Jump to content


Photo

Too many Internet Explorer (not responding) msgs


  • This topic is locked This topic is locked
21 replies to this topic

#1 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 06 September 2010 - 10:05 AM

I have done Spybot S&D, Adaware, and Malwarebytes. I cannot go to some web sites because the IE (not responding) message keeps showing up.

Can you see anything in my log?

Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:05 PM, on 9/6/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Users\Mike\AppData\Local\Citrix\ICA Client\wfcrun32.exe
C:\Users\Mike\AppData\Local\Citrix\ICACLI~1\WFICA32.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Mike\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: : # Copyright © 1993-1999 Microsoft Corp.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100518180434.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [DellComms] "C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe" /P DellComms
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [EPSON NX410 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCA.EXE /FU "C:\Users\Mike\AppData\Local\Temp\E_S97EC.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellComms) (sprtsvc_DellComms) - SupportSoft, Inc. - C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11640 bytes

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,533 posts

Posted 08 September 2010 - 10:53 PM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#3 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 09 September 2010 - 10:30 AM

I hope I posted the 3 day correctly.

#4 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 09 September 2010 - 07:48 PM

It seems too occur in association with Flash player

#5 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 10 September 2010 - 09:30 AM

Hello mehlers and welcome to SWI.

I'm lance_yien and will be helping you.

 Very Important!

:excl: Please do immediately:
  • Make sure you have read the forum FAQ.
  • In the upper right hand corner of the topic you will see a button called "Watch this topic", by clicking on this => "Immediate E-Mail notification" => "Proceed" you will be advised when we respond to your topic and facilitate the cleaning of your machine.
:excl: During this cleanup, please DO NOT run, install and/or uninstall any tools/ programs other than those I suggest to you because some programs can interfere with others and/ or can cause some problems to your system.

:excl: When you receive new instructions,
  • Please Read the whole message.
  • All our tools must be launched from the Desktop (unless otherwise specified). Please make sure to save them to your Desktop and check before running each program.
    To move a tool to your Desktop, right-click on it => "Cut". Right-click on your Desktop => "Paste".
  • Please disable ALL your protection programs (antiVirus, firewall and antiSpyware), they may otherwise interfere with our tools. If you don't know how to do, please see here and/or here.
  • Please perform all steps in the received order and DO NOT proceed if you need clarification.
  • Please DO NOT re-run any program I suggest. If you encounter problems please stop and tell me about it.
  • After posting your reply, please re-enable your antivirus and firewall programs.
:excl: When replying,
  • Please use the Add Reply button Posted Image. I do not need to see my previous instructions. Thank you!
  • Please copy and paste your logs into your post unless specifically asked to attach one:
    - Click "Edition" => "Select all".
    - Click "Edition" => "Copy".
    In your next reply, right-click => "Paste".
 

I cannot go to some web sites because the IE (not responding) message keeps showing up.

Did you try another browser?
--

Please print out these instructions or copy them to a Notepad file for an easier reading and download to your Desktop:
  • DDS Scanning Tool by sUBs from here or here.
  • Security Check by screen317 from here or here.

>>> Ensure you have disabled all anti virus and anti malware programs and double click dds.scr to run the tool. Nothing will be deleted. It will just give me some additional information.

Posted Image

When done, DDS will open two (2) logs (DDS.txt and Attach.txt)
Please save both reports to your desktop and post their contents. You may need to use two posts to get it all in.


>>> Insert all your removable drives/pendrives/memory cards etc.
Then, ensure you have disabled all anti virus and anti malware programs. To know how to disable your protection programs (antivirus, firewall and antispyware), please see here and/or here.

Use the Internet Explorer to run a ESET Online Scanner from Here. If you are using Windows 7 or Windows Vista, open your browser by right-clicking on its icon and select "Run as administrator".
IMPORTANT: Administrator privileges are required to run ESET Online Scanner!
  • Click the green ESET Online Scanner button, check YES, I accept the Terms of Use and click Start.
  • You will need to allow an Active X install for the scan to run.
  • Check Scan archives and click Start
  • Eset will now download virus signature database and start to scan your computer. Let it run uninterrupted
  • Save the results (click "File" => "Save as...") to your Desktop as "scan-results" to post them into your next reply.
  • Check Uninstall application on close to remove ESET Online Scanner from your computer and click the Finish button.

    Please copy and Paste the contents of the report into your next reply.

>>> Please double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and past its contents into your next reply.


In your next reply, please include the following (you may need to use two posts to get it all in):
  • DDS.txt
  • Attach.txt
  • scan-results
  • checkup.txt

EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#6 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 11 September 2010 - 05:46 PM

I'll have to send in two separate replies.

Attached Files



#7 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 11 September 2010 - 06:01 PM

There was no option to save Scan Results but it found 0

EDIT: Most of our helpers will not download files that they did not specifically request... As you might guess, many malware criminals would love to infect their computers... We allow plenty of room in a post to copy/paste your logs, so please use it rather than attaching a file unless asked... Please read the instructions at the top of each forum and our FAQ... Thank you...

Attached Files

  • Attached File  DDS.txt   16.68KB   43 downloads

Edited by Budfred, 11 September 2010 - 06:54 PM.


#8 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 15 September 2010 - 11:40 AM

Here is Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee AntiVirus Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java™ 6 Update 19
Out of date Java installed!
Adobe Flash Player
Adobe Reader 9.3.4
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
````````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````



Here is DDS


DDS (Ver_10-03-17.01) - NTFSX64
Run by Mike at 19:44:38.30 on Fri 09/10/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2865 [GMT -4:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FOT6KHS1\dds[1].scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mLocal Page = c:\windows\syswow64\blank.htm
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\common files\mcafee\systemcore\ScriptSn.20100518180434.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
TB: {89A2510A-B4B6-4683-BEC9-1B96700BC7F1} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [ISUSPM] "c:\programdata\macrovision\flexnet connect\11\ISUSPM.exe" -scheduler
uRun: [EPSON NX410 Series] c:\windows\system32\spool\drivers\x64\3\e_iatifca.exe /fu "c:\users\mike\appdata\local\temp\E_S97EC.tmp" /EF "HKCU"
mRun: [DellComms] "c:\program files (x86)\dell\dellcomms\bin\sprtcmd.exe" /P DellComms
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [1A:Stardock TrayMonitor]
mRun: [dellsupportcenter] "c:\program files (x86)\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [HP Software Update] c:\program files (x86)\hp\hp software update\HPWuSchd2.exe
mRunServices: [1A:Stardock TrayMonitor]
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
Trusted Zone: humana.com\myapps
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO-X64: Windows Live Family Safety Browser Helper - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100518180433.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {89A2510A-B4B6-4683-BEC9-1B96700BC7F1} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [Apoint] c:\program files\delltpad\Apoint.exe
mRun-x64: [SysTrayApp] c:\program files\idt\wdm\sttray64.exe
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
mRun-x64: [Broadcom Wireless Manager UI] c:\program files\dell\dell wireless wlan card\WLTRAY.exe
mRun-x64: [IAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
mRun-x64: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-8-9 69152]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 528616]
R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-10-18 55280]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-5-18 75288]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-5-18 279752]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328]
R2 LVPrcS64;Process Monitor;c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2009-10-7 191000]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-7 355440]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-7 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-7 355440]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-7-7 355440]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-5-18 199032]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-5-18 244840]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-5-18 148520]
R2 SftService;SoftThinks Agent Service;c:\program files (x86)\dell datasafe local backup\SftService.exe [2009-10-18 656624]
R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);c:\program files (x86)\dell\dellcomms\bin\sprtsvc.exe [2009-5-5 206064]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-5-18 62416]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-10-18 172704]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-5-18 189880]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-5-18 440688]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-18 215552]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-10-18 393728]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2009-12-27 61280]
S3 fsssvc;Windows Live Family Safety Service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\drivers\lvrs64.sys [2009-10-7 327704]
S3 LVUVC64;QuickCam Communicate Deluxe(UVC);c:\windows\system32\drivers\lvuvc64.sys [2009-10-7 6379288]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-5-18 93840]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-29 1255736]

=============== Created Last 30 ================

2010-09-10 00:18:39 0 d-----w- c:\programdata\UAB
2010-09-09 21:46:23 0 d-----w- c:\windows\syswow64\Adobe
2010-09-09 21:44:54 0 d-----w- c:\program files (x86)\MSN Toolbar
2010-09-09 21:41:53 0 d-----w- c:\program files (x86)\MSN Toolbar Installer
2010-09-09 21:41:47 0 d-----w- c:\programdata\Driver Boost
2010-09-09 21:39:49 0 d-----w- c:\program files (x86)\DriverBoost
2010-09-08 00:50:20 0 d-----w- c:\programdata\WEBREG
2010-09-08 00:49:09 0 d-----w- c:\program files (x86)\Yahoo!
2010-09-08 00:47:21 0 d-----w- c:\programdata\HP Product Assistant
2010-09-08 00:46:29 0 d-----w- c:\program files (x86)\common files\HP
2010-09-08 00:45:55 0 d-----w- c:\program files (x86)\HP
2010-09-08 00:44:28 349 ------w- c:\windows\hphmdl26.dat
2010-09-08 00:44:28 160470 ----a-w- c:\windows\hphins26.dat
2010-08-24 17:25:53 861184 ----a-w- c:\windows\system32\oleaut32.dll
2010-08-24 17:25:53 571904 ----a-w- c:\windows\syswow64\oleaut32.dll

==================== Find3M ====================

2010-09-10 19:11:15 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-08-16 23:16:47 103784 ----a-w- c:\users\mike\GoToAssistDownloadHelper.exe
2010-08-10 03:33:06 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-08-10 03:31:45 69152 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll
2010-07-27 14:03:24 12867584 ----a-w- c:\windows\syswow64\shell32.dll
2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:53:18 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-06-19 06:23:50 37376 ----a-w- c:\windows\syswow64\rtutils.dll
2010-06-19 04:32:34 3122688 ----a-w- c:\windows\system32\win32k.sys
2010-06-16 06:11:10 340992 ----a-w- c:\windows\system32\schannel.dll
2010-06-16 05:48:35 224256 ----a-w- c:\windows\syswow64\schannel.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-10-18 07:00:58 75 --sh--r- c:\windows\CT4CET.bin
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 19:45:45.89 ===============


Here is attach


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2009 6:08:47 PM
System Uptime: 9/10/2010 7:21:59 PM (0 hours ago)

Motherboard: Dell Inc. | | 0G848F
Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz | Microprocessor | 2100/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 283 GiB total, 247.859 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP177: 8/13/2010 11:43:03 PM - Windows Update
RP178: 8/17/2010 10:04:03 PM - Windows Update
RP179: 8/20/2010 5:34:14 PM - Windows Update
RP180: 8/23/2010 8:47:15 PM - Windows Update
RP181: 8/24/2010 7:22:52 PM - Windows Update
RP182: 8/27/2010 7:41:27 PM - Windows Update
RP183: 9/1/2010 4:29:20 PM - Windows Update
RP184: 9/3/2010 8:23:03 PM - Windows Update
RP185: 9/7/2010 6:50:04 PM - Windows Update
RP186: 9/7/2010 9:10:00 PM - Removed Print Creations
RP187: 9/8/2010 5:30:11 PM - Windows Update
RP188: 9/9/2010 5:39:26 PM - Installed DriverBoost.
RP189: 9/9/2010 9:30:31 PM - Restore Operation
RP190: 9/9/2010 11:25:47 PM - Windows Update

==== Installed Programs ======================

Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.4
Advanced Audio FX Engine
BufferChm
CCScore
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix XenApp Web Plugin
Compatibility Pack for the 2007 Office system
Consumer In-Home Service Agreement
D1500
Dell Communications (Support Software)
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Driver Download Manager
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Webcam Central
DJ_SF_03_D1500_Software_Min
EPSON Scan
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
GPBaseService2
HijackThis 2.0.2
HP Update
HPPhotoGadget
HPProductAssistant
Java Auto Updater
Java™ 6 Update 19
Junk Mail filter update
Kodak EasyShare software
Live! Cam Avatar Creator
Logitech Vid
Malwarebytes' Anti-Malware
McAfee AntiVirus Plus
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPoints Point Finder
netbrdg
OfotoXMI
PowerDVD DX
Roxio Burn
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
SFR
SHASTA
skin0001
SKINXSDK
SolutionCenter
Spybot - Search & Destroy
staticcr
Toolbox
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPRINTOL
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WIRELESS

==== Event Viewer Messages From Past Week ========

9/9/2010 9:35:00 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
9/9/2010 9:34:01 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
9/9/2010 3:56:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Mike-PC\Mike SID (S-1-5-21-3035079288-3762108966-1726518364-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
9/9/2010 3:02:38 PM, Error: Service Control Manager [7034] - The Audio Service service terminated unexpectedly. It has done this 1 time(s).
9/7/2010 9:23:37 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100. The computer with the IP address 192.168.1.101 did not allow the name to be claimed by this computer.
9/4/2010 11:10:53 AM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
9/3/2010 7:44:41 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer LIZ-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D2F3BFFA-B3B7-43B2-BC40-F6E2AD9667F1}. The master browser is stopping or an election is being forced.
9/3/2010 7:32:41 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.101. The computer with the IP address 192.168.1.100 did not allow the name to be claimed by this computer.

==== End Of File ===========================

Thanks

#9 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 16 September 2010 - 02:39 AM

Hi mehlers,

Please post the results of ESET Online Scanner.
EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#10 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 16 September 2010 - 02:04 PM

Lance, There are no scan results and I can't send a screen print

#11 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 17 September 2010 - 10:05 AM

Please print out these instructions or copy them to a Notepad file for an easier reading

>>> Reset your Hosts file back to default:
Go here and click on the Fix It button. Follow the steps in the Fix it wizard.


>>> Restore your Proxy settings as they have been modified by malware:
  • In Internet Explorer: Tools Menu => Internet Options => Connections Tab =>Lan Settings => uncheck "Use a proxy server" and check to "Automatically detect settings".
  • In Firefox in Tools Menu => Options... => Advanced Tab => Network Tab => Connection => "Settings". Select the "Auto-detect proxy settings for this network" option

>>> Please visit this page and clear the caches of all the browsers you are using.


>>> Set Windows to show hidden/system files and folders:
  • Click Start and open My Computer.
  • On the Tools menu, click on Folder Options.
  • On the View tab, uncheck "Hide file extensions for known file types".
    Uncheck "Hide protected operating system files (Recommended)" and click Yes on the warning message.
    Under "Hidden files and folders", check "Show hidden files and folders".
  • Click Apply to All Folders.
  • Click OK and close My Computer.
Now, please navigate to and delete this file (in bold): c:\windows\system32\drivers\lvuvc.hs

Then, set Windows to hide hidden/system files and folders since this is safer now that your system seems to be clean.
  • lick Start and open My Computer.
  • On the Tools menu, click on Folder Options.
  • On the View tab, check "Hide file extensions for known file types".
    Check "Hide protected operating system files (Recommended)". Under "Hidden files and folders", check "Do not show hidden files and folders".
  • Click Apply to All Folders.
  • Click OK and close My Computer.

>>> Please go to Jotti's malware scan:
  • Copy each line from the following (in bold):

    c:\windows\system32\oleaut32.dll
    c:\windows\syswow64\oleaut32.dll

  • Click the Browse button,
  • A window will open, right-click in the File name field and choose Paste.
  • Click the Submit button and let the scan run uninterrupted.
  • At the end right-click the Permalink button and choose "Copy the link". Posted Image
  • Open Notepad (Start => All Programs => Accessories) and click "Edition" => "Paste".
    Then, return to the "Jotti's malware scan" window and click the "Next file" button to continue with the rest.

Note: If Jotti is busy, please go to http://www.virustotal.com,

Please copy and paste these Permalinks in your next reply and let me know if you still have any problems[/color]
EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#12 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 17 September 2010 - 03:59 PM

We'll see how things go - Thank you

Scanners
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing


Scanners
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing 2010-09-17 Found nothing
2010-09-17 Found nothing



--------------------------------------------------------------------------------

#13 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 18 September 2010 - 11:24 PM

These files are OK.
If you don't still have any problems,

Very important:
Your version of Java is out of date. I recommend you update to the newest Version:
Please download to your Desktop the newest version from here.

It's important that you uninstall older versions of Java. They can leave holes and vulnerabilities on your computer.

Please, go to Start => Control Panel double-click on the Software icon => Add or Remove programs.
Search in the list for all previous installed versions of Java (J2SE Runtime Environment.... ).
They should have this icon next to them: Posted Image
Select each in turn and click Remove.

Now install the newest version.


>>> Tools removal:
Please delete any files/ folders referring to our tools (right-click => "Delete").


>>> Protect your computer:
  • Enable Automatic Updates for your Windows under Start => Control Panel => Automatic Updates. These updates address known issues and will strengthen your protection against known security threats. Without these updates I can almost guarantee that you will get infected again.
  • Make sure your programs are up to date - because older versions may contain Security Leaks.
    To find out what programs need to be updated, please run the Secunia Software Inspector Scan.
  • Nowadays, most malware is developed only to steal personal information and/or various passwords. I recommend you change all your passwords - make sure you create strong passwords and use a different password for every site (you can keep them in KeePass).
  • Back up your...
    • Registry with ERUNT. It can help you especially if the System Restore is disabled by malware or corrupted for some reasons.
    • MBR (Master Boot Record) with MBR Backup so that you can restore it if it ever becomes corrupted or infected by malware.
  • Please, note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here: http://www.spywarewa...nti-spyware.htm

>>> Finally, I highly recommend you read:

Hopefully this should take care of your problems!

Safe surfing! :)

Edited by lance_yien, 21 September 2010 - 12:58 AM.

EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#14 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 20 September 2010 - 07:08 PM

Lance,

The problem is back but it is with a certain web site
www.fling.com gives me this error a lot

#15 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 21 September 2010 - 01:09 AM

Lance,

The problem is back but it is with a certain web site
www.fling.com gives me this error a lot

What error? Give more details please: Text from the message if any, screen-shot...

Please print out these instructions or copy them to a Notepad file for an easier reading and download to your Desktop:

>>> Double click Defogger.exe to run the tool. Click the Disable button to disable your CD Emulation drivers and click Yes to continue.
A 'Finished!' message will appear, click OK.
DeFogger will now ask to reboot the machine - click OK
IMPORTANT!
  • If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
  • Please Do not re-enable these drivers until otherwise instructed.

>>> Close all opened programs/ windows and double-click on MBRCheck.exe.
It will produce a log file saved automatically on your Desktop as "MBRCheck_Date_Time.txt".

Press the "Enter" key to close the MBRCheck window and post the contents of the log file.


>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):
  • MBRCheck log
  • TDSSKiller_log.txt

EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#16 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 21 September 2010 - 04:31 PM


Lance,

The problem is back but it is with a certain web site
www.fling.com gives me this error a lot

What error? Give more details please: Text from the message if any, screen-shot...

Please print out these instructions or copy them to a Notepad file for an easier reading and download to your Desktop:

>>> Double click Defogger.exe to run the tool. Click the Disable button to disable your CD Emulation drivers and click Yes to continue.
A 'Finished!' message will appear, click OK.
DeFogger will now ask to reboot the machine - click OK
IMPORTANT!
  • If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
  • Please Do not re-enable these drivers until otherwise instructed.

>>> Close all opened programs/ windows and double-click on MBRCheck.exe.
It will produce a log file saved automatically on your Desktop as "MBRCheck_Date_Time.txt".

Press the "Enter" key to close the MBRCheck window and post the contents of the log file.


>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):
  • MBRCheck log
  • TDSSKiller_log.txt



#17 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 21 September 2010 - 04:33 PM

I'm sorry. The error I meant was the IE not responding message.

Here are my logs

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1545
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 155):
0x0301C000 \SystemRoot\system32\ntoskrnl.exe
0x035F8000 \SystemRoot\system32\hal.dll
0x00BB6000 \SystemRoot\system32\kdcom.dll
0x00C65000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CA9000 \SystemRoot\system32\PSHED.dll
0x00CBD000 \SystemRoot\system32\CLFS.SYS
0x00D1B000 \SystemRoot\system32\CI.dll
0x00E3A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EDE000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EED000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F44000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F4D000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F57000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F8A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F97000 \SystemRoot\System32\drivers\partmgr.sys
0x00FAC000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FB5000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FC1000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FD6000 \SystemRoot\System32\drivers\mountmgr.sys
0x01005000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01121000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x0112C000 \SystemRoot\system32\drivers\fltmgr.sys
0x01178000 \SystemRoot\system32\drivers\fileinfo.sys
0x012E0000 \SystemRoot\system32\drivers\mfehidk.sys
0x0135F000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01374000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01431000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01380000 \SystemRoot\System32\Drivers\msrpc.sys
0x015D4000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x015EE000 \SystemRoot\System32\drivers\pcw.sys
0x01400000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01618000 \SystemRoot\system32\drivers\ndis.sys
0x0170A000 \SystemRoot\system32\drivers\NETIO.SYS
0x0176A000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01795000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x017E1000 \SystemRoot\System32\Drivers\spldr.sys
0x01273000 \SystemRoot\System32\drivers\rdyboost.sys
0x017E9000 \SystemRoot\System32\Drivers\mup.sys
0x01600000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0118C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0140A000 \SystemRoot\system32\DRIVERS\disk.sys
0x012AD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02B33000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02B5D000 \SystemRoot\System32\Drivers\Null.SYS
0x02B66000 \SystemRoot\System32\Drivers\Beep.SYS
0x02B6D000 \SystemRoot\System32\drivers\vga.sys
0x02B7B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02BA0000 \SystemRoot\System32\drivers\watchdog.sys
0x02BB0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02BB9000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02BC2000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02BCB000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02BD6000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03800000 \SystemRoot\System32\drivers\tcpip.sys
0x03A39000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x03A83000 \SystemRoot\system32\drivers\mfewfpk.sys
0x03AC7000 \SystemRoot\system32\drivers\TDI.SYS
0x03AD4000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03AF2000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03B37000 \SystemRoot\system32\drivers\afd.sys
0x03BC1000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03BCA000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03A00000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03A16000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x03A27000 \SystemRoot\system32\DRIVERS\netbios.sys
0x013DE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02BE7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03CF0000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03D41000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03D4D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03D58000 \SystemRoot\System32\drivers\discache.sys
0x03D67000 \SystemRoot\System32\Drivers\dfsc.sys
0x03D85000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03D96000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x046CC000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x03E41000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03F35000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03F7B000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03F88000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03FDE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03E00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x040D2000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x0437A000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04387000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x04000000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0401E000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x0405A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04069000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04078000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0407D000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04086000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0409C000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x040AC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04DCB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x040C2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04600000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03E24000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0462F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04650000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x040CE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0466A000 \SystemRoot\system32\DRIVERS\ks.sys
0x043EB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03C00000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x046AD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x03C5A000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x03DBC000 \SystemRoot\system32\DRIVERS\portcls.sys
0x011C6000 \SystemRoot\system32\DRIVERS\drmk.sys
0x03FEF000 \SystemRoot\system32\drivers\ksthunk.sys
0x00E00000 \SystemRoot\system32\drivers\mfeavfk.sys
0x05A2E000 \SystemRoot\system32\drivers\mfefirek.sys
0x05A98000 \SystemRoot\System32\Drivers\crashdmp.sys
0x05AA6000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05BC2000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x02A00000 \SystemRoot\System32\Drivers\RtsUStor.sys
0x05BD5000 \SystemRoot\System32\Drivers\USBD.SYS
0x05BD7000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05A00000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05A0E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05BF4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x04DEF000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x03CD5000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x03CE2000 \SystemRoot\System32\drivers\Dxapi.sys
0x03BF0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x006A0000 \SystemRoot\System32\cdd.dll
0x02A3A000 \SystemRoot\system32\drivers\luafv.sys
0x02A5D000 \SystemRoot\system32\drivers\WudfPf.sys
0x02A7E000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02A93000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02AE6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02AF9000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02600000 \SystemRoot\system32\drivers\HTTP.sys
0x026C8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x026E6000 \SystemRoot\System32\drivers\mpsdrv.sys
0x026FE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0272B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x02779000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x044B3000 \SystemRoot\system32\drivers\peauth.sys
0x04559000 \SystemRoot\System32\Drivers\secdrv.SYS
0x04564000 \SystemRoot\System32\drivers\tcpipreg.sys
0x045A3000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x045AC000 \SystemRoot\system32\DRIVERS\LVPr2M64.sys
0x045B6000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x04400000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07805000 \SystemRoot\System32\DRIVERS\srv.sys
0x0789B000 \SystemRoot\system32\drivers\mfeapfk.sys
0x078B7000 \SystemRoot\system32\drivers\cfwids.sys
0x078C5000 \SystemRoot\System32\Drivers\fastfat.SYS
0x078FB000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77340000 \Windows\System32\ntdll.dll
0x47B00000 \Windows\System32\smss.exe
0xFF660000 \Windows\System32\apisetschema.dll

Processes (total 90):
0 System Idle Process
4 System
320 C:\Windows\System32\smss.exe
500 csrss.exe
560 C:\Windows\System32\wininit.exe
572 csrss.exe
608 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
656 C:\Windows\System32\lsm.exe
664 C:\Windows\System32\winlogon.exe
800 C:\Windows\System32\svchost.exe
880 C:\Windows\System32\svchost.exe
940 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
292 C:\Windows\System32\svchost.exe
444 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
1052 C:\Windows\System32\svchost.exe
1096 C:\Program Files\Dell\DellDock\DockLogin.exe
1180 C:\Windows\System32\svchost.exe
1300 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
1308 C:\Windows\System32\wlanext.exe
1316 C:\Windows\System32\conhost.exe
1352 C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
1368 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1500 C:\Windows\System32\spoolsv.exe
1528 C:\Windows\System32\svchost.exe
1708 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
1760 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
1792 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
1868 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
1908 LVPrS64H.exe
1952 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
2012 C:\Windows\System32\rundll32.exe
2020 C:\Windows\System32\taskhost.exe
1240 C:\Windows\SysWOW64\rundll32.exe
1404 C:\Windows\System32\dwm.exe
1700 C:\Windows\explorer.exe
1168 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2240 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
2304 C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
2332 C:\Windows\System32\svchost.exe
2380 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2416 C:\Program Files\DellTPad\Apoint.exe
2424 C:\Program Files\IDT\WDM\sttray64.exe
2432 C:\Windows\System32\igfxtray.exe
2440 C:\Windows\System32\hkcmd.exe
2448 C:\Windows\System32\igfxpers.exe
2476 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
2488 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2496 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2504 C:\Program Files\Dell\QuickSet\quickset.exe
2536 C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
2604 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
2676 C:\Windows\System32\igfxsrvc.exe
2916 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
2972 unsecapp.exe
3052 WmiPrvSE.exe
3004 C:\Windows\System32\SearchIndexer.exe
3096 C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
3120 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
3156 C:\Program Files\McAfee.com\Agent\mcagent.exe
3264 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3296 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
3304 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3616 C:\Program Files\DellTPad\ApMsgFwd.exe
3708 C:\Program Files\DellTPad\hidfind.exe
3740 C:\Windows\System32\svchost.exe
3768 C:\Program Files\DellTPad\ApntEx.exe
3788 C:\Windows\System32\conhost.exe
3184 C:\Program Files\Windows Media Player\wmpnetwk.exe
4424 C:\Windows\System32\svchost.exe
4860 C:\Windows\System32\svchost.exe
4288 dllhost.exe
1996 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
4320 C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
2984 C:\Windows\System32\svchost.exe
2848 C:\PROGRA~2\INTERN~1\iexplore.exe
3460 C:\PROGRA~2\INTERN~1\iexplore.exe
5096 C:\Windows\System32\audiodg.exe
4216 C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
3840 C:\Windows\splwow64.exe
1124 C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
3748 C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EE3K2TQT\Defogger[1].exe
248 C:\Windows\System32\conhost.exe
3228 C:\Windows\System32\SearchProtocolHost.exe
456 C:\Windows\System32\SearchFilterHost.exe
2964 dllhost.exe
4720 dllhost.exe
2256 C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN5MTC7X\MBRCheck[1].exe
2688 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-75ZCT2, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Done!


2010/09/21 18:25:58.0699 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2010/09/21 18:25:58.0699 ================================================================================
2010/09/21 18:25:58.0699 SystemInfo:
2010/09/21 18:25:58.0699
2010/09/21 18:25:58.0699 OS Version: 6.1.7600 ServicePack: 0.0
2010/09/21 18:25:58.0699 Product type: Workstation
2010/09/21 18:25:58.0699 ComputerName: MIKE-PC
2010/09/21 18:25:58.0699 UserName: Mike
2010/09/21 18:25:58.0699 Windows directory: C:\Windows
2010/09/21 18:25:58.0699 System windows directory: C:\Windows
2010/09/21 18:25:58.0699 Running under WOW64
2010/09/21 18:25:58.0699 Processor architecture: Intel x64
2010/09/21 18:25:58.0699 Number of processors: 2
2010/09/21 18:25:58.0699 Page size: 0x1000
2010/09/21 18:25:58.0699 Boot type: Normal boot
2010/09/21 18:25:58.0699 ================================================================================
2010/09/21 18:25:58.0699 Utility is running under WOW64
2010/09/21 18:25:58.0980 Initialize success
2010/09/21 18:26:31.0600 ================================================================================
2010/09/21 18:26:31.0600 Scan started
2010/09/21 18:26:31.0600 Mode: Manual;
2010/09/21 18:26:31.0600 ================================================================================
2010/09/21 18:26:32.0162 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/09/21 18:26:32.0271 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2010/09/21 18:26:32.0318 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/09/21 18:26:32.0442 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/09/21 18:26:32.0536 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2010/09/21 18:26:32.0614 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2010/09/21 18:26:32.0708 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2010/09/21 18:26:32.0770 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2010/09/21 18:26:32.0848 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2010/09/21 18:26:32.0879 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2010/09/21 18:26:32.0926 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2010/09/21 18:26:32.0957 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2010/09/21 18:26:33.0004 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2010/09/21 18:26:33.0066 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/09/21 18:26:33.0129 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2010/09/21 18:26:33.0191 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/09/21 18:26:33.0285 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2010/09/21 18:26:33.0363 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2010/09/21 18:26:33.0378 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2010/09/21 18:26:33.0441 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/21 18:26:33.0503 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2010/09/21 18:26:33.0597 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2010/09/21 18:26:33.0706 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2010/09/21 18:26:33.0784 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
2010/09/21 18:26:33.0940 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
2010/09/21 18:26:34.0034 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2010/09/21 18:26:34.0112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/09/21 18:26:34.0158 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/21 18:26:34.0205 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/09/21 18:26:34.0236 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/09/21 18:26:34.0283 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2010/09/21 18:26:34.0299 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/09/21 18:26:34.0346 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/09/21 18:26:34.0377 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/09/21 18:26:34.0408 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/09/21 18:26:34.0455 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/21 18:26:34.0502 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/21 18:26:34.0580 cfwids (0f75ec1c9e21f0fb4648a1d9bb322e5d) C:\Windows\system32\drivers\cfwids.sys
2010/09/21 18:26:34.0626 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2010/09/21 18:26:34.0673 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2010/09/21 18:26:34.0814 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/09/21 18:26:34.0845 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2010/09/21 18:26:34.0907 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2010/09/21 18:26:34.0970 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2010/09/21 18:26:35.0016 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/09/21 18:26:35.0079 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/09/21 18:26:35.0157 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2010/09/21 18:26:35.0250 dc3d (db0459afd124ce5ccb649e33f95d715f) C:\Windows\system32\DRIVERS\dc3d.sys
2010/09/21 18:26:35.0375 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2010/09/21 18:26:35.0406 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2010/09/21 18:26:35.0469 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2010/09/21 18:26:35.0547 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2010/09/21 18:26:35.0609 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/21 18:26:35.0796 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2010/09/21 18:26:35.0952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2010/09/21 18:26:36.0062 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2010/09/21 18:26:36.0140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2010/09/21 18:26:36.0186 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2010/09/21 18:26:36.0218 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/21 18:26:36.0264 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2010/09/21 18:26:36.0296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2010/09/21 18:26:36.0327 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/21 18:26:36.0374 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2010/09/21 18:26:36.0420 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2010/09/21 18:26:36.0530 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
2010/09/21 18:26:36.0608 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/21 18:26:36.0670 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2010/09/21 18:26:36.0701 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/09/21 18:26:36.0748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2010/09/21 18:26:36.0795 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/21 18:26:36.0810 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/09/21 18:26:36.0842 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2010/09/21 18:26:36.0857 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2010/09/21 18:26:36.0920 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/21 18:26:37.0013 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/09/21 18:26:37.0122 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2010/09/21 18:26:37.0185 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2010/09/21 18:26:37.0216 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/21 18:26:37.0294 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
2010/09/21 18:26:37.0388 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/09/21 18:26:37.0637 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
2010/09/21 18:26:37.0980 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2010/09/21 18:26:38.0058 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2010/09/21 18:26:38.0105 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/21 18:26:38.0152 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/21 18:26:38.0183 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/09/21 18:26:38.0214 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2010/09/21 18:26:38.0246 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2010/09/21 18:26:38.0277 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2010/09/21 18:26:38.0308 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/21 18:26:38.0355 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/21 18:26:38.0402 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/21 18:26:38.0448 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/21 18:26:38.0495 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2010/09/21 18:26:38.0573 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2010/09/21 18:26:38.0667 Lbd (a352cdb69af6e18d60c0001d540d8478) C:\Windows\system32\DRIVERS\Lbd.sys
2010/09/21 18:26:38.0776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/21 18:26:38.0854 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/09/21 18:26:38.0870 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/09/21 18:26:38.0916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/09/21 18:26:38.0932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/09/21 18:26:38.0979 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2010/09/21 18:26:39.0057 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
2010/09/21 18:26:39.0088 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
2010/09/21 18:26:39.0150 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys
2010/09/21 18:26:39.0384 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys
2010/09/21 18:26:39.0837 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2010/09/21 18:26:39.0915 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/09/21 18:26:39.0993 mfeapfk (487f6ce8fc99da5ba55266c0fecc81fa) C:\Windows\system32\drivers\mfeapfk.sys
2010/09/21 18:26:40.0055 mfeavfk (15d3ffaf513780bf3feba824c84b4148) C:\Windows\system32\drivers\mfeavfk.sys
2010/09/21 18:26:40.0211 mfefirek (041435b0e11a7be7aec199d790b2ce90) C:\Windows\system32\drivers\mfefirek.sys
2010/09/21 18:26:40.0336 mfehidk (a3c142a8d5cccd4acb145d8e0bd347fd) C:\Windows\system32\drivers\mfehidk.sys
2010/09/21 18:26:40.0461 mfenlfk (89c623961f8e4fcb1c3cf6576aae06ef) C:\Windows\system32\DRIVERS\mfenlfk.sys
2010/09/21 18:26:40.0554 mferkdet (37dc16dd53e407cbb1a7c530288b7151) C:\Windows\system32\drivers\mferkdet.sys
2010/09/21 18:26:40.0664 mfewfpk (1680dd5958520e04cddc5faf51dbd781) C:\Windows\system32\drivers\mfewfpk.sys
2010/09/21 18:26:40.0742 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2010/09/21 18:26:40.0788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/21 18:26:40.0835 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/21 18:26:40.0898 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/21 18:26:40.0944 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2010/09/21 18:26:40.0976 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2010/09/21 18:26:41.0022 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/21 18:26:41.0069 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2010/09/21 18:26:41.0116 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/21 18:26:41.0178 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/21 18:26:41.0272 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/21 18:26:41.0334 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2010/09/21 18:26:41.0366 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2010/09/21 18:26:41.0444 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2010/09/21 18:26:41.0475 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2010/09/21 18:26:41.0506 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/09/21 18:26:41.0553 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/21 18:26:41.0584 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/21 18:26:41.0631 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2010/09/21 18:26:41.0662 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2010/09/21 18:26:41.0709 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/21 18:26:41.0724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2010/09/21 18:26:41.0756 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/09/21 18:26:41.0787 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2010/09/21 18:26:41.0849 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/21 18:26:41.0927 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2010/09/21 18:26:41.0990 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/09/21 18:26:42.0036 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/21 18:26:42.0099 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/21 18:26:42.0130 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/21 18:26:42.0177 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2010/09/21 18:26:42.0192 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/21 18:26:42.0239 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/21 18:26:42.0317 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/09/21 18:26:42.0348 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2010/09/21 18:26:42.0380 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/21 18:26:42.0458 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2010/09/21 18:26:42.0598 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
2010/09/21 18:26:42.0692 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2010/09/21 18:26:42.0738 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/09/21 18:26:42.0785 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2010/09/21 18:26:42.0832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/09/21 18:26:42.0879 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/21 18:26:42.0957 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2010/09/21 18:26:42.0988 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2010/09/21 18:26:43.0066 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2010/09/21 18:26:43.0113 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2010/09/21 18:26:43.0160 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/09/21 18:26:43.0191 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2010/09/21 18:26:43.0238 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2010/09/21 18:26:43.0378 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/21 18:26:43.0456 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2010/09/21 18:26:43.0550 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/21 18:26:43.0596 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2010/09/21 18:26:43.0706 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2010/09/21 18:26:43.0815 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/09/21 18:26:43.0862 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/21 18:26:43.0893 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/21 18:26:43.0940 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/09/21 18:26:43.0986 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/21 18:26:44.0033 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/21 18:26:44.0080 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/21 18:26:44.0127 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/21 18:26:44.0158 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/09/21 18:26:44.0189 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/21 18:26:44.0236 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/21 18:26:44.0267 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2010/09/21 18:26:44.0314 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2010/09/21 18:26:44.0361 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2010/09/21 18:26:44.0439 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/21 18:26:44.0517 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
2010/09/21 18:26:44.0579 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/09/21 18:26:44.0626 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2010/09/21 18:26:44.0704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/09/21 18:26:44.0782 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2010/09/21 18:26:44.0829 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2010/09/21 18:26:44.0876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2010/09/21 18:26:44.0922 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/09/21 18:26:44.0954 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/09/21 18:26:44.0985 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/09/21 18:26:45.0032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/09/21 18:26:45.0110 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/09/21 18:26:45.0141 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/09/21 18:26:45.0188 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2010/09/21 18:26:45.0250 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2010/09/21 18:26:45.0375 srv (43067a65522eaec33d31a12d6fa8e3f4) C:\Windows\system32\DRIVERS\srv.sys
2010/09/21 18:26:45.0422 srv2 (03715cf9c30b563da35fc5f2b8f7b8e0) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/21 18:26:45.0484 srvnet (fbd09635227a8026c0f7790f604343c6) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/21 18:26:45.0546 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2010/09/21 18:26:45.0593 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
2010/09/21 18:26:45.0671 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/21 18:26:45.0827 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2010/09/21 18:26:45.0968 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/21 18:26:46.0014 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/21 18:26:46.0061 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2010/09/21 18:26:46.0092 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2010/09/21 18:26:46.0124 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/21 18:26:46.0155 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/21 18:26:46.0248 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/21 18:26:46.0295 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/21 18:26:46.0358 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2010/09/21 18:26:46.0389 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/21 18:26:46.0451 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/09/21 18:26:46.0498 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/21 18:26:46.0545 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2010/09/21 18:26:46.0607 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2010/09/21 18:26:46.0670 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/21 18:26:46.0716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2010/09/21 18:26:46.0748 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/21 18:26:46.0810 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/21 18:26:46.0841 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2010/09/21 18:26:46.0904 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2010/09/21 18:26:46.0966 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2010/09/21 18:26:46.0997 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/21 18:26:47.0044 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/21 18:26:47.0106 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
2010/09/21 18:26:47.0169 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/09/21 18:26:47.0231 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/21 18:26:47.0278 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2010/09/21 18:26:47.0309 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/09/21 18:26:47.0356 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2010/09/21 18:26:47.0387 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/09/21 18:26:47.0418 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2010/09/21 18:26:47.0481 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2010/09/21 18:26:47.0543 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/09/21 18:26:47.0574 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/09/21 18:26:47.0652 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/09/21 18:26:47.0715 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2010/09/21 18:26:47.0777 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/21 18:26:47.0808 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/21 18:26:47.0902 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2010/09/21 18:26:47.0949 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/21 18:26:48.0058 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/09/21 18:26:48.0120 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
2010/09/21 18:26:48.0214 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2010/09/21 18:26:48.0308 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2010/09/21 18:26:48.0386 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/21 18:26:48.0464 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/21 18:26:48.0510 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2010/09/21 18:26:48.0588 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/09/21 18:26:48.0698 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
2010/09/21 18:26:48.0760 ================================================================================
2010/09/21 18:26:48.0760 Scan finished
2010/09/21 18:26:48.0760 ================================================================================

#18 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 22 September 2010 - 05:56 AM

Thank you but I still don't understand what happens exactly when you run IE.
Do you have the same problem with another browser (Firefox, Chrome...)?

Your logs seem to be OK. I suggest you do the following:

>>> Re-enable your Emulation drivers:
Double click Defogger.exe to run the tool and click the Re-enable button. Follow the prompts.


>>> Tools removal:
  • Run OTL and click on the CleanUp! button, wait a while, and click Yes to reboot.
  • Please delete any remaining files/ folders (right-click => "Delete").

>>> System Restore maintains a backup of your system files and may also backup infections, so please reset it and make a clean Restore Point:
  • Right-click on the Computer icon on your Desktop (or in Start menu) and select Properties. Click on the System Protection link.
  • Click on the available hard disk drive or partition, that you want to delete the System Protection restore points for (usely C:\).
  • Click on the Configure button => Delete => Continue button to confirm the deletion.
  • Click on Close in the success prompt => OK. => OK.
Wait a few moments for it to clear, then:
  • Click on Start Menu.
  • Click on the System Protection link and choose the same hard disk drive or partition.
  • Click on the Configure button and choose Restore system settings and previous versions of files
  • Click on OK. => OK.
  • Close the System window
A new Restore Point will be created automatically.


>>> Adobe Flash Player:
Uninstall any old version of Adobe Flash Player:
1. Download this file to your Desktop: uninstall_flash_player.exe
2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger.
3. Double-click on the file you've downloaded to uninstall Flash.
4. If uninstalled successfully, go to this site: Install Adobe Flash Player, and choose Agree and install now. This will install the newest version of Flash for your browser (note: Flash plugins for IE and Firefox must be installed separately).
Note: I recommend you uncheck an optional install (Free McAfee Security Scan or Free Google Toolbar).

Any problems remain?.
EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#19 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 22 September 2010 - 04:14 PM

Here are the rquested files


2010/09/21 18:25:58.0699 TDSS rootkit removing tool 2.4.2.1 Sep 7 2010 14:43:44
2010/09/21 18:25:58.0699 ================================================================================
2010/09/21 18:25:58.0699 SystemInfo:
2010/09/21 18:25:58.0699
2010/09/21 18:25:58.0699 OS Version: 6.1.7600 ServicePack: 0.0
2010/09/21 18:25:58.0699 Product type: Workstation
2010/09/21 18:25:58.0699 ComputerName: MIKE-PC
2010/09/21 18:25:58.0699 UserName: Mike
2010/09/21 18:25:58.0699 Windows directory: C:\Windows
2010/09/21 18:25:58.0699 System windows directory: C:\Windows
2010/09/21 18:25:58.0699 Running under WOW64
2010/09/21 18:25:58.0699 Processor architecture: Intel x64
2010/09/21 18:25:58.0699 Number of processors: 2
2010/09/21 18:25:58.0699 Page size: 0x1000
2010/09/21 18:25:58.0699 Boot type: Normal boot
2010/09/21 18:25:58.0699 ================================================================================
2010/09/21 18:25:58.0699 Utility is running under WOW64
2010/09/21 18:25:58.0980 Initialize success
2010/09/21 18:26:31.0600 ================================================================================
2010/09/21 18:26:31.0600 Scan started
2010/09/21 18:26:31.0600 Mode: Manual;
2010/09/21 18:26:31.0600 ================================================================================
2010/09/21 18:26:32.0162 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/09/21 18:26:32.0271 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2010/09/21 18:26:32.0318 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/09/21 18:26:32.0442 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/09/21 18:26:32.0536 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2010/09/21 18:26:32.0614 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2010/09/21 18:26:32.0708 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2010/09/21 18:26:32.0770 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2010/09/21 18:26:32.0848 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2010/09/21 18:26:32.0879 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2010/09/21 18:26:32.0926 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2010/09/21 18:26:32.0957 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2010/09/21 18:26:33.0004 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2010/09/21 18:26:33.0066 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/09/21 18:26:33.0129 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2010/09/21 18:26:33.0191 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/09/21 18:26:33.0285 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2010/09/21 18:26:33.0363 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2010/09/21 18:26:33.0378 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2010/09/21 18:26:33.0441 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/21 18:26:33.0503 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2010/09/21 18:26:33.0597 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2010/09/21 18:26:33.0706 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2010/09/21 18:26:33.0784 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
2010/09/21 18:26:33.0940 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
2010/09/21 18:26:34.0034 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2010/09/21 18:26:34.0112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/09/21 18:26:34.0158 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/21 18:26:34.0205 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/09/21 18:26:34.0236 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/09/21 18:26:34.0283 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2010/09/21 18:26:34.0299 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/09/21 18:26:34.0346 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/09/21 18:26:34.0377 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/09/21 18:26:34.0408 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/09/21 18:26:34.0455 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/21 18:26:34.0502 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/21 18:26:34.0580 cfwids (0f75ec1c9e21f0fb4648a1d9bb322e5d) C:\Windows\system32\drivers\cfwids.sys
2010/09/21 18:26:34.0626 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2010/09/21 18:26:34.0673 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2010/09/21 18:26:34.0814 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/09/21 18:26:34.0845 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2010/09/21 18:26:34.0907 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2010/09/21 18:26:34.0970 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2010/09/21 18:26:35.0016 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/09/21 18:26:35.0079 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/09/21 18:26:35.0157 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2010/09/21 18:26:35.0250 dc3d (db0459afd124ce5ccb649e33f95d715f) C:\Windows\system32\DRIVERS\dc3d.sys
2010/09/21 18:26:35.0375 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2010/09/21 18:26:35.0406 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2010/09/21 18:26:35.0469 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2010/09/21 18:26:35.0547 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2010/09/21 18:26:35.0609 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/21 18:26:35.0796 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2010/09/21 18:26:35.0952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2010/09/21 18:26:36.0062 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2010/09/21 18:26:36.0140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2010/09/21 18:26:36.0186 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2010/09/21 18:26:36.0218 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/21 18:26:36.0264 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2010/09/21 18:26:36.0296 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2010/09/21 18:26:36.0327 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/21 18:26:36.0374 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2010/09/21 18:26:36.0420 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2010/09/21 18:26:36.0530 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
2010/09/21 18:26:36.0608 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/21 18:26:36.0670 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2010/09/21 18:26:36.0701 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/09/21 18:26:36.0748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2010/09/21 18:26:36.0795 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/21 18:26:36.0810 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/09/21 18:26:36.0842 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2010/09/21 18:26:36.0857 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2010/09/21 18:26:36.0920 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/21 18:26:37.0013 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/09/21 18:26:37.0122 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2010/09/21 18:26:37.0185 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2010/09/21 18:26:37.0216 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/21 18:26:37.0294 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
2010/09/21 18:26:37.0388 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/09/21 18:26:37.0637 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
2010/09/21 18:26:37.0980 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2010/09/21 18:26:38.0058 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2010/09/21 18:26:38.0105 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/21 18:26:38.0152 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/21 18:26:38.0183 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/09/21 18:26:38.0214 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2010/09/21 18:26:38.0246 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2010/09/21 18:26:38.0277 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2010/09/21 18:26:38.0308 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/21 18:26:38.0355 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/21 18:26:38.0402 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/21 18:26:38.0448 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/21 18:26:38.0495 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2010/09/21 18:26:38.0573 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2010/09/21 18:26:38.0667 Lbd (a352cdb69af6e18d60c0001d540d8478) C:\Windows\system32\DRIVERS\Lbd.sys
2010/09/21 18:26:38.0776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/21 18:26:38.0854 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/09/21 18:26:38.0870 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/09/21 18:26:38.0916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/09/21 18:26:38.0932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/09/21 18:26:38.0979 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2010/09/21 18:26:39.0057 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
2010/09/21 18:26:39.0088 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
2010/09/21 18:26:39.0150 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys
2010/09/21 18:26:39.0384 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys
2010/09/21 18:26:39.0837 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2010/09/21 18:26:39.0915 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/09/21 18:26:39.0993 mfeapfk (487f6ce8fc99da5ba55266c0fecc81fa) C:\Windows\system32\drivers\mfeapfk.sys
2010/09/21 18:26:40.0055 mfeavfk (15d3ffaf513780bf3feba824c84b4148) C:\Windows\system32\drivers\mfeavfk.sys
2010/09/21 18:26:40.0211 mfefirek (041435b0e11a7be7aec199d790b2ce90) C:\Windows\system32\drivers\mfefirek.sys
2010/09/21 18:26:40.0336 mfehidk (a3c142a8d5cccd4acb145d8e0bd347fd) C:\Windows\system32\drivers\mfehidk.sys
2010/09/21 18:26:40.0461 mfenlfk (89c623961f8e4fcb1c3cf6576aae06ef) C:\Windows\system32\DRIVERS\mfenlfk.sys
2010/09/21 18:26:40.0554 mferkdet (37dc16dd53e407cbb1a7c530288b7151) C:\Windows\system32\drivers\mferkdet.sys
2010/09/21 18:26:40.0664 mfewfpk (1680dd5958520e04cddc5faf51dbd781) C:\Windows\system32\drivers\mfewfpk.sys
2010/09/21 18:26:40.0742 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2010/09/21 18:26:40.0788 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/21 18:26:40.0835 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/21 18:26:40.0898 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/21 18:26:40.0944 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2010/09/21 18:26:40.0976 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2010/09/21 18:26:41.0022 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/21 18:26:41.0069 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2010/09/21 18:26:41.0116 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/21 18:26:41.0178 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/21 18:26:41.0272 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/21 18:26:41.0334 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2010/09/21 18:26:41.0366 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2010/09/21 18:26:41.0444 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2010/09/21 18:26:41.0475 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2010/09/21 18:26:41.0506 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/09/21 18:26:41.0553 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/21 18:26:41.0584 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/21 18:26:41.0631 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2010/09/21 18:26:41.0662 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2010/09/21 18:26:41.0709 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/21 18:26:41.0724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2010/09/21 18:26:41.0756 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/09/21 18:26:41.0787 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2010/09/21 18:26:41.0849 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/21 18:26:41.0927 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2010/09/21 18:26:41.0990 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/09/21 18:26:42.0036 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/21 18:26:42.0099 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/21 18:26:42.0130 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/21 18:26:42.0177 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2010/09/21 18:26:42.0192 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/21 18:26:42.0239 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/21 18:26:42.0317 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/09/21 18:26:42.0348 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2010/09/21 18:26:42.0380 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/21 18:26:42.0458 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2010/09/21 18:26:42.0598 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
2010/09/21 18:26:42.0692 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2010/09/21 18:26:42.0738 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/09/21 18:26:42.0785 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2010/09/21 18:26:42.0832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/09/21 18:26:42.0879 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/21 18:26:42.0957 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2010/09/21 18:26:42.0988 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2010/09/21 18:26:43.0066 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2010/09/21 18:26:43.0113 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2010/09/21 18:26:43.0160 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/09/21 18:26:43.0191 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2010/09/21 18:26:43.0238 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2010/09/21 18:26:43.0378 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/21 18:26:43.0456 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2010/09/21 18:26:43.0550 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/21 18:26:43.0596 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2010/09/21 18:26:43.0706 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2010/09/21 18:26:43.0815 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/09/21 18:26:43.0862 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/21 18:26:43.0893 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/21 18:26:43.0940 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/09/21 18:26:43.0986 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/21 18:26:44.0033 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/21 18:26:44.0080 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/21 18:26:44.0127 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/21 18:26:44.0158 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/09/21 18:26:44.0189 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/21 18:26:44.0236 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/21 18:26:44.0267 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2010/09/21 18:26:44.0314 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2010/09/21 18:26:44.0361 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2010/09/21 18:26:44.0439 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/21 18:26:44.0517 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
2010/09/21 18:26:44.0579 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/09/21 18:26:44.0626 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2010/09/21 18:26:44.0704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/09/21 18:26:44.0782 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2010/09/21 18:26:44.0829 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2010/09/21 18:26:44.0876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2010/09/21 18:26:44.0922 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/09/21 18:26:44.0954 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/09/21 18:26:44.0985 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/09/21 18:26:45.0032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/09/21 18:26:45.0110 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/09/21 18:26:45.0141 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/09/21 18:26:45.0188 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2010/09/21 18:26:45.0250 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2010/09/21 18:26:45.0375 srv (43067a65522eaec33d31a12d6fa8e3f4) C:\Windows\system32\DRIVERS\srv.sys
2010/09/21 18:26:45.0422 srv2 (03715cf9c30b563da35fc5f2b8f7b8e0) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/21 18:26:45.0484 srvnet (fbd09635227a8026c0f7790f604343c6) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/21 18:26:45.0546 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2010/09/21 18:26:45.0593 STHDA (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
2010/09/21 18:26:45.0671 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/21 18:26:45.0827 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2010/09/21 18:26:45.0968 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/21 18:26:46.0014 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/21 18:26:46.0061 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2010/09/21 18:26:46.0092 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2010/09/21 18:26:46.0124 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/21 18:26:46.0155 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/21 18:26:46.0248 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/21 18:26:46.0295 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/21 18:26:46.0358 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2010/09/21 18:26:46.0389 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/21 18:26:46.0451 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/09/21 18:26:46.0498 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/21 18:26:46.0545 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2010/09/21 18:26:46.0607 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2010/09/21 18:26:46.0670 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/21 18:26:46.0716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2010/09/21 18:26:46.0748 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/21 18:26:46.0810 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/21 18:26:46.0841 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2010/09/21 18:26:46.0904 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2010/09/21 18:26:46.0966 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2010/09/21 18:26:46.0997 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/21 18:26:47.0044 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/21 18:26:47.0106 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
2010/09/21 18:26:47.0169 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/09/21 18:26:47.0231 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/21 18:26:47.0278 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2010/09/21 18:26:47.0309 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/09/21 18:26:47.0356 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2010/09/21 18:26:47.0387 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/09/21 18:26:47.0418 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2010/09/21 18:26:47.0481 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2010/09/21 18:26:47.0543 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/09/21 18:26:47.0574 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/09/21 18:26:47.0652 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/09/21 18:26:47.0715 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2010/09/21 18:26:47.0777 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/21 18:26:47.0808 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/21 18:26:47.0902 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2010/09/21 18:26:47.0949 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/21 18:26:48.0058 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/09/21 18:26:48.0120 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
2010/09/21 18:26:48.0214 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2010/09/21 18:26:48.0308 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2010/09/21 18:26:48.0386 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/21 18:26:48.0464 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/21 18:26:48.0510 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2010/09/21 18:26:48.0588 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/09/21 18:26:48.0698 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
2010/09/21 18:26:48.0760 ================================================================================
2010/09/21 18:26:48.0760 Scan finished
2010/09/21 18:26:48.0760 ================================================================================



MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1545
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 155):
0x0301C000 \SystemRoot\system32\ntoskrnl.exe
0x035F8000 \SystemRoot\system32\hal.dll
0x00BB6000 \SystemRoot\system32\kdcom.dll
0x00C65000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CA9000 \SystemRoot\system32\PSHED.dll
0x00CBD000 \SystemRoot\system32\CLFS.SYS
0x00D1B000 \SystemRoot\system32\CI.dll
0x00E3A000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EDE000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EED000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00F44000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00F4D000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00F57000 \SystemRoot\system32\DRIVERS\pci.sys
0x00F8A000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F97000 \SystemRoot\System32\drivers\partmgr.sys
0x00FAC000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FB5000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FC1000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FD6000 \SystemRoot\System32\drivers\mountmgr.sys
0x01005000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01121000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x0112C000 \SystemRoot\system32\drivers\fltmgr.sys
0x01178000 \SystemRoot\system32\drivers\fileinfo.sys
0x012E0000 \SystemRoot\system32\drivers\mfehidk.sys
0x0135F000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x01374000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01431000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01380000 \SystemRoot\System32\Drivers\msrpc.sys
0x015D4000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x015EE000 \SystemRoot\System32\drivers\pcw.sys
0x01400000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01618000 \SystemRoot\system32\drivers\ndis.sys
0x0170A000 \SystemRoot\system32\drivers\NETIO.SYS
0x0176A000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01795000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x017E1000 \SystemRoot\System32\Drivers\spldr.sys
0x01273000 \SystemRoot\System32\drivers\rdyboost.sys
0x017E9000 \SystemRoot\System32\Drivers\mup.sys
0x01600000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0118C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0140A000 \SystemRoot\system32\DRIVERS\disk.sys
0x012AD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02B33000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02B5D000 \SystemRoot\System32\Drivers\Null.SYS
0x02B66000 \SystemRoot\System32\Drivers\Beep.SYS
0x02B6D000 \SystemRoot\System32\drivers\vga.sys
0x02B7B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02BA0000 \SystemRoot\System32\drivers\watchdog.sys
0x02BB0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02BB9000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02BC2000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02BCB000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02BD6000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03800000 \SystemRoot\System32\drivers\tcpip.sys
0x03A39000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x03A83000 \SystemRoot\system32\drivers\mfewfpk.sys
0x03AC7000 \SystemRoot\system32\drivers\TDI.SYS
0x03AD4000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03AF2000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03B37000 \SystemRoot\system32\drivers\afd.sys
0x03BC1000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03BCA000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03A00000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03A16000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x03A27000 \SystemRoot\system32\DRIVERS\netbios.sys
0x013DE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02BE7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03CF0000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03D41000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03D4D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03D58000 \SystemRoot\System32\drivers\discache.sys
0x03D67000 \SystemRoot\System32\Drivers\dfsc.sys
0x03D85000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03D96000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x046CC000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x03E41000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03F35000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03F7B000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x03F88000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03FDE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03E00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x040D2000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x0437A000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04387000 \SystemRoot\system32\DRIVERS\yk62x64.sys
0x04000000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0401E000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x0405A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04069000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04078000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0407D000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04086000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0409C000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x040AC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04DCB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x040C2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04600000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03E24000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0462F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04650000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x040CE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0466A000 \SystemRoot\system32\DRIVERS\ks.sys
0x043EB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03C00000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x046AD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x03C5A000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x03DBC000 \SystemRoot\system32\DRIVERS\portcls.sys
0x011C6000 \SystemRoot\system32\DRIVERS\drmk.sys
0x03FEF000 \SystemRoot\system32\drivers\ksthunk.sys
0x00E00000 \SystemRoot\system32\drivers\mfeavfk.sys
0x05A2E000 \SystemRoot\system32\drivers\mfefirek.sys
0x05A98000 \SystemRoot\System32\Drivers\crashdmp.sys
0x05AA6000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x05BC2000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x02A00000 \SystemRoot\System32\Drivers\RtsUStor.sys
0x05BD5000 \SystemRoot\System32\Drivers\USBD.SYS
0x05BD7000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05A00000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05A0E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05BF4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x04DEF000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x03CD5000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x03CE2000 \SystemRoot\System32\drivers\Dxapi.sys
0x03BF0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x006A0000 \SystemRoot\System32\cdd.dll
0x02A3A000 \SystemRoot\system32\drivers\luafv.sys
0x02A5D000 \SystemRoot\system32\drivers\WudfPf.sys
0x02A7E000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02A93000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02AE6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02AF9000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02600000 \SystemRoot\system32\drivers\HTTP.sys
0x026C8000 \SystemRoot\system32\DRIVERS\bowser.sys
0x026E6000 \SystemRoot\System32\drivers\mpsdrv.sys
0x026FE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0272B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x02779000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x044B3000 \SystemRoot\system32\drivers\peauth.sys
0x04559000 \SystemRoot\System32\Drivers\secdrv.SYS
0x04564000 \SystemRoot\System32\drivers\tcpipreg.sys
0x045A3000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x045AC000 \SystemRoot\system32\DRIVERS\LVPr2M64.sys
0x045B6000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x04400000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07805000 \SystemRoot\System32\DRIVERS\srv.sys
0x0789B000 \SystemRoot\system32\drivers\mfeapfk.sys
0x078B7000 \SystemRoot\system32\drivers\cfwids.sys
0x078C5000 \SystemRoot\System32\Drivers\fastfat.SYS
0x078FB000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77340000 \Windows\System32\ntdll.dll
0x47B00000 \Windows\System32\smss.exe
0xFF660000 \Windows\System32\apisetschema.dll

Processes (total 90):
0 System Idle Process
4 System
320 C:\Windows\System32\smss.exe
500 csrss.exe
560 C:\Windows\System32\wininit.exe
572 csrss.exe
608 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
656 C:\Windows\System32\lsm.exe
664 C:\Windows\System32\winlogon.exe
800 C:\Windows\System32\svchost.exe
880 C:\Windows\System32\svchost.exe
940 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
292 C:\Windows\System32\svchost.exe
444 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
1052 C:\Windows\System32\svchost.exe
1096 C:\Program Files\Dell\DellDock\DockLogin.exe
1180 C:\Windows\System32\svchost.exe
1300 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
1308 C:\Windows\System32\wlanext.exe
1316 C:\Windows\System32\conhost.exe
1352 C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
1368 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
1500 C:\Windows\System32\spoolsv.exe
1528 C:\Windows\System32\svchost.exe
1708 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
1760 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
1792 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
1868 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
1908 LVPrS64H.exe
1952 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
2012 C:\Windows\System32\rundll32.exe
2020 C:\Windows\System32\taskhost.exe
1240 C:\Windows\SysWOW64\rundll32.exe
1404 C:\Windows\System32\dwm.exe
1700 C:\Windows\explorer.exe
1168 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2240 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
2304 C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
2332 C:\Windows\System32\svchost.exe
2380 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2416 C:\Program Files\DellTPad\Apoint.exe
2424 C:\Program Files\IDT\WDM\sttray64.exe
2432 C:\Windows\System32\igfxtray.exe
2440 C:\Windows\System32\hkcmd.exe
2448 C:\Windows\System32\igfxpers.exe
2476 C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
2488 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2496 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2504 C:\Program Files\Dell\QuickSet\quickset.exe
2536 C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
2604 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
2676 C:\Windows\System32\igfxsrvc.exe
2916 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
2972 unsecapp.exe
3052 WmiPrvSE.exe
3004 C:\Windows\System32\SearchIndexer.exe
3096 C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe
3120 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
3156 C:\Program Files\McAfee.com\Agent\mcagent.exe
3264 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3296 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
3304 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3616 C:\Program Files\DellTPad\ApMsgFwd.exe
3708 C:\Program Files\DellTPad\hidfind.exe
3740 C:\Windows\System32\svchost.exe
3768 C:\Program Files\DellTPad\ApntEx.exe
3788 C:\Windows\System32\conhost.exe
3184 C:\Program Files\Windows Media Player\wmpnetwk.exe
4424 C:\Windows\System32\svchost.exe
4860 C:\Windows\System32\svchost.exe
4288 dllhost.exe
1996 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
4320 C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
2984 C:\Windows\System32\svchost.exe
2848 C:\PROGRA~2\INTERN~1\iexplore.exe
3460 C:\PROGRA~2\INTERN~1\iexplore.exe
5096 C:\Windows\System32\audiodg.exe
4216 C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
3840 C:\Windows\splwow64.exe
1124 C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
3748 C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EE3K2TQT\Defogger[1].exe
248 C:\Windows\System32\conhost.exe
3228 C:\Windows\System32\SearchProtocolHost.exe
456 C:\Windows\System32\SearchFilterHost.exe
2964 dllhost.exe
4720 dllhost.exe
2256 C:\Users\Mike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN5MTC7X\MBRCheck[1].exe
2688 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-75ZCT2, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Done!

#20 mehlers

mehlers

    Advanced Member

  • Full Member
  • PipPipPip
  • 168 posts

Posted 04 October 2010 - 03:13 PM

Thanks for your help - you can close this problem.

#21 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 06 October 2010 - 01:54 AM

Last steps:

>>> System Restore maintains a backup of your system files and may also backup infections, so please reset it and make a clean Restore Point:
  • Right-click on the Computer icon on your Desktop (or in Start menu) and select Properties. Click on the System Protection link.
  • Click on the available hard disk drive or partition, that you want to delete the System Protection restore points for (usely C:\).
  • Click on the Configure button => Delete => Continue button to confirm the deletion.
  • Click on Close in the success prompt => OK. => OK.
Wait a few moments for it to clear, then:
  • Click on Start Menu.
  • Click on the System Protection link and choose the same hard disk drive or partition.
  • Click on the Configure button and choose Restore system settings and previous versions of files
  • Click on OK. => OK.
  • Close the System window
A new Restore Point will be created automatically.

>>> Protect your computer:
  • Enable Automatic Updates for your Windows under Start => Control Panel => Automatic Updates. These updates address known issues and will strengthen your protection against known security threats. Without these updates I can almost guarantee that you will get infected again.
  • Make sure your programs are up to date - because older versions may contain Security Leaks.
    To find out what programs need to be updated, please run the Secunia Software Inspector Scan.
  • Nowadays, most malware is developed only to steal personal information and/or various passwords. I recommend you change all your passwords - make sure you create strong passwords and use a different password for every site (you can keep them in KeePass).
  • Back up your
    • Registry with ERUNT. It can help you especially if the System Restore is disabled by malware or corrupted for some reasons.
    • MBR (Master Boot Record) with MBR Backup so that you can restore it if it ever becomes corrupted or infected by malware.
  • Please, note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here: http://www.spywarewa...nti-spyware.htm
  • Consider installing and running the following antispyware programs. They are free or free versions of commercial programs:
    - SpywareBlaster. A tutorial on using SpywareBlaster may be found here.
    - SpywareGuard doesn't work on 64bits). A tutorial on using SpywareGuard may be found here

>>> Finally, I highly recommend you read:

Hopefully this should take care of your problems!

Safe surfing! :)
EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.

#22 lance_yien

lance_yien

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 2,442 posts

Posted 11 October 2010 - 09:33 AM

Since the issue appears to be resolved, this topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
EI | SWI | ZEBULON | Posted Image | Posted Image

My help is free, but if you wish to help keep these forums running please consider a donation. Please, see here for details.




Member of UNITE
Support SpywareInfo Forum - click the button