Pretender1979
2011-10-04, 20:26
Hi,
I ran Spybot S&D and it has found that I have Virtumonde.dll on my system and my security center is disabled in the registry. After clicking Fix Problems Spybot reported the problems to have been fixed, but after a restart and rescan the same problems popped up.
I ran a DDS, please see log below.
Thanks in advance for your help!
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Bianca en Dennis at 20:17:58 on 2011-10-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.1843 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Users\Bianca en Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [guisvc.exe] "C:\ProgramData\Common Files\Microsoft Shared\Web Components\login.lnk"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\BIANCA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\BIANCA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bianca en Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL
DPF: {28B66320-9687-4B13-8757-36F901887AB5} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
DPF: {74233DB3-F72F-44EA-94DC-258A624037E6} - hxxps://connectuk.jacobs.com/uniquesig954c149f5328798896e98fa27dc3f47cf7e794f356bd07005e56fcd23a8ed3f4/uniquesig0/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/VSFlex8.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FDF527BA-DDDA-11D3-AA82-006094EB09CB} - hxxps://connectuk.jacobs.com/uniquesig954c149f5328798896e98fa27dc3f47cf7e794f356bd07005e56fcd23a8ed3f4/uniquesig0/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/AeXClipboard.CAB
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0437E965-4AEB-4B02-9FF2-D903ED97506C} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{48480C73-2BD8-4FBC-B055-55538338A6D1} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AE7CD045-E861-484f-8273-0445EE161910}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun-x64: [(standaard)]
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [guisvc.exe] "C:\ProgramData\Common Files\Microsoft Shared\Web Components\login.lnk"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-9-13 44768]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-16 13336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2151640]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-9-16 673088]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2011-9-8 995232]
R2 TeamViewer5;TeamViewer 5;C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-11-13 2011944]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;C:\Windows\system32\DRIVERS\aabed2.sys --> C:\Windows\system32\DRIVERS\aabed2.sys [?]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-10-3 17152]
R3 netr28ux;Linksys USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 136176]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-4 1153368]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GigasetGenericUSB_x64;GigasetGenericUSB_x64;C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys --> C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys [?]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 136176]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-5-12 25072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-04 17:55:39 -------- d-----w- C:\VundoFix Backups
2011-10-04 17:28:37 110080 ----a-r- C:\Users\Bianca en Dennis\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconF7A21AF7.exe
2011-10-04 17:28:37 110080 ----a-r- C:\Users\Bianca en Dennis\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconD7F16134.exe
2011-10-04 17:28:37 110080 ----a-r- C:\Users\Bianca en Dennis\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\Icon1226A4C5.exe
2011-10-04 17:28:37 -------- d-----w- C:\sh4ldr
2011-10-04 17:28:37 -------- d-----w- C:\Program Files\Enigma Software Group
2011-10-04 17:28:21 -------- d-----w- C:\Windows\14E9D3713DAD4A57B935577AB862F3B3.TMP
2011-10-04 17:28:20 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-10-04 16:18:07 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-10-04 16:18:07 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-10-04 15:56:44 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{43A07E80-6484-41E5-ACF8-13A208CDDE0C}
2011-10-04 15:56:33 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{9DD86B1D-1556-4A91-BE7C-1D164CED6EBE}
2011-10-03 19:18:28 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-10-03 18:00:36 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-10-03 17:58:09 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-10-03 17:58:07 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-10-03 17:30:36 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2011-10-03 17:30:35 -------- d-----w- C:\Windows\System32\wbem\en-US
2011-10-03 15:02:27 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5B1F1C7A-4EC8-4993-9F2E-C665561DF827}
2011-10-03 15:02:17 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{927474D7-560D-4483-8C4F-21DAF855FCE2}
2011-10-02 18:19:50 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1EFA9A34-CD47-4F91-B3D8-9E97D037F9E4}
2011-10-02 10:28:07 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\ElevatedDiagnostics
2011-10-02 06:19:27 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{70CB17D6-8EF5-43E9-B5D8-E686BAE6F5AF}
2011-10-02 06:19:18 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{84774AF4-7B89-4953-8406-5229D0B54346}
2011-10-01 18:18:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E62C24BC-21A7-402F-8C42-735624B077A7}
2011-10-01 18:18:48 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{6C9E35A7-0FC1-4512-93CC-6FF9C5B59038}
2011-10-01 16:07:54 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-10-01 16:03:38 55856 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2011-10-01 15:47:55 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2011-10-01 15:38:00 65536 --sha-r- C:\Windows\SysWow64\NAPHLPRT.dll
2011-10-01 15:37:58 -------- d-----w- C:\ProgramData\Common Files
2011-10-01 06:18:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{30391749-0144-4D97-928F-ED5D97EAC608}
2011-10-01 06:18:13 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5FDE840B-6CDA-47A6-8A91-42C4B2DFFDBD}
2011-09-30 15:47:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{CAACCBD2-4CB6-4FF1-BA36-FEDD055B7256}
2011-09-30 15:35:29 -------- d-----w- C:\Windows\SysWow64\syncdb
2011-09-30 10:34:17 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{87272D96-1F08-44EC-9FD3-86395BC7D0FD}\mpengine.dll
2011-09-30 03:47:01 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4BCAC0E3-6BF5-489C-9650-B6F37262217A}
2011-09-30 03:46:51 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1520E0E5-622E-4611-88CC-F33928377B5B}
2011-09-29 15:46:26 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{109EFE48-4EB7-445F-B2B1-6BAC64DF6856}
2011-09-29 15:46:16 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F9D4A8AB-0B60-40FE-90D2-2CEC32F5DD1C}
2011-09-28 16:24:34 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{A38E0967-5CD3-467C-A30E-99E4484A9E55}
2011-09-28 16:24:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{853B59CF-E78E-494F-838B-739B144C5288}
2011-09-27 16:20:08 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{2B9AB0A5-E829-417D-9EF6-3655356A0A8B}
2011-09-27 16:19:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{79D52BF2-AD96-4B83-AABB-DDD5235B24D8}
2011-09-26 16:08:38 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{7C0EC78D-98D2-483B-869B-D5DF4E0369FE}
2011-09-26 16:08:28 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F0F369B6-31D5-4771-80EA-187B29A31A20}
2011-09-25 15:56:21 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{B0AEA1E1-793E-40E6-8C8A-9531628409D3}
2011-09-25 15:56:10 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4CC81C7A-93EC-490C-BCD7-DBF19526D72B}
2011-09-22 11:39:40 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4A02FD5D-8FE9-45CA-9519-A7986287A8AA}
2011-09-22 11:39:30 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{EEFAC1BB-068F-4FEC-A867-B3CC87FA0D73}
2011-09-21 16:34:44 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4AC493E5-ABAB-4A97-914B-8242796516DD}
2011-09-21 16:34:34 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{A4D84845-AF98-4E57-A760-6DD24D70394F}
2011-09-21 03:45:16 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{93665BCE-10C3-4546-8426-213330B9E862}
2011-09-20 15:44:46 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D5BF63EB-9742-4270-A633-634BE8BD0617}
2011-09-20 15:44:35 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{28870791-D0B9-4736-8751-16602B5112F6}
2011-09-19 16:05:11 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{DD4129E6-055C-4330-ACF2-B04C657F6D69}
2011-09-19 16:05:00 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{6B08367B-4C26-4DE9-A206-85454BEE0899}
2011-09-18 16:35:40 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E7243502-49CA-4C58-B2D2-4F0030CE8B37}
2011-09-18 16:35:31 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E44CCAC5-050A-431C-AE66-DDAB7ED2F800}
2011-09-18 04:35:07 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{EC063223-F86E-4B4A-9B02-209EDE7946AC}
2011-09-18 04:34:56 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{637B8086-89F2-4258-A8C0-34A6F508D468}
2011-09-17 16:34:35 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{BDBA91BC-3BB7-41C9-AC77-42BE120F4C5F}
2011-09-17 04:34:13 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{C935A5B0-0F77-44D4-9E6A-DB1FDDEF7A28}
2011-09-17 04:34:02 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{50C234EE-DEA3-46E8-94BE-F86EEC65DC4B}
2011-09-16 16:33:38 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{35B791A7-46B2-4CA5-BFE5-C38B8973268F}
2011-09-16 16:33:28 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{9C52C282-12FC-4F6D-AC38-1EC5736CECB5}
2011-09-16 04:33:03 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F8602AF5-1C5D-42C7-AB1A-43BE29A577AD}
2011-09-16 04:32:53 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{EDC93C85-E961-4EBB-9FB3-FAA86F1056B2}
2011-09-15 07:51:20 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{CA774C3B-0D4A-4402-843A-9F10DF7155F0}
2011-09-15 07:51:09 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{54445342-4F41-4672-BB80-15D72369164B}
2011-09-14 16:49:56 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1F638A8A-E773-4EF5-B3F0-0B566D21650B}
2011-09-14 16:49:46 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{0B9BBD93-1C9F-4E18-B252-984AF976D8C4}
2011-09-14 04:49:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E2E6AF52-FEE3-41CC-9E3A-F368536A71B0}
2011-09-14 04:49:05 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D73BE263-BD35-472B-860D-F962540BFD3B}
2011-09-13 16:48:41 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5325684C-C81A-43BE-8CD7-FBC7EE05939B}
2011-09-13 05:04:51 -------- d-----w- C:\Program Files (x86)\BitTorrent
2011-09-13 05:04:04 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Roaming\BitTorrent
2011-09-13 04:47:36 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{A9D1C0D9-DB0E-4B06-AC60-FF11334D60AB}
2011-09-13 04:47:18 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{503A3D65-D9ED-4A0C-9E2C-8AECE0EBED20}
2011-09-12 16:13:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{BA76197D-C968-4C54-9C81-B9046F848864}
2011-09-12 16:13:48 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{7139CBF8-606A-47B9-AAED-8A382A7724E1}
2011-09-11 17:53:59 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{25EB064F-EC60-4162-A620-5B956D7DCC9A}
2011-09-11 05:53:37 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1CB00DCB-AC2B-422D-84B6-430538F26911}
2011-09-11 05:53:27 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{08346C0C-CE16-45BD-9547-9BE097E42136}
2011-09-10 17:53:07 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{3F4E6AD5-9030-4D35-BBAD-0DB21A9F5C4F}
2011-09-10 17:52:57 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{98C27E09-008E-4CEA-96BD-9B9821EC5F09}
2011-09-10 05:52:46 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{015E790E-A30A-46B1-83A2-8CB76B052610}
2011-09-10 05:52:35 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{DA5DA43A-8A48-40BA-8A4A-EDF1B3FF590E}
2011-09-09 10:23:08 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{03DE2FAA-D671-4867-A93F-D4F63BF72E29}
2011-09-09 10:22:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{89C64D04-079E-4905-983C-10661E10629C}
2011-09-08 09:24:59 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5E50C985-BCF1-4366-9DB1-20AF93959F68}
2011-09-08 09:24:47 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{39A7AC6A-290F-4A70-A8D6-705D224B24D1}
2011-09-07 18:22:11 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F55390E0-66F6-43E2-8AB9-974DE5A88F7D}
2011-09-07 18:22:00 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D0E0D510-94B1-4776-AE11-CD338A2BDCC6}
2011-09-06 18:10:45 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D8234F13-F342-47EA-8FD9-6C677281BF66}
2011-09-06 06:10:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{90BF48E2-2282-481A-9501-462DC8FD7E99}
2011-09-06 06:10:13 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D2E2F8E6-3CF5-4406-9543-E8AE60B216DC}
2011-09-05 16:58:53 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1F8CFB4E-BF22-45EB-BA3B-15791E402976}
2011-09-05 16:58:42 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{CFFDB862-9120-49E0-9550-525AD0266A7A}
2011-09-05 02:32:02 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E9C8F9AA-7099-4737-9472-70B96C60662A}
.
==================== Find3M ====================
.
2011-09-25 17:58:18 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-06 20:45:29 41184 ----a-w- C:\Windows\avastSS.scr
2011-09-06 20:38:18 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-09-06 20:36:30 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-12 09:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-07-12 09:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-07-12 09:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-07-12 09:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-07-12 09:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 09:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 09:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 09:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-09 05:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-07-09 04:29:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
.
============= FINISH: 20:18:25,50 ===============
Sorry, forgot to attach the zipped attach.txt log. Please see below.
I ran Spybot S&D and it has found that I have Virtumonde.dll on my system and my security center is disabled in the registry. After clicking Fix Problems Spybot reported the problems to have been fixed, but after a restart and rescan the same problems popped up.
I ran a DDS, please see log below.
Thanks in advance for your help!
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Bianca en Dennis at 20:17:58 on 2011-10-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.1843 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Users\Bianca en Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [guisvc.exe] "C:\ProgramData\Common Files\Microsoft Shared\Web Components\login.lnk"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\BIANCA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\BIANCA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bianca en Dennis\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL
DPF: {28B66320-9687-4B13-8757-36F901887AB5} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
DPF: {74233DB3-F72F-44EA-94DC-258A624037E6} - hxxps://connectuk.jacobs.com/uniquesig954c149f5328798896e98fa27dc3f47cf7e794f356bd07005e56fcd23a8ed3f4/uniquesig0/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/VSFlex8.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FDF527BA-DDDA-11D3-AA82-006094EB09CB} - hxxps://connectuk.jacobs.com/uniquesig954c149f5328798896e98fa27dc3f47cf7e794f356bd07005e56fcd23a8ed3f4/uniquesig0/aspnet_client/Altiris_AppWeaver/6_0_sp3/lib/AeXClipboard.CAB
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0437E965-4AEB-4B02-9FF2-D903ED97506C} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{48480C73-2BD8-4FBC-B055-55538338A6D1} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AE7CD045-E861-484f-8273-0445EE161910}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun-x64: [(standaard)]
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [guisvc.exe] "C:\ProgramData\Common Files\Microsoft Shared\Web Components\login.lnk"
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-9-13 44768]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-16 13336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2151640]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-9-16 673088]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2011-9-8 995232]
R2 TeamViewer5;TeamViewer 5;C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-11-13 2011944]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;C:\Windows\system32\DRIVERS\aabed2.sys --> C:\Windows\system32\DRIVERS\aabed2.sys [?]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-10-3 17152]
R3 netr28ux;Linksys USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 136176]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-10-4 1153368]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 GigasetGenericUSB_x64;GigasetGenericUSB_x64;C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys --> C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys [?]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 136176]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-5-12 25072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-04 17:55:39 -------- d-----w- C:\VundoFix Backups
2011-10-04 17:28:37 110080 ----a-r- C:\Users\Bianca en Dennis\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconF7A21AF7.exe
2011-10-04 17:28:37 110080 ----a-r- C:\Users\Bianca en Dennis\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\IconD7F16134.exe
2011-10-04 17:28:37 110080 ----a-r- C:\Users\Bianca en Dennis\AppData\Roaming\Microsoft\Installer\{14E9D371-3DAD-4A57-B935-577AB862F3B3}\Icon1226A4C5.exe
2011-10-04 17:28:37 -------- d-----w- C:\sh4ldr
2011-10-04 17:28:37 -------- d-----w- C:\Program Files\Enigma Software Group
2011-10-04 17:28:21 -------- d-----w- C:\Windows\14E9D3713DAD4A57B935577AB862F3B3.TMP
2011-10-04 17:28:20 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-10-04 16:18:07 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-10-04 16:18:07 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-10-04 15:56:44 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{43A07E80-6484-41E5-ACF8-13A208CDDE0C}
2011-10-04 15:56:33 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{9DD86B1D-1556-4A91-BE7C-1D164CED6EBE}
2011-10-03 19:18:28 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-10-03 18:00:36 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-10-03 17:58:09 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-10-03 17:58:07 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-10-03 17:30:36 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2011-10-03 17:30:35 -------- d-----w- C:\Windows\System32\wbem\en-US
2011-10-03 15:02:27 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5B1F1C7A-4EC8-4993-9F2E-C665561DF827}
2011-10-03 15:02:17 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{927474D7-560D-4483-8C4F-21DAF855FCE2}
2011-10-02 18:19:50 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1EFA9A34-CD47-4F91-B3D8-9E97D037F9E4}
2011-10-02 10:28:07 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\ElevatedDiagnostics
2011-10-02 06:19:27 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{70CB17D6-8EF5-43E9-B5D8-E686BAE6F5AF}
2011-10-02 06:19:18 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{84774AF4-7B89-4953-8406-5229D0B54346}
2011-10-01 18:18:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E62C24BC-21A7-402F-8C42-735624B077A7}
2011-10-01 18:18:48 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{6C9E35A7-0FC1-4512-93CC-6FF9C5B59038}
2011-10-01 16:07:54 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-10-01 16:03:38 55856 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2011-10-01 15:47:55 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2011-10-01 15:38:00 65536 --sha-r- C:\Windows\SysWow64\NAPHLPRT.dll
2011-10-01 15:37:58 -------- d-----w- C:\ProgramData\Common Files
2011-10-01 06:18:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{30391749-0144-4D97-928F-ED5D97EAC608}
2011-10-01 06:18:13 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5FDE840B-6CDA-47A6-8A91-42C4B2DFFDBD}
2011-09-30 15:47:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{CAACCBD2-4CB6-4FF1-BA36-FEDD055B7256}
2011-09-30 15:35:29 -------- d-----w- C:\Windows\SysWow64\syncdb
2011-09-30 10:34:17 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{87272D96-1F08-44EC-9FD3-86395BC7D0FD}\mpengine.dll
2011-09-30 03:47:01 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4BCAC0E3-6BF5-489C-9650-B6F37262217A}
2011-09-30 03:46:51 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1520E0E5-622E-4611-88CC-F33928377B5B}
2011-09-29 15:46:26 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{109EFE48-4EB7-445F-B2B1-6BAC64DF6856}
2011-09-29 15:46:16 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F9D4A8AB-0B60-40FE-90D2-2CEC32F5DD1C}
2011-09-28 16:24:34 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{A38E0967-5CD3-467C-A30E-99E4484A9E55}
2011-09-28 16:24:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{853B59CF-E78E-494F-838B-739B144C5288}
2011-09-27 16:20:08 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{2B9AB0A5-E829-417D-9EF6-3655356A0A8B}
2011-09-27 16:19:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{79D52BF2-AD96-4B83-AABB-DDD5235B24D8}
2011-09-26 16:08:38 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{7C0EC78D-98D2-483B-869B-D5DF4E0369FE}
2011-09-26 16:08:28 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F0F369B6-31D5-4771-80EA-187B29A31A20}
2011-09-25 15:56:21 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{B0AEA1E1-793E-40E6-8C8A-9531628409D3}
2011-09-25 15:56:10 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4CC81C7A-93EC-490C-BCD7-DBF19526D72B}
2011-09-22 11:39:40 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4A02FD5D-8FE9-45CA-9519-A7986287A8AA}
2011-09-22 11:39:30 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{EEFAC1BB-068F-4FEC-A867-B3CC87FA0D73}
2011-09-21 16:34:44 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{4AC493E5-ABAB-4A97-914B-8242796516DD}
2011-09-21 16:34:34 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{A4D84845-AF98-4E57-A760-6DD24D70394F}
2011-09-21 03:45:16 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{93665BCE-10C3-4546-8426-213330B9E862}
2011-09-20 15:44:46 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D5BF63EB-9742-4270-A633-634BE8BD0617}
2011-09-20 15:44:35 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{28870791-D0B9-4736-8751-16602B5112F6}
2011-09-19 16:05:11 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{DD4129E6-055C-4330-ACF2-B04C657F6D69}
2011-09-19 16:05:00 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{6B08367B-4C26-4DE9-A206-85454BEE0899}
2011-09-18 16:35:40 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E7243502-49CA-4C58-B2D2-4F0030CE8B37}
2011-09-18 16:35:31 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E44CCAC5-050A-431C-AE66-DDAB7ED2F800}
2011-09-18 04:35:07 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{EC063223-F86E-4B4A-9B02-209EDE7946AC}
2011-09-18 04:34:56 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{637B8086-89F2-4258-A8C0-34A6F508D468}
2011-09-17 16:34:35 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{BDBA91BC-3BB7-41C9-AC77-42BE120F4C5F}
2011-09-17 04:34:13 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{C935A5B0-0F77-44D4-9E6A-DB1FDDEF7A28}
2011-09-17 04:34:02 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{50C234EE-DEA3-46E8-94BE-F86EEC65DC4B}
2011-09-16 16:33:38 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{35B791A7-46B2-4CA5-BFE5-C38B8973268F}
2011-09-16 16:33:28 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{9C52C282-12FC-4F6D-AC38-1EC5736CECB5}
2011-09-16 04:33:03 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F8602AF5-1C5D-42C7-AB1A-43BE29A577AD}
2011-09-16 04:32:53 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{EDC93C85-E961-4EBB-9FB3-FAA86F1056B2}
2011-09-15 07:51:20 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{CA774C3B-0D4A-4402-843A-9F10DF7155F0}
2011-09-15 07:51:09 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{54445342-4F41-4672-BB80-15D72369164B}
2011-09-14 16:49:56 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1F638A8A-E773-4EF5-B3F0-0B566D21650B}
2011-09-14 16:49:46 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{0B9BBD93-1C9F-4E18-B252-984AF976D8C4}
2011-09-14 04:49:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E2E6AF52-FEE3-41CC-9E3A-F368536A71B0}
2011-09-14 04:49:05 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D73BE263-BD35-472B-860D-F962540BFD3B}
2011-09-13 16:48:41 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5325684C-C81A-43BE-8CD7-FBC7EE05939B}
2011-09-13 05:04:51 -------- d-----w- C:\Program Files (x86)\BitTorrent
2011-09-13 05:04:04 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Roaming\BitTorrent
2011-09-13 04:47:36 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{A9D1C0D9-DB0E-4B06-AC60-FF11334D60AB}
2011-09-13 04:47:18 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{503A3D65-D9ED-4A0C-9E2C-8AECE0EBED20}
2011-09-12 16:13:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{BA76197D-C968-4C54-9C81-B9046F848864}
2011-09-12 16:13:48 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{7139CBF8-606A-47B9-AAED-8A382A7724E1}
2011-09-11 17:53:59 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{25EB064F-EC60-4162-A620-5B956D7DCC9A}
2011-09-11 05:53:37 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1CB00DCB-AC2B-422D-84B6-430538F26911}
2011-09-11 05:53:27 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{08346C0C-CE16-45BD-9547-9BE097E42136}
2011-09-10 17:53:07 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{3F4E6AD5-9030-4D35-BBAD-0DB21A9F5C4F}
2011-09-10 17:52:57 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{98C27E09-008E-4CEA-96BD-9B9821EC5F09}
2011-09-10 05:52:46 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{015E790E-A30A-46B1-83A2-8CB76B052610}
2011-09-10 05:52:35 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{DA5DA43A-8A48-40BA-8A4A-EDF1B3FF590E}
2011-09-09 10:23:08 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{03DE2FAA-D671-4867-A93F-D4F63BF72E29}
2011-09-09 10:22:58 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{89C64D04-079E-4905-983C-10661E10629C}
2011-09-08 09:24:59 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{5E50C985-BCF1-4366-9DB1-20AF93959F68}
2011-09-08 09:24:47 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{39A7AC6A-290F-4A70-A8D6-705D224B24D1}
2011-09-07 18:22:11 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{F55390E0-66F6-43E2-8AB9-974DE5A88F7D}
2011-09-07 18:22:00 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D0E0D510-94B1-4776-AE11-CD338A2BDCC6}
2011-09-06 18:10:45 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D8234F13-F342-47EA-8FD9-6C677281BF66}
2011-09-06 06:10:23 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{90BF48E2-2282-481A-9501-462DC8FD7E99}
2011-09-06 06:10:13 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{D2E2F8E6-3CF5-4406-9543-E8AE60B216DC}
2011-09-05 16:58:53 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{1F8CFB4E-BF22-45EB-BA3B-15791E402976}
2011-09-05 16:58:42 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{CFFDB862-9120-49E0-9550-525AD0266A7A}
2011-09-05 02:32:02 -------- d-----w- C:\Users\Bianca en Dennis\AppData\Local\{E9C8F9AA-7099-4737-9472-70B96C60662A}
.
==================== Find3M ====================
.
2011-09-25 17:58:18 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-06 20:45:29 41184 ----a-w- C:\Windows\avastSS.scr
2011-09-06 20:38:18 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-09-06 20:36:30 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-12 09:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-07-12 09:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-07-12 09:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-07-12 09:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-07-12 09:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 09:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 09:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 09:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-09 05:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-07-09 04:29:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
.
============= FINISH: 20:18:25,50 ===============
Sorry, forgot to attach the zipped attach.txt log. Please see below.