PDA

View Full Version : Smitfraud-c.generic trojan!


sheikster33
2012-02-05, 19:10
Please help! My laptop has been infected with the smitfraud-c.generic trojan and I cannot get rid of it. I am concerned that it may be unrecoverable, since I have seen others who have had this problem end up having to reformat.

I have read the "BEFORE You POST" thread and run the ERUNT registry backup as advised. Here is my DDS log and attach.zip file.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Anthony at 12:46:27 on 2012-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.964 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-05 15:48:56 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{214B114B-5578-481D-8A93-4D89CEE17DD6}\mpengine.dll
2012-02-03 13:06:35 -------- d-----w- C:\HP_TOOLS_mountHPSF
2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
2012-02-03 11:56:00 20480 ----a-w- C:\Windows\svchost.exe
2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124D.tmp
2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124C.tmp
2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
.
==================== Find3M ====================
.
2012-01-27 05:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-16 05:02:53 1145960 ----a-w- C:\Windows\System32\drivers\rtl8192ce.sys
.
============= FINISH: 12:47:28.23 ===============
Blade81
2012-02-09, 06:59
Hi,

1. Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and extract its contents into a folder in desired location (i.e. c:\tdsskiller).
2. Execute the file TDSSKiller.exe.
3. Click Start Scan. If threats are found, select skip and click Continue (tool may prompt for a reboot).
4. Post back contents of log file in c: drive root (name should be in UtilityName.Version_Date_Time_log.txt format)
sheikster33
2012-02-17, 04:22
Sorry it took so long to reply.

I downloaded the TDSSKiller and ran it (although I ran it in safe mode due to the continued problems with this trojan - hope that is not a problem!). It detected a Rootkit.Boot.Pihar.b threat. I skipped as instructed, but cannot figure out where to locate the log file to post. What drive/folder should it be located in? (I pulled up the "Report" in the top right-hand corner of the TDSSKiller program, but it will not let me cut and paste it.)

Thanks for your help!
sheikster33
2012-02-17, 04:29
My fault, I found it. Here it is:

22:16:05.0731 1384 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
22:16:05.0747 1384 ============================================================
22:16:05.0747 1384 Current date / time: 2012/02/16 22:16:05.0747
22:16:05.0747 1384 SystemInfo:
22:16:05.0747 1384
22:16:05.0747 1384 OS Version: 6.1.7601 ServicePack: 1.0
22:16:05.0747 1384 Product type: Workstation
22:16:05.0747 1384 ComputerName: ANTHONY-HP
22:16:05.0747 1384 UserName: Anthony
22:16:05.0747 1384 Windows directory: C:\Windows
22:16:05.0747 1384 System windows directory: C:\Windows
22:16:05.0747 1384 Running under WOW64
22:16:05.0747 1384 Processor architecture: Intel x64
22:16:05.0747 1384 Number of processors: 2
22:16:05.0747 1384 Page size: 0x1000
22:16:05.0747 1384 Boot type: Safe boot
22:16:05.0747 1384 ============================================================
22:16:06.0152 1384 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:16:06.0152 1384 \Device\Harddisk0\DR0:
22:16:06.0152 1384 MBR used
22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
22:16:06.0152 1384 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
22:16:06.0199 1384 Initialize success
22:16:06.0199 1384 ============================================================
22:16:19.0022 1444 ============================================================
22:16:19.0022 1444 Scan started
22:16:19.0022 1444 Mode: Manual;
22:16:19.0022 1444 ============================================================
22:16:19.0272 1444 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:16:19.0287 1444 1394ohci - ok
22:16:19.0397 1444 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:16:19.0397 1444 ACPI - ok
22:16:19.0537 1444 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:16:19.0537 1444 AcpiPmi - ok
22:16:19.0724 1444 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
22:16:19.0724 1444 adp94xx - ok
22:16:19.0865 1444 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
22:16:19.0865 1444 adpahci - ok
22:16:20.0021 1444 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
22:16:20.0021 1444 adpu320 - ok
22:16:20.0192 1444 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
22:16:20.0192 1444 AFD - ok
22:16:20.0333 1444 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:16:20.0333 1444 agp440 - ok
22:16:20.0457 1444 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:16:20.0457 1444 aliide - ok
22:16:20.0582 1444 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:16:20.0582 1444 amdide - ok
22:16:20.0754 1444 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
22:16:20.0754 1444 AmdK8 - ok
22:16:20.0769 1444 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
22:16:20.0769 1444 AmdPPM - ok
22:16:20.0910 1444 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:16:20.0910 1444 amdsata - ok
22:16:21.0050 1444 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
22:16:21.0050 1444 amdsbs - ok
22:16:21.0191 1444 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:16:21.0191 1444 amdxata - ok
22:16:21.0331 1444 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:16:21.0331 1444 AppID - ok
22:16:21.0487 1444 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
22:16:21.0487 1444 arc - ok
22:16:21.0549 1444 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
22:16:21.0549 1444 arcsas - ok
22:16:21.0643 1444 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
22:16:21.0643 1444 aswFsBlk - ok
22:16:21.0783 1444 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
22:16:21.0783 1444 aswMonFlt - ok
22:16:21.0877 1444 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
22:16:21.0877 1444 aswRdr - ok
22:16:21.0971 1444 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
22:16:21.0971 1444 aswSnx - ok
22:16:22.0064 1444 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
22:16:22.0080 1444 aswSP - ok
22:16:22.0142 1444 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
22:16:22.0142 1444 aswTdi - ok
22:16:22.0189 1444 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:22.0189 1444 AsyncMac - ok
22:16:22.0251 1444 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:16:22.0251 1444 atapi - ok
22:16:22.0423 1444 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
22:16:22.0423 1444 b06bdrv - ok
22:16:22.0548 1444 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:16:22.0548 1444 b57nd60a - ok
22:16:22.0719 1444 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:16:22.0735 1444 BCM43XX - ok
22:16:22.0875 1444 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:16:22.0875 1444 Beep - ok
22:16:23.0000 1444 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
22:16:23.0000 1444 blbdrive - ok
22:16:23.0156 1444 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:16:23.0156 1444 bowser - ok
22:16:23.0297 1444 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
22:16:23.0297 1444 BrFiltLo - ok
22:16:23.0343 1444 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
22:16:23.0343 1444 BrFiltUp - ok
22:16:23.0421 1444 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:16:23.0421 1444 Brserid - ok
22:16:23.0499 1444 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:16:23.0499 1444 BrSerWdm - ok
22:16:23.0640 1444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:16:23.0640 1444 BrUsbMdm - ok
22:16:23.0702 1444 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:16:23.0702 1444 BrUsbSer - ok
22:16:23.0858 1444 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
22:16:23.0858 1444 BTHMODEM - ok
22:16:24.0045 1444 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:16:24.0045 1444 cdfs - ok
22:16:24.0155 1444 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:16:24.0155 1444 cdrom - ok
22:16:24.0311 1444 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
22:16:24.0311 1444 circlass - ok
22:16:24.0373 1444 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:16:24.0373 1444 CLFS - ok
22:16:24.0545 1444 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
22:16:24.0545 1444 clwvd - ok
22:16:24.0607 1444 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
22:16:24.0607 1444 CmBatt - ok
22:16:24.0732 1444 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:16:24.0732 1444 cmdide - ok
22:16:24.0841 1444 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:16:24.0841 1444 CNG - ok
22:16:24.0950 1444 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
22:16:24.0950 1444 Compbatt - ok
22:16:25.0091 1444 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:16:25.0091 1444 CompositeBus - ok
22:16:25.0231 1444 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
22:16:25.0231 1444 crcdisk - ok
22:16:25.0449 1444 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:16:25.0449 1444 DfsC - ok
22:16:25.0574 1444 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:16:25.0574 1444 discache - ok
22:16:25.0715 1444 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
22:16:25.0715 1444 Disk - ok
22:16:25.0871 1444 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:16:25.0871 1444 drmkaud - ok
22:16:25.0949 1444 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:16:25.0964 1444 DXGKrnl - ok
22:16:26.0089 1444 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
22:16:26.0105 1444 ebdrv - ok
22:16:26.0307 1444 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
22:16:26.0307 1444 elxstor - ok
22:16:26.0370 1444 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:16:26.0370 1444 ErrDev - ok
22:16:26.0510 1444 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:16:26.0510 1444 exfat - ok
22:16:26.0557 1444 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:16:26.0557 1444 fastfat - ok
22:16:26.0713 1444 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
22:16:26.0713 1444 fdc - ok
22:16:26.0807 1444 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:16:26.0807 1444 FileInfo - ok
22:16:26.0916 1444 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:16:26.0916 1444 Filetrace - ok
22:16:26.0994 1444 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
22:16:26.0994 1444 flpydisk - ok
22:16:27.0134 1444 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:16:27.0134 1444 FltMgr - ok
22:16:27.0181 1444 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:16:27.0181 1444 FsDepends - ok
22:16:27.0243 1444 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:16:27.0243 1444 Fs_Rec - ok
22:16:27.0399 1444 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:16:27.0399 1444 fvevol - ok
22:16:27.0524 1444 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
22:16:27.0524 1444 gagp30kx - ok
22:16:27.0711 1444 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:16:27.0711 1444 GEARAspiWDM - ok
22:16:27.0899 1444 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:16:27.0899 1444 hcw85cir - ok
22:16:28.0070 1444 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:16:28.0086 1444 HdAudAddService - ok
22:16:28.0242 1444 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:16:28.0257 1444 HDAudBus - ok
22:16:28.0398 1444 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
22:16:28.0398 1444 HidBatt - ok
22:16:28.0538 1444 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
22:16:28.0538 1444 HidBth - ok
22:16:28.0679 1444 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
22:16:28.0679 1444 HidIr - ok
22:16:28.0866 1444 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:16:28.0866 1444 HidUsb - ok
22:16:29.0084 1444 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:16:29.0084 1444 HpSAMD - ok
22:16:29.0271 1444 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:16:29.0287 1444 HTTP - ok
22:16:29.0427 1444 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:16:29.0427 1444 hwpolicy - ok
22:16:29.0583 1444 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:16:29.0583 1444 i8042prt - ok
22:16:29.0771 1444 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
22:16:29.0771 1444 iaStor - ok
22:16:29.0973 1444 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:16:29.0973 1444 iaStorV - ok
22:16:30.0348 1444 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:16:30.0410 1444 igfx - ok
22:16:30.0551 1444 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
22:16:30.0551 1444 iirsp - ok
22:16:30.0660 1444 IntcAzAudAddService (336c3a6bf14d5a9af35af07c6b6b29cd) C:\Windows\system32\drivers\RTKVHD64.sys
22:16:30.0675 1444 IntcAzAudAddService - ok
22:16:30.0800 1444 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:16:30.0800 1444 intelide - ok
22:16:30.0863 1444 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:16:30.0863 1444 intelppm - ok
22:16:30.0894 1444 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:16:30.0909 1444 IpFilterDriver - ok
22:16:31.0019 1444 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:16:31.0019 1444 IPMIDRV - ok
22:16:31.0065 1444 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:16:31.0065 1444 IPNAT - ok
22:16:31.0206 1444 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:16:31.0206 1444 IRENUM - ok
22:16:31.0237 1444 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:16:31.0237 1444 isapnp - ok
22:16:31.0393 1444 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:16:31.0393 1444 iScsiPrt - ok
22:16:31.0533 1444 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:16:31.0533 1444 kbdclass - ok
22:16:31.0689 1444 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:16:31.0689 1444 kbdhid - ok
22:16:31.0736 1444 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:16:31.0736 1444 KSecDD - ok
22:16:31.0861 1444 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:16:31.0877 1444 KSecPkg - ok
22:16:32.0033 1444 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:16:32.0033 1444 ksthunk - ok
22:16:32.0173 1444 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:16:32.0173 1444 lltdio - ok
22:16:32.0282 1444 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
22:16:32.0282 1444 LSI_FC - ok
22:16:32.0298 1444 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
22:16:32.0298 1444 LSI_SAS - ok
22:16:32.0485 1444 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
22:16:32.0485 1444 LSI_SAS2 - ok
22:16:32.0657 1444 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
22:16:32.0657 1444 LSI_SCSI - ok
22:16:32.0735 1444 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:16:32.0735 1444 luafv - ok
22:16:32.0906 1444 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
22:16:32.0906 1444 megasas - ok
22:16:33.0062 1444 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
22:16:33.0062 1444 MegaSR - ok
22:16:33.0234 1444 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:16:33.0234 1444 Modem - ok
22:16:33.0374 1444 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:16:33.0374 1444 monitor - ok
22:16:33.0421 1444 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:16:33.0421 1444 mouclass - ok
22:16:33.0577 1444 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:16:33.0577 1444 mouhid - ok
22:16:33.0608 1444 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:16:33.0608 1444 mountmgr - ok
22:16:33.0764 1444 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:16:33.0764 1444 mpio - ok
22:16:33.0889 1444 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:16:33.0889 1444 mpsdrv - ok
22:16:34.0029 1444 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:16:34.0029 1444 MRxDAV - ok
22:16:34.0107 1444 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:16:34.0107 1444 mrxsmb - ok
22:16:34.0139 1444 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:16:34.0139 1444 mrxsmb10 - ok
22:16:34.0279 1444 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:16:34.0279 1444 mrxsmb20 - ok
22:16:34.0419 1444 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:16:34.0419 1444 msahci - ok
22:16:34.0513 1444 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:16:34.0513 1444 msdsm - ok
22:16:34.0669 1444 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:16:34.0669 1444 Msfs - ok
22:16:34.0825 1444 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:16:34.0825 1444 mshidkmdf - ok
22:16:34.0997 1444 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:16:34.0997 1444 msisadrv - ok
22:16:35.0168 1444 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:16:35.0168 1444 MSKSSRV - ok
22:16:35.0324 1444 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:16:35.0324 1444 MSPCLOCK - ok
22:16:35.0433 1444 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:16:35.0433 1444 MSPQM - ok
22:16:35.0558 1444 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:16:35.0558 1444 MsRPC - ok
22:16:35.0589 1444 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:16:35.0589 1444 mssmbios - ok
22:16:35.0761 1444 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:16:35.0761 1444 MSTEE - ok
22:16:35.0917 1444 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
22:16:35.0917 1444 MTConfig - ok
22:16:36.0104 1444 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:16:36.0104 1444 Mup - ok
22:16:36.0291 1444 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:16:36.0307 1444 NativeWifiP - ok
22:16:36.0510 1444 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:16:36.0510 1444 NDIS - ok
22:16:36.0681 1444 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:16:36.0681 1444 NdisCap - ok
22:16:36.0853 1444 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:16:36.0853 1444 NdisTapi - ok
22:16:37.0009 1444 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:16:37.0009 1444 Ndisuio - ok
22:16:37.0181 1444 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:16:37.0181 1444 NdisWan - ok
22:16:37.0337 1444 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:16:37.0337 1444 NDProxy - ok
22:16:37.0508 1444 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:16:37.0508 1444 NetBIOS - ok
22:16:37.0649 1444 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:16:37.0649 1444 NetBT - ok
22:16:37.0820 1444 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
22:16:37.0820 1444 nfrd960 - ok
22:16:37.0929 1444 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:16:37.0929 1444 Npfs - ok
22:16:37.0992 1444 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:16:37.0992 1444 nsiproxy - ok
22:16:38.0085 1444 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:16:38.0085 1444 Ntfs - ok
22:16:38.0241 1444 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:16:38.0241 1444 Null - ok
22:16:38.0413 1444 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
22:16:38.0429 1444 NVENETFD - ok
22:16:38.0616 1444 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:16:38.0616 1444 nvraid - ok
22:16:38.0772 1444 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:16:38.0787 1444 nvstor - ok
22:16:38.0943 1444 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:16:38.0943 1444 nv_agp - ok
22:16:39.0146 1444 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:16:39.0146 1444 ohci1394 - ok
22:16:39.0396 1444 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
22:16:39.0396 1444 Parport - ok
22:16:39.0567 1444 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:16:39.0567 1444 partmgr - ok
22:16:39.0755 1444 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:16:39.0755 1444 pci - ok
22:16:39.0926 1444 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:16:39.0926 1444 pciide - ok
22:16:40.0113 1444 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
22:16:40.0113 1444 pcmcia - ok
22:16:40.0363 1444 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
22:16:40.0363 1444 PCTCore - ok
22:16:40.0566 1444 pctDS (1335454528adfa13e1d3c4fa3fdbdc42) C:\Windows\system32\drivers\pctDS64.sys
22:16:40.0566 1444 pctDS - ok
22:16:40.0800 1444 pctEFA (df2a2505f17319dada4b204688cec0c2) C:\Windows\system32\drivers\pctEFA64.sys
22:16:40.0800 1444 pctEFA - ok
22:16:40.0987 1444 PCTSD (13635ffcaeebddbe2ca93b1218d8331f) C:\Windows\system32\Drivers\PCTSD64.sys
22:16:40.0987 1444 PCTSD - ok
22:16:41.0221 1444 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:16:41.0221 1444 pcw - ok
22:16:41.0424 1444 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:16:41.0424 1444 PEAUTH - ok
22:16:41.0689 1444 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:16:41.0689 1444 PptpMiniport - ok
22:16:41.0876 1444 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
22:16:41.0876 1444 Processor - ok
22:16:42.0095 1444 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:16:42.0095 1444 Psched - ok
22:16:42.0329 1444 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
22:16:42.0344 1444 ql2300 - ok
22:16:42.0547 1444 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
22:16:42.0547 1444 ql40xx - ok
22:16:42.0734 1444 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:16:42.0734 1444 QWAVEdrv - ok
22:16:42.0921 1444 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:16:42.0921 1444 RasAcd - ok
22:16:43.0124 1444 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:43.0124 1444 RasAgileVpn - ok
22:16:43.0343 1444 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:43.0343 1444 Rasl2tp - ok
22:16:43.0545 1444 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:43.0545 1444 RasPppoe - ok
22:16:43.0748 1444 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:16:43.0764 1444 RasSstp - ok
22:16:43.0935 1444 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:16:43.0935 1444 rdbss - ok
22:16:44.0123 1444 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
22:16:44.0123 1444 rdpbus - ok
22:16:44.0310 1444 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:44.0310 1444 RDPCDD - ok
22:16:44.0559 1444 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:16:44.0559 1444 RDPENCDD - ok
22:16:44.0700 1444 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:16:44.0700 1444 RDPREFMP - ok
22:16:44.0856 1444 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
22:16:44.0856 1444 RDPWD - ok
22:16:45.0027 1444 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:16:45.0027 1444 rdyboost - ok
22:16:45.0246 1444 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
22:16:45.0246 1444 RSPCIESTOR - ok
22:16:45.0449 1444 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:16:45.0449 1444 rspndr - ok
22:16:45.0636 1444 RTL8167 (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:16:45.0651 1444 RTL8167 - ok
22:16:45.0854 1444 RTL8192Ce (177963a6eebaa9ef3b56a2dbe9d5d0fc) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
22:16:45.0870 1444 RTL8192Ce - ok
22:16:46.0041 1444 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:16:46.0057 1444 sbp2port - ok
22:16:46.0275 1444 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:16:46.0275 1444 scfilter - ok
22:16:46.0478 1444 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
22:16:46.0478 1444 sdbus - ok
22:16:46.0665 1444 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:16:46.0665 1444 secdrv - ok
22:16:46.0821 1444 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
22:16:46.0821 1444 Serenum - ok
22:16:46.0977 1444 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
22:16:46.0977 1444 Serial - ok
22:16:47.0118 1444 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
22:16:47.0118 1444 sermouse - ok
22:16:47.0305 1444 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:16:47.0305 1444 sffdisk - ok
22:16:47.0477 1444 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:16:47.0477 1444 sffp_mmc - ok
22:16:47.0679 1444 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:16:47.0679 1444 sffp_sd - ok
22:16:47.0867 1444 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
22:16:47.0867 1444 sfloppy - ok
22:16:48.0085 1444 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:16:48.0085 1444 Sftfs - ok
22:16:48.0272 1444 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:16:48.0272 1444 Sftplay - ok
22:16:48.0444 1444 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:16:48.0444 1444 Sftredir - ok
22:16:48.0662 1444 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:16:48.0662 1444 Sftvol - ok
22:16:48.0849 1444 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
22:16:48.0849 1444 SiSRaid2 - ok
22:16:49.0052 1444 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
22:16:49.0052 1444 SiSRaid4 - ok
22:16:49.0255 1444 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:16:49.0255 1444 Smb - ok
22:16:49.0473 1444 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:16:49.0473 1444 spldr - ok
22:16:49.0676 1444 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:16:49.0676 1444 srv - ok
22:16:49.0848 1444 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:16:49.0848 1444 srv2 - ok
22:16:50.0019 1444 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
22:16:50.0019 1444 SrvHsfHDA - ok
22:16:50.0207 1444 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:16:50.0207 1444 SrvHsfV92 - ok
22:16:50.0378 1444 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:16:50.0378 1444 SrvHsfWinac - ok
22:16:50.0550 1444 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:16:50.0550 1444 srvnet - ok
22:16:50.0737 1444 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
22:16:50.0753 1444 stexstor - ok
22:16:50.0955 1444 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:16:50.0955 1444 swenum - ok
22:16:51.0158 1444 SynTP (ec4dca6539eb97376f1a1743d209d842) C:\Windows\system32\DRIVERS\SynTP.sys
22:16:51.0174 1444 SynTP - ok
22:16:51.0408 1444 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
22:16:51.0408 1444 Tcpip - ok
22:16:51.0673 1444 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
22:16:51.0673 1444 TCPIP6 - ok
22:16:51.0860 1444 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:16:51.0860 1444 tcpipreg - ok
22:16:52.0032 1444 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:16:52.0032 1444 TDPIPE - ok
22:16:52.0188 1444 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:16:52.0188 1444 TDTCP - ok
22:16:52.0375 1444 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:16:52.0375 1444 tdx - ok
22:16:52.0531 1444 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:16:52.0531 1444 TermDD - ok
22:16:52.0874 1444 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:52.0874 1444 tssecsrv - ok
22:16:53.0061 1444 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:16:53.0061 1444 TsUsbFlt - ok
22:16:53.0233 1444 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
22:16:53.0233 1444 TsUsbGD - ok
22:16:53.0373 1444 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:16:53.0373 1444 tunnel - ok
22:16:53.0498 1444 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
22:16:53.0498 1444 uagp35 - ok
22:16:53.0607 1444 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:16:53.0607 1444 udfs - ok
22:16:53.0748 1444 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:16:53.0748 1444 uliagpkx - ok
22:16:53.0888 1444 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
22:16:53.0888 1444 umbus - ok
22:16:54.0075 1444 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
22:16:54.0075 1444 UmPass - ok
22:16:54.0263 1444 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:16:54.0263 1444 USBAAPL64 - ok
22:16:54.0419 1444 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:54.0419 1444 usbccgp - ok
22:16:54.0606 1444 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:16:54.0606 1444 usbcir - ok
22:16:54.0793 1444 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:16:54.0793 1444 usbehci - ok
22:16:54.0996 1444 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:16:54.0996 1444 usbhub - ok
22:16:55.0152 1444 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:16:55.0152 1444 usbohci - ok
22:16:55.0339 1444 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
22:16:55.0339 1444 usbprint - ok
22:16:55.0495 1444 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
22:16:55.0495 1444 USBSTOR - ok
22:16:55.0667 1444 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:16:55.0667 1444 usbuhci - ok
22:16:55.0854 1444 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
22:16:55.0854 1444 usbvideo - ok
22:16:56.0025 1444 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:16:56.0025 1444 vdrvroot - ok
22:16:56.0228 1444 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:56.0228 1444 vga - ok
22:16:56.0369 1444 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:16:56.0369 1444 VgaSave - ok
22:16:56.0556 1444 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:16:56.0556 1444 vhdmp - ok
22:16:56.0727 1444 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:16:56.0727 1444 viaide - ok
22:16:56.0899 1444 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:16:56.0899 1444 volmgr - ok
22:16:57.0071 1444 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:16:57.0071 1444 volmgrx - ok
22:16:57.0227 1444 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:16:57.0227 1444 volsnap - ok
22:16:57.0398 1444 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
22:16:57.0398 1444 vsmraid - ok
22:16:57.0554 1444 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:16:57.0554 1444 vwifibus - ok
22:16:57.0710 1444 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:16:57.0710 1444 vwififlt - ok
22:16:57.0866 1444 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
22:16:57.0866 1444 WacomPen - ok
22:16:58.0100 1444 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:16:58.0100 1444 WANARP - ok
22:16:58.0131 1444 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:16:58.0131 1444 Wanarpv6 - ok
22:16:58.0303 1444 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
22:16:58.0303 1444 Wd - ok
22:16:58.0459 1444 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:16:58.0459 1444 Wdf01000 - ok
22:16:58.0662 1444 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:58.0662 1444 WfpLwf - ok
22:16:58.0818 1444 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:16:58.0818 1444 WIMMount - ok
22:16:59.0130 1444 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:16:59.0130 1444 WinUsb - ok
22:16:59.0364 1444 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:16:59.0364 1444 WmiAcpi - ok
22:16:59.0567 1444 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:16:59.0567 1444 ws2ifsl - ok
22:16:59.0723 1444 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:16:59.0738 1444 WudfPf - ok
22:16:59.0879 1444 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:59.0879 1444 WUDFRd - ok
22:16:59.0941 1444 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
22:16:59.0972 1444 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
22:16:59.0972 1444 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
22:17:00.0003 1444 Boot (0x1200) (2e78d1fb0b3b8099ed47743621dd3187) \Device\Harddisk0\DR0\Partition0
22:17:00.0019 1444 \Device\Harddisk0\DR0\Partition0 - ok
22:17:00.0035 1444 Boot (0x1200) (209c31f802055abe95109f1db49143dc) \Device\Harddisk0\DR0\Partition1
22:17:00.0035 1444 \Device\Harddisk0\DR0\Partition1 - ok
22:17:00.0066 1444 Boot (0x1200) (52723fc173f05d074f71bae89a4854f4) \Device\Harddisk0\DR0\Partition2
22:17:00.0066 1444 \Device\Harddisk0\DR0\Partition2 - ok
22:17:00.0081 1444 Boot (0x1200) (7e3c48d774d88c32e59ebf2ce3a9797c) \Device\Harddisk0\DR0\Partition3
22:17:00.0081 1444 \Device\Harddisk0\DR0\Partition3 - ok
22:17:00.0081 1444 ============================================================
22:17:00.0081 1444 Scan finished
22:17:00.0081 1444 ============================================================
22:17:00.0097 1356 Detected object count: 1
22:17:00.0097 1356 Actual detected object count: 1
22:18:50.0140 1356 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user
22:18:50.0140 1356 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip
Blade81
2012-02-17, 06:23
Good. Please run TDSSKiller again and this time select cure option. Reboot when requested and post the report + fresh DDS logs.
sheikster33
2012-02-17, 22:23
Here you are:

15:50:36.0189 1480 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
15:50:36.0953 1480 ============================================================
15:50:36.0953 1480 Current date / time: 2012/02/17 15:50:36.0953
15:50:36.0953 1480 SystemInfo:
15:50:36.0953 1480
15:50:36.0953 1480 OS Version: 6.1.7601 ServicePack: 1.0
15:50:36.0953 1480 Product type: Workstation
15:50:36.0953 1480 ComputerName: ANTHONY-HP
15:50:36.0953 1480 UserName: Anthony
15:50:36.0953 1480 Windows directory: C:\Windows
15:50:36.0953 1480 System windows directory: C:\Windows
15:50:36.0953 1480 Running under WOW64
15:50:36.0953 1480 Processor architecture: Intel x64
15:50:36.0953 1480 Number of processors: 2
15:50:36.0953 1480 Page size: 0x1000
15:50:36.0953 1480 Boot type: Safe boot
15:50:36.0953 1480 ============================================================
15:50:38.0903 1480 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:50:38.0903 1480 \Device\Harddisk0\DR0:
15:50:38.0903 1480 MBR used
15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x2386C800
15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x238D0800, BlocksNum 0x1B2A000
15:50:38.0903 1480 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
15:50:39.0137 1480 Initialize success
15:50:39.0137 1480 ============================================================
15:51:00.0541 1536 ============================================================
15:51:00.0541 1536 Scan started
15:51:00.0541 1536 Mode: Manual;
15:51:00.0541 1536 ============================================================
15:51:00.0853 1536 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:51:00.0853 1536 1394ohci - ok
15:51:00.0977 1536 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:51:00.0993 1536 ACPI - ok
15:51:01.0133 1536 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:51:01.0133 1536 AcpiPmi - ok
15:51:01.0289 1536 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:51:01.0289 1536 adp94xx - ok
15:51:01.0461 1536 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:51:01.0461 1536 adpahci - ok
15:51:01.0633 1536 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:51:01.0648 1536 adpu320 - ok
15:51:01.0804 1536 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
15:51:01.0804 1536 AFD - ok
15:51:01.0945 1536 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:51:01.0945 1536 agp440 - ok
15:51:02.0069 1536 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:51:02.0069 1536 aliide - ok
15:51:02.0194 1536 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:51:02.0194 1536 amdide - ok
15:51:02.0335 1536 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:51:02.0335 1536 AmdK8 - ok
15:51:02.0428 1536 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:51:02.0428 1536 AmdPPM - ok
15:51:02.0569 1536 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:51:02.0569 1536 amdsata - ok
15:51:02.0709 1536 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:51:02.0709 1536 amdsbs - ok
15:51:02.0849 1536 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:51:02.0849 1536 amdxata - ok
15:51:02.0990 1536 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:51:02.0990 1536 AppID - ok
15:51:03.0146 1536 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:51:03.0146 1536 arc - ok
15:51:03.0271 1536 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:51:03.0286 1536 arcsas - ok
15:51:03.0427 1536 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
15:51:03.0427 1536 aswFsBlk - ok
15:51:03.0583 1536 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
15:51:03.0583 1536 aswMonFlt - ok
15:51:03.0723 1536 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
15:51:03.0723 1536 aswRdr - ok
15:51:03.0910 1536 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
15:51:03.0910 1536 aswSnx - ok
15:51:04.0082 1536 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
15:51:04.0082 1536 aswSP - ok
15:51:04.0207 1536 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
15:51:04.0207 1536 aswTdi - ok
15:51:04.0316 1536 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:51:04.0331 1536 AsyncMac - ok
15:51:04.0441 1536 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:51:04.0441 1536 atapi - ok
15:51:04.0659 1536 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:51:04.0659 1536 b06bdrv - ok
15:51:04.0831 1536 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:51:04.0831 1536 b57nd60a - ok
15:51:05.0018 1536 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
15:51:05.0065 1536 BCM43XX - ok
15:51:05.0221 1536 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:51:05.0221 1536 Beep - ok
15:51:05.0392 1536 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
15:51:05.0392 1536 blbdrive - ok
15:51:05.0533 1536 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:51:05.0533 1536 bowser - ok
15:51:05.0673 1536 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:51:05.0673 1536 BrFiltLo - ok
15:51:05.0767 1536 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:51:05.0767 1536 BrFiltUp - ok
15:51:05.0907 1536 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:51:05.0907 1536 Brserid - ok
15:51:05.0954 1536 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:51:05.0954 1536 BrSerWdm - ok
15:51:06.0094 1536 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:51:06.0094 1536 BrUsbMdm - ok
15:51:06.0203 1536 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:51:06.0203 1536 BrUsbSer - ok
15:51:06.0328 1536 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:51:06.0344 1536 BTHMODEM - ok
15:51:06.0515 1536 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:51:06.0515 1536 cdfs - ok
15:51:06.0687 1536 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:51:06.0687 1536 cdrom - ok
15:51:06.0843 1536 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:51:06.0843 1536 circlass - ok
15:51:06.0937 1536 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:51:06.0937 1536 CLFS - ok
15:51:07.0124 1536 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
15:51:07.0124 1536 clwvd - ok
15:51:07.0264 1536 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:51:07.0264 1536 CmBatt - ok
15:51:07.0389 1536 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:51:07.0389 1536 cmdide - ok
15:51:07.0529 1536 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:51:07.0529 1536 CNG - ok
15:51:07.0670 1536 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:51:07.0670 1536 Compbatt - ok
15:51:07.0826 1536 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:51:07.0826 1536 CompositeBus - ok
15:51:07.0982 1536 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:51:07.0982 1536 crcdisk - ok
15:51:08.0185 1536 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:51:08.0200 1536 DfsC - ok
15:51:08.0309 1536 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:51:08.0309 1536 discache - ok
15:51:08.0465 1536 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:51:08.0465 1536 Disk - ok
15:51:08.0621 1536 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:51:08.0621 1536 drmkaud - ok
15:51:08.0746 1536 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:51:08.0762 1536 DXGKrnl - ok
15:51:08.0933 1536 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:51:08.0996 1536 ebdrv - ok
15:51:09.0199 1536 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:51:09.0214 1536 elxstor - ok
15:51:09.0292 1536 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:51:09.0292 1536 ErrDev - ok
15:51:09.0370 1536 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:51:09.0386 1536 exfat - ok
15:51:09.0401 1536 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:51:09.0401 1536 fastfat - ok
15:51:09.0557 1536 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:51:09.0557 1536 fdc - ok
15:51:09.0620 1536 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:51:09.0620 1536 FileInfo - ok
15:51:09.0713 1536 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:51:09.0713 1536 Filetrace - ok
15:51:09.0854 1536 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:51:09.0854 1536 flpydisk - ok
15:51:09.0932 1536 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:51:09.0932 1536 FltMgr - ok
15:51:09.0994 1536 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:51:09.0994 1536 FsDepends - ok
15:51:10.0010 1536 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:51:10.0025 1536 Fs_Rec - ok
15:51:10.0103 1536 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:51:10.0103 1536 fvevol - ok
15:51:10.0228 1536 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:51:10.0228 1536 gagp30kx - ok
15:51:10.0415 1536 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:51:10.0415 1536 GEARAspiWDM - ok
15:51:10.0587 1536 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:51:10.0587 1536 hcw85cir - ok
15:51:10.0774 1536 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:51:10.0774 1536 HdAudAddService - ok
15:51:10.0946 1536 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:51:10.0946 1536 HDAudBus - ok
15:51:11.0086 1536 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:51:11.0086 1536 HidBatt - ok
15:51:11.0227 1536 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:51:11.0227 1536 HidBth - ok
15:51:11.0383 1536 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:51:11.0383 1536 HidIr - ok
15:51:11.0554 1536 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:51:11.0554 1536 HidUsb - ok
15:51:11.0757 1536 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:51:11.0773 1536 HpSAMD - ok
15:51:12.0038 1536 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:51:12.0053 1536 HTTP - ok
15:51:12.0209 1536 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:51:12.0209 1536 hwpolicy - ok
15:51:12.0381 1536 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:51:12.0381 1536 i8042prt - ok
15:51:12.0568 1536 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
15:51:12.0568 1536 iaStor - ok
15:51:12.0771 1536 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:51:12.0771 1536 iaStorV - ok
15:51:13.0145 1536 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:51:13.0364 1536 igfx - ok
15:51:13.0535 1536 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:51:13.0535 1536 iirsp - ok
15:51:13.0769 1536 IntcAzAudAddService (336c3a6bf14d5a9af35af07c6b6b29cd) C:\Windows\system32\drivers\RTKVHD64.sys
15:51:13.0832 1536 IntcAzAudAddService - ok
15:51:14.0035 1536 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:51:14.0035 1536 intelide - ok
15:51:14.0191 1536 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:51:14.0206 1536 intelppm - ok
15:51:14.0347 1536 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:14.0347 1536 IpFilterDriver - ok
15:51:14.0503 1536 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:51:14.0503 1536 IPMIDRV - ok
15:51:14.0674 1536 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:51:14.0674 1536 IPNAT - ok
15:51:14.0830 1536 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:51:14.0830 1536 IRENUM - ok
15:51:14.0986 1536 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:51:14.0986 1536 isapnp - ok
15:51:15.0049 1536 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:51:15.0049 1536 iScsiPrt - ok
15:51:15.0205 1536 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:51:15.0205 1536 kbdclass - ok
15:51:15.0345 1536 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:51:15.0361 1536 kbdhid - ok
15:51:15.0501 1536 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:51:15.0517 1536 KSecDD - ok
15:51:15.0673 1536 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:51:15.0673 1536 KSecPkg - ok
15:51:15.0907 1536 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:51:15.0907 1536 ksthunk - ok
15:51:16.0141 1536 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:51:16.0141 1536 lltdio - ok
15:51:16.0343 1536 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:51:16.0343 1536 LSI_FC - ok
15:51:16.0609 1536 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:51:16.0609 1536 LSI_SAS - ok
15:51:16.0811 1536 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:51:16.0811 1536 LSI_SAS2 - ok
15:51:17.0061 1536 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:51:17.0061 1536 LSI_SCSI - ok
15:51:17.0295 1536 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:51:17.0311 1536 luafv - ok
15:51:17.0545 1536 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:51:17.0545 1536 megasas - ok
15:51:17.0841 1536 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:51:17.0857 1536 MegaSR - ok
15:51:18.0059 1536 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:51:18.0059 1536 Modem - ok
15:51:18.0231 1536 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:51:18.0231 1536 monitor - ok
15:51:18.0434 1536 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:51:18.0434 1536 mouclass - ok
15:51:18.0605 1536 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:51:18.0621 1536 mouhid - ok
15:51:18.0793 1536 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:51:18.0793 1536 mountmgr - ok
15:51:19.0011 1536 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:51:19.0011 1536 mpio - ok
15:51:19.0136 1536 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:51:19.0136 1536 mpsdrv - ok
15:51:19.0214 1536 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:51:19.0214 1536 MRxDAV - ok
15:51:19.0385 1536 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:19.0385 1536 mrxsmb - ok
15:51:19.0541 1536 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:19.0541 1536 mrxsmb10 - ok
15:51:19.0744 1536 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:19.0744 1536 mrxsmb20 - ok
15:51:19.0900 1536 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:51:19.0900 1536 msahci - ok
15:51:20.0072 1536 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:51:20.0072 1536 msdsm - ok
15:51:20.0243 1536 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:51:20.0243 1536 Msfs - ok
15:51:20.0368 1536 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:51:20.0368 1536 mshidkmdf - ok
15:51:20.0431 1536 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:51:20.0431 1536 msisadrv - ok
15:51:20.0633 1536 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:51:20.0633 1536 MSKSSRV - ok
15:51:20.0743 1536 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:20.0758 1536 MSPCLOCK - ok
15:51:20.0883 1536 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:51:20.0883 1536 MSPQM - ok
15:51:20.0961 1536 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:51:20.0961 1536 MsRPC - ok
15:51:21.0055 1536 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:51:21.0055 1536 mssmbios - ok
15:51:21.0117 1536 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:51:21.0117 1536 MSTEE - ok
15:51:21.0289 1536 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:51:21.0289 1536 MTConfig - ok
15:51:21.0429 1536 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:51:21.0429 1536 Mup - ok
15:51:21.0679 1536 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:51:21.0694 1536 NativeWifiP - ok
15:51:22.0022 1536 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:51:22.0037 1536 NDIS - ok
15:51:22.0178 1536 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:22.0178 1536 NdisCap - ok
15:51:22.0381 1536 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:22.0381 1536 NdisTapi - ok
15:51:22.0537 1536 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:22.0537 1536 Ndisuio - ok
15:51:22.0599 1536 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:22.0599 1536 NdisWan - ok
15:51:22.0677 1536 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:51:22.0677 1536 NDProxy - ok
15:51:22.0817 1536 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:51:22.0833 1536 NetBIOS - ok
15:51:22.0958 1536 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:51:22.0958 1536 NetBT - ok
15:51:23.0254 1536 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:51:23.0254 1536 nfrd960 - ok
15:51:23.0410 1536 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:51:23.0410 1536 Npfs - ok
15:51:23.0504 1536 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:51:23.0504 1536 nsiproxy - ok
15:51:23.0909 1536 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:51:23.0941 1536 Ntfs - ok
15:51:24.0190 1536 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:51:24.0190 1536 Null - ok
15:51:24.0315 1536 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
15:51:24.0331 1536 NVENETFD - ok
15:51:24.0580 1536 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:51:24.0580 1536 nvraid - ok
15:51:24.0767 1536 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:51:24.0767 1536 nvstor - ok
15:51:25.0064 1536 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:51:25.0064 1536 nv_agp - ok
15:51:25.0345 1536 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:51:25.0345 1536 ohci1394 - ok
15:51:25.0610 1536 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:51:25.0610 1536 Parport - ok
15:51:25.0875 1536 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:51:25.0875 1536 partmgr - ok
15:51:26.0078 1536 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:51:26.0078 1536 pci - ok
15:51:26.0343 1536 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:51:26.0343 1536 pciide - ok
15:51:26.0577 1536 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:51:26.0577 1536 pcmcia - ok
15:51:26.0873 1536 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
15:51:26.0873 1536 PCTCore - ok
15:51:27.0279 1536 pctDS (1335454528adfa13e1d3c4fa3fdbdc42) C:\Windows\system32\drivers\pctDS64.sys
15:51:27.0279 1536 pctDS - ok
15:51:27.0669 1536 pctEFA (df2a2505f17319dada4b204688cec0c2) C:\Windows\system32\drivers\pctEFA64.sys
15:51:27.0685 1536 pctEFA - ok
15:51:27.0981 1536 PCTSD (13635ffcaeebddbe2ca93b1218d8331f) C:\Windows\system32\Drivers\PCTSD64.sys
15:51:27.0981 1536 PCTSD - ok
15:51:28.0246 1536 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:51:28.0246 1536 pcw - ok
15:51:28.0433 1536 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:51:28.0449 1536 PEAUTH - ok
15:51:28.0683 1536 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:51:28.0683 1536 PptpMiniport - ok
15:51:28.0823 1536 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:51:28.0823 1536 Processor - ok
15:51:29.0026 1536 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:51:29.0026 1536 Psched - ok
15:51:29.0213 1536 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:51:29.0245 1536 ql2300 - ok
15:51:29.0463 1536 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:51:29.0463 1536 ql40xx - ok
15:51:29.0666 1536 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:51:29.0666 1536 QWAVEdrv - ok
15:51:29.0837 1536 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:51:29.0837 1536 RasAcd - ok
15:51:30.0009 1536 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:30.0009 1536 RasAgileVpn - ok
15:51:30.0196 1536 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:30.0196 1536 Rasl2tp - ok
15:51:30.0368 1536 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:30.0383 1536 RasPppoe - ok
15:51:30.0571 1536 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:51:30.0571 1536 RasSstp - ok
15:51:30.0711 1536 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:51:30.0711 1536 rdbss - ok
15:51:30.0836 1536 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:51:30.0836 1536 rdpbus - ok
15:51:30.0992 1536 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:30.0992 1536 RDPCDD - ok
15:51:31.0163 1536 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:51:31.0163 1536 RDPENCDD - ok
15:51:31.0288 1536 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:51:31.0288 1536 RDPREFMP - ok
15:51:31.0397 1536 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
15:51:31.0397 1536 RDPWD - ok
15:51:31.0538 1536 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:51:31.0538 1536 rdyboost - ok
15:51:31.0741 1536 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
15:51:31.0756 1536 RSPCIESTOR - ok
15:51:31.0912 1536 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:51:31.0912 1536 rspndr - ok
15:51:32.0084 1536 RTL8167 (3372196f61af48503656ef6aa3e92d1b) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:51:32.0099 1536 RTL8167 - ok
15:51:32.0287 1536 RTL8192Ce (177963a6eebaa9ef3b56a2dbe9d5d0fc) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
15:51:32.0302 1536 RTL8192Ce - ok
15:51:32.0443 1536 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:51:32.0443 1536 sbp2port - ok
15:51:32.0630 1536 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:51:32.0630 1536 scfilter - ok
15:51:32.0801 1536 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
15:51:32.0801 1536 sdbus - ok
15:51:32.0973 1536 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:51:32.0973 1536 secdrv - ok
15:51:33.0160 1536 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:51:33.0160 1536 Serenum - ok
15:51:33.0332 1536 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:51:33.0332 1536 Serial - ok
15:51:33.0457 1536 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:51:33.0457 1536 sermouse - ok
15:51:33.0613 1536 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:51:33.0613 1536 sffdisk - ok
15:51:33.0753 1536 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:51:33.0753 1536 sffp_mmc - ok
15:51:33.0909 1536 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:51:33.0909 1536 sffp_sd - ok
15:51:34.0065 1536 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:51:34.0065 1536 sfloppy - ok
15:51:34.0268 1536 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:51:34.0268 1536 Sftfs - ok
15:51:34.0439 1536 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:51:34.0439 1536 Sftplay - ok
15:51:34.0580 1536 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:51:34.0580 1536 Sftredir - ok
15:51:34.0736 1536 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:51:34.0736 1536 Sftvol - ok
15:51:34.0907 1536 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:51:34.0907 1536 SiSRaid2 - ok
15:51:35.0079 1536 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:51:35.0079 1536 SiSRaid4 - ok
15:51:35.0219 1536 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:51:35.0235 1536 Smb - ok
15:51:35.0407 1536 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:51:35.0407 1536 spldr - ok
15:51:35.0578 1536 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:51:35.0594 1536 srv - ok
15:51:35.0734 1536 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:51:35.0734 1536 srv2 - ok
15:51:35.0875 1536 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:51:35.0890 1536 SrvHsfHDA - ok
15:51:36.0062 1536 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:51:36.0093 1536 SrvHsfV92 - ok
15:51:36.0280 1536 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:51:36.0296 1536 SrvHsfWinac - ok
15:51:36.0483 1536 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:51:36.0483 1536 srvnet - ok
15:51:36.0670 1536 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:51:36.0686 1536 stexstor - ok
15:51:36.0889 1536 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:51:36.0889 1536 swenum - ok
15:51:37.0107 1536 SynTP (ec4dca6539eb97376f1a1743d209d842) C:\Windows\system32\DRIVERS\SynTP.sys
15:51:37.0123 1536 SynTP - ok
15:51:37.0357 1536 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:51:37.0403 1536 Tcpip - ok
15:51:37.0653 1536 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:51:37.0669 1536 TCPIP6 - ok
15:51:37.0871 1536 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:51:37.0871 1536 tcpipreg - ok
15:51:38.0027 1536 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:51:38.0027 1536 TDPIPE - ok
15:51:38.0183 1536 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:51:38.0183 1536 TDTCP - ok
15:51:38.0371 1536 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:51:38.0371 1536 tdx - ok
15:51:38.0527 1536 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:51:38.0527 1536 TermDD - ok
15:51:38.0745 1536 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:38.0745 1536 tssecsrv - ok
15:51:38.0917 1536 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:51:38.0917 1536 TsUsbFlt - ok
15:51:39.0119 1536 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:51:39.0119 1536 TsUsbGD - ok
15:51:39.0322 1536 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:51:39.0322 1536 tunnel - ok
15:51:39.0556 1536 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:51:39.0556 1536 uagp35 - ok
15:51:39.0853 1536 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:51:39.0853 1536 udfs - ok
15:51:40.0087 1536 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:51:40.0087 1536 uliagpkx - ok
15:51:40.0367 1536 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:51:40.0367 1536 umbus - ok
15:51:40.0539 1536 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:51:40.0539 1536 UmPass - ok
15:51:40.0804 1536 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:51:40.0804 1536 USBAAPL64 - ok
15:51:41.0007 1536 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:41.0023 1536 usbccgp - ok
15:51:41.0288 1536 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:51:41.0288 1536 usbcir - ok
15:51:41.0522 1536 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:51:41.0522 1536 usbehci - ok
15:51:41.0740 1536 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:51:41.0756 1536 usbhub - ok
15:51:41.0912 1536 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:51:41.0912 1536 usbohci - ok
15:51:42.0083 1536 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:51:42.0083 1536 usbprint - ok
15:51:42.0255 1536 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:51:42.0255 1536 USBSTOR - ok
15:51:42.0427 1536 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:51:42.0427 1536 usbuhci - ok
15:51:42.0598 1536 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
15:51:42.0598 1536 usbvideo - ok
15:51:42.0770 1536 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:51:42.0770 1536 vdrvroot - ok
15:51:42.0973 1536 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:42.0973 1536 vga - ok
15:51:43.0129 1536 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:51:43.0129 1536 VgaSave - ok
15:51:43.0300 1536 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:51:43.0300 1536 vhdmp - ok
15:51:43.0472 1536 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:51:43.0472 1536 viaide - ok
15:51:43.0628 1536 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:51:43.0643 1536 volmgr - ok
15:51:43.0799 1536 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:51:43.0815 1536 volmgrx - ok
15:51:43.0955 1536 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:51:43.0971 1536 volsnap - ok
15:51:44.0143 1536 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:51:44.0158 1536 vsmraid - ok
15:51:44.0314 1536 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:51:44.0314 1536 vwifibus - ok
15:51:44.0501 1536 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:51:44.0501 1536 vwififlt - ok
15:51:44.0642 1536 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:51:44.0642 1536 WacomPen - ok
15:51:44.0813 1536 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:51:44.0829 1536 WANARP - ok
15:51:44.0845 1536 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:51:44.0845 1536 Wanarpv6 - ok
15:51:45.0016 1536 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:51:45.0032 1536 Wd - ok
15:51:45.0172 1536 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:51:45.0188 1536 Wdf01000 - ok
15:51:45.0391 1536 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:45.0391 1536 WfpLwf - ok
15:51:45.0515 1536 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:51:45.0531 1536 WIMMount - ok
15:51:45.0765 1536 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:45.0765 1536 WinUsb - ok
15:51:45.0983 1536 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:51:45.0999 1536 WmiAcpi - ok
15:51:46.0186 1536 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:51:46.0186 1536 ws2ifsl - ok
15:51:46.0358 1536 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:51:46.0358 1536 WudfPf - ok
15:51:46.0514 1536 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:46.0514 1536 WUDFRd - ok
15:51:46.0576 1536 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:51:46.0639 1536 \Device\Harddisk0\DR0 - ok
15:51:46.0654 1536 Boot (0x1200) (2e78d1fb0b3b8099ed47743621dd3187) \Device\Harddisk0\DR0\Partition0
15:51:46.0654 1536 \Device\Harddisk0\DR0\Partition0 - ok
15:51:46.0654 1536 Boot (0x1200) (209c31f802055abe95109f1db49143dc) \Device\Harddisk0\DR0\Partition1
15:51:46.0670 1536 \Device\Harddisk0\DR0\Partition1 - ok
15:51:46.0701 1536 Boot (0x1200) (52723fc173f05d074f71bae89a4854f4) \Device\Harddisk0\DR0\Partition2
15:51:46.0701 1536 \Device\Harddisk0\DR0\Partition2 - ok
15:51:46.0717 1536 Boot (0x1200) (7e3c48d774d88c32e59ebf2ce3a9797c) \Device\Harddisk0\DR0\Partition3
15:51:46.0717 1536 \Device\Harddisk0\DR0\Partition3 - ok
15:51:46.0717 1536 ============================================================
15:51:46.0717 1536 Scan finished
15:51:46.0717 1536 ============================================================
15:51:46.0732 1528 Detected object count: 0
15:51:46.0732 1528 Actual detected object count: 0
15:53:49.0052 1432 Deinitialize success



And the DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Anthony at 16:10:32 on 2012-02-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.1281 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\msiexec.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SoftwareDistribution\Download\Install\windows-kb890830-x64-v4.5-delta.exe
c:\f2fb6c0123b4c92088cc0c\mrtstub.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\MRT.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-17 21:10:29 -------- d-----w- C:\f2fb6c0123b4c92088cc0c
2012-02-17 21:07:32 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{597BF22B-1942-4443-812A-F215B5C16F4D}\offreg.dll
2012-02-17 20:42:27 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-16 16:29:06 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{597BF22B-1942-4443-812A-F215B5C16F4D}\mpengine.dll
2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
2012-02-03 11:56:00 20480 ----a-w- C:\Windows\svchost.exe
2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124D.tmp
2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124C.tmp
2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
.
==================== Find3M ====================
.
2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-07 15:39:10 279096 ----a-w- C:\Windows\System32\MpSigStub.exe
2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 16:12:17.09 ===============
Blade81
2012-02-17, 23:46
Hi,

Update MBAM and run a quick scan with it. Post back the report.
sheikster33
2012-02-18, 03:43
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anthony :: ANTHONY-HP [administrator]

2/17/2012 9:39:59 PM
mbam-log-2012-02-17 (21-43-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 184167
Time elapsed: 2 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Anthony\AppData\Local\Temp\oiu0.97327537039886.exe (Spyware.Agent) -> No action taken.
C:\Users\Anthony\AppData\Local\Temp\tue0.48395360765597584.exe (Spyware.Agent) -> No action taken.
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)
Blade81
2012-02-18, 10:48
Hi,

Let MBAM remove those findings, reboot and post back the log + fresh dds.txt log.
sheikster33
2012-02-18, 18:47
Here are the logs:

(Note - before I could run the MBAM scan, it automatically detected the svchost.exe file and asked me to quarantine it, which I did. I hope that isn't a problem! That is why it only detected 2 problems this time, instead of 3.)

MBAM log:

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anthony :: ANTHONY-HP [administrator]

Protection: Enabled

2/18/2012 11:52:14 AM
mbam-log-2012-02-18 (11-52-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 184044
Time elapsed: 3 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Anthony\AppData\Local\Temp\oiu0.97327537039886.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Users\Anthony\AppData\Local\Temp\tue0.48395360765597584.exe (Spyware.Agent) -> Quarantined and deleted successfully.

(end)




DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Anthony at 12:44:21 on 2012-02-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.1428 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-17 652360]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-18 02:18:39 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-17 21:23:37 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{827B4648-0DB5-418B-B7A6-DC5321A3BC0A}\mpengine.dll
2012-02-17 20:42:27 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-17 02:44:35 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-17 02:44:35 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-17 02:44:22 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-17 02:44:22 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-17 02:44:12 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-17 02:43:59 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-17 02:43:46 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-17 02:43:46 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124D.tmp
2012-02-01 00:01:00 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\124C.tmp
2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
.
==================== Find3M ====================
.
2012-01-29 10:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
.
============= FINISH: 12:45:44.24 ===============
Blade81
2012-02-19, 13:12
Hi again,



Uninstall old Adobe Reader versions and get the latest one (Adobe Reader 10.1 and separate 10.1.1 10.1.2 updates for it) here (http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows) or get Foxit Reader here (http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm). Make sure you don't (unless you want to) install toolbar if choose Foxit Reader! You may also check free readers introduced here (http://pdfreaders.org/).

Uninstall your current Adobe shockwave player and get the fresh one here (http://get.adobe.com/shockwave/) if needed.


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 7 Update 3 (http://www.oracle.com/technetwork/java/javase/downloads/index.html).
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.

The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-7u3-windows-i586.exe to install the newest version.


* Go here (http://www.eset.eu/online-scanner) to run an online scanner from ESET.
Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is UNchecked and the option Scan unwanted applications is checkmarked.
Click Scan
Wait for the scan to finish.



Post back its report & a fresh dds.txt log. How's the system running now?
sheikster33
2012-02-21, 17:50
Everything seems to be working all right, although I am having trouble getting my Avast program to work. Here is the DDS log, I couldn't locate the other one.

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.0
Run by Anthony at 11:46:40 on 2012-02-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3002.1252 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Facebook Update] "C:\Users\Anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE} : DhcpNameServer = 209.18.47.61 209.18.47.62 0.0.0.0
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\158553B483 : DhcpNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\4616973796E6E6 : DhcpNameServer = 10.1.10.1
TCP: Interfaces\{A268B52B-10FB-46D0-9788-CDF9D7A900DE}\A696C6C637F6E61313 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D5B1CF34-AFE8-4194-B781-4A70D07A57B8} : DhcpNameServer = 192.168.24.2
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\uy1sevt2.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Anthony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-14 98208]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13336]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-14 1817088]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-17 652360]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-2 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-31 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCTSFileEnum;PCTSFileEnum;C:\Program Files (x86)\PC Tools\DMScanning\PCTSFiles.exe [2012-2-3 89016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-21 04:49:03 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{827B4648-0DB5-418B-B7A6-DC5321A3BC0A}\offreg.dll
2012-02-21 02:51:21 -------- d-----w- C:\Program Files (x86)\ESET
2012-02-21 02:44:02 637848 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-02-21 02:31:38 -------- d-----w- C:\Program Files\iPod
2012-02-21 02:31:37 -------- d-----w- C:\Program Files\iTunes
2012-02-21 02:31:37 -------- d-----w- C:\Program Files (x86)\iTunes
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-02-21 02:28:36 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-02-21 02:21:21 -------- d-----w- C:\HP_TOOLS_mountHPSF
2012-02-18 02:18:39 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-17 21:23:37 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{827B4648-0DB5-418B-B7A6-DC5321A3BC0A}\mpengine.dll
2012-02-17 20:42:27 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-17 02:44:35 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-17 02:44:35 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-17 02:44:22 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-17 02:44:22 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-17 02:44:12 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-17 02:43:59 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-17 02:43:46 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-17 02:43:46 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-03 13:04:04 -------- d-----w- C:\Users\Anthony\AppData\Local\Mozilla
2012-02-03 11:41:31 -------- d-----w- C:\fbe0419dc356260313763811
2012-02-03 05:57:03 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-02-03 05:57:03 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-02-03 05:57:01 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-02-03 05:56:57 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-02-03 03:04:09 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-03 03:04:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-02-03 02:36:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-02-03 02:36:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-02-03 02:31:02 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-02-03 02:31:02 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-02-03 02:31:02 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-02-03 02:31:02 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-02-02 05:34:48 -------- d-----w- C:\Windows\Content.IE5
2012-02-02 05:24:15 -------- d-----w- C:\!KillBox
2012-02-02 04:31:08 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Malwarebytes
2012-02-02 04:30:40 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-02 04:30:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-01 18:00:04 -------- d-----w- C:\Users\Anthony\AppData\Roaming\isoburnerdata
2012-02-01 17:00:16 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-02-01 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-02-01 16:25:56 -------- d-----w- C:\ProgramData\PC Tools
2012-02-01 16:25:55 -------- d-----w- C:\Users\Anthony\AppData\Roaming\TestApp
2012-02-01 03:33:56 -------- d-----w- C:\Users\Anthony\AppData\Local\Microsoft Games
2012-02-01 03:22:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-02-01 03:22:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-01-31 14:59:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Diagnostics
2012-01-31 03:00:49 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{AEFD785D-F6BE-4BFD-9088-BB41A474B955}
2012-01-31 03:00:25 -------- d-----w- C:\Users\Anthony\AppData\Local\{6BBF355A-5635-4399-B9A7-7D59BCF551F5}
2012-01-24 23:06:43 -------- d-----w- C:\Users\Anthony\AppData\Local\{5EB93F4C-E63C-4C32-AA56-8D8306EEB3C3}
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Roaming\Windows Live Writer
2012-01-24 23:06:17 -------- d-----w- C:\Users\Anthony\AppData\Local\Windows Live Writer
.
==================== Find3M ====================
.
2012-02-21 02:43:53 567696 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-01-29 10:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-23 16:01:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
.
============= FINISH: 11:47:43.87 ===============
Blade81
2012-02-21, 17:53
Hi,


I am having trouble getting my Avast program to work.
Any specific error messages?


Here is the DDS log, I couldn't locate the other one.
Please see if there's ESET log under C:\Program Files (x86)\ESET folder.
sheikster33
2012-02-21, 23:49
With the Avast problem, it shows that it "has stopped or is in an inconsistent state" and prompts me to restart the program. However, every time I hit the "FIX NOW" or "Restart Program" buttons, it does nothing. When I try to perform a Quick Scan, it says, "Unable to start scan. There are no more endpoints available from the endpoint mapper." When I try to start the File System Shield, it says, "Unable to start the File System Shield! Shield unreachable."

Here is the only ESET log I could find:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251

Thanks for all of your help!
Blade81
2012-02-22, 06:40
Hi,

Please reinstall Avast (uninstall and then do fresh install) to see if that fixes the problem.
sheikster33
2012-02-25, 21:25
That worked. Thanks again for all of your help!
Blade81
2012-02-26, 11:30
You're welcome! :) Let's see the final steps.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Select c: drive and click Configure...
7. Select Turn off protection
8. Press OK.
Repeat steps 6-8 for each hard drive.

B. Reboot.

C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 7. select Restore system settings and previous versions of files -option.


UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site (http://windowsupdate.microsoft.com/) to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.


Download and run Secunia Personal Software Inspector (PSI) (http://secunia.com/vulnerability_scanning/personal/) and fix its findings. Leave the program installed so you'll stay alarmed about vulnerable components in future too.


Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade :cool:
Blade81
2012-03-15, 15:45
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :)

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.