012-02-21 02:31:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-02-21 02:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware

2012-02-19 18:25:47 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-16 02:16:36 -------- d-----w- C:\63146ec7b3a033f4356ca48e

2012-02-16 02:08:20 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-02-16 02:08:19 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-02-16 02:08:07 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-02-16 02:08:06 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-02-16 02:08:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

2012-02-16 02:07:54 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-02-16 02:07:45 634880 ----a-w- C:\Windows\System32\msvcrt.dll

2012-02-16 02:07:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

2012-02-06 00:08:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-05 23:30:37 -------- d-----w- C:\Users\Roo\AppData\Roaming\Macrovision

.

==================== Find3M ====================

.

2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll

2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll

2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-06-02 21:26:20 23384 ----a-w- C:\Program Files (x86)\QuickenOLBackupLauncher.exe

2010-06-02 21:25:34 48472 ----a-w- C:\Program Files (x86)\InetTools.dll

2010-06-02 21:24:32 537944 ----a-w- C:\Program Files (x86)\UpdateContent.dll

2010-06-02 21:24:28 57176 ----a-w- C:\Program Files (x86)\RestartExe.exe

2010-06-02 21:24:28 46424 ----a-w- C:\Program Files (x86)\BindContent.exe

2010-06-02 21:24:24 312664 ----a-w- C:\Program Files (x86)\SendError.dll

2010-06-02 21:24:22 32088 ----a-w- C:\Program Files (x86)\qwutilnet.dll

2010-06-02 21:24:12 359768 ----a-w- C:\Program Files (x86)\qwplan.dll

2010-06-02 21:24:10 129880 ----a-w- C:\Program Files (x86)\qwonlineFeatures.dll

2010-06-02 21:24:04 76120 ----a-w- C:\Program Files (x86)\qwipa.dll

2010-06-02 21:22:58 28504 ----a-w- C:\Program Files (x86)\lbt.dll

2010-06-02 21:22:58 129880 ----a-w- C:\Program Files (x86)\QCustomAction.dll

2010-06-02 21:22:46 39768 ----a-w- C:\Program Files (x86)\convert_stub.dll

2010-06-02 21:22:46 155992 ----a-w- C:\Program Files (x86)\cashgen.dll

2010-06-02 21:22:44 34136 ----a-w- C:\Program Files (x86)\CalendarSync.dll

2010-06-02 21:22:42 116568 ----a-w- C:\Program Files (x86)\billmind_qwrmnd.dll

2010-06-02 21:22:40 47448 ----a-w- C:\Program Files (x86)\billmind_alrtpkg.dll

2010-06-02 21:22:40 26456 ----a-w- C:\Program Files (x86)\billmind.exe

2010-06-02 21:22:38 77656 ----a-w- C:\Program Files (x86)\bagent.exe

2010-06-02 21:22:34 354136 ----a-w- C:\Program Files (x86)\alert.dll

2010-06-02 21:22:30 38744 ----a-w- C:\Program Files (x86)\printenv.exe

2010-06-02 21:22:20 1035608 ----a-w- C:\Program Files (x86)\dbghelp.dll

2010-06-02 21:22:18 71000 ----a-w- C:\Program Files (x86)\techhelp.exe

2010-01-04 23:40:10 433976 ----a-w- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe

2010-01-04 23:40:08 861432 ----a-w- C:\Program Files (x86)\QuickenHomeInventory.exe

2009-09-08 17:43:28 15720 ----a-w- C:\Program Files (x86)\mvut14n.dll

2009-09-08 17:42:26 223584 ----a-w- C:\Program Files (x86)\patchw32.dll

2009-09-08 17:40:54 41320 ----a-w- C:\Program Files (x86)\lbt_excite.dll

2009-09-08 17:40:38 23912 ----a-w- C:\Program Files (x86)\dellid.dll

2009-09-08 17:40:28 78184 ----a-w- C:\Program Files (x86)\bgt.dll

2009-09-08 17:40:26 34152 ----a-w- C:\Program Files (x86)\atwork.dll

.

============= FINISH: 15:14:27.04 ===============

Attach Log

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 12/11/2009 7:29:39 PM

System Uptime: 2/26/2012 1:41:24 PM (26 hours ago)

.

Motherboard: Dell Inc. | | 0C234M

Processor: Intel® Core2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 323.304 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP169: 2/16/2012 3:00:23 AM - Windows Update

RP170: 2/16/2012 10:30:07 AM - Windows Update

RP171: 2/18/2012 11:11:51 PM - Restore Operation

RP172: 2/19/2012 1:25:15 PM - Windows Update

RP174: 2/19/2012 1:50:58 PM - Windows Defender Checkpoint

RP175: 2/20/2012 11:42:58 PM - Windows Update

RP176: 2/23/2012 4:45:25 PM - ComboFix created restore point

RP177: 2/25/2012 7:28:40 AM - Windows Update

.

==== Installed Programs ======================

.

.

Update for Microsoft Office 2007 (KB2508958)

Absolute Notifier

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader 9.1.2

Advanced Audio FX Engine

AnswerWorks 5.0 English Runtime

AnyDVD

AOL Uninstaller (Choose which Products to Remove)

Apple Application Support

Apple Software Update

ATI Catalyst Control Center

AVG Security Toolbar

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Citrix Presentation Server Client - Web Only

CloneDVDmobile

Compatibility Pack for the 2007 Office system

Consumer In-Home Service Agreement

Coupon Printer for Windows

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell Webcam Central

ESET Online Scanner v3

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

Internet TV for Windows Media Center

iSEEK AnswerWorks English Runtime

Java Auto Updater

Java 6 Update 26

Junk Mail filter update

LeapFrog Connect

LeapFrog Tag Plugin

Live! Cam Avatar Creator

Malwarebytes Anti-Malware version 1.60.1.1000

McAfee SecurityCenter

McAfee Virtual Technician

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Works

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

PowerDVD DX

Quicken 2010

QuickTime

Roxio Burn

Roxio Update Manager

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Simple Adblock

Skins

Skype Toolbars

Skype™ 4.2

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

Uninstall AOL Emergency Connect Utility 1.0

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)

Viewpoint Media Player

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

2/25/2012 7:55:32 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004

2/25/2012 7:38:02 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning.

2/25/2012 11:00:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/25/2012 10:56:10 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/25/2012 10:46:44 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

2/25/2012 10:36:37 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

2/25/2012 10:34:44 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

2/25/2012 10:33:57 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

2/22/2012 9:51:46 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

.

==== End Of File ===========================

Link to post
Share on other sites

Hy there

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of Java Runtime Enviroment 6 Update 31 and save it to your desktop.
  • Scroll down to where it says Java SE 6 Update 31
  • Click the red Download JRE button on the right.
  • Read the License Agreement then select Accept License Agreement
  • Click on the link to download Windows x86 Offline and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u31-windows-i586 to install the newest version.

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)

  • On the General tab, under Temporary Internet Files, click the Settings button.
  • Next, click on the Delete Files button
  • There are three options in the window to clear the cache - Make sure all are checked
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.

Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.

There is a newer version of Adobe Acrobat Reader available.

  • Please go to this link Adobe Acrobat Reader Download Link
  • Untick Free McAfee® Security Scan Plus if you do not wish to include this in the installation.
  • Click Download
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

When the installation is complete go to Add/Remove Programs and uninstall all previous versions.

Please post in your next reply

Note any open issues

Link to post
Share on other sites

Thanks.

I now have Java 6 Update 31 installed and Adobe Reader X (10.1.2) installed.

I had no issues installing either.

DDS Log

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Roo at 20:01:33 on 2012-02-28

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6109.4463 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

C:\Program Files (x86)\AOL 9.5\waol.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Common Files\aol\1262054950\ee\aolsoftware.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\AOL 9.5\shellmon.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files (x86)\internet explorer\iexplore.exe

C:\Program Files (x86)\internet explorer\iexplore.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Windows\system32\msiexec.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchIndexer.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SimpleAdblock Class: {ffcb3198-32f3-4e8b-9539-4324694ed664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler

uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.5\AOL.EXE" -b

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

StartupFolder: C:\Users\Roo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: intuit.com\ttlc

Trusted Zone: mcafee.com

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6} : DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\378616B65637 : DhcpNameServer = 68.237.161.12 71.243.0.12

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\B4566796E67456F6277656 : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{F292B776-5071-4241-B5B2-47B1A9AD68F6}\C696E6B6379737 : DhcpNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120112184243.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [HostManager] C:\Program Files (x86)\Common Files\AOL\1262054950\ee\AOLSoftware.exe

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"

mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

============= SERVICES / DRIVERS ===============

.

R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?]

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2009-12-8 8551272]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2012-2-20 652360]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-13 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-13 208536]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-13 161168]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2009-12-2 705856]

R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-2-25 909152]

R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-1-21 130048]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.22617.0.sys [?]

S3 dlcdbus;DisplayLink Composite USB Bus Driver driver (WDM);C:\Windows\system32\DRIVERS\dlcdbus.sys --> C:\Windows\system32\DRIVERS\dlcdbus.sys [?]

S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 136176]

S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]

S3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys --> C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-2-1 25072]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]

.

=============== Created Last 30 ================

.

2012-02-29 00:22:42 -------- d-----w- C:\Windows\System32\appmgmt

2012-02-28 11:27:37 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63BDA4D9-6A27-463F-8CA5-9960F2542DBE}\mpengine.dll

2012-02-27 18:45:11 -------- d-----w- C:\Program Files (x86)\ESET

2012-02-25 15:45:56 -------- d-sh--w- C:\$RECYCLE.BIN

2012-02-24 00:00:34 -------- d-----w- C:\TDSSKiller_Quarantine

2012-02-23 21:45:09 98816 ----a-w- C:\Windows\sed.exe

2012-02-23 21:45:09 518144 ----a-w- C:\Windows\SWREG.exe

2012-02-23 21:45:09 256000 ----a-w- C:\Windows\PEV.exe

2012-02-23 21:45:09 208896 ----a-w- C:\Windows\MBR.exe

2012-02-23 12:34:29 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-02-23 12:34:23 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-02-23 12:34:21 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-02-23 12:34:10 -------- d--h--w- C:\ProgramData\Common Files

2012-02-22 11:04:31 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-02-21 03:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\Simple Adblock

2012-02-21 02:32:01 -------- d-----w- C:\Users\Roo\AppData\Roaming\Malwarebytes

2012-02-21 02:31:46 -------- d-----w- C:\ProgramData\Malwarebytes

2012-02-21 02:31:44 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-02-21 02:31:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware

2012-02-19 18:25:47 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-16 02:16:36 -------- d-----w- C:\63146ec7b3a033f4356ca48e

2012-02-16 02:08:20 515584 ----a-w- C:\Windows\System32\timedate.cpl

2012-02-16 02:08:19 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2012-02-16 02:08:07 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-02-16 02:08:06 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-02-16 02:08:00 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

2012-02-16 02:07:54 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-02-16 02:07:45 634880 ----a-w- C:\Windows\System32\msvcrt.dll

2012-02-16 02:07:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll

2012-02-06 00:08:26 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-05 23:30:37 -------- d-----w- C:\Users\Roo\AppData\Roaming\Macrovision

.

==================== Find3M ====================

.

2012-02-29 00:33:40 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll

2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll

2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-06-02 21:26:20 23384 ----a-w- C:\Program Files (x86)\QuickenOLBackupLauncher.exe

2010-06-02 21:25:34 48472 ----a-w- C:\Program Files (x86)\InetTools.dll

2010-06-02 21:24:32 537944 ----a-w- C:\Program Files (x86)\UpdateContent.dll

2010-06-02 21:24:28 57176 ----a-w- C:\Program Files (x86)\RestartExe.exe

2010-06-02 21:24:28 46424 ----a-w- C:\Program Files (x86)\BindContent.exe

2010-06-02 21:24:24 312664 ----a-w- C:\Program Files (x86)\SendError.dll

2010-06-02 21:24:22 32088 ----a-w- C:\Program Files (x86)\qwutilnet.dll

2010-06-02 21:24:12 359768 ----a-w- C:\Program Files (x86)\qwplan.dll

2010-06-02 21:24:10 129880 ----a-w- C:\Program Files (x86)\qwonlineFeatures.dll

2010-06-02 21:24:04 76120 ----a-w- C:\Program Files (x86)\qwipa.dll

2010-06-02 21:22:58 28504 ----a-w- C:\Program Files (x86)\lbt.dll

2010-06-02 21:22:58 129880 ----a-w- C:\Program Files (x86)\QCustomAction.dll

2010-06-02 21:22:46 39768 ----a-w- C:\Program Files (x86)\convert_stub.dll

2010-06-02 21:22:46 155992 ----a-w- C:\Program Files (x86)\cashgen.dll

2010-06-02 21:22:44 34136 ----a-w- C:\Program Files (x86)\CalendarSync.dll

2010-06-02 21:22:42 116568 ----a-w- C:\Program Files (x86)\billmind_qwrmnd.dll

2010-06-02 21:22:40 47448 ----a-w- C:\Program Files (x86)\billmind_alrtpkg.dll

2010-06-02 21:22:40 26456 ----a-w- C:\Program Files (x86)\billmind.exe

2010-06-02 21:22:38 77656 ----a-w- C:\Program Files (x86)\bagent.exe

2010-06-02 21:22:34 354136 ----a-w- C:\Program Files (x86)\alert.dll

2010-06-02 21:22:30 38744 ----a-w- C:\Program Files (x86)\printenv.exe

2010-06-02 21:22:20 1035608 ----a-w- C:\Program Files (x86)\dbghelp.dll

2010-06-02 21:22:18 71000 ----a-w- C:\Program Files (x86)\techhelp.exe

2010-01-04 23:40:10 433976 ----a-w- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe

2010-01-04 23:40:08 861432 ----a-w- C:\Program Files (x86)\QuickenHomeInventory.exe

2009-09-08 17:43:28 15720 ----a-w- C:\Program Files (x86)\mvut14n.dll

2009-09-08 17:42:26 223584 ----a-w- C:\Program Files (x86)\patchw32.dll

2009-09-08 17:40:54 41320 ----a-w- C:\Program Files (x86)\lbt_excite.dll

2009-09-08 17:40:38 23912 ----a-w- C:\Program Files (x86)\dellid.dll

2009-09-08 17:40:28 78184 ----a-w- C:\Program Files (x86)\bgt.dll

2009-09-08 17:40:26 34152 ----a-w- C:\Program Files (x86)\atwork.dll

.

============= FINISH: 20:02:50.30 ===============

Attach Log

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume2

Install Date: 12/11/2009 7:29:39 PM

System Uptime: 2/28/2012 7:25:55 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0C234M

Processor: Intel® Core2 Duo CPU P7450 @ 2.13GHz | U2E1 | 2133/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 323.609 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP171: 2/18/2012 11:11:51 PM - Restore Operation

RP172: 2/19/2012 1:25:15 PM - Windows Update

RP174: 2/19/2012 1:50:58 PM - Windows Defender Checkpoint

RP175: 2/20/2012 11:42:58 PM - Windows Update

RP176: 2/23/2012 4:45:25 PM - ComboFix created restore point

RP177: 2/25/2012 7:28:40 AM - Windows Update

RP178: 2/27/2012 10:01:59 PM - Installed TurboTax 2011 wrapper

RP179: 2/28/2012 7:21:36 PM - Removed Java 6 Update 14 (64-bit)

RP180: 2/28/2012 7:23:29 PM - Removed Java 6 Update 26

RP181: 2/28/2012 7:31:05 PM - Installed Java 6 Update 31

RP182: 2/28/2012 7:55:54 PM - Installed Adobe Reader X (10.1.0).

.

==== Installed Programs ======================

.

.

Update for Microsoft Office 2007 (KB2508958)

Absolute Notifier

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader X (10.1.2)

Advanced Audio FX Engine

AnswerWorks 5.0 English Runtime

AnyDVD

AOL Uninstaller (Choose which Products to Remove)

Apple Application Support

Apple Software Update

ATI Catalyst Control Center

AVG Security Toolbar

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Citrix Presentation Server Client - Web Only

CloneDVDmobile

Compatibility Pack for the 2007 Office system

Consumer In-Home Service Agreement

Coupon Printer for Windows

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Getting Started Guide

Dell Webcam Central

ESET Online Scanner v3

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

Internet TV for Windows Media Center

iSEEK AnswerWorks English Runtime

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

LeapFrog Connect

LeapFrog Tag Plugin

Live! Cam Avatar Creator

Malwarebytes Anti-Malware version 1.60.1.1000

McAfee SecurityCenter

McAfee Virtual Technician

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft Works

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

PowerDVD DX

Quicken 2010

QuickTime

Roxio Burn

Roxio Update Manager

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Simple Adblock

Skins

Skype Toolbars

Skype™ 4.2

TurboTax 2009

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wrapper

TurboTax 2010

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

TurboTax 2011

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

Uninstall AOL Emergency Connect Utility 1.0

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)

Viewpoint Media Player

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

2/28/2012 7:49:50 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

2/28/2012 7:33:40 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/28/2012 5:41:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

2/25/2012 7:55:32 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004

2/25/2012 7:38:02 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning.

2/25/2012 11:00:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

2/25/2012 10:46:44 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

2/25/2012 10:36:37 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.

2/25/2012 10:34:44 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

2/25/2012 10:33:57 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

.

==== End Of File ===========================

Link to post
Share on other sites

Well done.

Unless you have any open issues, you are good to go. Please follow these last few steps.

Please press the windows.jpg + R Key and Copy/Paste the following single-line command into the Run box and click OK

combofix /uninstall

This will uninstall ComboFix and delete ComboFix's quarantine folder. It will also implement some cleanup procedures, remove old System Restore Points which contain previous infections, and create a fresh, clean System Restore Point.

Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.

You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

Empty your Recycle Bin if it does not do so automatically.

Please delete the following folder

C:\TDSSKiller_Quarantine

Now that you appear to be free from malware lets help you stay that way!

It is vital that you keep your system up to date

  • Please enable Automatic Updates to keep your system up to date.
  • Windows Updates
    • Win XP: Start --> Control Panel and double- click on Automatic Updates.
    • Vista / 7: Start --> Control Panel --> System and Security --> Windows Updates

    [*] Software Updates

    Your installed Software also can have vulnerabilities that malware can use to infect your system.

    To keep your installed Software up to date I recommend File Hippo.

Anti Virus Software

  • Make sure to have one Anti Virus programme installed and update it on a regular basis. It is useless with out of date definitions.

Additional Protection
  • Malwarebytes Anti Malware
    The freeware Version is an on demand scanner which will check your system for malware. Update it once a week and run a Quick Scan. You can also buy a licence which offers more features.
  • WinPatrol
    WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.

Safer Browsing

Use an alternate browser

Other browsers tend to be more secure than IE as they do not make use of active x objects. Active x objects can be used by spyware as an infection point on your computer.

Note: If you use Firefox you may want to have a look on this Add Ons.

Computer Maintenance

Clean out your temp files on a regular basis -I recommend TFC ( Temp File Cleaner ).

Thinking while surfing

There is no software which will protect your system from yourself.

I have included some security related articles that I advise you read through in your own time. These articles will give you tips and advice on preventing infection, and how to stay safe whilst browsing the internet.

If you have any questions kindly ask.

Please respond to this thread one more time so we can mark this thread as resolved.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.