Inactive Attempting to Follow the 6-Step Instructions, sadly failing

ChillyDown · Oct 7, 2011

Hello, my issue is specifically with the oh-so-interesting Guard Online on Windows7. I warn readers and potential advisers that I am verging on computer illiterate, so I beg for your patience (and mercy). Following the aforementioned steps, I find myself trapped at Step 3:

I have downloaded GMER and it opens, but does not produce any information upon opening (the list implies that there will be a quick scan with some result or another). I have run it twice, and a third time in safe mode with the same result. It appears to be scanning for just a few seconds, but no pop-ups or new information shows up when it has finished (?). I was unsure if I should actually click the "Scan" button on the side as it seemed in the text that was not advisable... Or perhaps I read too much into things. I'm hoping asking too many questions is better for my computer's health than just clicking on things I think look correct.

[I can respond with my one log from Malwarebyte if that will provide any aid. ]

Help me, technologically-inclined humans, you're my only hope!

Bobbye · Oct 7, 2011

Welcome to TechSpot! I'll be glad to help get you running.

You are experiencing problems due to AV Guard Online, is that correct?
This infection is classified as a rogue anti-spyware program because it uses false security alerts and fake scan results to try and trick you into thinking that your computer is infected so that you will then purchase it. It scans then goes on to display a variety of fake security alerts and warnings that are designed to make you think your computer has a serious security problem.
========================================
Skip GMER for now.
==============================================
Please do the following to help you run other programs:

Boot into Safe Mode

Restart your computer and start pressing the F8 key on your keyboard.
Select the Safe Mode with Networking option when the Windows Advanced Options menu appears, using your up/down arrows to reach it and then press ENTER.

This infection may change your Windows settings to use a proxy server that will not allow you to browse any pages on the Internet with Internet Explorer or update security software, we will first need need to fix this: Launch Internet Explorer

Access Internet Options through Tools> Connections tab
Click on the Lan Settings at the bottom
Proxy Server section> uncheck the box labeled 'Use a proxy server for your LAN.
Then click on OK> and OK again to close Internet Options.

===============================
This malware frequently comes with the TDSS rootkit, so do the following:

Download the file TDSSKiller.zip and save to the desktop.
(If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.)
Right-click the tdsskiller.zip file> Select Extract All into a folder on the infected (or potentially infected) PC.
Double click on TDSSKiller.exe. to run the scan
When the scan is over, the utility outputs a list of detected objects with description.
The utility automatically selects an action (Cure or Delete) for malicious objects.
The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
Select the action Quarantine to quarantine detected objects.
The default quarantine folder is in the system disk root folder, e.g.: C:\TDSSKiller_Quarantine\23.07.2010_15.31.43
After clicking Next, the utility applies selected actions and outputs the result.
A reboot is required after disinfection.

====================================
If TDSSKiller requires you to reboot, please allow it to do so. After you reboot, reboot back into Safe Mode with Networking again
====================================
To end the processes that belong to AV Guard Online:
Please download and run the tool below named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 3 different versions. If one of them won't run then download and try to run the other one. (Vista and Win7 users need to right click Rkill and choose Run as Administrator)

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.

Do not reboot until instructed. as it will start the malware again
==================================
You will run another scan with Mbam, after it updates, but this time, on the Scanner tab, make sure the the Perform Full Scan option is selected and then click on the Scan button.

When scan has finished, you will see this image:

Click on OK to close box and continue.
Click on the Show Results button.
Click on the Remove Selected button to remove all the listed malware.
At end of malware removal, the scan log opens and displays in Notepad. Be sure to click on Format> Uncheck Word Wrap before copying the log to paste in your next reply.

========================================
Now see if you can run the DDS scan. If you have any problem, let me know.

Please paste logs for:
TDSSKiller
RKill
New Malwarebytes
2 logs from DDS

ChillyDown · Oct 7, 2011

13:53:53.0071 4320 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
13:53:53.0600 4320 ============================================================
13:53:53.0600 4320 Current date / time: 2011/10/07 13:53:53.0600
13:53:53.0600 4320 SystemInfo:
13:53:53.0600 4320
13:53:53.0600 4320 OS Version: 6.1.7600 ServicePack: 0.0
13:53:53.0600 4320 Product type: Workstation
13:53:53.0600 4320 ComputerName: ASHER-PC
13:53:53.0600 4320 UserName: Asher
13:53:53.0601 4320 Windows directory: C:\Windows
13:53:53.0601 4320 System windows directory: C:\Windows
13:53:53.0601 4320 Running under WOW64
13:53:53.0601 4320 Processor architecture: Intel x64
13:53:53.0601 4320 Number of processors: 8
13:53:53.0601 4320 Page size: 0x1000
13:53:53.0601 4320 Boot type: Normal boot
13:53:53.0601 4320 ============================================================
13:53:54.0037 4320 Initialize success
13:54:38.0880 1052 ============================================================
13:54:38.0880 1052 Scan started
13:54:38.0880 1052 Mode: Manual;
13:54:38.0880 1052 ============================================================
13:54:39.0190 1052 1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys
13:54:39.0192 1052 1394ohci - ok
13:54:39.0215 1052 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:54:39.0218 1052 ACPI - ok
13:54:39.0237 1052 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:54:39.0250 1052 AcpiPmi - ok
13:54:39.0319 1052 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:54:39.0340 1052 adp94xx - ok
13:54:39.0371 1052 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:54:39.0389 1052 adpahci - ok
13:54:39.0427 1052 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:54:39.0440 1052 adpu320 - ok
13:54:39.0506 1052 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
13:54:39.0562 1052 AFD - ok
13:54:39.0593 1052 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:54:39.0598 1052 agp440 - ok
13:54:39.0608 1052 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:54:39.0615 1052 aliide - ok
13:54:39.0644 1052 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:54:39.0646 1052 amdide - ok
13:54:39.0671 1052 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:54:39.0681 1052 AmdK8 - ok
13:54:39.0796 1052 amdkmdag (a497ff5ae4d0c93da2cfb98e6a355c1f) C:\Windows\system32\DRIVERS\atipmdag.sys
13:54:39.0941 1052 amdkmdag - ok
13:54:39.0957 1052 amdkmdap (91b89be832d436af257b91666bc32c30) C:\Windows\system32\DRIVERS\atikmpag.sys
13:54:39.0985 1052 amdkmdap - ok
13:54:39.0995 1052 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:54:39.0999 1052 AmdPPM - ok
13:54:40.0041 1052 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
13:54:40.0095 1052 amdsata - ok
13:54:40.0125 1052 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:54:40.0138 1052 amdsbs - ok
13:54:40.0161 1052 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
13:54:40.0162 1052 amdxata - ok
13:54:40.0174 1052 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:54:40.0183 1052 AppID - ok
13:54:40.0226 1052 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:54:40.0233 1052 arc - ok
13:54:40.0244 1052 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:54:40.0255 1052 arcsas - ok
13:54:40.0272 1052 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:54:40.0280 1052 AsyncMac - ok
13:54:40.0292 1052 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:54:40.0296 1052 atapi - ok
13:54:40.0345 1052 athr (e0fabc10635c670bd7d89fd214a405d7) C:\Windows\system32\DRIVERS\athrx.sys
13:54:40.0405 1052 athr - ok
13:54:40.0441 1052 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
13:54:40.0489 1052 AtiHdmiService - ok
13:54:40.0541 1052 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:54:40.0560 1052 b06bdrv - ok
13:54:40.0589 1052 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:54:40.0603 1052 b57nd60a - ok
13:54:40.0627 1052 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:54:40.0637 1052 Beep - ok
13:54:40.0680 1052 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:54:40.0686 1052 blbdrive - ok
13:54:40.0721 1052 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:54:40.0723 1052 bowser - ok
13:54:40.0750 1052 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:54:40.0759 1052 BrFiltLo - ok
13:54:40.0769 1052 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:54:40.0777 1052 BrFiltUp - ok
13:54:40.0788 1052 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:54:40.0796 1052 Brserid - ok
13:54:40.0807 1052 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:54:40.0812 1052 BrSerWdm - ok
13:54:40.0820 1052 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:54:40.0823 1052 BrUsbMdm - ok
13:54:40.0833 1052 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:54:40.0835 1052 BrUsbSer - ok
13:54:40.0850 1052 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:54:40.0856 1052 BTHMODEM - ok
13:54:40.0876 1052 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:54:40.0877 1052 cdfs - ok
13:54:40.0904 1052 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:54:40.0912 1052 cdrom - ok
13:54:40.0942 1052 cfwids (676535b3156fecf7133cf80b4d2f6cf7) C:\Windows\system32\drivers\cfwids.sys
13:54:40.0993 1052 cfwids - ok
13:54:41.0002 1052 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:54:41.0005 1052 circlass - ok
13:54:41.0032 1052 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:54:41.0036 1052 CLFS - ok
13:54:41.0052 1052 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:54:41.0055 1052 CmBatt - ok
13:54:41.0063 1052 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:54:41.0066 1052 cmdide - ok
13:54:41.0092 1052 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
13:54:41.0094 1052 CNG - ok
13:54:41.0113 1052 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:54:41.0121 1052 Compbatt - ok
13:54:41.0140 1052 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:54:41.0146 1052 CompositeBus - ok
13:54:41.0157 1052 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:54:41.0161 1052 crcdisk - ok
13:54:41.0204 1052 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:54:41.0206 1052 DfsC - ok
13:54:41.0225 1052 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:54:41.0231 1052 discache - ok
13:54:41.0246 1052 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:54:41.0247 1052 Disk - ok
13:54:41.0278 1052 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:54:41.0283 1052 drmkaud - ok
13:54:41.0333 1052 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:54:41.0393 1052 DXGKrnl - ok
13:54:41.0462 1052 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:54:41.0521 1052 ebdrv - ok
13:54:41.0546 1052 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:54:41.0558 1052 elxstor - ok
13:54:41.0574 1052 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:54:41.0581 1052 ErrDev - ok
13:54:41.0610 1052 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:54:41.0622 1052 exfat - ok
13:54:41.0647 1052 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:54:41.0648 1052 fastfat - ok
13:54:41.0658 1052 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:54:41.0662 1052 fdc - ok
13:54:41.0675 1052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:54:41.0675 1052 FileInfo - ok
13:54:41.0685 1052 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:54:41.0688 1052 Filetrace - ok
13:54:41.0706 1052 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:54:41.0712 1052 flpydisk - ok
13:54:41.0733 1052 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:54:41.0736 1052 FltMgr - ok
13:54:41.0761 1052 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:54:41.0768 1052 FsDepends - ok
13:54:41.0790 1052 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:54:41.0793 1052 Fs_Rec - ok
13:54:41.0834 1052 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:54:41.0837 1052 fvevol - ok
13:54:41.0861 1052 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:54:41.0871 1052 gagp30kx - ok
13:54:41.0922 1052 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:54:41.0930 1052 hcw85cir - ok
13:54:41.0973 1052 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:54:41.0975 1052 HDAudBus - ok
13:54:41.0996 1052 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
13:54:42.0031 1052 HECIx64 - ok
13:54:42.0040 1052 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:54:42.0043 1052 HidBatt - ok
13:54:42.0052 1052 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:54:42.0056 1052 HidBth - ok
13:54:42.0095 1052 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:54:42.0102 1052 HidIr - ok
13:54:42.0122 1052 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:54:42.0127 1052 HidUsb - ok
13:54:42.0156 1052 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:54:42.0160 1052 HpSAMD - ok
13:54:42.0190 1052 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:54:42.0216 1052 HTTP - ok
13:54:42.0231 1052 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:54:42.0231 1052 hwpolicy - ok
13:54:42.0255 1052 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:54:42.0261 1052 i8042prt - ok
13:54:42.0289 1052 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
13:54:42.0294 1052 iaStor - ok
13:54:42.0349 1052 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
13:54:42.0392 1052 iaStorV - ok
13:54:42.0411 1052 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:54:42.0416 1052 iirsp - ok
13:54:42.0485 1052 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys
13:54:42.0514 1052 IntcAzAudAddService - ok
13:54:42.0548 1052 IntcDAud (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys
13:54:42.0593 1052 IntcDAud - ok
13:54:42.0603 1052 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:54:42.0605 1052 intelide - ok
13:54:42.0614 1052 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:54:42.0615 1052 intelppm - ok
13:54:42.0631 1052 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:54:42.0635 1052 IpFilterDriver - ok
13:54:42.0648 1052 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:54:42.0659 1052 IPMIDRV - ok
13:54:42.0674 1052 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:54:42.0680 1052 IPNAT - ok
13:54:42.0689 1052 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:54:42.0692 1052 IRENUM - ok
13:54:42.0709 1052 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:54:42.0715 1052 isapnp - ok
13:54:42.0737 1052 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:54:42.0745 1052 iScsiPrt - ok
13:54:42.0768 1052 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
13:54:42.0807 1052 k57nd60a - ok
13:54:42.0832 1052 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:54:42.0836 1052 kbdclass - ok
13:54:42.0853 1052 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:54:42.0864 1052 kbdhid - ok
13:54:42.0894 1052 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
13:54:42.0895 1052 KSecDD - ok
13:54:42.0912 1052 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
13:54:42.0913 1052 KSecPkg - ok
13:54:42.0932 1052 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:54:42.0938 1052 ksthunk - ok
13:54:42.0971 1052 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:54:42.0976 1052 lltdio - ok
13:54:42.0995 1052 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:54:43.0000 1052 LSI_FC - ok
13:54:43.0013 1052 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:54:43.0017 1052 LSI_SAS - ok
13:54:43.0028 1052 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:54:43.0031 1052 LSI_SAS2 - ok
13:54:43.0050 1052 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:54:43.0065 1052 LSI_SCSI - ok
13:54:43.0107 1052 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:54:43.0108 1052 luafv - ok
13:54:43.0154 1052 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
13:54:43.0155 1052 MBAMProtector - ok
13:54:43.0201 1052 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:54:43.0205 1052 megasas - ok
13:54:43.0225 1052 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:54:43.0235 1052 MegaSR - ok
13:54:43.0260 1052 mfeapfk (31338e489314ae2a29534fbaa7ad2f1b) C:\Windows\system32\drivers\mfeapfk.sys
13:54:43.0262 1052 mfeapfk - ok
13:54:43.0291 1052 mfeavfk (5822e70233218bcf22a65fcea74d012d) C:\Windows\system32\drivers\mfeavfk.sys
13:54:43.0342 1052 mfeavfk - ok
13:54:43.0372 1052 mfeavfk01 - ok
13:54:43.0399 1052 mfefirek (5a24e7c834576313d8c5eaf0825da844) C:\Windows\system32\drivers\mfefirek.sys
13:54:43.0440 1052 mfefirek - ok
13:54:43.0460 1052 mfehidk (a2607740bb18d631da01e01dcb81843b) C:\Windows\system32\drivers\mfehidk.sys
13:54:43.0463 1052 mfehidk - ok
13:54:43.0479 1052 mfenlfk (50c3a9d7465d385061c0601deefb5a8e) C:\Windows\system32\DRIVERS\mfenlfk.sys
13:54:43.0523 1052 mfenlfk - ok
13:54:43.0547 1052 mferkdet (edf5ee799a0b3ed6dce8bb16a51f3d1f) C:\Windows\system32\drivers\mferkdet.sys
13:54:43.0577 1052 mferkdet - ok
13:54:43.0599 1052 mfewfpk (9182faf9addd5ea6308d155ceb502c6f) C:\Windows\system32\drivers\mfewfpk.sys
13:54:43.0600 1052 mfewfpk - ok
13:54:43.0631 1052 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:54:43.0637 1052 Modem - ok
13:54:43.0662 1052 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:54:43.0663 1052 monitor - ok
13:54:43.0678 1052 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:54:43.0686 1052 mouclass - ok
13:54:43.0722 1052 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:54:43.0731 1052 mouhid - ok
13:54:43.0750 1052 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:54:43.0752 1052 mountmgr - ok
13:54:43.0772 1052 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:54:43.0780 1052 mpio - ok
13:54:43.0804 1052 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:54:43.0806 1052 mpsdrv - ok
13:54:43.0821 1052 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:54:43.0830 1052 MRxDAV - ok
13:54:43.0886 1052 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:54:43.0888 1052 mrxsmb - ok
13:54:43.0906 1052 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:54:43.0908 1052 mrxsmb10 - ok
13:54:43.0920 1052 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:54:43.0921 1052 mrxsmb20 - ok
13:54:43.0946 1052 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
13:54:44.0000 1052 msahci - ok
13:54:44.0031 1052 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:54:44.0037 1052 msdsm - ok
13:54:44.0061 1052 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:54:44.0062 1052 Msfs - ok
13:54:44.0074 1052 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:54:44.0084 1052 mshidkmdf - ok
13:54:44.0109 1052 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:54:44.0110 1052 msisadrv - ok
13:54:44.0132 1052 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:54:44.0138 1052 MSKSSRV - ok
13:54:44.0147 1052 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:54:44.0151 1052 MSPCLOCK - ok
13:54:44.0160 1052 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:54:44.0162 1052 MSPQM - ok
13:54:44.0184 1052 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:54:44.0188 1052 MsRPC - ok
13:54:44.0209 1052 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:54:44.0210 1052 mssmbios - ok
13:54:44.0236 1052 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:54:44.0243 1052 MSTEE - ok
13:54:44.0255 1052 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:54:44.0261 1052 MTConfig - ok
13:54:44.0291 1052 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:54:44.0292 1052 Mup - ok
13:54:44.0319 1052 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:54:44.0335 1052 NativeWifiP - ok
13:54:44.0364 1052 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:54:44.0372 1052 NDIS - ok
13:54:44.0400 1052 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:54:44.0405 1052 NdisCap - ok
13:54:44.0428 1052 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:54:44.0435 1052 NdisTapi - ok
13:54:44.0455 1052 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:54:44.0462 1052 Ndisuio - ok
13:54:44.0476 1052 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:54:44.0482 1052 NdisWan - ok
13:54:44.0502 1052 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:54:44.0505 1052 NDProxy - ok
13:54:44.0514 1052 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:54:44.0514 1052 NetBIOS - ok
13:54:44.0536 1052 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:54:44.0543 1052 NetBT - ok
13:54:44.0573 1052 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:54:44.0577 1052 nfrd960 - ok
13:54:44.0600 1052 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:54:44.0601 1052 Npfs - ok
13:54:44.0620 1052 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:54:44.0627 1052 nsiproxy - ok
13:54:44.0692 1052 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
13:54:44.0710 1052 Ntfs - ok
13:54:44.0724 1052 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:54:44.0729 1052 Null - ok
13:54:44.0769 1052 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
13:54:44.0816 1052 nvraid - ok
13:54:44.0842 1052 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
13:54:44.0874 1052 nvstor - ok
13:54:44.0899 1052 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
13:54:44.0905 1052 nv_agp - ok
13:54:44.0919 1052 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:54:44.0930 1052 ohci1394 - ok
13:54:44.0988 1052 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:54:44.0993 1052 Parport - ok
13:54:45.0010 1052 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:54:45.0012 1052 partmgr - ok
13:54:45.0039 1052 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:54:45.0041 1052 pci - ok
13:54:45.0060 1052 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
13:54:45.0068 1052 pciide - ok
13:54:45.0090 1052 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:54:45.0100 1052 pcmcia - ok
13:54:45.0122 1052 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:54:45.0123 1052 pcw - ok
13:54:45.0153 1052 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:54:45.0178 1052 PEAUTH - ok
13:54:45.0222 1052 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:54:45.0226 1052 PptpMiniport - ok
13:54:45.0240 1052 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:54:45.0243 1052 Processor - ok
13:54:45.0269 1052 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:54:45.0271 1052 Psched - ok
13:54:45.0292 1052 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:54:45.0293 1052 PxHlpa64 - ok
13:54:45.0348 1052 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:54:45.0401 1052 ql2300 - ok
13:54:45.0417 1052 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:54:45.0421 1052 ql40xx - ok
13:54:45.0445 1052 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:54:45.0449 1052 QWAVEdrv - ok
13:54:45.0459 1052 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:54:45.0465 1052 RasAcd - ok
13:54:45.0501 1052 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:54:45.0506 1052 RasAgileVpn - ok
13:54:45.0529 1052 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:54:45.0539 1052 Rasl2tp - ok
13:54:45.0571 1052 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:54:45.0581 1052 RasPppoe - ok
13:54:45.0593 1052 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:54:45.0598 1052 RasSstp - ok
13:54:45.0624 1052 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:54:45.0627 1052 rdbss - ok
13:54:45.0645 1052 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:54:45.0652 1052 rdpbus - ok
13:54:45.0671 1052 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:54:45.0675 1052 RDPCDD - ok
13:54:45.0694 1052 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:54:45.0699 1052 RDPENCDD - ok
13:54:45.0715 1052 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:54:45.0719 1052 RDPREFMP - ok
13:54:45.0739 1052 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:54:45.0755 1052 RDPWD - ok
13:54:45.0783 1052 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:54:45.0785 1052 rdyboost - ok
13:54:45.0832 1052 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:54:45.0836 1052 rspndr - ok
13:54:45.0844 1052 RxFilter - ok
13:54:45.0863 1052 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:54:45.0872 1052 sbp2port - ok
13:54:45.0886 1052 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:54:45.0890 1052 scfilter - ok
13:54:45.0916 1052 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:54:45.0919 1052 secdrv - ok
13:54:45.0991 1052 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:54:46.0000 1052 Serenum - ok
13:54:46.0035 1052 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:54:46.0041 1052 Serial - ok
13:54:46.0055 1052 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:54:46.0059 1052 sermouse - ok
13:54:46.0083 1052 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:54:46.0087 1052 sffdisk - ok
13:54:46.0097 1052 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:54:46.0101 1052 sffp_mmc - ok
13:54:46.0110 1052 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:54:46.0146 1052 sffp_sd - ok
13:54:46.0167 1052 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:54:46.0171 1052 sfloppy - ok
13:54:46.0196 1052 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:54:46.0204 1052 SiSRaid2 - ok
13:54:46.0216 1052 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:54:46.0222 1052 SiSRaid4 - ok
13:54:46.0248 1052 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:54:46.0255 1052 Smb - ok
13:54:46.0282 1052 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:54:46.0283 1052 spldr - ok
13:54:46.0332 1052 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:54:46.0337 1052 srv - ok
13:54:46.0365 1052 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:54:46.0369 1052 srv2 - ok
13:54:46.0389 1052 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:54:46.0391 1052 srvnet - ok
13:54:46.0422 1052 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:54:46.0426 1052 stexstor - ok
13:54:46.0449 1052 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:54:46.0452 1052 swenum - ok
13:54:46.0528 1052 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
13:54:46.0560 1052 Tcpip - ok
13:54:46.0611 1052 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
13:54:46.0627 1052 TCPIP6 - ok
13:54:46.0642 1052 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:54:46.0645 1052 tcpipreg - ok
13:54:46.0666 1052 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:54:46.0672 1052 TDPIPE - ok
13:54:46.0682 1052 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:54:46.0684 1052 TDTCP - ok
13:54:46.0703 1052 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:54:46.0713 1052 tdx - ok
13:54:46.0736 1052 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:54:46.0745 1052 TermDD - ok
13:54:46.0787 1052 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:54:46.0790 1052 tssecsrv - ok
13:54:46.0817 1052 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:54:46.0819 1052 tunnel - ok
13:54:46.0832 1052 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:54:46.0841 1052 uagp35 - ok
13:54:46.0873 1052 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
13:54:46.0916 1052 udfs - ok
13:54:46.0950 1052 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:54:46.0954 1052 uliagpkx - ok
13:54:46.0974 1052 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:54:46.0982 1052 umbus - ok
13:54:47.0005 1052 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:54:47.0009 1052 UmPass - ok
13:54:47.0043 1052 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
13:54:47.0090 1052 usbccgp - ok
13:54:47.0108 1052 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:54:47.0113 1052 usbcir - ok
13:54:47.0129 1052 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
13:54:47.0157 1052 usbehci - ok
13:54:47.0182 1052 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
13:54:47.0214 1052 usbhub - ok
13:54:47.0232 1052 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
13:54:47.0263 1052 usbohci - ok
13:54:47.0282 1052 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:54:47.0285 1052 usbprint - ok
13:54:47.0314 1052 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
13:54:47.0315 1052 USBSTOR - ok
13:54:47.0328 1052 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
13:54:47.0366 1052 usbuhci - ok
13:54:47.0395 1052 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:54:47.0396 1052 vdrvroot - ok
13:54:47.0427 1052 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:54:47.0433 1052 vga - ok
13:54:47.0456 1052 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:54:47.0462 1052 VgaSave - ok
13:54:47.0489 1052 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:54:47.0502 1052 vhdmp - ok
13:54:47.0522 1052 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:54:47.0530 1052 viaide - ok
13:54:47.0584 1052 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:54:47.0586 1052 volmgr - ok
13:54:47.0613 1052 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:54:47.0617 1052 volmgrx - ok
13:54:47.0646 1052 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:54:47.0650 1052 volsnap - ok
13:54:47.0672 1052 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:54:47.0685 1052 vsmraid - ok
13:54:47.0715 1052 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:54:47.0720 1052 vwifibus - ok
13:54:47.0743 1052 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:54:47.0753 1052 vwififlt - ok
13:54:47.0773 1052 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:54:47.0777 1052 WacomPen - ok
13:54:47.0792 1052 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:54:47.0796 1052 WANARP - ok
13:54:47.0800 1052 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:54:47.0801 1052 Wanarpv6 - ok
13:54:47.0821 1052 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:54:47.0826 1052 Wd - ok
13:54:47.0852 1052 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:54:47.0855 1052 Wdf01000 - ok
13:54:47.0916 1052 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:54:47.0928 1052 WfpLwf - ok
13:54:47.0970 1052 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
13:54:48.0022 1052 WimFltr - ok
13:54:48.0048 1052 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:54:48.0051 1052 WIMMount - ok
13:54:48.0076 1052 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:54:48.0079 1052 WmiAcpi - ok
13:54:48.0099 1052 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:54:48.0102 1052 ws2ifsl - ok
13:54:48.0146 1052 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
13:54:48.0174 1052 WudfPf - ok
13:54:48.0207 1052 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:54:48.0236 1052 WUDFRd - ok
13:54:48.0260 1052 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:54:48.0269 1052 \Device\Harddisk0\DR0 - ok
13:54:48.0277 1052 Boot (0x1200) (eb2b2f71d1764f16f5936d05b299d215) \Device\Harddisk0\DR0\Partition0
13:54:48.0279 1052 \Device\Harddisk0\DR0\Partition0 - ok
13:54:48.0287 1052 Boot (0x1200) (8725a6d38fdf545e2968ce1f76df3675) \Device\Harddisk0\DR0\Partition1
13:54:48.0288 1052 \Device\Harddisk0\DR0\Partition1 - ok
13:54:48.0288 1052 ============================================================
13:54:48.0288 1052 Scan finished
13:54:48.0288 1052 ============================================================
13:54:48.0295 5860 Detected object count: 0
13:54:48.0295 5860 Actual detected object count: 0
13:55:01.0656 2808 Deinitialize success

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 10/07/2011 at 14:00:00.
Operating System: Windows 7 Home Premium

Processes terminated by Rkill or while it was running:

Rkill completed on 10/07/2011 at 14:00:01.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7896

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

10/7/2011 2:19:17 PM
mbam-log-2011-10-07 (14-19-16).txt

Scan type: Full scan (C:\|)
Objects scanned: 339006
Time elapsed: 16 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ChillyDown · Oct 7, 2011

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7600.16385
Run by Asher at 14:22:48 on 2011-10-07
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8151.6527 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\helppane.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\TEMP\ICD1.tmp\FP_AX_CAB_INSTALLER64.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\TEMP\8120.dir\InstallFlashPlayer.exe
C:\Windows\TEMP\ICD2.tmp\FP_AX_CAB_INSTALLER64.exe
C:\Windows\TEMP\74A2.dir\InstallFlashPlayer.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\TEMP\ICD3.tmp\FP_AX_CAB_INSTALLER64.exe
C:\Windows\TEMP\75BB.dir\InstallFlashPlayer.exe
C:\Windows\explorer.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111005193601.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [Launcher] C1\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce: [GrpConv] grpconv -o
StartupFolder: C:\Users\Asher\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{AD2DB310-AE37-486E-9729-628AB3D875FC} : DhcpNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO-X64: Search Helper - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111005193601.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
BHO-X64: uTorrentBar - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [Launcher] C1\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce-x64: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce-x64: [GrpConv] grpconv -o
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Asher\AppData\Roaming\Mozilla\Firefox\Profiles\z2v9oen1.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-8-31 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-8-31 149032]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-31 13336]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-7 366152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-5 355440]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-5 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-5 355440]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-5 355440]
S2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-8-31 200056]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-31 673088]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-10-5 355440]
.
=============== Created Last 30 ================
.
2011-10-07 17:36:13 -------- d-----w- C:\Users\Asher\AppData\Roaming\Malwarebytes
2011-10-07 17:36:08 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-07 17:36:05 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-10-07 17:36:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-07 16:55:10 -------- d-----w- C:\Users\Asher\AppData\Roaming\Z77ffELL8gZqhCw
2011-10-07 16:55:10 -------- d-----w- C:\Users\Asher\AppData\Roaming\oUVVrrlOBtx
2011-10-07 16:55:04 -------- d-----w- C:\Users\Asher\AppData\Roaming\g777fEEL9gTZjYw
2011-10-07 16:55:04 -------- d-----w- C:\Users\Asher\AppData\Roaming\cIVVrrzONtxAuc2
2011-10-07 16:50:37 -------- d-----we C:\Windows\system64
2011-10-07 07:47:20 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-10-07 07:47:20 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-10-07 07:44:02 83249512 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc50F3.tmp
2011-10-07 07:40:14 14744 ----a-w- C:\Users\Asher\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
2011-10-07 07:39:45 -------- d-----w- C:\Users\Asher\Tracing
2011-10-07 07:28:39 -------- d-----w- C:\Users\Asher\AppData\Local\Google
2011-10-07 07:28:38 -------- d-----w- C:\Program Files (x86)\Conduit
2011-10-07 07:28:37 -------- d-----w- C:\Users\Asher\AppData\Local\Conduit
2011-10-07 07:28:37 -------- d-----w- C:\Program Files (x86)\uTorrentBar
2011-10-07 07:28:03 -------- d-----w- C:\Users\Asher\AppData\Roaming\uTorrent
2011-10-06 15:07:33 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-10-06 15:07:33 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-10-06 15:07:33 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-10-06 15:07:33 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-10-06 15:07:33 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-10-06 15:07:23 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2011-10-06 15:07:22 -------- d-----w- C:\Program Files (x86)\Steam
2011-10-06 06:40:04 -------- d-----w- C:\Windows\SysWow64\Wat
2011-10-06 06:40:04 -------- d-----w- C:\Windows\System32\Wat
2011-10-06 03:42:48 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-10-06 03:42:48 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-10-06 03:37:16 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-10-06 03:36:05 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-10-06 03:36:05 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-10-06 03:36:05 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-10-06 03:36:05 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-10-06 03:36:05 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-10-06 03:36:05 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-10-06 03:36:05 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-10-06 03:36:05 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-10-06 03:36:05 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-10-06 03:36:05 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-10-05 17:54:23 -------- d-----w- C:\Users\Asher\AppData\Local\Adobe
2011-10-05 15:59:06 -------- d-----w- C:\Users\Asher\riotsGamesLogs
2011-10-05 15:58:52 -------- d-----w- C:\Users\Asher\AppData\Roaming\LolClient
2011-10-05 15:01:59 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-10-05 15:00:57 1739176 ----a-w- C:\Windows\System32\ntdll.dll
2011-10-05 04:40:25 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2011-10-05 04:40:25 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2011-10-05 04:40:25 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2011-10-05 04:40:25 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-10-05 04:40:25 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2011-10-05 04:36:54 -------- d-----w- C:\Riot Games
2011-10-05 02:24:48 24376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
2011-10-04 22:37:21 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-10-04 22:37:04 -------- d-----w- C:\Users\Asher\AppData\Local\Microsoft Help
2011-10-04 22:31:23 -------- d-----w- C:\Users\Asher\AppData\Local\PMB Files
2011-10-04 22:31:22 -------- d-----w- C:\ProgramData\PMB Files
2011-10-04 22:31:08 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-10-04 22:26:09 -------- d-----w- C:\Users\Asher\AppData\Roaming\Mumble
2011-10-04 22:25:52 -------- d-----w- C:\Program Files (x86)\Mumble
2011-10-04 22:20:37 -------- d-----w- C:\Users\Asher\AppData\Roaming\Dell
2011-10-04 22:20:18 -------- d-----w- C:\Users\Asher\AppData\Local\Stardock_Corporation
2011-10-04 22:20:04 -------- d-----w- C:\Users\Asher\AppData\Local\DataSafeOnline
2011-10-04 22:20:03 -------- d-----w- C:\Users\Asher\AppData\Roaming\Intel Corporation
2011-10-04 22:20:02 -------- d-----w- C:\Users\Asher\AppData\Local\ATI
2011-10-04 22:19:59 -------- d-----w- C:\Users\Asher\AppData\Local\SupportSoft
2011-10-04 22:19:34 -------- d-sh--w- C:\$RECYCLE.BIN
2011-10-04 22:19:33 -------- d-----w- C:\Users\Asher\AppData\Local\VirtualStore
2011-10-04 19:52:10 -------- d-----w- C:\Windows\SMINST
.
==================== Find3M ====================
.
2011-07-22 05:35:08 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:56:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 14:23:07.18 ===============

Side note: I am unable to reactivate my McAfee scanning or Firewall.

ChillyDown · Oct 7, 2011

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/4/2011 3:16:16 PM
System Uptime: 10/7/2011 1:57:37 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G3HR7
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz | CPU 1 | 2793/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 876.078 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Windows Firewall Authorization Driver
Device ID: ROOT\LEGACY_MPSDRV\0000
Manufacturer:
Name: Windows Firewall Authorization Driver
PNP Device ID: ROOT\LEGACY_MPSDRV\0000
Service: mpsdrv
.
==== System Restore Points ===================
.
RP11: 10/4/2011 9:36:40 PM - Installed League of Legends
RP12: 10/5/2011 8:29:52 PM - Windows Update
RP13: 10/5/2011 11:57:28 PM - Windows Update
RP14: 10/6/2011 8:06:08 AM - Installed Steam
RP15: 10/6/2011 5:21:36 PM - Windows Update
RP16: 10/7/2011 12:47:05 AM - Installed DirectX
.
==== Installed Programs ======================
.
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.2
ATI Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Consumer In-Home Service Agreement
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Getting Started Guide
Dell Support Center (Support Software)
DirectXInstallService
EMC 10 Content
GoToAssist 8.0.0.514
Intel(R) Control Center
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
League of Legends
Malwarebytes' Anti-Malware version 1.51.2.1300
McAfee Security Center
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 7.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
Mumble 1.2.3
Pando Media Booster
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio Update Manager
Security Update for CAPICOM (KB931906)
Skins
Skype Toolbars
Skype™ 4.2
Sonic CinePlayer Decoder Pack
Steam
THX TruStudio PC
uTorrentBar Toolbar
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
10/7/2011 7:48:18 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
10/7/2011 2:20:56 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
10/7/2011 2:01:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
10/7/2011 11:01:13 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 11:00:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
10/7/2011 11:00:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
10/7/2011 10:59:50 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss RxFilter spldr tdx vwififlt Wanarpv6 WfpLwf
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/7/2011 10:59:50 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/7/2011 1:58:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
10/7/2011 1:58:04 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 1:58:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/7/2011 1:58:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/7/2011 1:58:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/7/2011 1:57:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/7/2011 1:57:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache RxFilter spldr Wanarpv6
10/7/2011 1:57:51 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
10/7/2011 1:57:51 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.
10/7/2011 1:57:51 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
10/7/2011 1:56:54 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
10/7/2011 1:56:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
10/7/2011 1:56:21 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.
10/6/2011 8:08:41 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/6/2011 8:08:41 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/5/2011 11:42:49 PM, Error: Service Control Manager [7023] -
.
==== End Of File ===========================

Bobbye · Oct 11, 2011

Okay, good job! The next scan should remove some of the malware entries. After I review the log it generates, I will give you some script to run through Combofix:

Note: The script will include entries for the uTorrentBar and Conduit Engine uTorrent has multiple entries and this can be a straight road to malware. Please don't use either during this cleaning.

Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed

Click START> then RUN
Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

--------------------------------------
Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop

Double click combofix.exe & follow the prompts.
ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Once installed, you should see a blue screen prompt that says:
The Recovery Console was successfully installed.
.Click on Yes, to continue scanning for malware
.If Combofix asks you to update the program, allow
.Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
.Close any open browsers.
.Double click combofix.exe

& follow the prompts to run.
When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..

Re-enable your Antivirus software.

Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
========================================

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESETOnlineScan
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
[o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
[o] Double click on the

on your desktop.
Check 'Yes I accept terms of use.'
Click Start button
Accept any security warnings from your browser.
Uncheck 'Remove found threats'
Check 'Scan archives/
Leave remaining settings as is.
Press the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
When the scan completes, press List of found threats
Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
Push the Back button
Push Finish

Please post the entire log with heading resembling this:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=1

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
============================
Please go on to the next reply when finished.

Bobbye · Oct 11, 2011

When finished with previous directions

Please update the Java:
Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs as they are vulnerabilities for the system.
--------------------------------------
There is usually malware in the Java cache when there is an outdated version, so it needs to be cleared:

. Click Start > Control Panel.
. Double-click the Java icon

in the Control Panel.
. Click Settings under Temporary Internet Files.
http://www.java.com/en/img/download/5000020303.jpg[/b]
There are three options on this window to clear the cache.(Version dependent)
[o]. Delete Files
[o]. View Applications
[o]. View Applets
[*]. Click OK on Delete Temporary Files window.
Note: This deletes all the Downloaded Applications and Applets from the cache.
[*]. Click OK on Temporary Files Settings window. [/list]
===================================
There are no logs for you to leave after doing the above.

ChillyDown · Oct 11, 2011

My husband thought he could fix the computer by downloading MSE while I was out... Should I uninstall that program and re-run my previous steps, or just keep in on there?

Bit frustrating, this is. No sanctity in the "do not touch" post-it anymore. Thank you for your patience with me, sorry for taking up your time with backpeddling.

Bobbye · Oct 11, 2011

Too funny! I just got finished with another member who's spouse has restored all browser settings from an infected backup on an external hard drive- unknown to him! You guy got to keep your loved one out of my threads!!

Did he think to uninstall the McAfee Suite?

ChillyDown · Oct 11, 2011

Doesn't look it, seems as if McAfee is still up as well (but not doing any scanning as it was earlier).

Bobbye · Oct 12, 2011

Okay, if he got MSE on the system, McAfee needs to be removed:
Uninstall:

[*]McAfee Removal

Inactive Attempting to Follow the 6-Step Instructions, sadly failing

ChillyDown

Posts: 6 +0

Bobbye

Posts: 16,313 +36

ChillyDown

Posts: 6 +0

ChillyDown

Posts: 6 +0

ChillyDown

Posts: 6 +0

Bobbye

Posts: 16,313 +36

Bobbye

Posts: 16,313 +36

ChillyDown

Posts: 6 +0

Bobbye

Posts: 16,313 +36

ChillyDown

Posts: 6 +0

Bobbye

Posts: 16,313 +36

Similar threads

Latest posts