0

Windows 7 64 bit. Problems in IE as well as Firefox

ran Windows Malicious Software Removal Tool
ran ATF-Cleaner
ran GMER rootkit scanner
ran MBA-M
ran McAfee Total Protection
ran Trend Micro Titanium
ran Super Anti-Spyware Professional
ran Hitman Pro 3.5
ran PC Doctor
reset router many times

none have fixed a Google redirect virus

When I enter a search in google everything runs normally until I click on the link. I then get redirected to another site.

Please help!

I also ran Hijack this but wasn't sure what to remove.

Jon

2
Contributors
13
Replies
14
Views
5 Years
Discussion Span
Last Post by crunchie
0

Ok, I am doing these steps again and will post the logs when they complete.

0

Also, the redirect doesn't happen if the computer is booted in Safe Mode with Networking.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8178

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11/16/2011 8:18:04 PM
mbam-log-2011-11-16 (20-18-04).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 345569
Time elapsed: 38 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER One.log and GMER Two.log

both files have no data; got this message after running the full scan
GMER hasn’t found any system modification.

I didn't understand the directions to save the Attach.txt file so this is just the DDS.txt log file

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Papaws at 20:19:12 on 2011-11-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5981.3941 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\Dwm.exe
C:\windows\SysWOW64\authServer.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
C:\windows\system32\mfevtps.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\DRIVERS\o2flash.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\windows\system32\svchost.exe -k HPService
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Windows\System32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\CE\CovenantEyes.exe
C:\Program Files (x86)\CE\CovenantEyesHelper.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111115210527.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [IntelVerifierVerifier] rundll32.exe "C:\ProgramData\IntelVerifierVerifier.dll",DllRegisterServer
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Spyware Doctor with AntiVirus] C:\Users\Papaws\Desktop\sdasetup_revwire207.exe -min
uRun: [MyTOSHIBA] "C:\Program Files (x86)\Toshiba\My Toshiba\MyToshiba.exe" /AUTO
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [Performance Center] C:\Program Files (x86)\Ascentive\Performance Center\APCMain.exe -m
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun: [NMSVC] C:\Program Files (x86)\CE\CovenantEyes.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Papaws\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
LSP: CESpy.dll
Trusted Zone: $talisma_url$
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxps://goedustarreports.harriscomputer.com/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=4htryy45alx2yr45jykkj1rz&ControlID=dff74e14172a492b8615ad9dfb937721&Culture=1033&UICulture=9&ReportStack=1&OpType=PrintCab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3DAB490E-852B-4DD7-B6B0-018212CC3306} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{3DAB490E-852B-4DD7-B6B0-018212CC3306}\075616365666963786 : DhcpNameServer = 192.168.7.254
TCP: Interfaces\{3DAB490E-852B-4DD7-B6B0-018212CC3306}\84359414 : DhcpNameServer = 68.111.16.30 68.111.16.25
TCP: Interfaces\{3DAB490E-852B-4DD7-B6B0-018212CC3306}\E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{DB94BED3-C1C4-460A-9BA5-C5EF1603BFB2} : DhcpNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111115210527.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun-x64: [Performance Center] C:\Program Files (x86)\Ascentive\Performance Center\APCMain.exe -m
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun-x64: [NMSVC] C:\Program Files (x86)\CE\CovenantEyes.exe
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 McPvDrv;McPvDrv Driver;C:\windows\system32\drivers\McPvDrv.sys --> C:\windows\system32\drivers\McPvDrv.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\system32\drivers\mfehidk.sys --> C:\windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\system32\drivers\mfewfpk.sys --> C:\windows\system32\drivers\mfewfpk.sys [?]
R0 O2MDGRDR;O2MDGRDR;C:\windows\system32\DRIVERS\o2mdgx64.sys --> C:\windows\system32\DRIVERS\o2mdgx64.sys [?]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows\system32\DRIVERS\thpdrv.sys [?]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:\windows\system32\DRIVERS\Thpevm.SYS [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\system32\DRIVERS\tos_sps64.sys --> C:\windows\system32\DRIVERS\tos_sps64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\windows\system32\DRIVERS\mfenlfk.sys --> C:\windows\system32\DRIVERS\mfenlfk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 Auth Service;Auth Service;C:\Windows\System32\authServer.exe [2011-10-31 2219520]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2009-8-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2009-7-14 42368]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-11-15 249936]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-10-27 517632]
R2 McciServiceHost;McciServiceHost;C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe [2011-10-27 315392]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-11-15 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-11-15 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-11-15 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-11-15 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-11-15 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\windows\system32\mfevtps.exe" --> C:\windows\system32\mfevtps.exe [?]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-9-17 1251840]
R2 regi;regi;C:\windows\system32\drivers\regi.sys --> C:\windows\system32\drivers\regi.sys [?]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-8-11 252272]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\windows\system32\drivers\cfwids.sys --> C:\windows\system32\drivers\cfwids.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\windows\system32\drivers\IntcHdmi.sys --> C:\windows\system32\drivers\IntcHdmi.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\system32\drivers\mfeavfk.sys --> C:\windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\system32\drivers\mfefirek.sys --> C:\windows\system32\drivers\mfefirek.sys [?]
R3 O2SDGRDR;O2SDGRDR;C:\windows\system32\DRIVERS\o2sdgx64.sys --> C:\windows\system32\DRIVERS\o2sdgx64.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2009-11-6 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-6 136176]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;\??\C:\windows\system32\drivers\BVRPMPR5a64.SYS --> C:\windows\system32\drivers\BVRPMPR5a64.SYS [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-6 136176]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-11-15 225216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdet;McAfee Inc. mferkdet;C:\windows\system32\drivers\mferkdet.sys --> C:\windows\system32\drivers\mferkdet.sys [?]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-5 824688]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-11-15 249936]
.
=============== Created Last 30 ================
.
2011-11-17 01:38:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-16 23:34:41 388096 ----a-r- C:\Users\Papaws\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-16 23:34:39 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-11-16 23:22:55 2203648 ----a-w- C:\windows\System32\nmNsp.dll
2011-11-16 23:22:55 206848 ----a-w- C:\windows\System32\CESpy.dll
2011-11-16 23:22:55 177912 ----a-w- C:\windows\SysWow64\CESpy.dll
2011-11-16 23:22:55 1623288 ----a-w- C:\windows\SysWow64\nmNsp.dll
2011-11-16 05:07:40 -------- d-----w- C:\ProgramData\McAfee Anti-Theft
2011-11-16 05:00:47 -------- d-----w- C:\windows\pss
2011-11-16 03:06:56 71800 ----a-w- C:\windows\System32\drivers\McPvDrv.sys
2011-11-16 03:06:49 -------- d-----w- C:\Users\Papaws\AppData\Local\McAfee Anti-Theft
2011-11-16 03:06:03 -------- d-----w- C:\Program Files (x86)\McAfee.com
2011-11-16 03:05:27 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll
2011-11-16 03:05:26 10248 ----a-w- C:\windows\System32\drivers\mfeclnk.sys
2011-11-16 03:05:25 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2011-11-16 03:04:50 75808 ----a-w- C:\windows\System32\drivers\mfenlfk.sys
2011-11-16 03:04:50 65264 ----a-w- C:\windows\System32\drivers\cfwids.sys
2011-11-16 03:04:50 647080 ----a-w- C:\windows\System32\drivers\mfehidk.sys
2011-11-16 03:04:50 481768 ----a-w- C:\windows\System32\drivers\mfefirek.sys
2011-11-16 03:04:50 284648 ----a-w- C:\windows\System32\drivers\mfewfpk.sys
2011-11-16 03:04:50 229528 ----a-w- C:\windows\System32\drivers\mfeavfk.sys
2011-11-16 03:04:50 160280 ----a-w- C:\windows\System32\drivers\mfeapfk.sys
2011-11-16 03:04:50 100912 ----a-w- C:\windows\System32\drivers\mferkdet.sys
2011-11-16 03:04:43 -------- d-----w- C:\Program Files\Common Files\McAfee
2011-11-16 03:04:42 -------- d-----w- C:\Program Files\McAfee.com
2011-11-16 03:04:42 -------- d-----w- C:\Program Files\McAfee
2011-11-16 03:04:17 -------- d-----w- C:\Program Files (x86)\McAfee
2011-11-16 02:41:32 156792 ----a-r- C:\windows\System32\drivers\mfeapfk.sys.85d3.deleteme
2011-11-16 00:32:52 156792 ----a-r- C:\windows\System32\drivers\mfeapfk.sys.1484.deleteme
2011-11-16 00:32:22 639216 ----a-r- C:\windows\System32\drivers\mfehidk.sys.9d24.deleteme
2011-11-16 00:32:22 639216 ----a-r- C:\windows\System32\drivers\mfehidk.sys.263d.deleteme
2011-11-15 23:15:17 156792 ----a-r- C:\windows\System32\drivers\mfeapfk.sys.2637.deleteme
2011-11-15 23:15:16 639216 ----a-r- C:\windows\System32\drivers\mfehidk.sys.293a.deleteme
2011-11-15 01:24:04 -------- d-----w- C:\Users\Papaws\AppData\Roaming\SUPERAntiSpyware.com
2011-11-15 01:23:13 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-11-15 01:23:13 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-11-14 03:00:57 -------- d-----w- C:\ProgramData\AVAST Software
2011-11-14 03:00:57 -------- d-----w- C:\Program Files\AVAST Software
2011-11-13 19:23:38 -------- d-----w- C:\Users\Papaws\AppData\Local\CrashDumps
2011-11-13 19:15:09 120320 ----a-w- C:\ProgramData\IntelVerifierVerifier.dll
2011-11-12 03:36:44 -------- d-----w- C:\windows\System32\SPReview
2011-11-12 03:34:59 -------- d-----w- C:\windows\System32\EventProviders
2011-11-12 03:34:46 -------- d-----w- C:\6d8eecafdde0e5b06569213e421e
2011-11-11 02:28:39 -------- d-----w- C:\Users\Papaws\AppData\Roaming\Malwarebytes
2011-11-11 02:28:29 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-11 02:28:23 25416 ----a-w- C:\windows\System32\drivers\mbam.sys
2011-11-11 00:18:22 -------- d-----w- C:\Users\Papaws\AppData\Local\NPE
2011-11-10 22:52:01 25160 ----a-w- C:\windows\System32\drivers\hitmanpro35.sys
2011-11-10 22:51:55 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2011-11-10 22:51:04 -------- d-----w- C:\ProgramData\Hitman Pro
2011-11-09 11:06:37 -------- d-----w- C:\ProgramData\PC Tools
2011-11-09 03:28:18 -------- d-----w- C:\94ed8cb55d320fbe5047d51d9a
2011-11-09 03:04:49 -------- d-----w- C:\Program Files (x86)\STOPzilla!
2011-11-09 03:04:49 -------- d-----w- C:\Program Files (x86)\Common Files\iS3
2011-11-09 03:04:48 -------- d-----w- C:\ProgramData\STOPzilla!
2011-11-09 02:42:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-11-09 02:42:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-11-09 01:31:52 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-11-09 01:24:39 -------- d-----w- C:\temp
2011-11-09 01:16:15 -------- d-----w- C:\ProgramData\Trend Micro
2011-11-09 00:35:35 -------- d-----w- C:\Users\Papaws\AppData\Local\Thunderbird
2011-11-08 23:18:24 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-08 23:18:24 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-08 23:18:22 1923952 ----a-w- C:\windows\System32\drivers\tcpip.sys
2011-11-08 23:18:18 3144704 ----a-w- C:\windows\System32\win32k.sys
2011-11-08 23:14:58 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AAFD0E92-9E33-468E-A6D5-1898556B3F65}\mpengine.dll
2011-11-08 02:00:25 120320 ----a-w- C:\windows\SysWow64\srrstr.dll
2011-11-07 23:25:57 -------- d-----w- C:\Program Files\Common Files\Intuit
2011-11-07 23:25:46 -------- d-----w- C:\Users\Papaws\Quickbooks
2011-11-07 23:23:00 -------- d-----w- C:\Users\Papaws\AppData\Local\Intuit
2011-11-07 23:20:17 -------- d-----w- C:\ProgramData\Nuance
2011-11-07 23:20:17 -------- d-----w- C:\ProgramData\Intuit
2011-11-07 23:20:17 -------- d-----w- C:\Program Files (x86)\Intuit
2011-11-07 23:20:17 -------- d-----w- C:\Program Files (x86)\Common Files\Intuit
2011-11-07 23:19:47 -------- d-----w- C:\ProgramData\SQL Anywhere 11
2011-11-07 23:19:46 -------- d-----w- C:\ProgramData\COMMON FILES
2011-11-07 23:12:03 -------- d-----w- C:\windows\Intuit
2011-11-06 18:11:56 -------- d-----w- C:\Program Files (x86)\Veetle
2011-10-31 23:57:36 -------- d-----w- C:\Program Files\CE
2011-10-31 23:57:36 -------- d-----w- C:\Program Files (x86)\CE
2011-10-31 23:57:32 2219520 ----a-w- C:\windows\SysWow64\authServer.exe
2011-10-31 23:57:32 2219520 ----a-w- C:\windows\System32\authServer.exe
2011-10-29 21:24:25 -------- d-----w- C:\ProgramData\McAfee Security Scan
2011-10-29 21:24:24 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2011-10-28 01:55:18 -------- d-----w- C:\Program Files (x86)\Microsoft Money Plus
2011-10-28 01:29:05 -------- d-----w- C:\Program Files\ATT-SST
2011-10-28 01:28:57 -------- d-----w- C:\Program Files (x86)\ATT-SST
2011-10-28 01:24:11 -------- d-----w- C:\Program Files\ATT-HSI
2011-10-28 01:23:49 -------- d-----w- C:\Program Files (x86)\ATT-HSI
2011-10-28 01:23:31 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2011-10-28 01:23:29 -------- d-----w- C:\Program Files\Common Files\Motive
2011-10-27 21:59:57 -------- d-----w- C:\Users\Papaws\AppData\Local\{F49E9350-A72E-4B3D-8C15-0BD4812BD2D4}
2011-10-27 21:53:35 -------- d-----w- C:\Program Files (x86)\e-Sword
2011-10-27 21:53:35 -------- d-----w- C:\Program Files (x86)\Common Files\EzTools
2011-10-27 21:37:35 -------- d-----w- C:\Users\Papaws\AppData\Local\Downloaded Installations
2011-10-27 20:14:27 -------- d-----w- C:\Users\Papaws\AppData\Local\Microsoft Corporation
2011-10-27 20:08:37 -------- d-----w- C:\Program Files (x86)\Microsoft Small Business
2011-10-27 20:05:12 -------- d-----w- C:\Program Files\Microsoft SQL Server
2011-10-27 20:05:03 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
.
==================== Find3M ====================
.
2011-11-12 03:53:32 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2011-11-12 03:53:31 175616 ----a-w- C:\windows\System32\msclmd.dll
2011-10-30 00:35:36 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 20:32:28 161168 ----a-w- C:\windows\System32\mfevtps.exe
2011-09-01 05:24:07 2309120 ----a-w- C:\windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2011-08-27 05:37:49 861696 ----a-w- C:\windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- C:\windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- C:\windows\SysWow64\oleacc.dll
.
============= FINISH: 20:20:12.60 ===============

0

Attach.txt file

DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/24/2009 9:36:05 AM
System Uptime: 11/16/2011 5:24:34 PM (3 hours ago)
.
Motherboard: TOSHIBA | | Satellite P505
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz | U2E1 | 1188/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 395.537 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet J6400 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet J6400 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP188: 11/14/2011 10:36:00 PM - Device Driver Package Install: Microsoft Network adapters
RP189: 11/14/2011 10:45:24 PM - Restore Operation
RP190: 11/16/2011 5:22:16 PM - Installed Covenant Eyes
RP191: 11/16/2011 5:34:02 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
6400_Help
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
AT&T Troubleshoot & Resolve Tool
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
att.net Internet Mail
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Business Contact Manager for Outlook 2007 SP2
Compatibility Pack for the 2007 Office system
Covenant Eyes
D3DX10
Destinations
DeviceDiscovery
Direct DiscRecorder
DocProc
Driver Detective
DVD MovieFactory for TOSHIBA
e-Sword
Fax
Google Chrome
Google Update Helper
GPBaseService2
HDMI Control Manager
HiJackThis
HP Update
HPProductAssistant
InterVideo WinDVD BD for TOSHIBA
J6400
Java(TM) 6 Update 14
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Security Scan Plus
McAfee Total Protection
Microsoft Application Error Reporting
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Accounting 2008
Microsoft Office Accounting 2008 Equifax Addin
Microsoft Office Accounting 2008 Fixed Asset Manager
Microsoft Office Accounting 2008 PayPal Addin
Microsoft Office Accounting ADP Payroll Addin
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Setup Support Files (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Mozilla Firefox 7.0.1 (x86 en-US)
Mozilla Thunderbird (8.0)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyToshiba
NetZero Launcher
O2Micro Flash Memory Card Windows Driver
ProductContext
QuickBooks
QuickBooks Pro 2011
Realtek WLAN Driver
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SolutionCenter
Status
Toolbox
Toshiba Application Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Online Backup
Toshiba Quality Application
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA USB Sleep and Charge Utility
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
TrayApp
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Veetle TV
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Install Manager
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
11/9/2011 5:26:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TPCHSrv with arguments "" in order to run the server: {45CC1698-D1CF-417B-BC32-80EB79E05EF1}
11/9/2011 5:26:54 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TPCH Service service to connect.
11/9/2011 5:26:54 AM, Error: Service Control Manager [7000] - The TPCH Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/15/2011 9:35:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
11/15/2011 9:35:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
11/15/2011 9:34:35 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/15/2011 9:34:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
11/15/2011 9:34:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/15/2011 9:34:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/15/2011 9:34:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/15/2011 9:33:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SASDIFSV SASKUTIL spldr Wanarpv6
11/15/2011 9:33:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffffa80054bc7b0, 0xfffffa80054bccb0, 0x0000000004500008). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 111511-19749-01.
11/15/2011 9:30:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
11/15/2011 9:26:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/15/2011 9:26:46 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/15/2011 9:23:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
11/15/2011 8:02:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/15/2011 6:44:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SASDIFSV SASKUTIL spldr tmtdi Wanarpv6
11/15/2011 5:03:23 PM, Error: Service Control Manager [7023] - The Business Contact Manager SQL Server Startup Service service terminated with the following error: %%-2147023843
11/15/2011 5:03:23 PM, Error: Service Control Manager [7000] - The SQL Server (MSSMLBIZ) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/15/2011 5:03:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (MSSMLBIZ) service to connect.
11/15/2011 11:23:06 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/15/2011 11:21:21 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000020, 0xfffffa80054b7970, 0xfffffa80054b7a30, 0x00000000040c0010). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 111511-23368-01.
11/15/2011 10:50:41 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041287, 0x0000000000000008, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 111511-26566-01.
11/15/2011 10:40:59 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/15/2011 10:40:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/15/2011 10:39:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
11/14/2011 9:44:16 PM, Error: Service Control Manager [7001] - The SSDP Discovery service depends on the HTTP service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 9:44:16 PM, Error: Service Control Manager [7001] - The Function Discovery Provider Host service depends on the HTTP service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 9:44:16 PM, Error: Service Control Manager [7000] - The HTTP service failed to start due to the following error: The system cannot find the file specified.
11/14/2011 9:44:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
11/14/2011 9:44:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
11/14/2011 9:35:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/14/2011 9:10:32 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014846.
11/14/2011 9:10:32 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80072742.
11/14/2011 9:09:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TMachInfo service to connect.
11/14/2011 9:07:05 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the HTTP service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 9:06:12 PM, Error: Service Control Manager [7000] - The Trend Micro TDI Driver service failed to start due to the following error: The system cannot find the file specified.
11/14/2011 9:03:45 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The request is not supported.
11/14/2011 9:03:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Psched Tcpip tmtdi Wanarpv6 WfpLwf
11/14/2011 9:03:33 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/14/2011 9:03:26 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/14/2011 9:03:25 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/14/2011 9:03:25 PM, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 9:03:19 PM, Error: Service Control Manager [7023] - The Base Filtering Engine service terminated with the following error: The system cannot find the file specified.
11/14/2011 9:03:19 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 9:03:19 PM, Error: Service Control Manager [7001] - The Print Spooler service depends on the HTTP service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 9:03:19 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: The system cannot find the file specified.
11/14/2011 6:25:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache Psched spldr Tcpip TfFsMon TFSysMon tmtdi Wanarpv6 WfpLwf
11/14/2011 10:46:17 PM, Error: Service Control Manager [7023] - The DHCP Client service terminated with the following error: Element not found.
11/14/2011 10:46:17 PM, Error: Service Control Manager [7000] - The TCP/IP Protocol Driver service failed to start due to the following error: The system cannot find the file specified.
11/14/2011 10:46:17 PM, Error: Microsoft-Windows-DHCPv6-Client [1004] - Error occurred in stopping the Dhcpv6 client service. ErrorCode is 0x32.ShutDown Flag value is 0.
11/14/2011 10:46:17 PM, Error: Microsoft-Windows-Dhcp-Client [1004] - Error occurred in stopping the Dhcpv4 Client service. Error code is 0x490. ShutDown Flag value is 0
11/14/2011 10:46:16 PM, Error: Service Control Manager [7034] - The HP Network Devices Support service terminated unexpectedly. It has done this 1 time(s).
11/14/2011 10:44:17 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147014846
11/14/2011 10:40:41 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: The system cannot find the file specified.
11/14/2011 10:40:41 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/13/2011 9:55:23 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi discache spldr TfFsMon TFSysMon tmtdi Wanarpv6
11/13/2011 9:11:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
11/13/2011 9:11:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/13/2011 7:39:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.
11/13/2011 11:53:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
11/13/2011 11:09:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
11/13/2011 10:42:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/13/2011 10:41:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/13/2011 10:41:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy pctgntdi Psched rdbss spldr tdx tmtdi vwififlt Wanarpv6 WfpLwf ws2ifsl
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/13/2011 10:41:13 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/12/2011 6:45:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.
11/12/2011 6:44:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
11/12/2011 6:44:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
11/12/2011 6:43:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
11/12/2011 6:43:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
11/12/2011 6:42:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.
11/12/2011 6:42:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
11/12/2011 6:41:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
11/12/2011 6:41:20 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrustedInstaller service.
11/12/2011 5:41:07 AM, Error: Service Control Manager [7024] - The SQL Server (MSSMLBIZ) service terminated with service-specific error The specified resource name cannot be found in the image file..
11/10/2011 8:04:20 PM, Error: Service Control Manager [7034] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 2 time(s).
11/10/2011 7:52:15 PM, Error: Service Control Manager [7034] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 1 time(s).
11/10/2011 5:01:23 PM, Error: Service Control Manager [7024] - The Hitman Pro 3.5 Crusader (Boot) service terminated with service-specific error The operation completed successfully..
11/10/2011 4:59:29 AM, Error: Service Control Manager [7030] - The ThreatFire service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
11/10/2011 12:59:01 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
11/10/2011 10:12:49 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
.
==== End Of File ===========================

0

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Edited by crunchie: n/a

0

16:37:37.0984 6416 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
16:37:38.0047 6416 ============================================================
16:37:38.0047 6416 Current date / time: 2011/11/17 16:37:38.0047
16:37:38.0047 6416 SystemInfo:
16:37:38.0047 6416
16:37:38.0047 6416 OS Version: 6.1.7601 ServicePack: 1.0
16:37:38.0047 6416 Product type: Workstation
16:37:38.0047 6416 ComputerName: GGCTREASURERPC
16:37:38.0047 6416 UserName: Papaws
16:37:38.0047 6416 Windows directory: C:\windows
16:37:38.0047 6416 System windows directory: C:\windows
16:37:38.0047 6416 Running under WOW64
16:37:38.0047 6416 Processor architecture: Intel x64
16:37:38.0047 6416 Number of processors: 2
16:37:38.0047 6416 Page size: 0x1000
16:37:38.0047 6416 Boot type: Normal boot
16:37:38.0047 6416 ============================================================
16:37:38.0780 6416 Initialize success
16:37:42.0617 7092 ============================================================
16:37:42.0617 7092 Scan started
16:37:42.0617 7092 Mode: Manual;
16:37:42.0617 7092 ============================================================
16:37:44.0021 7092 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
16:37:44.0021 7092 1394ohci - ok
16:37:44.0146 7092 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
16:37:44.0146 7092 ACPI - ok
16:37:44.0271 7092 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
16:37:44.0271 7092 AcpiPmi - ok
16:37:44.0427 7092 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
16:37:44.0443 7092 adp94xx - ok
16:37:44.0552 7092 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
16:37:44.0552 7092 adpahci - ok
16:37:44.0692 7092 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
16:37:44.0692 7092 adpu320 - ok
16:37:44.0848 7092 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
16:37:44.0864 7092 AFD - ok
16:37:44.0973 7092 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
16:37:44.0973 7092 agp440 - ok
16:37:45.0129 7092 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
16:37:45.0129 7092 aliide - ok
16:37:45.0269 7092 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
16:37:45.0269 7092 amdide - ok
16:37:45.0394 7092 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
16:37:45.0394 7092 AmdK8 - ok
16:37:45.0488 7092 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
16:37:45.0488 7092 AmdPPM - ok
16:37:45.0613 7092 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
16:37:45.0613 7092 amdsata - ok
16:37:45.0753 7092 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
16:37:45.0753 7092 amdsbs - ok
16:37:45.0878 7092 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
16:37:45.0878 7092 amdxata - ok
16:37:46.0003 7092 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
16:37:46.0003 7092 AppID - ok
16:37:46.0127 7092 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
16:37:46.0143 7092 arc - ok
16:37:46.0252 7092 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
16:37:46.0252 7092 arcsas - ok
16:37:46.0377 7092 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
16:37:46.0377 7092 AsyncMac - ok
16:37:46.0502 7092 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
16:37:46.0502 7092 atapi - ok
16:37:46.0658 7092 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys
16:37:46.0689 7092 athr - ok
16:37:46.0970 7092 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\windows\system32\drivers\atikmdag.sys
16:37:47.0141 7092 atikmdag - ok
16:37:47.0344 7092 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
16:37:47.0360 7092 b06bdrv - ok
16:37:47.0469 7092 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
16:37:47.0469 7092 b57nd60a - ok
16:37:47.0625 7092 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
16:37:47.0625 7092 Beep - ok
16:37:47.0765 7092 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
16:37:47.0765 7092 blbdrive - ok
16:37:47.0890 7092 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
16:37:47.0890 7092 bowser - ok
16:37:47.0999 7092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
16:37:47.0999 7092 BrFiltLo - ok
16:37:48.0093 7092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
16:37:48.0093 7092 BrFiltUp - ok
16:37:48.0202 7092 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
16:37:48.0202 7092 Brserid - ok
16:37:48.0327 7092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
16:37:48.0327 7092 BrSerWdm - ok
16:37:48.0452 7092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
16:37:48.0452 7092 BrUsbMdm - ok
16:37:48.0545 7092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
16:37:48.0545 7092 BrUsbSer - ok
16:37:48.0655 7092 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
16:37:48.0655 7092 BTHMODEM - ok
16:37:48.0795 7092 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\windows\system32\drivers\BVRPMPR5a64.SYS
16:37:48.0795 7092 BVRPMPR5a64 - ok
16:37:48.0889 7092 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
16:37:48.0889 7092 cdfs - ok
16:37:48.0998 7092 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
16:37:48.0998 7092 cdrom - ok
16:37:49.0138 7092 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\windows\system32\drivers\cfwids.sys
16:37:49.0138 7092 cfwids - ok
16:37:49.0247 7092 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
16:37:49.0247 7092 circlass - ok
16:37:49.0341 7092 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
16:37:49.0341 7092 CLFS - ok
16:37:49.0466 7092 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
16:37:49.0481 7092 CmBatt - ok
16:37:49.0591 7092 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
16:37:49.0591 7092 cmdide - ok
16:37:49.0700 7092 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
16:37:49.0715 7092 CNG - ok
16:37:49.0871 7092 CnxtHdAudService (3cb10294f7a59fd22501f4bad915f250) C:\windows\system32\drivers\CHDRT64.sys
16:37:49.0887 7092 CnxtHdAudService - ok
16:37:50.0012 7092 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
16:37:50.0012 7092 Compbatt - ok
16:37:50.0137 7092 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
16:37:50.0137 7092 CompositeBus - ok
16:37:50.0293 7092 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
16:37:50.0293 7092 crcdisk - ok
16:37:50.0464 7092 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
16:37:50.0464 7092 DfsC - ok
16:37:50.0558 7092 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
16:37:50.0558 7092 discache - ok
16:37:50.0667 7092 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
16:37:50.0667 7092 Disk - ok
16:37:50.0792 7092 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
16:37:50.0792 7092 Dot4 - ok
16:37:50.0917 7092 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\drivers\Dot4Prt.sys
16:37:50.0917 7092 Dot4Print - ok
16:37:51.0026 7092 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
16:37:51.0026 7092 dot4usb - ok
16:37:51.0119 7092 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
16:37:51.0119 7092 drmkaud - ok
16:37:51.0229 7092 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
16:37:51.0244 7092 DXGKrnl - ok
16:37:51.0416 7092 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
16:37:51.0494 7092 ebdrv - ok
16:37:51.0634 7092 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
16:37:51.0634 7092 elxstor - ok
16:37:51.0728 7092 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
16:37:51.0728 7092 ErrDev - ok
16:37:51.0853 7092 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
16:37:51.0853 7092 exfat - ok
16:37:51.0946 7092 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
16:37:51.0946 7092 fastfat - ok
16:37:52.0071 7092 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
16:37:52.0071 7092 fdc - ok
16:37:52.0180 7092 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
16:37:52.0180 7092 FileInfo - ok
16:37:52.0274 7092 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
16:37:52.0274 7092 Filetrace - ok
16:37:52.0399 7092 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
16:37:52.0399 7092 flpydisk - ok
16:37:52.0508 7092 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
16:37:52.0523 7092 FltMgr - ok
16:37:52.0633 7092 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
16:37:52.0633 7092 FsDepends - ok
16:37:52.0742 7092 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
16:37:52.0742 7092 Fs_Rec - ok
16:37:52.0851 7092 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
16:37:52.0867 7092 fvevol - ok
16:37:52.0991 7092 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
16:37:52.0991 7092 gagp30kx - ok
16:37:53.0147 7092 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
16:37:53.0147 7092 hcw85cir - ok
16:37:53.0272 7092 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
16:37:53.0272 7092 HdAudAddService - ok
16:37:53.0381 7092 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
16:37:53.0381 7092 HDAudBus - ok
16:37:53.0475 7092 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
16:37:53.0475 7092 HidBatt - ok
16:37:53.0569 7092 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
16:37:53.0569 7092 HidBth - ok
16:37:53.0678 7092 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
16:37:53.0678 7092 HidIr - ok
16:37:53.0787 7092 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
16:37:53.0787 7092 HidUsb - ok
16:37:53.0912 7092 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
16:37:53.0912 7092 HpSAMD - ok
16:37:54.0037 7092 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
16:37:54.0052 7092 HTTP - ok
16:37:54.0146 7092 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
16:37:54.0146 7092 hwpolicy - ok
16:37:54.0255 7092 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
16:37:54.0271 7092 i8042prt - ok
16:37:54.0380 7092 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\windows\system32\DRIVERS\iaStor.sys
16:37:54.0380 7092 iaStor - ok
16:37:54.0505 7092 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
16:37:54.0520 7092 iaStorV - ok
16:37:54.0832 7092 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys
16:37:55.0004 7092 igfx - ok
16:37:55.0113 7092 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
16:37:55.0113 7092 iirsp - ok
16:37:55.0253 7092 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\windows\system32\drivers\IntcHdmi.sys
16:37:55.0253 7092 IntcHdmiAddService - ok
16:37:55.0347 7092 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
16:37:55.0347 7092 intelide - ok
16:37:55.0456 7092 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
16:37:55.0456 7092 intelppm - ok
16:37:55.0550 7092 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
16:37:55.0550 7092 IpFilterDriver - ok
16:37:55.0643 7092 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
16:37:55.0643 7092 IPMIDRV - ok
16:37:55.0753 7092 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
16:37:55.0753 7092 IPNAT - ok
16:37:55.0862 7092 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
16:37:55.0862 7092 IRENUM - ok
16:37:55.0940 7092 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
16:37:55.0940 7092 isapnp - ok
16:37:56.0049 7092 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
16:37:56.0065 7092 iScsiPrt - ok
16:37:56.0189 7092 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
16:37:56.0189 7092 kbdclass - ok
16:37:56.0283 7092 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
16:37:56.0283 7092 kbdhid - ok
16:37:56.0392 7092 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
16:37:56.0392 7092 KSecDD - ok
16:37:56.0486 7092 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
16:37:56.0501 7092 KSecPkg - ok
16:37:56.0595 7092 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
16:37:56.0595 7092 ksthunk - ok
16:37:56.0704 7092 L1C (2377ec4cc3e356655b996f39b43486b6) C:\windows\system32\DRIVERS\L1C62x64.sys
16:37:56.0704 7092 L1C - ok
16:37:56.0813 7092 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
16:37:56.0813 7092 lltdio - ok
16:37:56.0938 7092 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
16:37:56.0938 7092 LSI_FC - ok
16:37:57.0032 7092 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
16:37:57.0047 7092 LSI_SAS - ok
16:37:57.0141 7092 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
16:37:57.0141 7092 LSI_SAS2 - ok
16:37:57.0250 7092 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
16:37:57.0250 7092 LSI_SCSI - ok
16:37:57.0359 7092 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
16:37:57.0359 7092 luafv - ok
16:37:57.0578 7092 McPvDrv (a0c364079e7ae6c3127bee8e196f00e5) C:\windows\system32\drivers\McPvDrv.sys
16:37:57.0578 7092 McPvDrv - ok
16:37:57.0703 7092 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
16:37:57.0703 7092 megasas - ok
16:37:57.0812 7092 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
16:37:57.0812 7092 MegaSR - ok
16:37:57.0921 7092 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\windows\system32\drivers\mfeapfk.sys
16:37:57.0921 7092 mfeapfk - ok
16:37:58.0077 7092 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\windows\system32\drivers\mfeavfk.sys
16:37:58.0077 7092 mfeavfk - ok
16:37:58.0171 7092 mfeavfk01 - ok
16:37:58.0295 7092 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\windows\system32\drivers\mfefirek.sys
16:37:58.0311 7092 mfefirek - ok
16:37:58.0451 7092 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\windows\system32\drivers\mfehidk.sys
16:37:58.0467 7092 mfehidk - ok
16:37:58.0576 7092 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\windows\system32\DRIVERS\mfenlfk.sys
16:37:58.0576 7092 mfenlfk - ok
16:37:58.0685 7092 mferkdet (65776bd8029e409935b90de30bf99526) C:\windows\system32\drivers\mferkdet.sys
16:37:58.0685 7092 mferkdet - ok
16:37:58.0826 7092 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\windows\system32\drivers\mfewfpk.sys
16:37:58.0841 7092 mfewfpk - ok
16:37:58.0935 7092 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
16:37:58.0951 7092 Modem - ok
16:37:59.0044 7092 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
16:37:59.0044 7092 monitor - ok
16:37:59.0138 7092 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
16:37:59.0138 7092 mouclass - ok
16:37:59.0247 7092 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
16:37:59.0247 7092 mouhid - ok
16:37:59.0341 7092 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
16:37:59.0341 7092 mountmgr - ok
16:37:59.0434 7092 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
16:37:59.0434 7092 mpio - ok
16:37:59.0543 7092 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
16:37:59.0543 7092 mpsdrv - ok
16:37:59.0637 7092 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
16:37:59.0637 7092 MREMP50 - ok
16:37:59.0699 7092 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
16:37:59.0699 7092 MREMP50a64 - ok
16:37:59.0731 7092 MREMPR5 - ok
16:37:59.0731 7092 MRENDIS5 - ok
16:37:59.0809 7092 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
16:37:59.0824 7092 MRESP50 - ok
16:37:59.0887 7092 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
16:37:59.0887 7092 MRESP50a64 - ok
16:37:59.0980 7092 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
16:37:59.0980 7092 MRxDAV - ok
16:38:00.0089 7092 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
16:38:00.0089 7092 mrxsmb - ok
16:38:00.0183 7092 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
16:38:00.0199 7092 mrxsmb10 - ok
16:38:00.0292 7092 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
16:38:00.0292 7092 mrxsmb20 - ok
16:38:00.0386 7092 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
16:38:00.0386 7092 msahci - ok
16:38:00.0479 7092 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
16:38:00.0479 7092 msdsm - ok
16:38:00.0589 7092 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
16:38:00.0589 7092 Msfs - ok
16:38:00.0682 7092 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
16:38:00.0682 7092 mshidkmdf - ok
16:38:00.0776 7092 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
16:38:00.0776 7092 msisadrv - ok
16:38:00.0916 7092 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
16:38:00.0916 7092 MSKSSRV - ok
16:38:01.0025 7092 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
16:38:01.0025 7092 MSPCLOCK - ok
16:38:01.0135 7092 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
16:38:01.0135 7092 MSPQM - ok
16:38:01.0244 7092 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
16:38:01.0244 7092 MsRPC - ok
16:38:01.0353 7092 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
16:38:01.0353 7092 mssmbios - ok
16:38:01.0493 7092 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
16:38:01.0493 7092 MSTEE - ok
16:38:01.0587 7092 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
16:38:01.0587 7092 MTConfig - ok
16:38:01.0681 7092 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
16:38:01.0681 7092 Mup - ok
16:38:01.0821 7092 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
16:38:01.0821 7092 NativeWifiP - ok
16:38:01.0946 7092 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
16:38:01.0961 7092 NDIS - ok
16:38:02.0086 7092 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
16:38:02.0086 7092 NdisCap - ok
16:38:02.0195 7092 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
16:38:02.0195 7092 NdisTapi - ok
16:38:02.0305 7092 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
16:38:02.0305 7092 Ndisuio - ok
16:38:02.0414 7092 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
16:38:02.0414 7092 NdisWan - ok
16:38:02.0523 7092 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
16:38:02.0523 7092 NDProxy - ok
16:38:02.0663 7092 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
16:38:02.0663 7092 NetBIOS - ok
16:38:02.0757 7092 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
16:38:02.0773 7092 NetBT - ok
16:38:02.0913 7092 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
16:38:02.0913 7092 nfrd960 - ok
16:38:03.0022 7092 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
16:38:03.0022 7092 Npfs - ok
16:38:03.0147 7092 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
16:38:03.0147 7092 nsiproxy - ok
16:38:03.0287 7092 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
16:38:03.0319 7092 Ntfs - ok
16:38:03.0412 7092 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
16:38:03.0412 7092 Null - ok
16:38:03.0521 7092 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
16:38:03.0521 7092 nvraid - ok
16:38:03.0646 7092 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
16:38:03.0646 7092 nvstor - ok
16:38:03.0755 7092 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
16:38:03.0755 7092 nv_agp - ok
16:38:03.0865 7092 O2MDGRDR (3840f61d55dbf32f4b88fa15fb03c461) C:\windows\system32\DRIVERS\o2mdgx64.sys
16:38:03.0865 7092 O2MDGRDR - ok
16:38:03.0974 7092 O2SDGRDR (fa1eed3a10992eba9a39172b50346434) C:\windows\system32\DRIVERS\o2sdgx64.sys
16:38:03.0974 7092 O2SDGRDR - ok
16:38:04.0083 7092 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
16:38:04.0083 7092 ohci1394 - ok
16:38:04.0208 7092 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
16:38:04.0208 7092 Parport - ok
16:38:04.0333 7092 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
16:38:04.0333 7092 partmgr - ok
16:38:04.0442 7092 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
16:38:04.0442 7092 pci - ok
16:38:04.0535 7092 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
16:38:04.0535 7092 pciide - ok
16:38:04.0645 7092 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
16:38:04.0645 7092 pcmcia - ok
16:38:04.0738 7092 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
16:38:04.0738 7092 pcw - ok
16:38:04.0847 7092 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
16:38:04.0863 7092 PEAUTH - ok
16:38:04.0988 7092 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
16:38:05.0003 7092 PGEffect - ok
16:38:05.0144 7092 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
16:38:05.0144 7092 PptpMiniport - ok
16:38:05.0253 7092 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
16:38:05.0253 7092 Processor - ok
16:38:05.0378 7092 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
16:38:05.0378 7092 Psched - ok
16:38:05.0534 7092 QIOMem (c8fcb4899f8b70cc34e0d9876a80963c) C:\windows\system32\DRIVERS\QIOMem.sys
16:38:05.0534 7092 QIOMem - ok
16:38:05.0674 7092 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
16:38:05.0690 7092 ql2300 - ok
16:38:05.0815 7092 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
16:38:05.0815 7092 ql40xx - ok
16:38:05.0924 7092 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
16:38:05.0924 7092 QWAVEdrv - ok
16:38:06.0017 7092 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
16:38:06.0017 7092 RasAcd - ok
16:38:06.0111 7092 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
16:38:06.0111 7092 RasAgileVpn - ok
16:38:06.0236 7092 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
16:38:06.0236 7092 Rasl2tp - ok
16:38:06.0376 7092 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
16:38:06.0376 7092 RasPppoe - ok
16:38:06.0485 7092 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
16:38:06.0485 7092 RasSstp - ok
16:38:06.0641 7092 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
16:38:06.0657 7092 rdbss - ok
16:38:06.0766 7092 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
16:38:06.0766 7092 rdpbus - ok
16:38:06.0891 7092 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
16:38:06.0907 7092 RDPCDD - ok
16:38:07.0016 7092 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
16:38:07.0016 7092 RDPENCDD - ok
16:38:07.0125 7092 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
16:38:07.0125 7092 RDPREFMP - ok
16:38:07.0219 7092 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
16:38:07.0219 7092 RDPWD - ok
16:38:07.0328 7092 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
16:38:07.0343 7092 rdyboost - ok
16:38:07.0453 7092 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\windows\system32\drivers\regi.sys
16:38:07.0453 7092 regi - ok
16:38:07.0593 7092 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
16:38:07.0593 7092 rspndr - ok
16:38:07.0718 7092 rtl8192se (a8ed9726734d403217a4861a6788b144) C:\windows\system32\DRIVERS\rtl8192se.sys
16:38:07.0733 7092 rtl8192se - ok
16:38:07.0811 7092 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:38:07.0811 7092 SASDIFSV - ok
16:38:07.0843 7092 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:38:07.0843 7092 SASKUTIL - ok
16:38:07.0936 7092 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
16:38:07.0936 7092 sbp2port - ok
16:38:08.0030 7092 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
16:38:08.0030 7092 scfilter - ok
16:38:08.0170 7092 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
16:38:08.0170 7092 sdbus - ok
16:38:08.0279 7092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
16:38:08.0279 7092 secdrv - ok
16:38:08.0420 7092 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
16:38:08.0420 7092 Serenum - ok
16:38:08.0529 7092 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
16:38:08.0545 7092 Serial - ok
16:38:08.0638 7092 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
16:38:08.0638 7092 sermouse - ok
16:38:08.0747 7092 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
16:38:08.0747 7092 sffdisk - ok
16:38:08.0841 7092 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
16:38:08.0841 7092 sffp_mmc - ok
16:38:08.0950 7092 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
16:38:08.0950 7092 sffp_sd - ok
16:38:09.0044 7092 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
16:38:09.0044 7092 sfloppy - ok
16:38:09.0169 7092 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
16:38:09.0169 7092 SiSRaid2 - ok
16:38:09.0262 7092 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
16:38:09.0262 7092 SiSRaid4 - ok
16:38:09.0371 7092 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
16:38:09.0371 7092 Smb - ok
16:38:09.0496 7092 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
16:38:09.0496 7092 spldr - ok
16:38:09.0621 7092 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
16:38:09.0637 7092 srv - ok
16:38:09.0730 7092 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
16:38:09.0746 7092 srv2 - ok
16:38:09.0839 7092 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
16:38:09.0839 7092 srvnet - ok
16:38:09.0949 7092 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
16:38:09.0949 7092 stexstor - ok
16:38:10.0058 7092 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
16:38:10.0058 7092 StillCam - ok
16:38:10.0183 7092 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
16:38:10.0183 7092 swenum - ok
16:38:10.0323 7092 SynTP (12a35e44d8647985fcdb8d298a590134) C:\windows\system32\DRIVERS\SynTP.sys
16:38:10.0323 7092 SynTP - ok
16:38:10.0495 7092 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
16:38:10.0526 7092 Tcpip - ok
16:38:10.0682 7092 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
16:38:10.0697 7092 TCPIP6 - ok
16:38:10.0807 7092 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
16:38:10.0807 7092 tcpipreg - ok
16:38:10.0916 7092 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
16:38:10.0916 7092 tdcmdpst - ok
16:38:11.0025 7092 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
16:38:11.0025 7092 TDPIPE - ok
16:38:11.0119 7092 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
16:38:11.0119 7092 TDTCP - ok
16:38:11.0212 7092 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
16:38:11.0212 7092 tdx - ok
16:38:11.0321 7092 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
16:38:11.0321 7092 TermDD - ok
16:38:11.0446 7092 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
16:38:11.0446 7092 Thpdrv - ok
16:38:11.0540 7092 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
16:38:11.0555 7092 Thpevm - ok
16:38:11.0711 7092 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
16:38:11.0711 7092 tos_sps64 - ok
16:38:11.0836 7092 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
16:38:11.0836 7092 tssecsrv - ok
16:38:11.0930 7092 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
16:38:11.0930 7092 TsUsbFlt - ok
16:38:12.0039 7092 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
16:38:12.0039 7092 tunnel - ok
16:38:12.0148 7092 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
16:38:12.0148 7092 TVALZ - ok
16:38:12.0242 7092 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
16:38:12.0242 7092 TVALZFL - ok
16:38:12.0351 7092 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
16:38:12.0351 7092 uagp35 - ok
16:38:12.0476 7092 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
16:38:12.0476 7092 udfs - ok
16:38:12.0585 7092 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
16:38:12.0585 7092 uliagpkx - ok
16:38:12.0694 7092 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
16:38:12.0694 7092 umbus - ok
16:38:12.0788 7092 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
16:38:12.0788 7092 UmPass - ok
16:38:12.0897 7092 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
16:38:12.0913 7092 usbccgp - ok
16:38:13.0022 7092 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
16:38:13.0022 7092 usbcir - ok
16:38:13.0131 7092 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
16:38:13.0131 7092 usbehci - ok
16:38:13.0256 7092 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
16:38:13.0271 7092 usbhub - ok
16:38:13.0365 7092 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
16:38:13.0365 7092 usbohci - ok
16:38:13.0474 7092 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
16:38:13.0474 7092 usbprint - ok
16:38:13.0583 7092 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
16:38:13.0583 7092 usbscan - ok
16:38:13.0677 7092 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
16:38:13.0677 7092 USBSTOR - ok
16:38:13.0771 7092 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
16:38:13.0771 7092 usbuhci - ok
16:38:13.0895 7092 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
16:38:13.0895 7092 usbvideo - ok
16:38:14.0036 7092 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
16:38:14.0036 7092 vdrvroot - ok
16:38:14.0145 7092 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
16:38:14.0145 7092 vga - ok
16:38:14.0254 7092 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
16:38:14.0270 7092 VgaSave - ok
16:38:14.0379 7092 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
16:38:14.0395 7092 vhdmp - ok
16:38:14.0504 7092 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
16:38:14.0504 7092 viaide - ok
16:38:14.0676 7092 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
16:38:14.0676 7092 volmgr - ok
16:38:14.0785 7092 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
16:38:14.0785 7092 volmgrx - ok
16:38:14.0894 7092 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
16:38:14.0894 7092 volsnap - ok
16:38:15.0003 7092 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
16:38:15.0003 7092 vsmraid - ok
16:38:15.0112 7092 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
16:38:15.0112 7092 vwifibus - ok
16:38:15.0222 7092 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
16:38:15.0222 7092 vwififlt - ok
16:38:15.0346 7092 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
16:38:15.0346 7092 WacomPen - ok
16:38:15.0456 7092 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:38:15.0456 7092 WANARP - ok
16:38:15.0471 7092 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
16:38:15.0471 7092 Wanarpv6 - ok
16:38:15.0612 7092 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
16:38:15.0612 7092 Wd - ok
16:38:15.0736 7092 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
16:38:15.0752 7092 Wdf01000 - ok
16:38:15.0908 7092 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
16:38:15.0908 7092 WfpLwf - ok
16:38:16.0002 7092 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
16:38:16.0002 7092 WIMMount - ok
16:38:16.0158 7092 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
16:38:16.0158 7092 WinUsb - ok
16:38:16.0282 7092 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
16:38:16.0282 7092 WmiAcpi - ok
16:38:16.0423 7092 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
16:38:16.0423 7092 ws2ifsl - ok
16:38:16.0548 7092 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
16:38:16.0548 7092 WudfPf - ok
16:38:16.0657 7092 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
16:38:16.0657 7092 WUDFRd - ok
16:38:16.0719 7092 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
16:38:16.0750 7092 \Device\Harddisk0\DR0 - ok
16:38:16.0750 7092 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR5
16:38:16.0766 7092 \Device\Harddisk1\DR5 - ok
16:38:16.0782 7092 Boot (0x1200) (caf17b346f7167d02fb7d51453cbb98c) \Device\Harddisk0\DR0\Partition0
16:38:16.0782 7092 \Device\Harddisk0\DR0\Partition0 - ok
16:38:16.0782 7092 Boot (0x1200) (7d6c89e2804ba8f841df8d6da212e72a) \Device\Harddisk1\DR5\Partition0
16:38:16.0782 7092 \Device\Harddisk1\DR5\Partition0 - ok
16:38:16.0797 7092 ============================================================
16:38:16.0797 7092 Scan finished
16:38:16.0797 7092 ============================================================
16:38:16.0860 6724 Detected object count: 0
16:38:16.0860 6724 Actual detected object count: 0

0

Please download ComboFix by sUBs from HERE or HERE

  • You must download it to and run it from your Desktop
  • Physically disconnect from the internet.
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply.
  • Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

0

ComboFix 11-11-18.02 - Papaws 11/18/2011 16:52:49.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5981.4415 [GMT -6:00]
Running from: c:\users\Papaws\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\IntelVerifierVerifier.dll
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{519d0a7b-01fe-450d-adf4-a89b873e0ec3}
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{519d0a7b-01fe-450d-adf4-a89b873e0ec3}\chrome.manifest
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{519d0a7b-01fe-450d-adf4-a89b873e0ec3}\chrome\xulcache.jar
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{519d0a7b-01fe-450d-adf4-a89b873e0ec3}\defaults\preferences\xulcache.js
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{519d0a7b-01fe-450d-adf4-a89b873e0ec3}\install.rdf
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{92480ce4-6906-4da2-8ba7-0c1fdbd17789}
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{92480ce4-6906-4da2-8ba7-0c1fdbd17789}\chrome.manifest
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{92480ce4-6906-4da2-8ba7-0c1fdbd17789}\chrome\xulcache.jar
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{92480ce4-6906-4da2-8ba7-0c1fdbd17789}\defaults\preferences\xulcache.js
c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\extensions\{92480ce4-6906-4da2-8ba7-0c1fdbd17789}\install.rdf
c:\windows\system32\Thumbs.db
.
----- File Replicators -----
.
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut1_5DDC3DFBB658402487936E98D3651BFD.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut10_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut101_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut1011_5774C111B8F246B0AFB1F71F20FF4E67.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut102_5644560183D14A7B8DC5AA115758DEAA.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut2_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut20_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut201_7AE715922BD74E0E938522AC3FDACFB1.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut21_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut211_8C085A93DB0043388676173D40A360A3.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut24_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut241_7AE715922BD74E0E938522AC3FDACFB1.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut25_6C2287199EDD4CAA8285D3095F51E522.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut26_6C2287199EDD4CAA8285D3095F51E522.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut27_6C2287199EDD4CAA8285D3095F51E522.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut28_6C2287199EDD4CAA8285D3095F51E522.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut29_64E38A90B85F447EA9D42C14DFF7B399.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut3_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut31_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut311_4604B4259921471B96EC624AFEA12F1B.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut32_F9B129D0055B4A3694BB83B45342EB06.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut4_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut41_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut411_D7FFEBDC368A4660B7F21BA64BFCD866.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut42_3242FA92AA814582BF8F363E375E2617.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut5_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut51_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut511_C00D6FDD7F0C4313938DD0B302929D40.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut52_0BE5792C876246FC9ABE69B6DDA308A3.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut7_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut71_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut711_017ECA06492B42F79CDC1E5C8EA0D4DB.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut72_CAD273ADB04649A6BD8728786328AA87.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut8_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut81_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut811_35DFAD5C171D44088EAA810BD0A23520.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut82_C55036898DFD4AC78FAF03E64357D1C5.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut9_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut91_1B72F66FEC97454396CC50F63093FE70.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut911_52BC2593A7AD474C89760DD3095F858D.exe
c:\windows\Installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}\NewShortcut92_995982DA6F5147D0B263EACCBFB80EEC.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-18 to 2011-11-18 )))))))))))))))))))))))))))))))
.
.
2011-11-18 23:10 . 2011-11-18 23:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-17 01:38 . 2011-11-17 01:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-16 23:34 . 2011-11-16 23:34 388096 ----a-r- c:\users\Papaws\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-16 23:34 . 2011-11-16 23:34 -------- d-----w- c:\program files (x86)\Trend Micro
2011-11-16 23:22 . 2011-11-15 20:19 1623288 ----a-w- c:\windows\SysWow64\nmNsp.dll
2011-11-16 23:22 . 2011-11-15 20:19 177912 ----a-w- c:\windows\SysWow64\CESpy.dll
2011-11-16 23:22 . 2011-11-15 19:57 2203648 ----a-w- c:\windows\system32\nmNsp.dll
2011-11-16 23:22 . 2011-11-15 19:57 206848 ----a-w- c:\windows\system32\CESpy.dll
2011-11-16 05:07 . 2011-11-16 05:07 -------- d-----w- c:\programdata\McAfee Anti-Theft
2011-11-16 03:04 . 2011-11-16 23:25 -------- d-----w- c:\program files (x86)\McAfee
2011-11-15 01:24 . 2011-11-15 01:24 -------- d-----w- c:\users\Papaws\AppData\Roaming\SUPERAntiSpyware.com
2011-11-15 01:23 . 2011-11-15 11:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-15 01:23 . 2011-11-15 01:23 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-14 03:00 . 2011-11-14 03:00 -------- d-----w- c:\programdata\AVAST Software
2011-11-14 03:00 . 2011-11-14 03:00 -------- d-----w- c:\program files\AVAST Software
2011-11-13 19:23 . 2011-11-16 23:33 -------- d-----w- c:\users\Papaws\AppData\Local\CrashDumps
2011-11-12 03:36 . 2011-11-15 05:08 -------- d-----w- c:\windows\system32\SPReview
2011-11-12 03:34 . 2011-11-12 03:35 -------- d-----w- c:\windows\system32\EventProviders
2011-11-12 03:34 . 2011-11-15 05:07 -------- d-----w- C:\6d8eecafdde0e5b06569213e421e
2011-11-11 02:28 . 2011-11-11 02:28 -------- d-----w- c:\users\Papaws\AppData\Roaming\Malwarebytes
2011-11-11 02:28 . 2011-11-11 02:28 -------- d-----w- c:\programdata\Malwarebytes
2011-11-11 02:28 . 2011-08-31 23:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-11 00:18 . 2011-11-11 00:28 -------- d-----w- c:\users\Papaws\AppData\Local\NPE
2011-11-10 22:52 . 2011-11-16 01:38 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-10 22:51 . 2011-11-10 22:51 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-11-10 22:51 . 2011-11-10 22:58 -------- d-----w- c:\programdata\Hitman Pro
2011-11-09 11:06 . 2011-11-15 22:40 -------- d-----w- c:\programdata\PC Tools
2011-11-09 03:28 . 2011-11-09 04:20 -------- d-----w- C:\94ed8cb55d320fbe5047d51d9a
2011-11-09 03:04 . 2011-11-09 04:22 -------- d-----w- c:\program files (x86)\STOPzilla!
2011-11-09 03:04 . 2011-11-09 03:04 -------- d-----w- c:\program files (x86)\Common Files\iS3
2011-11-09 03:04 . 2011-11-09 04:17 -------- d-----w- c:\programdata\STOPzilla!
2011-11-09 02:42 . 2011-11-15 22:42 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-11-09 02:42 . 2011-11-15 22:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-09 01:24 . 2011-11-09 01:24 -------- d-----w- C:\temp
2011-11-09 01:16 . 2011-11-16 02:45 -------- d-----w- c:\programdata\Trend Micro
2011-11-09 00:35 . 2011-11-09 04:20 -------- d-----w- c:\users\Papaws\AppData\Roaming\Thunderbird
2011-11-09 00:35 . 2011-11-09 00:35 -------- d-----w- c:\users\Papaws\AppData\Local\Thunderbird
2011-11-09 00:35 . 2011-11-09 04:20 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2011-11-08 23:18 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-08 23:18 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-08 23:18 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-08 23:18 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 23:14 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AAFD0E92-9E33-468E-A6D5-1898556B3F65}\mpengine.dll
2011-11-08 02:00 . 2011-11-13 19:15 120320 ----a-w- c:\windows\SysWow64\srrstr.dll
2011-11-07 23:25 . 2011-11-07 23:25 -------- d-----w- c:\program files\Common Files\Intuit
2011-11-07 23:25 . 2011-11-17 03:17 -------- d-----w- c:\users\Papaws\Quickbooks
2011-11-07 23:23 . 2011-11-15 05:07 -------- d-----w- c:\users\Papaws\AppData\Local\Intuit
2011-11-07 23:20 . 2011-11-09 01:35 -------- d-----w- c:\programdata\Intuit
2011-11-07 23:20 . 2011-11-07 23:21 -------- d-----w- c:\program files (x86)\Common Files\Intuit
2011-11-07 23:20 . 2011-11-07 23:20 -------- d-----w- c:\programdata\Nuance
2011-11-07 23:20 . 2011-11-07 23:20 -------- d-----w- c:\program files (x86)\Intuit
2011-11-07 23:19 . 2011-11-10 02:36 -------- d-----w- c:\programdata\SQL Anywhere 11
2011-11-07 23:19 . 2011-11-07 23:19 -------- d-----w- c:\programdata\COMMON FILES
2011-11-07 23:12 . 2011-11-09 04:20 -------- d-----w- c:\windows\Intuit
2011-11-06 18:11 . 2011-11-09 04:20 -------- d-----w- c:\program files (x86)\Veetle
2011-10-31 23:57 . 2011-11-16 23:24 -------- d-----w- c:\program files\CE
2011-10-31 23:57 . 2011-11-16 23:24 -------- d-----w- c:\program files (x86)\CE
2011-10-31 23:57 . 2011-11-15 19:55 2219520 ----a-w- c:\windows\system32\authServer.exe
2011-10-31 23:57 . 2011-10-18 14:07 2219520 ----a-w- c:\windows\SysWow64\authServer.exe
2011-10-29 21:31 . 2011-10-29 21:31 -------- d-----w- c:\windows\system32\Macromed
2011-10-29 21:28 . 2011-10-29 21:28 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-10-29 21:24 . 2011-11-15 05:07 -------- d-----w- c:\programdata\McAfee Security Scan
2011-10-29 21:24 . 2011-11-05 14:45 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2011-10-29 17:38 . 2011-10-29 17:38 -------- d-----w- c:\users\Papaws\AppData\Local\Mozilla
2011-10-28 01:55 . 2011-10-28 01:55 -------- d-----w- c:\program files (x86)\Microsoft Money Plus
2011-10-28 01:29 . 2011-10-28 01:29 -------- d-----w- c:\users\Papaws\AppData\Roaming\Motive
2011-10-28 01:29 . 2011-10-28 01:29 -------- d-----w- c:\program files\ATT-SST
2011-10-28 01:28 . 2011-10-28 01:29 -------- d-----w- c:\program files (x86)\ATT-SST
2011-10-28 01:24 . 2011-10-28 01:24 -------- d-----w- c:\program files\ATT-HSI
2011-10-28 01:23 . 2011-10-28 01:23 -------- d-----w- c:\program files (x86)\ATT-HSI
2011-10-28 01:23 . 2011-11-12 21:51 -------- d-----w- c:\programdata\Motive
2011-10-28 01:23 . 2011-10-29 17:27 -------- d-----w- c:\program files (x86)\Common Files\Motive
2011-10-28 01:23 . 2011-10-28 01:29 -------- d-----w- c:\program files\Common Files\Motive
2011-10-27 21:53 . 2011-10-27 22:34 -------- d-----w- c:\program files (x86)\e-Sword
2011-10-27 21:53 . 2011-10-27 21:53 -------- d-----w- c:\program files (x86)\Common Files\EzTools
2011-10-27 21:37 . 2011-11-13 19:15 -------- d-----w- c:\users\Papaws\AppData\Local\Downloaded Installations
2011-10-27 20:14 . 2011-10-27 20:14 -------- d-----w- c:\users\Papaws\AppData\Local\Microsoft Corporation
2011-10-27 20:08 . 2011-10-27 20:13 -------- d-----w- c:\program files (x86)\Microsoft Small Business
2011-10-27 20:05 . 2011-10-27 20:05 -------- d-----w- c:\program files\Microsoft SQL Server
2011-10-27 20:05 . 2011-10-30 04:28 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-12 03:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-11-12 03:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-30 00:35 . 2011-07-26 00:14 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 20:32 . 2011-03-13 15:45 161168 ----a-w- c:\windows\system32\mfevtps.exe
2011-09-01 05:24 . 2011-10-14 00:32 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 00:32 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 00:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 00:32 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 00:32 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 00:32 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-27 05:37 . 2011-10-12 00:17 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-12 00:17 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-12 00:17 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-12 00:17 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTOSHIBA"="c:\program files (x86)\Toshiba\My Toshiba\MyToshiba.exe" [2009-08-06 264048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-17 1674896]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe" [2009-07-16 529256]
"NMSVC"="c:\program files (x86)\CE\CovenantEyes.exe" [2011-11-15 2433280]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-06 136176]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-06 136176]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-05 824688]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Auth Service;Auth Service;c:\windows\system32\authServer.exe [2011-11-15 2219520]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-11 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-11-08 517632]
S2 McciServiceHost;McciServiceHost;c:\program files (x86)\Common Files\Motive\McciServiceHost.exe [2011-09-09 315392]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-09-17 1251840]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-12 252272]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdgx64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
2009-08-06 16:15 264048 ----a-w- c:\program files (x86)\Toshiba\My Toshiba\MyToshiba.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-06 18:12]
.
2011-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-06 18:12]
.
2011-11-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 4a72ebf3-9282-4e5c-9ac8-aae663f31f5d.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2011-11-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 4ede52f2-0728-4c75-953a-960fb7644fad.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"McPvTray_exe"="c:\program files\McAfee\MAT\McPvTray.exe" [2011-04-08 436384]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-20 503864]
"ATT-SST_McciTrayApp"="c:\program files\ATT-SST\McciTrayApp.exe" [2010-07-27 3453440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: CESpy.dll
Trusted Zone: $talisma_url$
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.254
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxps://goedustarreports.harriscomputer.com/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=4htryy45alx2yr45jykkj1rz&ControlID=dff74e14172a492b8615ad9dfb937721&Culture=1033&UICulture=9&ReportStack=1&OpType=PrintCab
FF - ProfilePath - c:\users\Papaws\AppData\Roaming\Mozilla\Firefox\Profiles\8b7x3ksa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-IntelVerifierVerifier - c:\programdata\IntelVerifierVerifier.dll
Wow6432Node-HKLM-Run-TUSBSleepChargeSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
Wow6432Node-HKLM-Run-Performance Center - c:\program files (x86)\Ascentive\Performance Center\APCMain.exe
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-(Default) - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-HDMICtrlMan - c:\program files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
AddRemove-Yahoo! Mail - c:\windows\system32\regsvr32
AddRemove-YInstHelper - c:\windows\system32\regsvr32
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2914789919-732855688-3497539867-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2914789919-732855688-3497539867-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-2914789919-732855688-3497539867-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-11-18 17:40:22
ComboFix-quarantined-files.txt 2011-11-18 23:40
.
Pre-Run: 424,437,264,384 bytes free
Post-Run: 424,249,016,320 bytes free
.
- - End Of File - - C5E2C99F513E4F97998460C5820BAB53

0

Seems to be working correctly now. I did about twenty or so searches in Google and none were redirected.

0

No worries :).

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC by OldTimer:
Save it to your Desktop.
Double click OTC.exe.
Click the CleanUp! button.
If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.