Jump to content

Had Smart HDD would like help just checking thing.


Recommended Posts

Back on Feb. 8th 2013 I got the “Smart HDD” malware.

I used these directions to remove it and get running again.

http://www.bleepingcomputer.com/virus-removal/remove-smart-hdd

I would just like someone to guide me in checking thing out to make sure there is not something in the registry or something.

Thanks

GeckospotNixie

Link to post
Share on other sites

Hello GeckospotNixie! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2

Run by twhauff at 12:11:52 on 2013-02-18

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.15269.10767 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Core Temp\Core Temp.exe

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files (x86)\Anuko\World Clock\timesync.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

C:\Windows\system32\CxAudMsg64.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\hasplms.exe

C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

C:\Windows\system32\IProsetMonitor.exe

C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

C:\Windows\SysWOW64\lkads.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\National Instruments\MAX\nimxs.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\nipalsm.exe

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe

C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe

C:\Program Files (x86)\PDF Architect\HelperService.exe

C:\Program Files (x86)\PDF Architect\ConversionService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Retrospect\Retrospect Client\RemotSvc.exe

C:\Windows\SysWOW64\SAsrv.exe

C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files (x86)\Retrospect\Retrospect Client\retroclient.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe

C:\Program Files\WinMagic\SecureDoc-NT\SDService.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe

C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe

C:\Windows\SysWOW64\lkcitdl.exe

C:\Windows\SysWOW64\lktsrv.exe

C:\Program Files (x86)\X-Rite\Devices\Services\i1Display\i1DisplayDeviceService.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\TpShocks.exe

C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe

C:\Program Files\WinMagic\SecureDoc-NT\SDPin.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Anuko\World Clock\world_clock.exe

C:\Program Files\Siber Systems\GoodSync\GoodSync.exe

C:\Users\Thomas W. Hauff\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe

C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

C:\Program Files (x86)\Microsoft Encarta\Encarta World English Dictionary 2001\QSHLFED.EXE

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\X-Rite\Devices\Lib\xritelegacyd.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe

C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe

C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe

C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe

C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe

C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Windows\SysWOW64\nipxism.exe

C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe

C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe

C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

C:\Windows\SysWOW64\nipalsm.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe

C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE

C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE

C:\Program Files\Conexant\SAII\SmartAudio.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe

C:\Users\Thomas W. Hauff\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://my.yahoo.com/p/1.html

uDefault_Page_URL = hxxp://lenovo.msn.com

uProxyOverride = <local>

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: PDF Architect Helper: {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Spb Wallet: {2913D3DD-9363-4C21-B205-C19A584A0674} - C:\Program Files (x86)\Spb Wallet\SpbWalletToolbar.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: PDF Architect Toolbar: {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [AnukoWorldClock] C:\Program Files (x86)\Anuko\World Clock\world_clock.exe

uRun: [GoodSync] "C:\Program Files\Siber Systems\GoodSync\GoodSync.exe" /min

uRun: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1033

uRun: [Akamai NetSession Interface] "C:\Users\Thomas W. Hauff\AppData\Local\Akamai\netsession_win.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

mRun: [X-Rite Legacy Device] C:\Program Files (x86)\X-Rite\Devices\Lib\xritelegacyd.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

mRun: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe

mRun: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe

mRun: [Corel File Shell Monitor] c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [TVT Scheduler Proxy] C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

mRun: [NI Update Service] "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask

mRun: [niDevMon] C:\Program Files (x86)\National Instruments\NI-DAQ\HWConfig\nidevmon.exe

mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

mRun: [ACWLIcon] C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe

mRun: [ACTray] C:\Program Files (x86)\Lenovo\Access Connections\ACTray.exe

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~1.LNK - C:\Program Files\National Instruments\Shared\NI Error Reporting\nierserver.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NIERRO~2.LNK - C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKS~1.LNK - C:\Windows\Installer\{08001201-5D65-445A-B3B4-3DCE72BA0C6C}\ENCICONS.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~1.LNK - C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~2.LNK - C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: DisableCAD = dword:1

IE: &Define - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Look Up in &Encyclopedia - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM

IE: {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files (x86)\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab

DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} - hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab

DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab

DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} - hxxp://wthauff.viewnetcam.com:65001/JpegInst.cab

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{002F740C-6F4A-4486-86C0-C4DBF9D8CA39}\2556E61696373716E63656 : DHCPNameServer = 195.175.39.39 195.175.39.40 208.67.222.222

TCP: Interfaces\{002F740C-6F4A-4486-86C0-C4DBF9D8CA39}\4554B4E494B4D234F42505F425144554 : DHCPNameServer = 10.18.100.20 10.18.100.21 10.18.100.22

TCP: Interfaces\{002F740C-6F4A-4486-86C0-C4DBF9D8CA39}\A5978554C4 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{43B9CA40-B87E-44A6-AABE-876604AC54BB} : DHCPNameServer = 192.168.101.9 4.2.2.2 64.65.208.6 64.69.96.35

TCP: Interfaces\{4B10D2BE-6678-4F6B-B743-AC46162482D7} : DHCPNameServer = 68.87.64.150 68.87.75.198

TCP: Interfaces\{64309864-C907-48FD-A6E1-51D394E5EB31} : DHCPNameServer = 75.75.75.75 75.75.76.76

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

LSA: Authentication Packages = msv1_0 relog_ap

LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina

IFEO: Notepad.exe - "C:\Program Files (x86)\TextPad 5\TextPad.exe" -n

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TpShocks] TpShocks.exe

x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe

x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe

x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe

x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [seagate Scheduler2 Service] "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [startSecurDoc] "C:\Program Files\WinMagic\SecureDoc-NT\SDPin.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LaserJet Professional CM1410 Series Fax"

x64-Run: [intelPROSet] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless

x64-Run: [ResetACGauge] C:\Program Files (x86)\Lenovo\Access Connections\smbhlpr.exe /RESETACGAUGEREG

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

x64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

x64-SSODL: WebCheck - <orphaned>

x64-IFEO: Notepad.exe - "C:\Program Files (x86)\TextPad 5\TextPad.exe" -n

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Thomas W. Hauff\AppData\Roaming\Mozilla\Firefox\Profiles\4xrmwqsf.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2010win32.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win64.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPLV82Win32.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv86win32.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin8.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt\plugins\NPPDFArchitectPreviewerPlugin.dll

FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin8.dll

FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll

FF - plugin: C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-02-01 13:40; FFPDFArchitectConverter@pdfarchitect.com; C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

.

============= SERVICES / DRIVERS ===============

.

R0 dlkmdldr;dlkmdldr;C:\Windows\System32\drivers\dlkmdldr.sys [2012-12-18 15184]

R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2011-5-18 29512]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R0 nipbcfk;National Instruments Class Upper Filter Driver;C:\Windows\System32\drivers\nipbcfk.sys [2010-3-24 16984]

R0 nipxibaf;National Instruments PXI Bridge Access Driver;C:\Windows\System32\drivers\nipxibaf.sys [2011-4-8 82568]

R0 nipxibrc;National Instruments PXI Bridge Configuration Driver;C:\Windows\System32\drivers\nipxibrc.sys [2011-4-8 54424]

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-11-2 30056]

R0 PinFile;PinFile;C:\Windows\System32\drivers\PinFile.sys [2010-9-23 21576]

R0 SDDisk2K;SDDisk2K;C:\Windows\System32\drivers\SDDisk2K.sys [2011-9-22 205384]

R0 SDDToki;SDDToki;C:\Windows\System32\drivers\SDDToki.sys [2011-5-10 114760]

R0 SDDVD;SDDVD;C:\Windows\System32\drivers\SDDVD.sys [2011-5-11 70728]

R0 SDUPC;SDUPC;C:\Windows\System32\drivers\SDUPC.sys [2009-3-5 20992]

R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664]

R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2010-12-29 15472]

R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-11-2 284008]

R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]

R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2012-12-19 78208]

R2 AnukoTime;Anuko Time;C:\Program Files (x86)\Anuko\World Clock\timesync.exe [2012-7-6 112824]

R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-5-18 198784]

R2 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2012-4-10 8498608]

R2 hasplms;Sentinel Local License Manager;C:\Windows\System32\hasplms.exe -run --> C:\Windows\System32\hasplms.exe -run [?]

R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]

R2 i1 Display Service;X-Rite Device i1 Display;C:\Program Files (x86)\X-Rite\Devices\Services\i1Display\i1DisplayDeviceService.exe [2011-5-29 163328]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-9-6 170824]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-7 210896]

R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-5-29 40808]

R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2013-2-14 127072]

R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-5-29 59240]

R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2012-12-18 133992]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-8 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-8 682344]

R2 ni488enumsvc;NI-488.2 Enumeration Service;C:\Windows\SysWOW64\nipalsm.exe [2010-3-24 12696]

R2 NIApplicationWebServer;NI Application Web Server;C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-3-6 50336]

R2 nidevldu;NI Device Loader;C:\Windows\SysWOW64\nipalsm.exe [2010-3-24 12696]

R2 niLXIDiscovery;National Instruments LXI Discovery Service;C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2011-6-20 233664]

R2 nimDNSResponder;National Instruments mDNS Responder Service;C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2011-6-1 194224]

R2 NINetworkDiscovery;NI Network Discovery;C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2011-11-30 121032]

R2 nipxirmk;nipxirmk;C:\Windows\System32\drivers\nipxirmkl.sys [2011-7-7 12952]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]

R2 NiViPxiK;NI-VISA PXI Driver;C:\Windows\System32\drivers\NiViPxiKl.sys [2011-8-17 12968]

R2 PDF Architect Helper Service;PDF Architect Helper Service;C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-1-9 1324104]

R2 PDF Architect Service;PDF Architect Service;C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-1-9 795208]

R2 Retrospect Client;Retrospect Client;C:\Program Files (x86)\Retrospect\Retrospect Client\RemotSvc.exe [2010-8-20 61440]

R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2011-5-18 101376]

R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]

R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-10-16 606048]

R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]

R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2013-2-14 127120]

R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2013-2-14 125504]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-18 2656280]

R2 Viewpoint Service;Viewpoint Service;C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [2011-10-12 30152]

R2 WinMagic SecureDoc Service;WinMagic SecureDoc Service;C:\Program Files\WinMagic\SecureDoc-NT\SDService.exe [2011-10-1 438856]

R2 xritedeviced;X-Rite Device Manager;C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [2011-5-18 142848]

R2 ZcfgSvc7;Intel® PROSet/Wireless ZeroConfig Service;C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [2011-11-1 994064]

R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2011-5-29 166016]

R3 dlkmd;dlkmd;C:\Windows\System32\drivers\dlkmd.sys [2012-12-18 301904]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2010-8-24 74320]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2010-8-24 13392]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-8 24176]

R3 ni488lock;NI-488.2 Locking Service;C:\Windows\System32\drivers\ni488lock.sys [2011-10-19 18568]

R3 nidimk;nidimk;C:\Windows\System32\drivers\nidimkl.sys [2011-7-1 12968]

R3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;C:\Windows\System32\drivers\niede.sys [2010-6-15 38064]

R3 nimru2k;nimru2k;C:\Windows\System32\drivers\nimru2kl.sys [2009-8-24 11872]

R3 nimstsk;nimstsk;C:\Windows\System32\drivers\nimstskl.sys [2011-3-22 12968]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

R3 NiViPciK;NI-VISA PCI Driver;C:\Windows\System32\drivers\NiViPciKl.sys [2011-8-17 12968]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-5-10 97792]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-5-10 217600]

R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2010-9-28 41536]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-15 198144]

S3 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter;C:\Windows\System32\drivers\ax88178.sys [2011-10-4 56320]

S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-5-18 437288]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-18 39976]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-1-18 77352]

S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]

S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\System32\drivers\DisplayLinkUsbPort_6.1.32700.0.sys [2012-12-18 17408]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]

S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-11-3 320576]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-6-3 1431888]

S3 lvalarmk;lvalarmk;C:\Windows\System32\drivers\lvalarmk.sys [2008-12-5 25224]

S3 MCHPUSB;MCHPUSB;C:\Windows\System32\drivers\mchpusb64.sys [2008-5-12 64512]

S3 ni1006k;NI PXI-1006 Chassis Pilot;C:\Windows\System32\drivers\ni1006k.sys [2011-4-8 30800]

S3 ni1045k;NI PXI-1045 Chassis Pilot;C:\Windows\System32\drivers\ni1045kl.sys [2011-4-8 11856]

S3 ni1065k;NI PXIe-1065 Chassis Pilot;C:\Windows\System32\drivers\ni1065k.sys [2011-4-8 26704]

S3 nicdrk;nicdrk;C:\Windows\System32\drivers\nicdrkl.sys [2010-8-12 11864]

S3 nicmrk;nicmrk;C:\Windows\System32\drivers\nicmrkl.sys [2011-4-1 12976]

S3 nicondrk;nicondrk;C:\Windows\System32\drivers\nicondrkl.sys [2011-4-1 12936]

S3 nicsrk;nicsrk;C:\Windows\System32\drivers\nicsrkl.sys [2011-4-1 12944]

S3 nidmxfk;nidmxfk;C:\Windows\System32\drivers\nidmxfkl.sys [2011-3-22 12944]

S3 nidsark;nidsark;C:\Windows\System32\drivers\nidsarkl.sys [2011-3-23 12952]

S3 niemrk;niemrk;C:\Windows\System32\drivers\niemrkl.sys [2011-3-23 12944]

S3 niesrk;niesrk;C:\Windows\System32\drivers\niesrkl.sys [2011-3-23 12944]

S3 nifslk;nifslk;C:\Windows\System32\drivers\nifslkl.sys [2011-6-15 12960]

S3 nimsdrk;nimsdrk;C:\Windows\System32\drivers\nimsdrkl.sys [2011-3-22 13000]

S3 nimxpk;nimxpk;C:\Windows\System32\drivers\nimxpkl.sys [2011-3-22 12976]

S3 ninshsdk;ninshsdk;C:\Windows\System32\drivers\ninshsdkl.sys [2010-7-14 12968]

S3 nipalfwedl;nipalfwedl;C:\Windows\System32\drivers\nipalfwedl.sys [2011-6-29 12992]

S3 nipalusbedl;nipalusbedl;C:\Windows\System32\drivers\nipalusbedl.sys [2011-6-29 12992]

S3 nipxigpk;NI PXI Generic Chassis Pilot;C:\Windows\System32\drivers\nipxigpk.sys [2011-7-7 22680]

S3 niraptrk;niraptrk;C:\Windows\System32\drivers\niraptrkl.sys [2011-4-1 12936]

S3 niscdk;niscdk;C:\Windows\System32\drivers\niscdkl.sys [2010-7-12 12984]

S3 nisdigk;nisdigk;C:\Windows\System32\drivers\nisdigkl.sys [2010-10-1 12960]

S3 nisftk;nisftk;C:\Windows\System32\drivers\nisftkl.sys [2010-7-14 12952]

S3 nispdk;nispdk;C:\Windows\System32\drivers\nispdkl.sys [2010-7-12 12984]

S3 nissrk;nissrk;C:\Windows\System32\drivers\nissrkl.sys [2011-3-23 12944]

S3 nistc2k;nistc2k;C:\Windows\System32\drivers\nistc2kl.sys [2009-1-5 11824]

S3 nistc3rk;nistc3rk;C:\Windows\System32\drivers\nistc3rkl.sys [2011-3-23 12936]

S3 nistcrk;nistcrk;C:\Windows\System32\drivers\nistcrkl.sys [2009-8-31 11872]

S3 niswdk;niswdk;C:\Windows\System32\drivers\niswdkl.sys [2011-3-23 12936]

S3 nitiork;nitiork;C:\Windows\System32\drivers\nitiorkl.sys [2011-3-23 12968]

S3 niufurk;niufurk;C:\Windows\System32\drivers\niufurkl.sys [2011-3-23 12968]

S3 niwfrk;niwfrk;C:\Windows\System32\drivers\niwfrkl.sys [2011-3-23 12944]

S3 nixsrk;nixsrk;C:\Windows\System32\drivers\nixsrkl.sys [2011-3-23 12944]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2011-5-18 31152]

S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-5-18 1666112]

S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2011-5-29 1665088]

S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2012-6-13 27336]

S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2012-6-13 71680]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 USB18PRG;mikroElektronika USB18F Device (x64 Platform);C:\Windows\System32\drivers\USB18PRG.sys [2009-11-17 53320]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]

S3 USBee;CWAV USBee Drivers;C:\Windows\System32\drivers\USBee.sys [2009-2-10 49728]

S3 Usbtmc;ausbtmc;C:\Windows\System32\drivers\ausbtmc.sys [2010-7-28 22528]

S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2012-3-13 117040]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-30 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-12-1 42392]

S4 FfeCore;WinMagic File-Folder Encryptor - core services;C:\Windows\System32\drivers\FfeCore.sys [2011-11-4 478280]

S4 FfeDisk;WinMagic File-Folder Encryptor - Psuedo Disk;C:\Windows\System32\drivers\FfeDisk.sys [2011-11-4 14920]

S4 FfeDsManager;FFE DS Manager;C:\Windows\System32\drivers\FfeDsManager.sys [2011-11-4 201288]

S4 FfeDt;FFE Data Transformation services;C:\Windows\System32\drivers\FfeDt.sys [2011-11-4 148040]

S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-3-6 68256]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADLTScriptFile=C:\Windows\System32\notepad.exe "%1"

FileExt: .txt: TextPad.txt="C:\Program Files (x86)\TextPad 5\TextPad.exe" -s

FileExt: .ini: TextPad.ini="C:\Program Files (x86)\TextPad 5\TextPad.exe" -s

FileExt: .inf: TextPad.inf="C:\Program Files (x86)\TextPad 5\TextPad.exe" -s

.

=============== Created Last 30 ================

.

2013-02-18 16:39:24 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll

2013-02-18 16:39:04 106240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2013-02-18 16:17:03 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-02-17 17:45:09 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5127F797-04FD-4F02-8DD2-6BA7BE6CFFE9}\mpengine.dll

2013-02-16 21:22:06 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-02-14 12:29:29 53248 ----a-r- C:\Users\Thomas W. Hauff\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe

2013-02-14 12:29:29 -------- d-----w- C:\Program Files\Common Files\Lenovo

2013-02-14 12:29:27 53248 ----a-r- C:\Users\Thomas W. Hauff\AppData\Roaming\Microsoft\Installer\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}\ARPPRODUCTICON.exe

2013-02-13 14:58:11 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-13 14:58:11 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-13 14:55:57 -------- d-----w- C:\Atmel Arduino

2013-02-08 14:45:39 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\Malwarebytes

2013-02-08 14:45:32 -------- d-----w- C:\ProgramData\Malwarebytes

2013-02-08 14:45:31 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-02-08 14:45:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-06 12:12:20 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Local\3dmouse

2013-02-05 20:57:08 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Local\3Dconnexion

2013-02-05 16:17:45 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Local\3Dconnexion_Inc

2013-02-05 16:07:33 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\3Dconnexion

2013-02-05 16:07:24 -------- d-----w- C:\Program Files (x86)\3Dconnexion

2013-02-05 16:07:14 -------- d-----w- C:\Program Files\3Dconnexion

2013-02-05 16:04:44 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll

2013-02-05 16:04:44 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll

2013-02-05 16:04:44 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe

2013-02-05 16:04:44 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll

2013-02-05 16:04:44 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll

2013-02-05 16:04:42 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll

2013-02-05 16:04:42 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll

2013-02-05 15:35:36 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\help_images_otherUI

2013-02-01 18:52:41 -------- d-----w- C:\ProgramData\PDF Architect

2013-02-01 18:41:01 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\PDF Architect

2013-02-01 18:40:26 -------- d-----w- C:\Program Files (x86)\PDF Architect

2013-02-01 18:40:20 -------- d-----w- C:\Users\Thomas W. Hauff\AppData\Roaming\pdfforge

2013-02-01 18:40:18 103936 ----a-w- C:\Windows\System32\pdfcmon.dll

2013-02-01 18:40:17 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL

2013-02-01 18:40:17 -------- d-----w- C:\Program Files (x86)\PDFCreator

2013-02-01 00:39:05 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-02-01 00:39:05 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-01-25 22:45:05 -------- d-----r- C:\Program Files (x86)\Skype

2013-01-20 20:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

.

==================== Find3M ====================

.

2013-02-18 16:16:58 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-02-18 16:16:58 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-02-01 17:49:02 4546 --sha-w- C:\ProgramData\KGyGaAvL.sys

2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe

2013-01-20 20:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2013-01-19 03:20:24 2341928 ----a-w- C:\Windows\System32\SRACAVIControl.ocx

2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-01-08 20:32:04 45056 ----a-w- C:\Windows\System32\Launch3DxGUI.cpl

2013-01-08 20:30:34 109056 ----a-w- C:\Windows\System32\siappdll.dll

2013-01-08 20:29:34 56832 ----a-w- C:\Windows\System32\spwini.dll

2013-01-08 20:24:56 85504 ----a-w- C:\Windows\SysWow64\siappdll.dll

2013-01-08 20:23:58 45568 ----a-w- C:\Windows\SysWow64\spwini.dll

2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll

2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys

2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-12-18 14:10:33 0 ----a-w- C:\Windows\SysWow64\dlumd9.dll

2012-12-18 14:10:33 0 ----a-w- C:\Windows\SysWow64\dlumd11.dll

2012-12-18 14:10:33 0 ----a-w- C:\Windows\SysWow64\dlumd10.dll

2012-12-18 14:10:33 0 ----a-w- C:\Windows\System32\dlumd9.dll

2012-12-18 14:10:33 0 ----a-w- C:\Windows\System32\dlumd11.dll

2012-12-18 14:10:33 0 ----a-w- C:\Windows\System32\dlumd10.dll

2012-12-18 14:10:31 2071040 ----a-w- C:\Windows\System32\DisplayLinkUsbCo64_6.1.32700.0.dll

2012-12-18 14:10:31 17408 ----a-w- C:\Windows\System32\drivers\DisplayLinkUsbPort_6.1.32700.0.sys

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe

2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll

2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2011-08-23 22:42:54 332144 ----a-w- C:\Program Files (x86)\Common Files\MediaOrganizer.dll

2011-08-23 22:35:38 33136 ----a-w- C:\Program Files (x86)\Common Files\FlickrProvider.dll

2011-08-23 22:35:14 402800 ----a-w- C:\Program Files (x86)\Common Files\facebook.dll

2011-08-23 22:35:14 130416 ----a-w- C:\Program Files (x86)\Common Files\PluginCommon.dll

2011-08-23 22:34:26 465264 ----a-w- C:\Program Files (x86)\Common Files\AppFramework.dll

.

============= FINISH: 12:12:11.24 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 5/29/2011 5:29:33 PM

System Uptime: 2/18/2013 11:44:57 AM (1 hours ago)

.

Motherboard: LENOVO | | 4270CTO

Processor: Intel® Core i7-2820QM CPU @ 2.30GHz | CPU | 2301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 539 GiB total, 312.988 GiB free.

D: is FIXED (NTFS) - 699 GiB total, 332.61 GiB free.

E: is Removable

F: is FIXED (NTFS) - 75 GiB total, 13.023 GiB free.

Q: is FIXED (NTFS) - 19 GiB total, 8.955 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP555: 2/8/2013 11:56:57 AM - Windows Backup

RP556: 2/8/2013 3:35:47 PM - Windows Backup

RP557: 2/9/2013 11:35:47 PM - Windows Update

RP558: 2/11/2013 8:19:37 AM - Removed ThinkVantage Access Connections.

RP559: 2/11/2013 8:24:16 AM - Installed ThinkVantage Access Connections.

RP560: 2/13/2013 9:56:14 AM - Windows Update

RP561: 2/15/2013 9:03:28 PM - Windows Backup

RP562: 2/15/2013 9:36:58 PM - Windows Backup

RP563: 2/16/2013 4:21:47 PM - Windows Update

RP564: 2/18/2013 11:15:16 AM - Removed Java 7 Update 9

RP565: 2/18/2013 11:16:50 AM - Installed Java 7 Update 13

.

==== Installed Programs ======================

.

010 Editor 2.1.3

34xx Virtual Front Panel Version 1.03

3D Models for DipTrace

3D XML Player

3Dconnexion 3DxSoftware (x64 Edition)

3Dconnexion 3DxWare (x64)

3Dconnexion Add-In for AutoCAD 2007 - 2010

3Dconnexion Add-In for SolidWorks 2005 - 2013

3Dconnexion Collage

3Dconnexion Plug-In for Photoshop CS3 - CS6

3Dconnexion Trainer

4D Workshop 3 IDE

64 Bit HP CIO Components Installer

AC3Filter 1.63b

Adobe Acrobat 9 Standard - English, Français, Deutsch

Adobe Acrobat 9.5.3 - CPSID_83708

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5)

Adobe Shockwave Player 11.6

Agilent HSA and N9320B PC Software

Agilent N9340 PC Software

Akamai NetSession Interface

Akamai NetSession Interface Service

Anuko World Clock

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Assembly for PICmicro microcontrollers

AutoCAD LT 2010 - English

AutoCAD LT 2010 Language Pack - English

AutoTRAX Catalog 1

AutoTRAX Design Express Version 1

AutoTRAX EDA 10.12

AX88178

B2 Spice A_D v5

Bonjour

Bonjour Print Services

Burn.Now 4.5

CCS C Compiler Plug-In for MPLAB

Chinese Simplified Fonts Support For Adobe Reader X

Chinese Traditional Fonts Support For Adobe Reader X

Cisco WebEx Meetings

Conexant 20672 SmartAudio HD

Core Temp version 0.99.8

Corel Burn.Now Lenovo Edition

Corel DVD MovieFactory 7

Corel DVD MovieFactory Lenovo Edition

Corel KPT Collection

Corel PaintShop Photo Pro X3

Corel WinDVD

Create Recovery Media

Crystal Reports Basic for Visual Studio 2008

Crystal Reports Basic Runtime for Visual Studio 2008 (x64)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Delta Updater

Digital Aviation Reference Library

Direct DiscRecorder

Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7

DisplayLink Core Software

DisplayLink Graphics

DivX Setup

ELECTRA 2.9.5

eReg

FTP Voyager 15.2

GE CEI-LV

GHI NETMF v4.0 SDK

GoodSync

GoToMeeting 4.8.0.723

Graphics Display Designer

Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2538241)

Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)

Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)

HP LaserJet P2050 Series 6.0

HP LaserJet Professional CM1410 Series

HP LJ CM1410 MFP Series HP Scan

HP Product Detection

HP Update

HPLaserJetHelp_LearnCenter

HPLJUT

hppCM1410LaserJetService

hppFaxDrvCM1410

hppFaxUtilityCM1410

hppFonts

hppLaserJetService

hppQFolderP2050

hppSendFaxCM1410

hppTLBXFXCM1410

hpzTLBXFX

hueyPRO 1.5.1

HyperTerminal Private Edition v6.3

I.R.I.S. OCR

ICA

IFR341X

inSSIDer 2.0

Integrated Camera Driver Installer Package Ver.1.1.0.1147

Integrated Camera TWAIN

Intel PROSet Wireless

Intel® Control Center

Intel® Identity Protection Technology 1.0.74.0

Intel® Management Engine Components

Intel® Network Connections 17.4.95.0

Intel® Processor Graphics

Intel® PROSet/Wireless WiFi Software

Intel® Turbo Boost Technology Monitor 2.0

Intel® Wireless Display

Intel® Solid-State Drive Toolbox

IPM_PSP_CL

IPM_PSP_COM

IQCreator 8.10.0

iSEEK AnswerWorks English Runtime

iTunes

IVI Shared Component 64-bit

IVI Shared Components 2.2.1

Japanese Fonts Support For Adobe Reader X

Java 7 Update 13

Java Auto Updater

join.me

Lenovo Auto Scroll Utility

Lenovo Patch Utility

Lenovo Patch Utility 64 bit

Lenovo Power Management Driver

Lenovo System Interface Driver

Lenovo System Update

Lenovo ThinkVantage Toolbox

Lenovo User Guide

Lenovo Warranty Information

Lenovo Welcome

Load Sim II Expiration Control center

Logitech SetPoint 6.22

Magic Bullet PhotoLooks for PaintShop Photo Pro

Malwarebytes Anti-Malware version 1.70.0.1100

Marketsplash Shortcuts

Message Center Plus

Microchip Application Libraries v2012-04-03

Microchip Application Libraries v2012-07-18

Microchip Application Libraries v2012-10-15

Microchip Serial Bootloader AN1310 v1.05

Microsoft .NET Compact Framework 2.0 SP2

Microsoft .NET Compact Framework 3.5

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Micro Framework SDK 4.0

Microsoft Application Error Reporting

Microsoft Device Emulator (64 bit) version 3.0 - ENU

Microsoft Document Explorer 2008

Microsoft Encarta World English Dictionary

Microsoft Office 2003 Web Components

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Business 2010

Microsoft Office Live Meeting 2007

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office Single Image 2010

Microsoft Office Sounds

Microsoft Office Visio 2010

Microsoft Office Visio MUI (English) 2010

Microsoft Office Visual Web Developer 2007

Microsoft Office Visual Web Developer MUI (English) 2007

Microsoft Office Word MUI (English) 2010

Microsoft Outlook Personal Folders Backup

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server 2008 Management Objects

Microsoft SQL Server Compact 3.5 for Devices ENU

Microsoft SQL Server Compact 3.5 SP1 Design Tools English

Microsoft SQL Server Compact 3.5 SP1 English

Microsoft SQL Server Database Publishing Wizard 1.3

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visio 2010 Service Pack 1 (SP1)

Microsoft Visio Standard 2010

Microsoft Visual Basic for Applications 7.1 (x64)

Microsoft Visual Basic for Applications 7.1 (x64) English

Microsoft Visual Basic Power Packs 3.0 Redistributable

Microsoft Visual C# 2008 Step by Step

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU

Microsoft Visual Studio 2005 Tools for Applications - ENU

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft Visual Studio 2008 Professional Edition - ENU

Microsoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140)

Microsoft Visual Studio 2008 Remote Debugger - ENU

Microsoft Visual Studio 2008 Remote Debugger - ENU Service Pack 1 (KB945140)

Microsoft Visual Studio 6.0 Enterprise Edition

Microsoft Visual Studio Web Authoring Component

Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries

Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense

Microsoft Windows SDK for Visual Studio 2008 SP1 Tools

Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools

mikroC PRO for ARM (remove only)

mikroC PRO for PIC32 (remove only)

mikroProg Suite For ARM (remove only)

mikroProg Suite For PIC (remove only)

Mozilla Firefox 13.0 (x86 en-US)

Mozilla Maintenance Service

MPLAB C for PIC32

MPLAB Tools v8.85

MPLAB X IDE v1.51

MPLAB XC32 Compiler

MSDN Library - October 2001

MSDN Library for Visual Studio 2008 - ENU

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

National Instruments Software

NI-488.2 3.0.2

NI-488.2 3.0.2 Development Support

NI-488.2 64-bit Provider for MAX version 3.0.2

NI-488.2 for Windows x64 version 3.0.2

NI-488.2 Provider for MAX version 3.0.2

NI-653x Installer 1.9.4

NI-653x Installer for 64 Bit Windows 1.9.4

NI-APAL 2.1 64-Bit Error Files

NI-APAL 2.1 Error Files

NI-APAL 2.1 Error Files for LabVIEW RT

NI-DAQ C and VB6 API 2.3.0

NI-DAQ Document Set 9.3.5

NI-DAQ INF Files 19.3.5

NI-DAQmx 9.3.5

NI-DAQmx ADE Support 9.3.5

NI-DAQmx Documentation 9.3.5

NI-DAQmx Documentation for 64 bit Windows 9.3.5

NI-DAQmx MAX Configuration Support 9.3.5

NI-DAQmx MAX Support 64-bit 2.2.0

NI-DAQmx support for LabVIEW (64-bit) 2.1.0

NI-DAQmx support for LabVIEW 2.1.0

NI-DAQmx Switch Core 2.2.0

NI-DAQmx Switch Core for 64 Bit Windows 2.2.0

NI-DAQmx/LabVIEW shared documentation 1.9.5

NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5

NI-DIM 1.12.0f0

NI-DIM 1.12.0f0 for 64 Bit Windows

NI-MDBG 1.11.0f0

NI-MDBG 1.11.0f0 for 64 Bit Windows

NI-Mesa

NI-MRU 2.11.1f0

NI-MRU 2.11.1f0 for 64 Bit Windows

NI-MX Expert Framework 2.8.0

NI-MX Expert Framework for 64 Bit Windows 2.8.0

NI-MXDF 1.12.0f0

NI-MXDF 1.12.0f0 for 64 Bit Windows

NI-MXLC Core (32-bit)

NI-MXLC Core (64-bit)

NI-MXLC LabVIEW 2009 Support

NI-MXLC LabVIEW 2010 Support

NI-MXLC LabVIEW 2011 Support

NI-MXLC LabVIEW 8.6 Support

NI-ORB 1.10.0f0

NI-ORB 1.10.0f0 for 64 Bit Windows

NI-PAL 2.7.0f0

NI-PAL 2.7.0f0 for 64 Bit Windows

NI-RPC 4.2.2f0

NI-RPC 4.2.2f0 for 64 Bit Windows

NI-RPC 4.2.2f0 for Phar Lap ETS

NI-Serial 3.8.1

NI-Serial 3.8.1 64-bit driver

NI-Serial 3.8.1 MAX Provider

NI-VISA 5.1.1

NI-VISA 5.1.1 64-bit Support

NI-VISA 5.1.1 MAX Provider

NI-VISA 5.1.1 Provider 64-bit Support

NI-VISA Runtime 5.1.1

NI-VISA Server 5.1.0

NI-VISA x64 support 5.1.1

NI .NET Framework 4.0

NI AFW Channel Configuration Tool

NI AFW Custom UI

NI AFW Custom UI Assemblies

NI AFW UI Assemblies

NI Assistant Framework

NI Assistant Framework 64-bit

NI Assistant Framework 64-bit LabVIEW 2011 Support

NI Assistant Framework LabVIEW Code Generator 2011 (64-bit)

NI Atomic PXIe Peripheral Module Driver 1.2.1

NI Authentication 2011 SP1

NI Authentication 2011 SP1 (64-bit)

NI Calibration Provider for MAX 5.0.0

NI Calibration Provider Help for 64 Bit Windows

NI Certificates Deployment Support

NI CodeSignAPI

NI Common Digital 1.13.0

NI Common Digital for 64 Bit Windows 1.13.0

NI Curl 1.5 (64-bit)

NI Curl 11.5

NI DAQ Assistant 2.0.0

NI DAQ Assistant 64-bit 2.0.0

NI DataSocket 4.9.1

NI DataSocket 4.9.1 (64-bit)

NI Distributed System Manager 2011 SP1

NI DN 2.0 SP1 installer

NI DN 2.0 x64 SP1 installer

NI Dynamic Signal Acquisition for 64 Bit Windows 2.2.0

NI Dynamic Signal Acquisition Installer 2.2.0

NI Error Reporting 2011 SP1

NI Error Reporting 2011 SP1 (64-bit)

NI Ethernet Device Enumerator

NI Ethernet Device Enumerator 64-Bit

NI EulaDepot

NI Example Finder 11.0

NI FSL Installer 1.13.0

NI FSL Installer for 64-Bit Windows 1.13.0

NI GMP Windows 32-bit Installer 11.0.0

NI GMP Windows 64-bit Installer 11.0.0

NI Help Assistant

NI Help Assistant (64bit)

NI I/O Trace API LV201164

NI Instrument I/O Assistant

NI Instrument I/O Assistant 64-bit

NI Instrument IO Assistant for LabVIEW 2011 64-bit

NI IO Trace 3.0.0

NI IVI Class Driver LabVIEW 2011 64-bit Support

NI IVI Class Drivers

NI IVI Class Drivers (64-bit)

NI IVI Class Simulation Drivers

NI IVI Class Simulation Drivers (64-bit)

NI IVI Compliance Package 4.4

NI IVI Compliance Package 4.4 (64-bit)

NI IVI Engine

NI IVI Engine (64-bit)

NI IVI Online Help

NI IVI Provider for MAX

NI LabVIEW 2009 SP1 Run-Time Engine Web Services

NI LabVIEW 2010 Real-Time NBFifo

NI LabVIEW 2011 (64-bit) Search

NI LabVIEW 2011 Deployment Framework

NI LabVIEW 2011 Real-Time Error Dialog

NI LabVIEW 2011 Real-Time NBFifo

NI LabVIEW 2011 SP1 (64-bit)

NI LabVIEW 2011 SP1 (64 bit) MeasAppChm File

NI LabVIEW 2011 SP1 Deployable License

NI LabVIEW 2011 SP1 f2 (64-bit)

NI LabVIEW 2011 SP1 Help

NI LabVIEW 2011 SP1 Help File

NI LabVIEW 2011 SP1 License

NI LabVIEW 2011 SP1 Manuals

NI LabVIEW 2011 SP1 Simulation

NI LabVIEW 2011 SP1 Web Server 64-Bit

NI LabVIEW 2011 VIPM Helper

NI LabVIEW 2011 Web Services Runtime (64-bit)

NI LabVIEW Broker

NI LabVIEW Broker (64 bit)

NI LabVIEW C Interface

NI LabVIEW Compare Utility 11.0.0

NI LabVIEW Deployable License 8.6.1

NI LabVIEW EWB DeviceHandler 2010

NI LabVIEW MAX XML

NI LabVIEW Merge Utility 11.0.0

NI LabVIEW Real-Time FIFO for Runtime

NI LabVIEW Real-Time NBFifo

NI LabVIEW Run-Time Engine 2009 SP1

NI LabVIEW Run-Time Engine 2010 SP1

NI LabVIEW Run-Time Engine 2011 SP1

NI LabVIEW Run-Time Engine 2011 SP1 (64-bit)

NI LabVIEW Run-Time Engine 8.2.1

NI LabVIEW Run-Time Engine 8.6.1

NI LabVIEW Run-Time Engine Interop 2009

NI LabVIEW Run-Time Engine Interop 2010

NI LabVIEW Run-Time Engine Interop 2011

NI LabVIEW Run-Time Engine Interop 2011 (64-bit)

NI LabVIEW SignalExpress 2011

NI LabVIEW SignalExpress 2011 Core

NI LabVIEW SignalExpress 2011 Datatypes

NI LabVIEW SignalExpress 2011 Licenses

NI LabVIEW SignalExpress 2011 Steps

NI LabVIEW SignalExpress 2011 Tools

NI LabVIEW Web Server 64-Bit for Run-Time Engine

NI LabVIEW Web Server for Run-Time Engine

NI LabVIEW Web Services Runtime

NI LabWindows/CVI 2010 Code Generator

NI LabWindows/CVI 2010 LabVIEW DLL Builder

NI LabWindows/CVI 2010 SP1 Analysis Library

NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit)

NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original)

NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated)

NI LabWindows/CVI 2010 SP1 Network Variable Library

NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit)

NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit)

NI LabWindows/CVI 2010 SP1 TDM Streaming Library

NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit)

NI LabWindows/CVI Run-Time Engine 2010 SP1

NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated)

NI License Manager

NI Logos 5.3.0

NI Logos LabVIEW 2011 SP1 Support

NI Logos XT Support

NI Logos64 5.3.0

NI Logos64 XT Support

NI Math Kernel Libraries

NI Math Kernel Libraries (64-bit)

NI MAX Remote Configuration 64-bit Installer 5.1

NI MAX Remote Configuration Installer 5.1

NI MAX Support for 64 Bit Windows

NI MDF Support

NI mDNS Responder 1.6 for Windows 64-bit

NI mDNS Responder 1.6.0

NI Measurement & Automation Explorer 5.1.0

NI Measurement Studio 2010 Service Pack 1 64-bit Runtime for VS2008

NI Measurement Studio 2010 Service Pack 1 Enterprise Examples for VS2005

NI Measurement Studio 2010 Service Pack 1 Enterprise Examples for VS2008

NI Measurement Studio 2010 Service Pack 1 for VS2005

NI Measurement Studio 2010 Service Pack 1 for VS2008

NI Measurement Studio 2010 Service Pack 1 for VS2010

NI Measurement Studio 2010 Service Pack 1 Help for VS2005

NI Measurement Studio 2010 Service Pack 1 Help for VS2008

NI Measurement Studio 2010 Service Pack 1 Integration for VS2008

NI Measurement Studio 2010 Service Pack 1 RunTime for VS2005

NI Measurement Studio 2010 Service Pack 1 RunTime for VS2008

NI Measurement Studio 8.6 Enterprise RunTime for VS2005

NI Measurement Studio Common .NET Assemblies (x64) for .NET 3.5

NI Measurement Studio Common .NET Assemblies for .NET 2.0

NI Measurement Studio Common .NET Assemblies for .NET 3.5

NI Measurement Studio Common .NET Language Assemblies for the .NET Framework 1.1

NI Measurement Studio DAQmx (x64) for Visual Studio 2008

NI Measurement Studio DAQmx for Visual Studio 2005

NI Measurement Studio DAQmx for Visual Studio 2008

NI Measurement Studio GPIB Support for VS2005

NI Measurement Studio GPIB Support for VS2008

NI Measurement Studio IIOA Support for VS2008

NI Measurement Studio Licenses

NI Measurement Studio MAX Configuration Support for VS2003

NI Measurement Studio MAX Configuration Support for VS2005

NI Measurement Studio MAX Configuration Support for VS2008

NI Measurement Studio Recipe Processor

NI Measurement Studio User Interface ActiveX controls

NI Measurement Studio VISA Support for VS2005

NI Measurement Studio VISA Support for VS2008

NI Microsoft Silverlight Wrapper

NI MIO Device Drivers 2.6.0

NI MIO Device Drivers for 64 Bit Windows 2.6.0

NI MXS 5.0.0

NI MXS 5.0.0 for 64 Bit Windows

NI Network Browser 5.0.0

NI Network Discovery 5.1

NI Network Discovery 5.1 for Windows 64-bit

NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support

NI OPC Support

NI Portable Configuration 5.0.0

NI Portable Configuration for 64 Bit Windows 5.0.0

NI PXI Hardware 64-bit Support 2.6.2

NI PXI Platform Framework 1.5.0

NI PXI Platform Framework 1.5.0 64-bit

NI PXI Platform Services 2.6.2

NI PXI Platform Services 2.6.2 Configuration Support

NI PXI Platform Services 2.6.2 Expert

NI PXI SystemAPI Expert 2.6.2

NI PXI SystemAPI Expert 64-bit 2.6.2

NI Registration Wizard

NI Remote Provider for MAX 5.1.0

NI Remote PXI Provider for MAX 5.1.0

NI RTSI Cable Core Installer 1.0.0

NI RTSI Cable Core Installer for 64 Bit Windows 1.0.0

NI RTSI PAL Device Library Installer 1.0.0

NI RTSI PAL Device Library Installer for 64 Bit Windows 1.0.0

NI RTSI UI Provider 1.0.0

NI RTSI UI Provider for 64 Bit Windows 1.0.0

NI SCXI 1.15.0

NI SCXI for 64 Bit Windows 1.15.0

NI Search Shared 64-bit

NI Security Update (KB5Q5FJ4QW) - LabVIEW Run-Time Engine 8.2

NI Software Provider for MAX 5.0.0

NI Spy Windows 64 Support 3.0.0

NI SSL LabVIEW 2011 SP1 Support (64-bit)

NI SSL Support

NI SSL Support (64-bit)

NI STC 1.10.0

NI STC for 64 Bit Windows 1.10.0

NI System API Client for WIF 5.1.0

NI System API Web-Servce 32-bit 5.0.0

NI System API Windows 32-bit 5.1.0

NI System API Windows 64-bit 5.1.0

NI System Configuration 5.1.0 LabVIEW Support

NI System Configuration CVI Support 5.1.0

NI System Configuration LV2011 64-bit Support 5.1.0

NI System Configuration Runtime 5.1.0

NI System Configuration Runtime 5.1.0 for Windows 64-bit

NI System State Publisher

NI System State Publisher (64-bit)

NI System Web Server 11.5

NI System Web Server Base 11.5

NI System Web Server Base 11.5 (64-bit)

NI TDM Excel Add-In 3.3

NI TDM Excel Add-In 3.3 64-bit

NI TDMS

NI TDMS (64-bit)

NI Timing for 64 Bit Windows 2.3.0

NI Timing Installer 2.3.0

NI Trace Engine

NI Trace Engine (64-bit)

NI Uninstaller

NI Update Service 2.0

NI USI 1.9.1

NI USI 1.9.1 64-Bit

NI Variable Engine (64-bit)

NI Variable Engine 2.5.1

NI Variable Engine LabVIEW 2011 SP1 Support

NI VC2005MSMs x64

NI VC2005MSMs x86

NI VC2008MSMs x64

NI VC2008MSMs x86

NI VC2010MSMs x64

NI VC2010MSMs x86

NI Web Application Server 11.5

NI Web Application Server 11.5 (64-bit)

NI Web Interface Framework 11.5

NI Web Pipeline 2.0.1

NI Web Pipeline 2.0.1 64-bit support

NI Xalan Delay Load 1.10.2

NI Xalan Delay Load 1.10.2 64-bit

NI Xerces Delay Load 2.7.3

NI Xerces Delay Load 2.7.3 64-bit

Novarm DipTrace

NVIDIA 3D Vision Driver 306.97

NVIDIA Control Panel 306.97

NVIDIA Graphics Driver 306.97

NVIDIA HD Audio Driver 1.2.23.3

NVIDIA Install Application

NVIDIA Optimus 1.10.8

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

On Screen Display

Oracle VM VirtualBox 4.1.10

Panel Pilot

PANTONE Color Calibrator 1.0

Paragon Alignment Tool™ 3.0

PCB Matrix LP Calculator V2009

PCWH

PCWHD

PDF Architect

PDFCreator

Picasa 3

PNY Movie Player

Power Manager

Proteus Professional

PSPPContent

PSPPRO_DCRAW

Quicken 2011

QuickTime

RapidBoot

Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7

Renesas Electronics USB 3.0 Host Controller Driver

Reset NI Config 5.0.0

Retrospect Client 7.7

RICOH_Media_Driver_v2.13.18.02

Saturn PCB Design, Inc. - PCB Toolkit

Screen Shot

SDFormatter

SeaCOM

Seagate DiscWizard

SecureDoc Disk Encryption (x64)

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2251487)

Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2669970)

Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972222)

Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973675)

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Setup

Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)

Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7

Skype™ 6.1

SolidWorks 2013 x64 Edition SP02

SolidWorks eDrawings 2013 x64 Edition SP02

SolidWorks Explorer 2013 SP02 x64 Edition

Spb Wallet 2.0.0

Spelling Dictionaries Support For Adobe Reader 9

SQL Server System CLR Types

STLinkDriver

swMSM

System Requirements Lab

System Requirements Lab for Intel

TedPwrMonUtility

Tera Term 4.69

TextPad 5

TheMatrix Screen Saver version 1.14

ThinkPad Bluetooth with Enhanced Data Rate Software

ThinkPad FullScreen Magnifier

ThinkPad UltraNav Driver

ThinkPad UltraNav Utility

ThinkVantage Access Connections

ThinkVantage Active Protection System

ThinkVantage AutoLock

ThinkVantage Communications Utility

ThinkVantage Fingerprint Software

ThinkVantage Update Retriever

TTLEditor 1.2.1

UltraCompare v7.00

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)

Update for Microsoft Visual Studio Web Authoring Component (KB945140)

USBee Drivers

USBee Suite

USBee ZX Digital Test Pod

VC Runtimes MSI

VC80CRTRedist - 8.0.50727.6195

ViewMate 11.2

Viewpoint Media Player

VISA Shared Components 64-Bit

Visual C++ 2008 IA64 Runtime - (v9.0.30729)

Visual C++ 2008 IA64 Runtime - v9.0.30729.01

Visual C++ 2008 x64 Runtime - (v9.0.30729)

Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)

Visual C++ 2008 x64 Runtime - (v9.0.30729.6161)

Visual C++ 2008 x64 Runtime - v9.0.30729.01

Visual C++ 2008 x64 Runtime - v9.0.30729.4148

Visual C++ 2008 x64 Runtime - v9.0.30729.6161

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)

Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Visual C++ 2008 x86 Runtime - v9.0.30729.4148

Visual C++ 2008 x86 Runtime - v9.0.30729.6161

Visual Studio .NET Prerequisites - English

Visual Studio 2005 Tools for Office Second Edition Runtime

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

Visual TFT (remove only)

WebReg

WhoCrashed 3.01

WIF Core Dependencies Windows 5.1.0

WinDjView 1.0.3

Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0)

Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144)

Windows Driver Package - Intel System (09/10/2010 9.2.0.1011)

Windows Driver Package - Intel System (10/04/2010 9.2.0.1015)

Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013)

Windows Driver Package - Lascar Electronics Ltd. (usbser) Ports (01/02/2010 1.0.0.0)

Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)

Windows Driver Package - mikroElektronika (USB18PRG) ClassName (07/10/2010 6.1.7600)

Windows Driver Package - Synaptics (SynTP) Mouse (02/17/2011 15.2.14.0)

Windows Mobile 5.0 SDK R2 for Pocket PC

Windows Mobile 5.0 SDK R2 for Smartphone

WinRAR 4.20 (64-bit)

WinZip 17.0

X-CTU

X-Rite Device i1Display Service

X-Rite Device Manager

Xiph QuickTime Components

Yahoo! Detect

Yahoo! Install Manager

Yahoo! Widgets

.

==== Event Viewer Messages From Past Week ========

.

2/18/2013 11:47:33 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

2/18/2013 11:47:33 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

2/18/2013 11:45:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom

2/18/2013 10:34:52 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4.

2/17/2013 8:56:48 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR12.

2/17/2013 7:35:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR11.

2/17/2013 6:46:34 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR10.

2/17/2013 4:33:19 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR9.

2/17/2013 4:28:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR8.

2/17/2013 4:26:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR7.

2/17/2013 4:14:47 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR6.

2/17/2013 2:58:52 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR5.

2/16/2013 9:38:29 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={4D856B44-13D8-4496-A641-A79CFA74C619}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

2/16/2013 9:33:01 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={D4FB3605-0595-4757-A071-83F0EB48378A}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

2/16/2013 9:27:14 PM, Error: Microsoft-Windows-RasSstp [1] - CoId={5E6A82EC-9A69-4BE3-8598-C06CF2D9A171}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

2/16/2013 4:12:02 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{D2A7A852-E2FD-4269-A4B4-C5D539937BDA} because another computer on the network has the same name. The server could not start.

2/14/2013 6:29:26 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

2/14/2013 3:54:05 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll

2/11/2013 7:38:03 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

.

==== End Of File ===========================

Link to post
Share on other sites

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Ok I ran ESET

The log states that I did not check Remove found threats but I had it check don’t know.

Notwithstanding here is the log file.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=8

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=9e4ba0d299e49a49a1a2ac8f4915d5cf

# engine=13195

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-02-20 02:39:30

# local_time=2013-02-19 09:39:30 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 94 70083159 112871420 0 0

# scanned=766172

# found=0

# cleaned=0

# scan_time=8758

GeckospotNixie

Link to post
Share on other sites

It is okay.

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named)

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

Link to post
Share on other sites

Ok finished that.

Here are the results.

Status: Deleted (events: 2)

2/20/2013 7:31:40 AM Deleted Trojan program Backdoor.Win32.ZAccess.bgzm C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{1B7D92FE-1789-D976-C09B-23CE668991EB}-2227990.exe High

2/20/2013 7:31:40 AM Deleted Trojan program Backdoor.Win32.ZAccess.bgzm C:\Documents and Settings\All Users\Microsoft\Microsoft Antimalware\LocalCopy\{1B7D92FE-1789-D976-C09B-23CE668991EB}-2227990.exe//PE-Crypt.XorPE High

Status: Disinfected (events: 2)

2/20/2013 8:58:41 AM Disinfected Trojan program Trojan.Win32.Nvert.ae C:\Documents and Settings\Thomas W. Hauff\Documents Personal\VB\Down Loads\2 Look at New\Sprite Animator.zip/Sprite_Animator/Animator.exe High

2/20/2013 8:58:41 AM Disinfected Trojan program Trojan.Win32.Nvert.ae C:\Documents and Settings\Thomas W. Hauff\Documents Personal\VB\Down Loads\2 Look at New\Sprite Animator.zip High

Link to post
Share on other sites

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know

Link to post
Share on other sites

Ok here are the results from aswMBR.exe.

GeckospotNixie

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2013-02-21 16:38:12

-----------------------------

16:38:12.285 OS Version: Windows x64 6.1.7601 Service Pack 1

16:38:12.285 Number of processors: 8 586 0x2A07

16:38:12.285 ComputerName: TH UserName:

16:38:13.226 Initialize success

16:38:36.438 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

16:38:36.438 Disk 0 Vendor: INTEL_SS 4PC1 Size: 572325MB BusType: 3

16:38:36.438 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1

16:38:36.438 Disk 1 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3

16:38:36.438 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-2

16:38:36.448 Disk 2 Vendor: INTEL_SS 2CV1 Size: 76319MB BusType: 3

16:38:36.448 Disk 3 \Device\Harddisk3\DR3 -> \Device\000000c8

16:38:36.448 Disk 3 Vendor: RICOH 01 Size: 3780MB BusType: 0

16:38:36.448 Disk 0 MBR read successfully

16:38:36.448 Disk 0 MBR scan

16:38:36.458 Disk 0 Windows 7 default MBR code found via API

16:38:36.458 Disk 0 unknown MBR code

16:38:36.458 Disk 0 MBR hidden

16:38:36.458 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1436 MB offset 2048

16:38:36.468 Disk 0 Partition 2 00 07 HPFS/NTFS 551686 MB offset 2942976

16:38:36.468 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 19202 MB offset 1132795904

16:38:36.468 Disk 0 MBR [possible unknown bootkit@MBR] **ROOTKIT**

16:38:36.478 Disk 0 trace - called modules:

16:38:36.478 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll

16:38:36.478 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d263790]

16:38:36.488 3 CLASSPNP.SYS[fffff8800204543f] -> nt!IofCallDriver -> [0xfffffa800cfcebe0]

16:38:36.488 5 ACPI.sys[fffff88000f857a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa800cfcd050]

16:38:36.488 Scan finished successfully

16:39:34.895 Disk 0 MBR has been saved successfully to "C:\Users\Thomas W. Hauff\Documents Personal\Temp\Malwarebytes Help on Lenovo\MBR.dat"

16:39:34.905 The log file has been saved successfully to "C:\Users\Thomas W. Hauff\Documents Personal\Temp\Malwarebytes Help on Lenovo\aswMBR(1).txt"

Link to post
Share on other sites

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

2/21/13

Ok here are the results from TDSSKiller

This is going to be in two posts.

First file

TDSSKiller.2.8.16.0_21.02.2013_21.50.36_log.txt

21:50:36.0120 7404 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

21:50:36.0720 7404 ============================================================

21:50:36.0720 7404 Current date / time: 2013/02/21 21:50:36.0720

21:50:36.0720 7404 SystemInfo:

21:50:36.0720 7404

21:50:36.0720 7404 OS Version: 6.1.7601 ServicePack: 1.0

21:50:36.0720 7404 Product type: Workstation

21:50:36.0720 7404 ComputerName: TH

21:50:36.0720 7404 UserName: twhauff

21:50:36.0720 7404 Windows directory: C:\Windows

21:50:36.0720 7404 System windows directory: C:\Windows

21:50:36.0720 7404 Running under WOW64

21:50:36.0720 7404 Processor architecture: Intel x64

21:50:36.0720 7404 Number of processors: 8

21:50:36.0720 7404 Page size: 0x1000

21:50:36.0720 7404 Boot type: Normal boot

21:50:36.0720 7404 ============================================================

21:50:37.0080 7404 Drive \Device\Harddisk0\DR0 - Size: 0x8BBA5F6000 (558.91 Gb), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:50:37.0080 7404 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:50:37.0080 7404 Drive \Device\Harddisk2\DR2 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:50:37.0100 7404 Drive \Device\Harddisk3\DR3 - Size: 0xEC400000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

21:50:37.0100 7404 ============================================================

21:50:37.0100 7404 \Device\Harddisk0\DR0:

21:50:37.0100 7404 MBR partitions:

21:50:37.0100 7404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2CE000

21:50:37.0100 7404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2CE800, BlocksNum 0x43583000

21:50:37.0100 7404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x43851800, BlocksNum 0x2581000

21:50:37.0100 7404 \Device\Harddisk1\DR1:

21:50:37.0100 7404 MBR partitions:

21:50:37.0100 7404 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544800

21:50:37.0100 7404 \Device\Harddisk2\DR2:

21:50:37.0100 7404 MBR partitions:

21:50:37.0100 7404 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800

21:50:37.0100 7404 \Device\Harddisk3\DR3:

21:50:37.0100 7404 MBR partitions:

21:50:37.0100 7404 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760000

21:50:37.0100 7404 ============================================================

21:50:37.0100 7404 Q: <-> \Device\Harddisk0\DR0\Partition3

21:50:37.0110 7404 F: <-> \Device\Harddisk2\DR2\Partition1

21:50:37.0450 7404 D: <-> \Device\Harddisk1\DR1\Partition1

21:50:37.0450 7404 ============================================================

21:50:37.0450 7404 Initialize success

21:50:37.0450 7404 ============================================================

21:50:43.0761 9912 Deinitialize success

Link to post
Share on other sites

It is going to have three post the file is to long to post all at one time.

This is the first part of the second file.

Second file First section

TDSSKiller.2.8.16.0_21.02.2013_21.51.51_log.txt

21:51:51.0107 3676 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

21:51:51.0154 3676 ============================================================

21:51:51.0154 3676 Current date / time: 2013/02/21 21:51:51.0154

21:51:51.0154 3676 SystemInfo:

21:51:51.0154 3676

21:51:51.0154 3676 OS Version: 6.1.7601 ServicePack: 1.0

21:51:51.0154 3676 Product type: Workstation

21:51:51.0154 3676 ComputerName: TH

21:51:51.0154 3676 UserName: twhauff

21:51:51.0154 3676 Windows directory: C:\Windows

21:51:51.0154 3676 System windows directory: C:\Windows

21:51:51.0154 3676 Running under WOW64

21:51:51.0154 3676 Processor architecture: Intel x64

21:51:51.0154 3676 Number of processors: 8

21:51:51.0154 3676 Page size: 0x1000

21:51:51.0154 3676 Boot type: Normal boot

21:51:51.0154 3676 ============================================================

21:51:51.0482 3676 BG loaded

21:51:51.0731 3676 Drive \Device\Harddisk0\DR0 - Size: 0x8BBA5F6000 (558.91 Gb), SectorSize: 0x200, Cylinders: 0x11D01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:51:51.0731 3676 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:51:51.0747 3676 Drive \Device\Harddisk2\DR2 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:51:51.0840 3676 Drive \Device\Harddisk3\DR3 - Size: 0xEC400000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

21:51:51.0840 3676 ============================================================

21:51:51.0840 3676 \Device\Harddisk0\DR0:

21:51:51.0840 3676 MBR partitions:

21:51:51.0840 3676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2CE000

21:51:51.0840 3676 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2CE800, BlocksNum 0x43583000

21:51:51.0840 3676 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x43851800, BlocksNum 0x2581000

21:51:51.0840 3676 \Device\Harddisk1\DR1:

21:51:51.0840 3676 MBR partitions:

21:51:51.0840 3676 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544800

21:51:51.0840 3676 \Device\Harddisk2\DR2:

21:51:51.0840 3676 MBR partitions:

21:51:51.0840 3676 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800

21:51:51.0840 3676 \Device\Harddisk3\DR3:

21:51:51.0840 3676 MBR partitions:

21:51:51.0840 3676 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760000

21:51:51.0840 3676 ============================================================

21:51:51.0840 3676 Q: <-> \Device\Harddisk0\DR0\Partition3

21:51:51.0840 3676 F: <-> \Device\Harddisk2\DR2\Partition1

21:51:51.0887 3676 D: <-> \Device\Harddisk1\DR1\Partition1

21:51:51.0887 3676 ============================================================

21:51:51.0887 3676 Initialize success

21:51:51.0887 3676 ============================================================

21:52:36.0965 7700 ============================================================

21:52:36.0965 7700 Scan started

21:52:36.0965 7700 Mode: Manual; SigCheck; TDLFS;

21:52:36.0965 7700 ============================================================

21:52:37.0035 7700 ================ Scan system memory ========================

21:52:37.0035 7700 System memory - ok

21:52:37.0035 7700 ================ Scan services =============================

21:52:37.0045 7700 1394ohci - ok

21:52:37.0045 7700 5U877 - ok

21:52:37.0045 7700 ACPI - ok

21:52:37.0045 7700 AcpiPmi - ok

21:52:37.0055 7700 AcPrfMgrSvc - ok

21:52:37.0065 7700 AcSvc - ok

21:52:37.0065 7700 AdobeARMservice - ok

21:52:37.0065 7700 adp94xx - ok

21:52:37.0065 7700 adpahci - ok

21:52:37.0075 7700 adpu320 - ok

21:52:37.0075 7700 AeLookupSvc - ok

21:52:37.0075 7700 AFD - ok

21:52:37.0075 7700 agp440 - ok

21:52:37.0085 7700 Akamai - ok

21:52:37.0085 7700 aksdf - ok

21:52:37.0095 7700 aksfridge - ok

21:52:37.0095 7700 akshasp - ok

21:52:37.0095 7700 akshhl - ok

21:52:37.0105 7700 aksusb - ok

21:52:37.0105 7700 ALG - ok

21:52:37.0105 7700 aliide - ok

21:52:37.0105 7700 ALSysIO - ok

21:52:37.0105 7700 amdide - ok

21:52:37.0115 7700 AmdK8 - ok

21:52:37.0115 7700 AmdPPM - ok

21:52:37.0115 7700 amdsata - ok

21:52:37.0115 7700 amdsbs - ok

21:52:37.0125 7700 amdxata - ok

21:52:37.0125 7700 AMPPAL - ok

21:52:37.0125 7700 AnukoTime - ok

21:52:37.0125 7700 AppID - ok

21:52:37.0135 7700 AppIDSvc - ok

21:52:37.0135 7700 Appinfo - ok

21:52:37.0135 7700 Apple Mobile Device - ok

21:52:37.0135 7700 AppMgmt - ok

21:52:37.0145 7700 arc - ok

21:52:37.0145 7700 arcsas - ok

21:52:37.0145 7700 aspnet_state - ok

21:52:37.0155 7700 AsyncMac - ok

21:52:37.0155 7700 atapi - ok

21:52:37.0155 7700 AudioEndpointBuilder - ok

21:52:37.0155 7700 AudioSrv - ok

21:52:37.0165 7700 AX88178 - ok

21:52:37.0165 7700 AxInstSV - ok

21:52:37.0165 7700 b06bdrv - ok

21:52:37.0165 7700 b57nd60a - ok

21:52:37.0165 7700 BDESVC - ok

21:52:37.0175 7700 Beep - ok

21:52:37.0175 7700 BFE - ok

21:52:37.0175 7700 BITS - ok

21:52:37.0175 7700 blbdrive - ok

21:52:37.0185 7700 Bonjour Service - ok

21:52:37.0185 7700 bowser - ok

21:52:37.0185 7700 BrFiltLo - ok

21:52:37.0185 7700 BrFiltUp - ok

21:52:37.0195 7700 Browser - ok

21:52:37.0195 7700 Brserid - ok

21:52:37.0195 7700 BrSerWdm - ok

21:52:37.0195 7700 BrUsbMdm - ok

21:52:37.0195 7700 BrUsbSer - ok

21:52:37.0205 7700 BthEnum - ok

21:52:37.0205 7700 BTHMODEM - ok

21:52:37.0205 7700 BthPan - ok

21:52:37.0205 7700 BTHPORT - ok

21:52:37.0215 7700 bthserv - ok

21:52:37.0215 7700 BTHUSB - ok

21:52:37.0215 7700 BTWAMPFL - ok

21:52:37.0215 7700 btwaudio - ok

21:52:37.0215 7700 btwavdt - ok

21:52:37.0225 7700 btwdins - ok

21:52:37.0225 7700 btwl2cap - ok

21:52:37.0225 7700 btwrchid - ok

21:52:37.0225 7700 cdfs - ok

21:52:37.0235 7700 cdrom - ok

21:52:37.0235 7700 CertPropSvc - ok

21:52:37.0235 7700 circlass - ok

21:52:37.0235 7700 CLFS - ok

21:52:37.0245 7700 clr_optimization_v2.0.50727_32 - ok

21:52:37.0245 7700 clr_optimization_v2.0.50727_64 - ok

21:52:37.0245 7700 clr_optimization_v4.0.30319_32 - ok

21:52:37.0245 7700 clr_optimization_v4.0.30319_64 - ok

21:52:37.0255 7700 CmBatt - ok

21:52:37.0255 7700 cmdide - ok

21:52:37.0255 7700 CNG - ok

21:52:37.0255 7700 CnxtHdAudService - ok

21:52:37.0255 7700 Compbatt - ok

21:52:37.0265 7700 CompositeBus - ok

21:52:37.0265 7700 COMSysApp - ok

21:52:37.0265 7700 CoordinatorServiceHost - ok

21:52:37.0275 7700 cpudrv64 - ok

21:52:37.0275 7700 crcdisk - ok

21:52:37.0275 7700 CryptSvc - ok

21:52:37.0275 7700 CSC - ok

21:52:37.0285 7700 CscService - ok

21:52:37.0285 7700 CxAudMsg - ok

21:52:37.0285 7700 DcomLaunch - ok

21:52:37.0285 7700 defragsvc - ok

21:52:37.0295 7700 DfsC - ok

21:52:37.0295 7700 Dhcp - ok

21:52:37.0295 7700 discache - ok

21:52:37.0295 7700 Disk - ok

21:52:37.0305 7700 DisplayLinkService - ok

21:52:37.0305 7700 DisplayLinkUsbPort - ok

21:52:37.0305 7700 dlkmd - ok

21:52:37.0315 7700 dlkmdldr - ok

21:52:37.0315 7700 dmvsc - ok

21:52:37.0315 7700 Dnscache - ok

21:52:37.0315 7700 dot3svc - ok

21:52:37.0325 7700 dot4 - ok

21:52:37.0325 7700 Dot4Print - ok

21:52:37.0325 7700 Dot4Scan - ok

21:52:37.0325 7700 dot4usb - ok

21:52:37.0335 7700 DozeSvc - ok

21:52:37.0335 7700 DPS - ok

21:52:37.0335 7700 drmkaud - ok

21:52:37.0335 7700 DXGKrnl - ok

21:52:37.0335 7700 DzHDD64 - ok

21:52:37.0345 7700 e1cexpress - ok

21:52:37.0345 7700 EapHost - ok

21:52:37.0345 7700 ebdrv - ok

21:52:37.0345 7700 EFS - ok

21:52:37.0355 7700 ehRecvr - ok

21:52:37.0355 7700 ehSched - ok

21:52:37.0355 7700 elxstor - ok

21:52:37.0355 7700 ErrDev - ok

21:52:37.0365 7700 EventSystem - ok

21:52:37.0365 7700 EvtEng - ok

21:52:37.0365 7700 exfat - ok

21:52:37.0365 7700 fastfat - ok

21:52:37.0375 7700 Fax - ok

21:52:37.0375 7700 fdc - ok

21:52:37.0375 7700 fdPHost - ok

21:52:37.0375 7700 FDResPub - ok

21:52:37.0385 7700 FfeCore - ok

21:52:37.0385 7700 FfeDisk - ok

21:52:37.0385 7700 FfeDsManager - ok

21:52:37.0395 7700 FfeDt - ok

21:52:37.0395 7700 FileInfo - ok

21:52:37.0395 7700 Filetrace - ok

21:52:37.0395 7700 FLEXnet Licensing Service - ok

21:52:37.0405 7700 FLEXnet Licensing Service 64 - ok

21:52:37.0405 7700 flpydisk - ok

21:52:37.0405 7700 FltMgr - ok

21:52:37.0405 7700 FontCache - ok

21:52:37.0405 7700 FontCache3.0.0.0 - ok

21:52:37.0415 7700 FsDepends - ok

21:52:37.0415 7700 Fs_Rec - ok

21:52:37.0415 7700 FTDIBUS - ok

21:52:37.0415 7700 FTSER2K - ok

21:52:37.0415 7700 fvevol - ok

21:52:37.0425 7700 gagp30kx - ok

21:52:37.0425 7700 GEARAspiWDM - ok

21:52:37.0425 7700 gpsvc - ok

21:52:37.0425 7700 gusvc - ok

21:52:37.0435 7700 hardlock - ok

21:52:37.0435 7700 hasplms - ok

21:52:37.0435 7700 hcw85cir - ok

21:52:37.0445 7700 HdAudAddService - ok

21:52:37.0445 7700 HDAudBus - ok

21:52:37.0445 7700 HidBatt - ok

21:52:37.0445 7700 HidBth - ok

21:52:37.0445 7700 HidIr - ok

21:52:37.0455 7700 hidserv - ok

21:52:37.0455 7700 HidUsb - ok

21:52:37.0455 7700 hkmsvc - ok

21:52:37.0455 7700 HomeGroupListener - ok

21:52:37.0455 7700 HomeGroupProvider - ok

21:52:37.0465 7700 HP LaserJet Service - ok

21:52:37.0465 7700 HpSAMD - ok

21:52:37.0465 7700 HTTP - ok

21:52:37.0465 7700 hwpolicy - ok

21:52:37.0475 7700 HyperW7Svc - ok

21:52:37.0475 7700 i1 Display Service - ok

21:52:37.0475 7700 i8042prt - ok

21:52:37.0485 7700 iaStor - ok

21:52:37.0485 7700 iaStorV - ok

21:52:37.0485 7700 IBMPMDRV - ok

21:52:37.0485 7700 IBMPMSVC - ok

21:52:37.0485 7700 idsvc - ok

21:52:37.0495 7700 igfx - ok

21:52:37.0495 7700 iirsp - ok

21:52:37.0495 7700 IKEEXT - ok

21:52:37.0505 7700 Intel® PROSet Monitoring Service - ok

21:52:37.0505 7700 intelide - ok

21:52:37.0505 7700 intelppm - ok

21:52:37.0505 7700 IPBusEnum - ok

21:52:37.0505 7700 IpFilterDriver - ok

21:52:37.0515 7700 IpHlpSvc - ok

21:52:37.0515 7700 IPMIDRV - ok

21:52:37.0515 7700 IPNAT - ok

21:52:37.0515 7700 iPod Service - ok

21:52:37.0525 7700 IRENUM - ok

21:52:37.0525 7700 isapnp - ok

21:52:37.0525 7700 iScsiPrt - ok

21:52:37.0525 7700 jhi_service - ok

21:52:37.0525 7700 kbdclass - ok

21:52:37.0535 7700 kbdhid - ok

21:52:37.0535 7700 KeyIso - ok

21:52:37.0535 7700 KSecDD - ok

21:52:37.0535 7700 KSecPkg - ok

21:52:37.0545 7700 ksthunk - ok

21:52:37.0545 7700 KtmRm - ok

21:52:37.0545 7700 LanmanServer - ok

21:52:37.0545 7700 LanmanWorkstation - ok

21:52:37.0545 7700 LBTServ - ok

21:52:37.0555 7700 LENOVO.CAMMUTE - ok

21:52:37.0555 7700 LENOVO.MICMUTE - ok

21:52:37.0555 7700 lenovo.smi - ok

21:52:37.0555 7700 LENOVO.TPKNRSVC - ok

21:52:37.0565 7700 Lenovo.VIRTSCRLSVC - ok

21:52:37.0565 7700 LEqdUsb - ok

21:52:37.0565 7700 LHidEqd - ok

21:52:37.0565 7700 LHidFilt - ok

21:52:37.0575 7700 LkCitadelServer - ok

21:52:37.0575 7700 lkClassAds - ok

21:52:37.0575 7700 lkTimeSync - ok

21:52:37.0585 7700 lltdio - ok

21:52:37.0585 7700 lltdsvc - ok

21:52:37.0585 7700 lmhosts - ok

21:52:37.0585 7700 LMouFilt - ok

21:52:37.0585 7700 LMS - ok

21:52:37.0595 7700 LSI_FC - ok

21:52:37.0595 7700 LSI_SAS - ok

21:52:37.0595 7700 LSI_SAS2 - ok

21:52:37.0595 7700 LSI_SCSI - ok

21:52:37.0605 7700 luafv - ok

21:52:37.0605 7700 lvalarmk - ok

21:52:37.0605 7700 MBAMProtector - ok

21:52:37.0615 7700 MBAMScheduler - ok

21:52:37.0615 7700 MBAMService - ok

21:52:37.0615 7700 MCHPUSB - ok

21:52:37.0615 7700 Mcx2Svc - ok

21:52:37.0625 7700 megasas - ok

21:52:37.0625 7700 MegaSR - ok

21:52:37.0625 7700 MEIx64 - ok

21:52:37.0625 7700 mf - ok

21:52:37.0635 7700 MMCSS - ok

21:52:37.0635 7700 Modem - ok

21:52:37.0635 7700 monitor - ok

21:52:37.0635 7700 mouclass - ok

21:52:37.0645 7700 mouhid - ok

21:52:37.0645 7700 mountmgr - ok

21:52:37.0645 7700 MozillaMaintenance - ok

21:52:37.0645 7700 MpFilter - ok

21:52:37.0655 7700 mpio - ok

21:52:37.0655 7700 mpsdrv - ok

21:52:37.0655 7700 MpsSvc - ok

21:52:37.0655 7700 MRxDAV - ok

21:52:37.0665 7700 mrxsmb - ok

21:52:37.0665 7700 mrxsmb10 - ok

21:52:37.0665 7700 mrxsmb20 - ok

21:52:37.0665 7700 msahci - ok

21:52:37.0665 7700 msdsm - ok

21:52:37.0675 7700 MSDTC - ok

21:52:37.0675 7700 Msfs - ok

21:52:37.0675 7700 mshidkmdf - ok

21:52:37.0675 7700 msisadrv - ok

21:52:37.0685 7700 MSiSCSI - ok

21:52:37.0685 7700 msiserver - ok

21:52:37.0685 7700 MSKSSRV - ok

21:52:37.0695 7700 MsMpSvc - ok

21:52:37.0695 7700 MSPCLOCK - ok

21:52:37.0695 7700 MSPQM - ok

21:52:37.0695 7700 MsRPC - ok

21:52:37.0695 7700 mssmbios - ok

21:52:37.0705 7700 MSSQL$SQLEXPRESS - ok

21:52:37.0705 7700 MSSQLServerADHelper - ok

21:52:37.0705 7700 MSTEE - ok

21:52:37.0705 7700 msvsmon90 - ok

21:52:37.0715 7700 MTConfig - ok

21:52:37.0715 7700 Mup - ok

21:52:37.0715 7700 mxssvr - ok

21:52:37.0715 7700 napagent - ok

21:52:37.0725 7700 NativeWifiP - ok

21:52:37.0725 7700 NDIS - ok

21:52:37.0725 7700 NdisCap - ok

21:52:37.0725 7700 NdisTapi - ok

21:52:37.0735 7700 Ndisuio - ok

21:52:37.0735 7700 NdisWan - ok

21:52:37.0735 7700 NDProxy - ok

21:52:37.0735 7700 Net Driver HPZ12 - ok

21:52:37.0735 7700 NetBIOS - ok

21:52:37.0745 7700 NetBT - ok

21:52:37.0745 7700 Netlogon - ok

21:52:37.0745 7700 Netman - ok

21:52:37.0745 7700 NetMsmqActivator - ok

21:52:37.0755 7700 NetPipeActivator - ok

21:52:37.0755 7700 netprofm - ok

21:52:37.0755 7700 netr28ux - ok

21:52:37.0755 7700 NetTcpActivator - ok

21:52:37.0765 7700 NetTcpPortSharing - ok

21:52:37.0765 7700 NETwNs64 - ok

21:52:37.0765 7700 nfrd960 - ok

21:52:37.0765 7700 ni1006k - ok

21:52:37.0775 7700 ni1045k - ok

21:52:37.0775 7700 ni1065k - ok

21:52:37.0775 7700 ni488enumsvc - ok

21:52:37.0775 7700 ni488lock - ok

21:52:37.0785 7700 NIApplicationWebServer - ok

21:52:37.0785 7700 NIApplicationWebServer64 - ok

21:52:37.0785 7700 nicdrk - ok

21:52:37.0795 7700 nicmrk - ok

21:52:37.0795 7700 nicondrk - ok

21:52:37.0795 7700 nicsrk - ok

21:52:37.0795 7700 nidevldu - ok

21:52:37.0805 7700 nidimk - ok

21:52:37.0805 7700 nidmxfk - ok

21:52:37.0805 7700 NIDomainService - ok

21:52:37.0805 7700 nidsark - ok

21:52:37.0815 7700 niemrk - ok

21:52:37.0815 7700 niesrk - ok

21:52:37.0815 7700 NIEthernetDeviceEnumerator - ok

21:52:37.0815 7700 nifslk - ok

21:52:37.0825 7700 NILM License Manager - ok

21:52:37.0825 7700 niLXIDiscovery - ok

21:52:37.0825 7700 nimdbgk - ok

21:52:37.0835 7700 nimDNSResponder - ok

21:52:37.0835 7700 nimru2k - ok

21:52:37.0835 7700 nimsdrk - ok

21:52:37.0835 7700 nimstsk - ok

21:52:37.0845 7700 nimxdfk - ok

21:52:37.0845 7700 nimxpk - ok

21:52:37.0845 7700 NINetworkDiscovery - ok

21:52:37.0845 7700 ninshsdk - ok

21:52:37.0855 7700 niorbk - ok

21:52:37.0855 7700 nipalfwedl - ok

21:52:37.0855 7700 NIPALK - ok

21:52:37.0865 7700 nipalusbedl - ok

21:52:37.0865 7700 nipbcfk - ok

21:52:37.0865 7700 nipxibaf - ok

21:52:37.0865 7700 nipxibrc - ok

21:52:37.0875 7700 nipxigpk - ok

21:52:37.0875 7700 nipxirmk - ok

21:52:37.0875 7700 nipxirmu - ok

21:52:37.0875 7700 niraptrk - ok

21:52:37.0885 7700 niscdk - ok

21:52:37.0885 7700 nisdigk - ok

21:52:37.0885 7700 NisDrv - ok

21:52:37.0895 7700 nisftk - ok

21:52:37.0895 7700 nispdk - ok

21:52:37.0895 7700 nissrk - ok

21:52:37.0895 7700 NisSrv - ok

21:52:37.0905 7700 nistc2k - ok

21:52:37.0905 7700 nistc3rk - ok

21:52:37.0905 7700 nistcrk - ok

21:52:37.0905 7700 niSvcLoc - ok

21:52:37.0915 7700 niswdk - ok

21:52:37.0915 7700 NITaggerService - ok

21:52:37.0915 7700 nitiork - ok

21:52:37.0925 7700 niufurk - ok

21:52:37.0925 7700 NiViPciK - ok

21:52:37.0925 7700 NiViPxiK - ok

21:52:37.0935 7700 niwfrk - ok

21:52:37.0935 7700 nixsrk - ok

21:52:37.0935 7700 NlaSvc - ok

21:52:37.0935 7700 Npfs - ok

21:52:37.0945 7700 nsi - ok

21:52:37.0945 7700 nsiproxy - ok

21:52:37.0945 7700 Ntfs - ok

21:52:37.0945 7700 Null - ok

21:52:37.0955 7700 nusb3hub - ok

21:52:37.0955 7700 nusb3xhc - ok

21:52:37.0955 7700 NVHDA - ok

21:52:37.0955 7700 nvkflt - ok

21:52:37.0965 7700 nvlddmkm - ok

21:52:37.0965 7700 nvpciflt - ok

21:52:37.0965 7700 nvraid - ok

21:52:37.0965 7700 nvstor - ok

21:52:37.0975 7700 NVSvc - ok

21:52:37.0975 7700 nvUpdatusService - ok

21:52:37.0975 7700 nv_agp - ok

21:52:37.0975 7700 ohci1394 - ok

21:52:37.0985 7700 OpcEnum - ok

21:52:37.0985 7700 ose - ok

21:52:37.0985 7700 osppsvc - ok

21:52:37.0995 7700 p2pimsvc - ok

21:52:37.0995 7700 p2psvc - ok

21:52:37.0995 7700 Parport - ok

21:52:37.0995 7700 partmgr - ok

21:52:38.0005 7700 PcaSvc - ok

21:52:38.0005 7700 pci - ok

21:52:38.0005 7700 pciide - ok

21:52:38.0005 7700 pcmcia - ok

21:52:38.0015 7700 pcw - ok

21:52:38.0015 7700 PDF Architect Helper Service - ok

21:52:38.0015 7700 PDF Architect Service - ok

21:52:38.0025 7700 PEAUTH - ok

21:52:38.0025 7700 PeerDistSvc - ok

21:52:38.0025 7700 PerfHost - ok

21:52:38.0035 7700 PHCORE - ok

21:52:38.0035 7700 PinFile - ok

21:52:38.0035 7700 pla - ok

21:52:38.0045 7700 PlugPlay - ok

21:52:38.0045 7700 Pml Driver HPZ12 - ok

21:52:38.0045 7700 pmxdrv - ok

21:52:38.0045 7700 PNRPAutoReg - ok

21:52:38.0055 7700 PNRPsvc - ok

21:52:38.0055 7700 PolicyAgent - ok

21:52:38.0055 7700 Power - ok

21:52:38.0065 7700 Power Manager DBC Service - ok

21:52:38.0065 7700 PptpMiniport - ok

21:52:38.0065 7700 Processor - ok

21:52:38.0065 7700 ProfSvc - ok

21:52:38.0075 7700 ProtectedStorage - ok

21:52:38.0075 7700 psadd - ok

21:52:38.0075 7700 Psched - ok

21:52:38.0075 7700 PSI_SVC_2 - ok

21:52:38.0085 7700 PwmEWSvc - ok

21:52:38.0085 7700 ql2300 - ok

21:52:38.0085 7700 ql40xx - ok

21:52:38.0085 7700 QWAVE - ok

21:52:38.0095 7700 QWAVEdrv - ok

21:52:38.0095 7700 RasAcd - ok

21:52:38.0095 7700 RasAgileVpn - ok

21:52:38.0095 7700 RasAuto - ok

21:52:38.0095 7700 Rasl2tp - ok

21:52:38.0105 7700 RasMan - ok

21:52:38.0105 7700 RasPppoe - ok

21:52:38.0105 7700 RasSstp - ok

21:52:38.0105 7700 rdbss - ok

21:52:38.0115 7700 rdpbus - ok

21:52:38.0115 7700 RDPCDD - ok

21:52:38.0115 7700 RDPDR - ok

21:52:38.0125 7700 RDPENCDD - ok

21:52:38.0125 7700 RDPREFMP - ok

21:52:38.0125 7700 RDPWD - ok

21:52:38.0125 7700 rdyboost - ok

21:52:38.0135 7700 RegSrvc - ok

21:52:38.0135 7700 RemoteAccess - ok

21:52:38.0145 7700 RemoteRegistry - ok

21:52:38.0145 7700 Retrospect Client - ok

21:52:38.0145 7700 Retrospect Helper - ok

21:52:38.0155 7700 RFCOMM - ok

21:52:38.0155 7700 risdxc - ok

21:52:38.0155 7700 RpcEptMapper - ok

21:52:38.0155 7700 RpcLocator - ok

21:52:38.0165 7700 RpcSs - ok

21:52:38.0165 7700 rspndr - ok

21:52:38.0165 7700 s3cap - ok

21:52:38.0165 7700 SamSs - ok

21:52:38.0175 7700 SAService - ok

21:52:38.0175 7700 sbp2port - ok

21:52:38.0175 7700 SCardSvr - ok

21:52:38.0175 7700 scfilter - ok

21:52:38.0185 7700 Schedule - ok

21:52:38.0185 7700 SCPolicySvc - ok

21:52:38.0185 7700 SDDisk2K - ok

21:52:38.0195 7700 SDDToki - ok

21:52:38.0195 7700 SDDVD - ok

21:52:38.0195 7700 SDRSVC - ok

21:52:38.0205 7700 SDUPC - ok

21:52:38.0205 7700 secdrv - ok

21:52:38.0205 7700 seclogon - ok

21:52:38.0205 7700 SENS - ok

21:52:38.0215 7700 SensrSvc - ok

21:52:38.0215 7700 Serenum - ok

21:52:38.0215 7700 Serial - ok

21:52:38.0215 7700 sermouse - ok

21:52:38.0225 7700 SessionEnv - ok

21:52:38.0225 7700 sffdisk - ok

21:52:38.0225 7700 sffp_mmc - ok

21:52:38.0235 7700 sffp_sd - ok

21:52:38.0235 7700 sfloppy - ok

21:52:38.0235 7700 SgtSch2Svc - ok

21:52:38.0245 7700 SharedAccess - ok

21:52:38.0245 7700 ShellHWDetection - ok

21:52:38.0245 7700 Shockprf - ok

21:52:38.0255 7700 silabenm - ok

21:52:38.0255 7700 silabser - ok

21:52:38.0255 7700 SiSRaid2 - ok

21:52:38.0265 7700 SiSRaid4 - ok

21:52:38.0265 7700 SkypeUpdate - ok

21:52:38.0265 7700 Smb - ok

21:52:38.0275 7700 smihlp - ok

21:52:38.0275 7700 snapman - ok

21:52:38.0275 7700 SNMPTRAP - ok

21:52:38.0285 7700 SolidWorks Licensing Service - ok

21:52:38.0285 7700 spldr - ok

21:52:38.0285 7700 Spooler - ok

21:52:38.0285 7700 sppsvc - ok

21:52:38.0295 7700 sppuinotify - ok

21:52:38.0295 7700 SQLBrowser - ok

21:52:38.0295 7700 SQLWriter - ok

21:52:38.0305 7700 srv - ok

21:52:38.0305 7700 srv2 - ok

21:52:38.0305 7700 srvnet - ok

21:52:38.0305 7700 SSDPSRV - ok

21:52:38.0315 7700 SstpSvc - ok

21:52:38.0315 7700 Stereo Service - ok

21:52:38.0315 7700 stexstor - ok

21:52:38.0325 7700 StillCam - ok

21:52:38.0325 7700 stisvc - ok

21:52:38.0325 7700 storflt - ok

21:52:38.0335 7700 StorSvc - ok

21:52:38.0335 7700 storvsc - ok

21:52:38.0335 7700 SUService - ok

21:52:38.0345 7700 swenum - ok

21:52:38.0345 7700 swprv - ok

21:52:38.0345 7700 SynTP - ok

21:52:38.0345 7700 SysMain - ok

21:52:38.0355 7700 TabletInputService - ok

21:52:38.0355 7700 TapiSrv - ok

21:52:38.0355 7700 TBS - ok

21:52:38.0355 7700 Tcpip - ok

21:52:38.0365 7700 TCPIP6 - ok

21:52:38.0365 7700 tcpipreg - ok

21:52:38.0365 7700 TDPIPE - ok

21:52:38.0375 7700 tdrpman - ok

21:52:38.0375 7700 TDTCP - ok

21:52:38.0375 7700 tdx - ok

21:52:38.0385 7700 TermDD - ok

21:52:38.0385 7700 TermService - ok

21:52:38.0385 7700 Themes - ok

21:52:38.0385 7700 ThinkVantage Registry Monitor Service - ok

21:52:38.0395 7700 THREADORDER - ok

21:52:38.0395 7700 tifsfilter - ok

21:52:38.0395 7700 timounter - ok

21:52:38.0405 7700 TPDIGIMN - ok

21:52:38.0405 7700 TPHDEXLGSVC - ok

21:52:38.0405 7700 TPHKLOAD - ok

21:52:38.0405 7700 TPHKSVC - ok

21:52:38.0415 7700 TPM - ok

21:52:38.0415 7700 TPPWRIF - ok

21:52:38.0415 7700 TrkWks - ok

21:52:38.0425 7700 TrustedInstaller - ok

21:52:38.0425 7700 tssecsrv - ok

21:52:38.0425 7700 TsUsbFlt - ok

21:52:38.0425 7700 TsUsbGD - ok

21:52:38.0435 7700 tunnel - ok

21:52:38.0435 7700 TurboB - ok

21:52:38.0435 7700 TurboBoost - ok

21:52:38.0445 7700 TVT Scheduler - ok

21:52:38.0445 7700 TVTI2C - ok

21:52:38.0445 7700 uagp35 - ok

21:52:38.0455 7700 udfs - ok

21:52:38.0455 7700 UI0Detect - ok

21:52:38.0455 7700 UleadBurningHelper - ok

21:52:38.0465 7700 uliagpkx - ok

21:52:38.0465 7700 umbus - ok

21:52:38.0465 7700 UmPass - ok

21:52:38.0475 7700 UmRdpService - ok

21:52:38.0475 7700 UNS - ok

21:52:38.0475 7700 upnphost - ok

21:52:38.0475 7700 USB18PRG - ok

21:52:38.0485 7700 usb6xxxk - ok

21:52:38.0485 7700 USBAAPL64 - ok

21:52:38.0485 7700 usbaudio - ok

21:52:38.0495 7700 usbccgp - ok

21:52:38.0495 7700 usbcir - ok

21:52:38.0495 7700 USBee - ok

21:52:38.0495 7700 usbehci - ok

21:52:38.0505 7700 usbhub - ok

21:52:38.0505 7700 usbohci - ok

21:52:38.0505 7700 usbprint - ok

21:52:38.0505 7700 usbser - ok

21:52:38.0515 7700 USBSTOR - ok

21:52:38.0515 7700 Usbtmc - ok

21:52:38.0515 7700 usbuhci - ok

21:52:38.0525 7700 usbvideo - ok

21:52:38.0525 7700 UxSms - ok

21:52:38.0525 7700 VaultSvc - ok

21:52:38.0535 7700 VBoxDrv - ok

21:52:38.0535 7700 VBoxNetAdp - ok

21:52:38.0535 7700 VBoxNetFlt - ok

21:52:38.0535 7700 VBoxUSB - ok

21:52:38.0545 7700 VBoxUSBMon - ok

21:52:38.0545 7700 vdrvroot - ok

21:52:38.0545 7700 vds - ok

21:52:38.0555 7700 vga - ok

21:52:38.0555 7700 VgaSave - ok

21:52:38.0555 7700 vhdmp - ok

21:52:38.0555 7700 viaide - ok

21:52:38.0565 7700 Viewpoint Service - ok

21:52:38.0565 7700 Visual Studio Analyzer RPC bridge - ok

21:52:38.0565 7700 vmbus - ok

21:52:38.0575 7700 VMBusHID - ok

21:52:38.0575 7700 volmgr - ok

21:52:38.0575 7700 volmgrx - ok

21:52:38.0575 7700 volsnap - ok

21:52:38.0585 7700 vpcbus - ok

21:52:38.0585 7700 vpcnfltr - ok

21:52:38.0585 7700 vpcusb - ok

21:52:38.0585 7700 vpcvmm - ok

21:52:38.0595 7700 vsmraid - ok

21:52:38.0595 7700 VSS - ok

21:52:38.0595 7700 vwifibus - ok

21:52:38.0595 7700 vwififlt - ok

21:52:38.0605 7700 vwifimp - ok

21:52:38.0605 7700 W32Time - ok

21:52:38.0615 7700 WacomPen - ok

21:52:38.0615 7700 WANARP - ok

21:52:38.0615 7700 Wanarpv6 - ok

21:52:38.0625 7700 WatAdminSvc - ok

21:52:38.0625 7700 wbengine - ok

21:52:38.0625 7700 WbioSrvc - ok

21:52:38.0635 7700 wcncsvc - ok

21:52:38.0635 7700 WcsPlugInService - ok

21:52:38.0635 7700 Wd - ok

21:52:38.0645 7700 WDC_SAM - ok

21:52:38.0645 7700 Wdf01000 - ok

21:52:38.0645 7700 WdiServiceHost - ok

21:52:38.0645 7700 WdiSystemHost - ok

21:52:38.0655 7700 wdkmd - ok

21:52:38.0655 7700 WebClient - ok

21:52:38.0655 7700 Wecsvc - ok

21:52:38.0655 7700 wercplsupport - ok

21:52:38.0665 7700 WerSvc - ok

21:52:38.0665 7700 WfpLwf - ok

21:52:38.0665 7700 WIMMount - ok

21:52:38.0675 7700 WinDefend - ok

21:52:38.0675 7700 WinHttpAutoProxySvc - ok

21:52:38.0685 7700 WinMagic SecureDoc Service - ok

21:52:38.0685 7700 Winmgmt - ok

21:52:38.0685 7700 WinRM - ok

21:52:38.0695 7700 WinUsb - ok

21:52:38.0695 7700 Wlansvc - ok

21:52:38.0695 7700 WmiAcpi - ok

21:52:38.0705 7700 wmiApSrv - ok

21:52:38.0705 7700 WMPNetworkSvc - ok

21:52:38.0705 7700 WPCSvc - ok

21:52:38.0715 7700 WPDBusEnum - ok

21:52:38.0715 7700 ws2ifsl - ok

21:52:38.0715 7700 wscsvc - ok

21:52:38.0715 7700 WSDPrintDevice - ok

21:52:38.0725 7700 WSearch - ok

21:52:38.0725 7700 wuauserv - ok

21:52:38.0725 7700 WudfPf - ok

21:52:38.0735 7700 WUDFRd - ok

21:52:38.0735 7700 wudfsvc - ok

21:52:38.0735 7700 WwanSvc - ok

21:52:38.0745 7700 xritedeviced - ok

21:52:38.0745 7700 ZcfgSvc7 - ok

Link to post
Share on other sites

This file is just way too long to post in an open txt post.

So I posted the beginning and this is the end part of the file.

I have attached the full text log file to this post.

TDSSKiller did not find anything.

Second file end part of the file

TDSSKiller.2.8.16.0_21.02.2013_21.51.51_log.txt

21:52:43.0376 7700 [ 79138CDFE3265A4E444E8F5B7DE2B1C7 ] C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe

21:52:43.0376 7700 C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe - ok

21:52:43.0376 7700 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

21:52:43.0376 7700 C:\Windows\System32\aeevts.dll - ok

21:52:43.0376 7700 ============================================================

21:52:43.0376 7700 Scan finished

21:52:43.0376 7700 ============================================================

21:52:43.0386 1196 Detected object count: 0

21:52:43.0386 1196 Actual detected object count: 0

21:52:51.0677 3636 Deinitialize success

TDSSKiller.2.8.16.0_21.02.2013_21.51.51_log.txt

Link to post
Share on other sites

That was important, because aswMBR shows:

16:38:36.468 Disk 0 MBR [possible unknown bootkit@MBR] **ROOTKIT**

This one is really big problem.

In our case, this is a false alert, because is protection due to WinMagic SecureDoc.

Thanks for letting me know!

Please perform a full system scan with Microsoft Security Essentials and let me know.

Link to post
Share on other sites

Maniac

Again Sorry you know once you get used to logging in to the drive you don’t even think about it.

Ok I ran full scan using Microsoft Security Essentials.

The results way no items found, all clean.

I also ran a full scan with Malwarebytes PRO.

The results of that was clean no items found.

Thank you for your help!

I have made a Donation for your time that I wasted.

What do I need to do to clean up and remove the tools that we used?

GeckospotNixie

Link to post
Share on other sites

Thank you very much! :)

No need to apologize, it is normal in this situation to have gaps, it is important not to be critical.

Okay, let's clean this mess.

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Next, uninstall ESET Online Scanner and then manually delete Kaspersky AVP.

Some malware prevention tips here:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.